MicQsenoch Posted January 1, 2013 ID:629218 Share Posted January 1, 2013 I just went through a recent Ransomware attack. The only thing i really do on this computer is play games and sruf the web, so i decided to reformat. Upon reinstalling the basics and Malwarebytes, I started recieving frequent outgoing Malicous IP blocks.Help Appreciated Link to post Share on other sites More sharing options...
MicQsenoch Posted January 1, 2013 Author ID:629221 Share Posted January 1, 2013 .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows XP Home EditionBoot Device: \Device\HarddiskVolume1Install Date: 12/29/2012 12:40:25 PMSystem Uptime: 1/1/2013 9:47:04 AM (1 hours ago).Motherboard: Gigabyte Tecohnology Co., Ltd. | | H61MA-D3VProcessor: Intel Pentium III Xeon processor | Intel® Core i3-2100 CPU @ 3.10GHz | 3092/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 69 GiB total, 48.584 GiB free.D: is CDROM (CDFS).==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP1: 12/29/2012 12:42:01 PM - System CheckpointRP2: 12/30/2012 9:36:18 AM - Installed Windows Installer KB893803v2.RP3: 12/30/2012 9:37:21 AM - Installed Windows XP WIC.RP4: 12/30/2012 9:38:02 AM - Installed Windows KB954550-v5.RP5: 12/30/2012 9:38:05 AM - Printer Driver Microsoft XPS Document Writer InstalledRP6: 12/30/2012 9:38:09 AM - Printer Driver Microsoft XPS Document Writer InstalledRP7: 12/30/2012 9:39:44 AM - Installed Realtek High Definition Audio DriverRP8: 12/30/2012 9:40:16 AM - Installed REALTEK GbE & FE Ethernet PCI-E NIC DriverRP9: 12/30/2012 11:02:58 AM - Installed Microsoft Download ManagerRP10: 12/30/2012 11:03:20 AM - Installed Windows XP KB932823-v3.RP11: 12/30/2012 11:33:44 AM - Installed Windows Internet Explorer 8.RP12: 12/30/2012 11:48:08 AM - Installed Microsoft Fix it 50597RP13: 12/30/2012 11:48:40 AM - Installed Microsoft Fix it 50597RP14: 12/30/2012 11:50:44 AM - Software Distribution Service 3.0RP15: 12/30/2012 11:54:31 AM - Installed Windows XP KB914882.RP16: 12/30/2012 12:04:14 PM - Software Distribution Service 3.0RP17: 12/30/2012 12:17:02 PM - Software Distribution Service 3.0RP18: 12/30/2012 12:33:28 PM - Software Distribution Service 3.0RP19: 12/30/2012 12:49:47 PM - Installed %1 %2.RP20: 12/30/2012 1:33:50 PM - Malwarebytes Anti-Rootkit Restore PointRP21: 12/30/2012 2:15:08 PM - Update to an unsigned driverRP22: 12/30/2012 3:13:04 PM - Installed League of LegendsRP23: 12/30/2012 3:48:58 PM - Software Distribution Service 3.0RP24: 12/31/2012 6:14:41 PM - Software Distribution Service 3.0.==== Installed Programs ======================.@BIOSAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAVG Security ToolbarEasy Tune 6 B11.1206.1Enable S3 for USB DeviceEtron USB3.0 Host ControllerGoogle ChromeGoogle Update HelperHigh Definition Audio Driver Package - KB888111Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)Hotfix for Windows XP (KB2779562)Hotfix for Windows XP (KB952287)Hotfix for Windows XP (KB954550-v5)Hotfix for Windows XP (KB961118)Hotfix for Windows XP (KB981793)Intel® Management Engine ComponentsInternet Explorer (Enable DEP)League of LegendsMalwarebytes Anti-Malware version 1.70.0.1100Microsoft .NET Framework 2.0 Service Pack 2Microsoft .NET Framework 3.0 Service Pack 2Microsoft .NET Framework 3.5 SP1Microsoft Application Error ReportingMicrosoft Download ManagerMicrosoft Security ClientMicrosoft Security EssentialsMicrosoft Security Essentials PackagesMicrosoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMozilla Firefox 17.0.1 (x86 en-US)Mozilla Maintenance ServiceMSXML 6 Service Pack 2 (KB973686)NVIDIA Control Panel 310.70NVIDIA Graphics Driver 310.70NVIDIA HD Audio Driver 1.3.18.0NVIDIA Install ApplicationNVIDIA nView 136.53NVIDIA nView Desktop ManagerNVIDIA PhysXNVIDIA PhysX System Software 9.12.1031NVIDIA Update 1.11.3NVIDIA Update ComponentsON_OFF Charge B11.1102.1Pando Media BoosterREALTEK GbE & FE Ethernet PCI-E NIC DriverRealtek High Definition Audio DriverSecurity Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)Security Update for Microsoft Windows (KB2564958)Security Update for Windows Internet Explorer 8 (KB2510531)Security Update for Windows Internet Explorer 8 (KB2544521)Security Update for Windows Internet Explorer 8 (KB2761465)Security Update for Windows Internet Explorer 8 (KB971961)Security Update for Windows Internet Explorer 8 (KB981332)Security Update for Windows Internet Explorer 8 (KB982381)Security Update for Windows Media Player (KB2378111)Security Update for Windows Media Player (KB952069)Security Update for Windows Media Player (KB954155)Security Update for Windows Media Player (KB973540)Security Update for Windows Media Player (KB975558)Security Update for Windows Media Player (KB978695)Security Update for Windows Media Player (KB979402)Security Update for Windows XP (KB2115168)Security Update for Windows XP (KB2229593)Security Update for Windows XP (KB2296011)Security Update for Windows XP (KB2347290)Security Update for Windows XP (KB2360937)Security Update for Windows XP (KB2387149)Security Update for Windows XP (KB2393802)Security Update for Windows XP (KB2419632)Security Update for Windows XP (KB2423089)Security Update for Windows XP (KB2440591)Security Update for Windows XP (KB2443105)Security Update for Windows XP (KB2476490)Security Update for Windows XP (KB2478960)Security Update for Windows XP (KB2478971)Security Update for Windows XP (KB2479943)Security Update for Windows XP (KB2481109)Security Update for Windows XP (KB2483185)Security Update for Windows XP (KB2485663)Security Update for Windows XP (KB2506212)Security Update for Windows XP (KB2507938)Security Update for Windows XP (KB2508429)Security Update for Windows XP (KB2509553)Security Update for Windows XP (KB2535512)Security Update for Windows XP (KB2536276-v2)Security Update for Windows XP (KB2544893-v2)Security Update for Windows XP (KB2566454)Security Update for Windows XP (KB2570947)Security Update for Windows XP (KB2584146)Security Update for Windows XP (KB2585542)Security Update for Windows XP (KB2592799)Security Update for Windows XP (KB2598479)Security Update for Windows XP (KB2603381)Security Update for Windows XP (KB2618451)Security Update for Windows XP (KB2619339)Security Update for Windows XP (KB2620712)Security Update for Windows XP (KB2624667)Security Update for Windows XP (KB2631813)Security Update for Windows XP (KB2646524)Security Update for Windows XP (KB2653956)Security Update for Windows XP (KB2655992)Security Update for Windows XP (KB2659262)Security Update for Windows XP (KB2661637)Security Update for Windows XP (KB2676562)Security Update for Windows XP (KB2686509)Security Update for Windows XP (KB2691442)Security Update for Windows XP (KB2698365)Security Update for Windows XP (KB2705219-v2)Security Update for Windows XP (KB2712808)Security Update for Windows XP (KB2719985)Security Update for Windows XP (KB2723135-v2)Security Update for Windows XP (KB2724197)Security Update for Windows XP (KB2727528)Security Update for Windows XP (KB2753842-v2)Security Update for Windows XP (KB2758857)Security Update for Windows XP (KB2770660)Security Update for Windows XP (KB2779030)Security Update for Windows XP (KB923561)Security Update for Windows XP (KB923789)Security Update for Windows XP (KB946648)Security Update for Windows XP (KB950762)Security Update for Windows XP (KB950974)Security Update for Windows XP (KB951376-v2)Security Update for Windows XP (KB951748)Security Update for Windows XP (KB952004)Security Update for Windows XP (KB952954)Security Update for Windows XP (KB955069)Security Update for Windows XP (KB956572)Security Update for Windows XP (KB956744)Security Update for Windows XP (KB956802)Security Update for Windows XP (KB956803)Security Update for Windows XP (KB956844)Security Update for Windows XP (KB958644)Security Update for Windows XP (KB958869)Security Update for Windows XP (KB959426)Security Update for Windows XP (KB960225)Security Update for Windows XP (KB960803)Security Update for Windows XP (KB960859)Security Update for Windows XP (KB961501)Security Update for Windows XP (KB969059)Security Update for Windows XP (KB970238)Security Update for Windows XP (KB970430)Security Update for Windows XP (KB971468)Security Update for Windows XP (KB971657)Security Update for Windows XP (KB972270)Security Update for Windows XP (KB973507)Security Update for Windows XP (KB973869)Security Update for Windows XP (KB973904)Security Update for Windows XP (KB974112)Security Update for Windows XP (KB974318)Security Update for Windows XP (KB974392)Security Update for Windows XP (KB974571)Security Update for Windows XP (KB975025)Security Update for Windows XP (KB975467)Security Update for Windows XP (KB975560)Security Update for Windows XP (KB975561)Security Update for Windows XP (KB975562)Security Update for Windows XP (KB975713)Security Update for Windows XP (KB977816)Security Update for Windows XP (KB977914)Security Update for Windows XP (KB978037)Security Update for Windows XP (KB978338)Security Update for Windows XP (KB978542)Security Update for Windows XP (KB978601)Security Update for Windows XP (KB978706)Security Update for Windows XP (KB979309)Security Update for Windows XP (KB979482)Security Update for Windows XP (KB979559)Security Update for Windows XP (KB979683)Security Update for Windows XP (KB979687)Security Update for Windows XP (KB980195)Security Update for Windows XP (KB980218)Security Update for Windows XP (KB980232)Security Update for Windows XP (KB981322)Security Update for Windows XP (KB981997)Security Update for Windows XP (KB982132)Security Update for Windows XP (KB982665)SUPERAntiSpywareUpdate for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Windows Internet Explorer 8 (KB976662)Update for Windows XP (KB2345886)Update for Windows XP (KB2661254-v2)Update for Windows XP (KB2736233)Update for Windows XP (KB2749655)Update for Windows XP (KB951978)Update for Windows XP (KB955759)Update for Windows XP (KB967715)Update for Windows XP (KB968389)Update for Windows XP (KB971029)Update for Windows XP (KB973687)Update for Windows XP (KB973815)WebFldrs XPWindows Genuine Advantage Validation Tool (KB892130)Windows Imaging ComponentWindows Internet Explorer 8Windows PowerShell 1.0Windows XP Service Pack 3.==== Event Viewer Messages From Past Week ========.12/30/2012 2:24:20 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.1/1/2013 9:46:43 AM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied..==== End Of File ===========================DDS (Ver_2012-11-20.01) - NTFS_x86Internet Explorer: 8.0.6001.18702Run by Michael Senff at 10:20:39 on 2013-01-01Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3564.2796 [GMT -6:00].AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}.============== Running Processes ================.c:\Program Files\Microsoft Security Client\MsMpEng.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\SUPERAntiSpyware\SASCORE.EXEC:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exeC:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exeC:\WINDOWS\System32\alg.exeC:\WINDOWS\RTHDCPL.EXEC:\Program Files\Microsoft Security Client\msseces.exeC:\Program Files\AVG Secure Search\vprot.exeC:\WINDOWS\system32\RunDLL32.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Pando Networks\Media Booster\PMB.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\WINDOWS\system32\wbem\wmiprvse.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k NetworkServiceC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\WINDOWS\system32\svchost.exe -k LocalService.============== Pseudo HJT Report ===============.uStart Page = hxxps://isearch.avg.com/?cid={E63FE547-FCA7-4CEE-A237-B076D05B947B}&mid=〈=&ds=&pr=&d=&v=&sap=hpBHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\13.2.0.5\AVG Secure Search_toolbar.dllTB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\13.2.0.5\AVG Secure Search_toolbar.dlluRun: [ctfmon.exe] c:\windows\system32\ctfmon.exeuRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exeuRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exemRun: [RTHDCPL] RTHDCPL.EXEmRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkeymRun: [vProt] "c:\program files\avg secure search\vprot.exe"mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartupmRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -loginmRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquietmRunOnce: [Z1] c:\documents and settings\michael senff\desktop\mbar\mbar.exe /cleanup /suPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1mPolicies-Explorer: NoDriveTypeAutoRun = dword:145IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exeDPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cabDPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1356889151328DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1356889323531DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} - hxxp://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cabHandler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\13.2.0\ViProtocol.dllSEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL.================= FIREFOX ===================.FF - ProfilePath - c:\documents and settings\michael senff\application data\mozilla\firefox\profiles\8v50ytho.default\FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\13.2.0\npsitesafety.dllFF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dllFF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dllFF - plugin: c:\windows\npMSDM.dllFF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dllFF - ExtSQL: 2012-12-30 12:22; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtensionFF - ExtSQL: 2012-12-31 18:03; avg@toolbar; c:\documents and settings\all users\application data\avg secure search\firefoxext\13.2.0.5.============= SERVICES / DRIVERS ===============.R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-8-30 193552]R1 AppleCharger;AppleCharger;c:\windows\system32\drivers\AppleCharger.sys [2012-12-30 19056]R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-12-31 26984]R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-12-30 398184]R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-12-30 682344]R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files\intel\intel® management engine components\uns\UNS.exe [2012-12-30 2655768]R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\13.2.0\ToolbarUpdater.exe [2012-12-31 711112]R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\drivers\EtronHub3.sys [2011-8-17 45056]R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\drivers\EtronXHCI.sys [2011-8-17 64896]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-30 21104]R3 MEI;Intel® Management Engine Interface;c:\windows\system32\drivers\HECI.sys [2012-12-30 41088]S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2012-12-30 1691480]S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]S3 GVTDrv;GVTDrv;c:\windows\system32\drivers\GVTDrv.sys [2012-12-30 24944]S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2013-1-1 35144].=============== Created Last 30 ================.2013-01-01 15:43:27 35144 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys2013-01-01 00:14:44 6812136 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{03167648-fd3c-4edc-a195-a457655f447e}\mpengine.dll2013-01-01 00:12:22 -------- d-----w- c:\documents and settings\michael senff\application data\AVG Secure Search2013-01-01 00:11:27 884072 ----a-w- c:\windows\system32\nvhdagenco3220103.dll2013-01-01 00:11:25 889192 ----a-w- c:\windows\system32\nvdispgenco32.dll2013-01-01 00:11:25 5955584 ----a-w- c:\windows\system32\nvopencl.dll2013-01-01 00:11:25 1011048 ----a-w- c:\windows\system32\nvdispco32.dll2013-01-01 00:03:54 -------- d-----w- c:\documents and settings\michael senff\local settings\application data\AVG Secure Search2013-01-01 00:03:49 -------- d-----w- c:\documents and settings\all users\application data\AVG Secure Search2013-01-01 00:03:47 -------- d-----w- c:\windows\system32\cache2013-01-01 00:03:45 26984 ----a-w- c:\windows\system32\drivers\avgtpx86.sys2012-12-30 22:21:30 -------- d-----w- c:\documents and settings\michael senff\application data\LolClient2012-12-30 21:19:57 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll2012-12-30 21:19:57 509448 ----a-w- c:\windows\system32\XAudio2_2.dll2012-12-30 21:19:57 467984 ----a-w- c:\windows\system32\d3dx10_39.dll2012-12-30 21:19:57 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll2012-12-30 21:19:56 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll2012-12-30 21:19:53 -------- d-----w- c:\windows\Logs2012-12-30 21:14:59 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll2012-12-30 21:13:05 -------- d-----w- C:\Riot Games2012-12-30 20:35:56 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll2012-12-30 20:35:56 3072 ------w- c:\windows\system32\iacenc.dll2012-12-30 20:30:28 -------- d-----w- c:\documents and settings\michael senff\local settings\application data\PMB Files2012-12-30 20:30:26 -------- d-----w- c:\documents and settings\all users\application data\PMB Files2012-12-30 20:30:18 -------- d-----w- c:\program files\Pando Networks2012-12-30 20:30:15 275696 ----a-w- c:\windows\system32\mucltui.dll2012-12-30 20:30:15 17136 ----a-w- c:\windows\system32\mucltui.dll.mui2012-12-30 20:30:13 -------- d-----w- c:\documents and settings\michael senff\.swt2012-12-30 20:27:23 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-12-30 20:27:23 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe2012-12-30 20:25:39 -------- d-----w- c:\documents and settings\michael senff\application data\MSNInstaller2012-12-30 20:16:47 -------- d-----w- c:\documents and settings\all users\application data\NVIDIA Corporation2012-12-30 20:15:13 1070792 ----a-w- c:\windows\system32\nvdrsdb1.bin2012-12-30 20:15:13 1070792 ----a-w- c:\windows\system32\nvdrsdb0.bin2012-12-30 20:15:13 1 ----a-w- c:\windows\system32\nvdrssel.bin2012-12-30 20:13:51 -------- d-----w- C:\NVIDIA2012-12-30 20:12:27 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll2012-12-30 20:12:25 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll2012-12-30 20:12:24 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll2012-12-30 20:12:22 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe2012-12-30 20:12:19 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe2012-12-30 20:12:15 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe2012-12-30 20:12:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys2012-12-30 20:12:10 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys2012-12-30 20:12:06 19200 -c--a-w- c:\windows\system32\dllcache\wstcodec.sys2012-12-30 20:12:05 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys2012-12-30 20:12:04 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll2012-12-30 20:11:43 8832 -c--a-w- c:\windows\system32\dllcache\wmiacpi.sys2012-12-30 20:11:39 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys2012-12-30 20:11:36 34890 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys2012-12-30 20:11:19 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys2012-12-30 20:11:14 53760 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll2012-12-30 20:11:12 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll2012-12-30 20:11:07 701386 -c--a-w- c:\windows\system32\dllcache\wdhaalba.sys2012-12-30 20:11:06 23615 -c--a-w- c:\windows\system32\dllcache\wch7xxnt.sys2012-12-30 20:11:05 31744 -c--a-w- c:\windows\system32\dllcache\wceusbsh.sys2012-12-30 20:11:03 35871 -c--a-w- c:\windows\system32\dllcache\wbfirdma.sys2012-12-30 20:11:00 33599 -c--a-w- c:\windows\system32\dllcache\watv04nt.sys2012-12-30 20:09:59 94720 -c--a-w- c:\windows\system32\dllcache\umaxud32.dll2012-12-30 20:08:58 123995 -c--a-w- c:\windows\system32\dllcache\tjisdn.sys2012-12-30 20:07:59 285760 -c--a-w- c:\windows\system32\dllcache\stlnata.sys2012-12-30 20:06:58 45568 -c--a-w- c:\windows\system32\dllcache\smb3w.dll2012-12-30 20:05:59 386560 -c--a-w- c:\windows\system32\dllcache\sgiul50.dll2012-12-30 20:04:59 79872 -c--a-w- c:\windows\system32\dllcache\rwia430.dll2012-12-30 20:03:59 112574 -c--a-w- c:\windows\system32\dllcache\ptserlp.sys2012-12-30 20:02:55 41984 -c--a-w- c:\windows\system32\dllcache\ovui2rc.dll2012-12-30 20:01:59 198144 -c--a-w- c:\windows\system32\dllcache\nv3.sys2012-12-30 20:00:59 33088 -c--a-w- c:\windows\system32\dllcache\n9i128v2.sys2012-12-30 19:59:58 35200 -c--a-w- c:\windows\system32\dllcache\msgame.sys2012-12-30 19:58:57 70730 -c--a-w- c:\windows\system32\dllcache\lne100tx.sys2012-12-30 19:57:58 45632 -c--a-w- c:\windows\system32\dllcache\ip5515.sys2012-12-30 19:56:58 58592 -c--a-w- c:\windows\system32\dllcache\i740nt5.sys2012-12-30 19:55:59 119296 -c--a-w- c:\windows\system32\dllcache\hpdigwia.dll2012-12-30 19:54:58 347550 -c--a-w- c:\windows\system32\dllcache\es56tpi.sys2012-12-30 19:53:59 21606 -c--a-w- c:\windows\system32\dllcache\digiisdn.sys2012-12-30 19:52:57 248064 -c--a-w- c:\windows\system32\dllcache\cl546xm.sys2012-12-30 19:51:57 9472 -c--a-w- c:\windows\system32\dllcache\ativmdcd.sys2012-12-30 19:50:59 747392 -c--a-w- c:\windows\system32\dllcache\adm8830.sys2012-12-30 19:01:49 -------- d-----w- c:\documents and settings\michael senff\local settings\application data\Google2012-12-30 19:01:47 -------- d-----w- c:\documents and settings\michael senff\application data\SUPERAntiSpyware.com2012-12-30 19:01:40 -------- d-----w- c:\program files\SUPERAntiSpyware2012-12-30 19:01:40 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com2012-12-30 18:58:35 -------- d-----w- c:\documents and settings\michael senff\application data\Malwarebytes2012-12-30 18:58:24 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes2012-12-30 18:58:23 21104 ----a-w- c:\windows\system32\drivers\mbam.sys2012-12-30 18:58:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2012-12-30 18:50:41 -------- d-----w- c:\documents and settings\michael senff\application data\ElevatedDiagnostics2012-12-30 18:40:53 -------- d-----w- c:\windows\system32\scripting2012-12-30 18:40:53 -------- d-----w- c:\windows\system32\en2012-12-30 18:40:53 -------- d-----w- c:\windows\system32\bits2012-12-30 18:40:53 -------- d-----w- c:\windows\l2schemas2012-12-30 18:38:40 -------- d-----w- c:\windows\network diagnostic2012-12-30 18:36:49 -------- d-----w- c:\windows\EHome2012-12-30 18:20:40 -------- d-----w- c:\windows\ServicePackFiles2012-12-30 18:19:05 -------- d-----w- c:\windows\ie8updates2012-12-30 18:14:25 73216 -c--a-w- c:\windows\system32\dllcache\atintuxx.sys2012-12-30 18:07:36 272128 -c--a-w- c:\windows\system32\dllcache\bthport.sys2012-12-30 18:07:36 272128 ------w- c:\windows\system32\drivers\bthport.sys2012-12-30 18:06:34 630272 -c----w- c:\windows\system32\dllcache\msfeeds.dll2012-12-30 18:06:34 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll2012-12-30 18:06:34 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll2012-12-30 18:06:33 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll2012-12-30 18:06:33 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll2012-12-30 18:06:32 2000384 -c----w- c:\windows\system32\dllcache\iertutil.dll2012-12-30 18:06:31 11111424 -c----w- c:\windows\system32\dllcache\ieframe.dll2012-12-30 18:06:25 2192896 -c--a-w- c:\windows\system32\dllcache\ntoskrnl.exe2012-12-30 18:04:22 6812136 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll2012-12-30 18:04:14 237072 ------w- c:\windows\system32\MpSigStub.exe2012-12-30 18:03:25 689152 -c--a-w- c:\windows\system32\dllcache\xpsp3res.dll2012-12-30 18:03:25 5120 ----a-w- c:\windows\system32\xpsp4res.dll2012-12-30 18:02:08 -------- d-----w- c:\program files\Microsoft Security Client2012-12-30 17:56:32 -------- d-----w- c:\documents and settings\michael senff\application data\MicrosoftSecurityEssentialsPackages2012-12-30 17:50:51 -------- d-----w- c:\windows\system32\PreInstall2012-12-30 17:43:58 22040 ----a-w- c:\windows\system32\wucltui.dll.mui2012-12-30 17:43:57 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui2012-12-30 17:43:57 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui2012-12-30 17:43:57 15384 ----a-w- c:\windows\system32\wuapi.dll.mui2012-12-30 17:43:57 -------- d-----w- c:\windows\system32\SoftwareDistribution2012-12-30 17:35:44 -------- d-sh--w- c:\documents and settings\michael senff\PrivacIE2012-12-30 17:34:49 -------- d-sh--w- c:\documents and settings\michael senff\IETldCache2012-12-30 17:33:18 -------- dc-h--w- c:\windows\ie82012-12-30 17:29:24 -------- d-sh--w- c:\documents and settings\michael senff\UserData2012-12-30 17:28:10 17488 ----a-w- c:\windows\gdrv.sys2012-12-30 17:27:40 -------- d-----w- c:\program files\common files\AVG Secure Search2012-12-30 17:27:39 -------- d-----w- c:\program files\AVG Secure Search2012-12-30 17:03:14 -------- d--h--w- c:\windows\$hf_mig$2012-12-30 17:02:59 -------- d-----w- c:\program files\Microsoft Download Manager2012-12-30 15:45:24 -------- d-----w- c:\windows\system32\Lang2012-12-30 15:43:59 60800 -c--a-w- c:\windows\system32\dllcache\sysaudio.sys2012-12-30 15:43:59 60800 ----a-w- c:\windows\system32\drivers\sysaudio.sys2012-12-30 15:43:59 2944 -c--a-w- c:\windows\system32\dllcache\drmkaud.sys2012-12-30 15:43:59 2944 ----a-w- c:\windows\system32\drivers\drmkaud.sys2012-12-30 15:43:58 7552 -c--a-w- c:\windows\system32\dllcache\mskssrv.sys2012-12-30 15:43:58 7552 ----a-w- c:\windows\system32\drivers\mskssrv.sys2012-12-30 15:43:57 4992 -c--a-w- c:\windows\system32\dllcache\mspqm.sys2012-12-30 15:43:57 4992 ----a-w- c:\windows\system32\drivers\mspqm.sys2012-12-30 15:43:56 5376 -c--a-w- c:\windows\system32\dllcache\mspclock.sys2012-12-30 15:43:56 5376 ----a-w- c:\windows\system32\drivers\mspclock.sys2012-12-30 15:39:59 21468 ----a-w- c:\windows\system32\drivers\RTAIODAT.DAT2012-12-30 15:38:58 53248 ----a-r- c:\windows\system32\CSVer.dll2012-12-30 15:37:19 26144 ----a-w- c:\windows\system32\spupdsvc.exe2012-12-30 15:37:16 -------- d-----w- c:\program files\MSXML 6.02012-12-30 15:35:44 207400 ----a-r- c:\windows\GSetup.exe.==================== Find3M ====================.2012-12-30 22:17:18 24944 ----a-w- c:\windows\system32\drivers\GVTDrv.sys2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll2012-12-03 15:40:50 7606272 ----a-w- c:\windows\system32\nvcuda.dll2012-12-03 15:40:50 4153600 ----a-w- c:\windows\system32\nv4_disp.dll2012-12-03 15:40:50 2611560 ----a-w- c:\windows\system32\nvcuvid.dll2012-12-03 15:40:50 2441728 ----a-w- c:\windows\system32\nvapi.dll2012-12-03 15:40:50 19460096 ----a-w- c:\windows\system32\nvoglnt.dll2012-12-03 15:40:50 1874280 ----a-w- c:\windows\system32\nvcuvenc.dll2012-12-03 15:40:50 17551360 ----a-w- c:\windows\system32\nvcompiler.dll2012-12-03 15:40:50 11053992 ----a-w- c:\windows\system32\drivers\nv4_mini.sys2012-12-01 04:53:45 15524712 ----a-w- c:\windows\system32\nvcpl.dll2012-12-01 04:53:44 164712 ----a-w- c:\windows\system32\nvsvc32.exe2012-12-01 04:53:43 143720 ----a-w- c:\windows\system32\nvcolor.exe2012-12-01 04:53:43 108392 ----a-w- c:\windows\system32\nvmctray.dll2012-12-01 04:52:17 54272 ----a-w- c:\windows\system32\nvwddi.dll2012-11-13 01:25:12 1866368 ----a-w- c:\windows\system32\win32k.sys2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll2012-11-01 12:17:54 916992 ----a-w- c:\windows\system32\wininet.dll2012-11-01 12:17:54 43520 ----a-w- c:\windows\system32\licmgr10.dll2012-11-01 12:17:54 1469440 ----a-w- c:\windows\system32\inetcpl.cpl2012-11-01 00:35:34 385024 ----a-w- c:\windows\system32\html.iec.============= FINISH: 10:21:37.90 =============== Link to post Share on other sites More sharing options...
Maurice Naggar Posted January 1, 2013 ID:629222 Share Posted January 1, 2013 Hello MicQ,If this system's Windows is by an OEM (manufacturer) did you remove the included 3rd-party antivirus program (if any) {such as Norton or McAfee) after you re-installed Windows?Step 11. Go >> Here << and download ERUNT (ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)2. Install ERUNT by following the prompts (use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)3. Start ERUNT (either by double clicking on the desktop icon or choosing to start the program at the end of the setup)4. Choose a location for the backup (the default location is C:\WINDOWS\ERDNT which is acceptable).5. Make sure that at least the first two check boxes are ticked 6. Press OK7. Press YES to create the folder.Step 2Set Windows to show all files and all folders. On your Desktop, double click My Computer, from the menu options, select tools, then Folder Options, and then select VIEW Tab and look at all of settings listed. "CHECK" (turn on) Display the contents of system folders. Under column, Hidden files and folders----choose ( *select* ) Show hidden files and folders. Next, un-check Hide extensions for known file types. Next un-check Hide protected operating system files. Step 3Download Random's System Information Tool (RSIT) by random/random from here and save it to your desktop.Double click on RSIT.exe to run RSIT.Click Continue at the disclaimer screen.Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)Step 4Download Security Check by screen317 and save it to your Desktop: here or hereRun Security Check Follow the onscreen instructions inside of the command window.A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!Step 5Close all open browsers at this point.Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our toolsFor directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware ProgramsDo NOT turn off the firewallStart Internet ExplorerUsing Internet Explorer browser only, go to BitDefender Quickscan website:http://quickscan.bitdefender.comand click "Start Scan".Observe your browser in case it shows a notice/message bar to allow download and installation of a tool.Allow the download and install of qsax.cab from BitDefender. Right-click the IE info bar and select Install to install the BitDefender quick scan module.If prompted, reply yes to allow it to run.Press the Allow button and follow prompts.Press the "Start Scan" once more.You'll see the EULA in a pop-up window. Click the I accept & then the OK buttonNote: The FAQ is here --> http://quickscan.bitdefender.com/faq/and that QuickScan has no removal capability.The site boasts a 60-second scan. Do have patience as it likely will take longer.It may seem to stall at moments, but have patience; it will move on.You'll see a progress bar at top right of window.Hopefully you will see a No infections found in the bar-winddow. Press the View Log button.The log report will show in your text editor. Save the log.Do a Select ALL, Copy. Then paste contents into your next reply.Step 6 Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or >> from here << Quit all programs that you may have started.Please disconnect any USB or external drives from the computer before you run this scan! For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.For Windows XP, double-click to start. Wait until Prescan has finished ... Click on Scan. Click on Report and copy/paste the content of the notepad into your next reply.Step 7RE-Enable your antivirus program.Copy & Paste contents of Log.txt & Info.txt & Checkup.txt & log from Bitdefender & RogueKiller log.Use separate replies as needed if logs do not fit into one reply box. Link to post Share on other sites More sharing options...
MicQsenoch Posted January 1, 2013 Author ID:629247 Share Posted January 1, 2013 If this system's Windows is by an OEM (manufacturer) did you remove the included 3rd-party antivirus program (if any) {such as Norton or McAfee) after you re-installed Windows?Not to my knowledge. I dont remember doing that at the very least.Step 3 logsinfo.txt logfile of random's system information tool 1.09 2013-01-01 11:57:11======Uninstall list======@BIOS-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}\Setup.exe" -l0x9 -removeonly-->MsiExec /X{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.infAdobe Flash Player 11 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe -maintain activexAdobe Flash Player 11 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_5_502_135_Plugin.exe -maintain pluginAVG Security Toolbar-->C:\Program Files\AVG Secure Search\UNINSTALL.exe /PROMPT /UNINSTALLEasy Tune 6 B11.1206.1-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{457D7505-D665-4F95-91C3-ECB8C56E9ACA}Enable S3 for USB Device-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Gigabyte\Enable S3 for USB Device\Uninst.isu"ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe"Etron USB3.0 Host Controller-->MsiExec.exe /I{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}Google Chrome-->"C:\Program Files\Google\Chrome\Application\23.0.1271.97\Installer\setup.exe" --uninstall --multi-install --chrome --system-levelGoogle Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""Hotfix for Windows XP (KB2779562)-->"C:\WINDOWS\$NtUninstallKB2779562$\spuninst\spuninst.exe"Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"Hotfix for Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"Intel® Management Engine Components-->C:\Program Files\Intel\Intel® Management Engine Components\Uninstall\setup.exe -uninstallInternet Explorer (Enable DEP)-->C:\WINDOWS\system32\sdbinst.exe -u "C:\WINDOWS\AppPatch\Custom\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb"League of Legends-->"C:\Program Files\InstallShield Installation Information\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\setup.exe" -runfromtemp -l0x0409 -removeonlyMalwarebytes Anti-Malware version 1.70.0.1100-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exeMicrosoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}Microsoft Download Manager-->MsiExec.exe /X{654977DB-0001-0002-0001-EABD228DDE8B}Microsoft Security Client-->MsiExec.exe /X{98EABC7F-B1A1-43A5-B505-5B4EC3908DCD}Microsoft Security Essentials-->C:\Program Files\Microsoft Security Client\Setup.exe /xMicrosoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}Mozilla Firefox 17.0.1 (x86 en-US)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exeMozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe"MSXML 6 Service Pack 2 (KB973686)-->MsiExec.exe /I{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}NVIDIA Graphics Driver 310.70-->"C:\WINDOWS\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{6BFD699C-9A30-40A2-A148-4DCA696871B1}\NVI2.DLL",UninstallPackage Display.DriverNVIDIA HD Audio Driver 1.3.18.0-->"C:\WINDOWS\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{6BFD699C-9A30-40A2-A148-4DCA696871B1}\NVI2.DLL",UninstallPackage HDAudio.DriverNVIDIA nView 136.53-->"C:\WINDOWS\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{6BFD699C-9A30-40A2-A148-4DCA696871B1}\NVI2.DLL",UninstallPackage Display.NViewNVIDIA nView Desktop Manager-->C:\Program Files\NVIDIA Corporation\nView\nViewSetup.exe -uninstallNVIDIA PhysX System Software 9.12.1031-->"C:\WINDOWS\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{6BFD699C-9A30-40A2-A148-4DCA696871B1}\NVI2.DLL",UninstallPackage Display.PhysXNVIDIA PhysX-->MsiExec.exe /I{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}NVIDIA Update 1.11.3-->"C:\WINDOWS\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{6BFD699C-9A30-40A2-A148-4DCA696871B1}\NVI2.DLL",UninstallPackage Display.UpdateON_OFF Charge B11.1102.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DECD372-76A1-4483-BF10-B547790A3261}\setup.exe" -l0x9 -removeonlyPando Media Booster-->C:\Program Files\Pando Networks\Media Booster\uninst.exeREALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\Setup.Exe -runfromtemp -removeonlyRealtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -l0x9 -removeonlySecurity Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {94EFE014-E577-310B-B2D5-6973A21D8A90} /qb+ REBOOTPROMPT=""Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {F6F5AC31-9833-3E77-AC8E-8E910CAB39AE} /qb+ REBOOTPROMPT=""Security Update for Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe"Security Update for Windows Internet Explorer 8 (KB2510531)-->"C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe"Security Update for Windows Internet Explorer 8 (KB2544521)-->"C:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe"Security Update for Windows Internet Explorer 8 (KB2761465)-->"C:\WINDOWS\ie8updates\KB2761465-IE8\spuninst\spuninst.exe"Security Update for Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"Security Update for Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"Security Update for Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"Security Update for Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"Security Update for Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"Security Update for Windows Media Player (KB979402)-->"C:\WINDOWS\$NtUninstallKB979402_WM9L$\spuninst\spuninst.exe"Security Update for Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"Security Update for Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"Security Update for Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"Security Update for Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"Security Update for Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"Security Update for Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"Security Update for Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"Security Update for Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"Security Update for Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"Security Update for Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"Security Update for Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe"Security Update for Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"Security Update for Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"Security Update for Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe"Security Update for Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe"Security Update for Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"Security Update for Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe"Security Update for Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe"Security Update for Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe"Security Update for Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe"Security Update for Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe"Security Update for Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe"Security Update for Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe"Security Update for Windows XP (KB2544893-v2)-->"C:\WINDOWS\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe"Security Update for Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe"Security Update for Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe"Security Update for Windows XP (KB2584146)-->"C:\WINDOWS\$NtUninstallKB2584146$\spuninst\spuninst.exe"Security Update for Windows XP (KB2585542)-->"C:\WINDOWS\$NtUninstallKB2585542$\spuninst\spuninst.exe"Security Update for Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe"Security Update for Windows XP (KB2598479)-->"C:\WINDOWS\$NtUninstallKB2598479$\spuninst\spuninst.exe"Security Update for Windows XP (KB2603381)-->"C:\WINDOWS\$NtUninstallKB2603381$\spuninst\spuninst.exe"Security Update for Windows XP (KB2618451)-->"C:\WINDOWS\$NtUninstallKB2618451$\spuninst\spuninst.exe"Security Update for Windows XP (KB2619339)-->"C:\WINDOWS\$NtUninstallKB2619339$\spuninst\spuninst.exe"Security Update for Windows XP (KB2620712)-->"C:\WINDOWS\$NtUninstallKB2620712$\spuninst\spuninst.exe"Security Update for Windows XP (KB2624667)-->"C:\WINDOWS\$NtUninstallKB2624667$\spuninst\spuninst.exe"Security Update for Windows XP (KB2631813)-->"C:\WINDOWS\$NtUninstallKB2631813$\spuninst\spuninst.exe"Security Update for Windows XP (KB2646524)-->"C:\WINDOWS\$NtUninstallKB2646524$\spuninst\spuninst.exe"Security Update for Windows XP (KB2653956)-->"C:\WINDOWS\$NtUninstallKB2653956$\spuninst\spuninst.exe"Security Update for Windows XP (KB2655992)-->"C:\WINDOWS\$NtUninstallKB2655992$\spuninst\spuninst.exe"Security Update for Windows XP (KB2659262)-->"C:\WINDOWS\$NtUninstallKB2659262$\spuninst\spuninst.exe"Security Update for Windows XP (KB2661637)-->"C:\WINDOWS\$NtUninstallKB2661637$\spuninst\spuninst.exe"Security Update for Windows XP (KB2676562)-->"C:\WINDOWS\$NtUninstallKB2676562$\spuninst\spuninst.exe"Security Update for Windows XP (KB2686509)-->"C:\WINDOWS\$NtUninstallKB2686509$\spuninst\spuninst.exe"Security Update for Windows XP (KB2691442)-->"C:\WINDOWS\$NtUninstallKB2691442$\spuninst\spuninst.exe"Security Update for Windows XP (KB2698365)-->"C:\WINDOWS\$NtUninstallKB2698365$\spuninst\spuninst.exe"Security Update for Windows XP (KB2705219-v2)-->"C:\WINDOWS\$NtUninstallKB2705219-v2$\spuninst\spuninst.exe"Security Update for Windows XP (KB2712808)-->"C:\WINDOWS\$NtUninstallKB2712808$\spuninst\spuninst.exe"Security Update for Windows XP (KB2719985)-->"C:\WINDOWS\$NtUninstallKB2719985$\spuninst\spuninst.exe"Security Update for Windows XP (KB2723135-v2)-->"C:\WINDOWS\$NtUninstallKB2723135-v2$\spuninst\spuninst.exe"Security Update for Windows XP (KB2724197)-->"C:\WINDOWS\$NtUninstallKB2724197$\spuninst\spuninst.exe"Security Update for Windows XP (KB2727528)-->"C:\WINDOWS\$NtUninstallKB2727528$\spuninst\spuninst.exe"Security Update for Windows XP (KB2753842-v2)-->"C:\WINDOWS\$NtUninstallKB2753842-v2$\spuninst\spuninst.exe"Security Update for Windows XP (KB2758857)-->"C:\WINDOWS\$NtUninstallKB2758857$\spuninst\spuninst.exe"Security Update for Windows XP (KB2770660)-->"C:\WINDOWS\$NtUninstallKB2770660$\spuninst\spuninst.exe"Security Update for Windows XP (KB2779030)-->"C:\WINDOWS\$NtUninstallKB2779030$\spuninst\spuninst.exe"Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.infSecurity Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"Security Update for Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"Security Update for Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"Security Update for Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"Security Update for Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"Security Update for Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"Security Update for Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"Security Update for Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"Security Update for Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"Security Update for Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"Security Update for Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"SUPERAntiSpyware-->"C:\Program Files\SUPERAntiSpyware\Uninstall.exe"Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""Update for Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"Update for Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"Update for Windows XP (KB2661254-v2)-->"C:\WINDOWS\$NtUninstallKB2661254-v2$\spuninst\spuninst.exe"Update for Windows XP (KB2736233)-->"C:\WINDOWS\$NtUninstallKB2736233$\spuninst\spuninst.exe"Update for Windows XP (KB2749655)-->"C:\WINDOWS\$NtUninstallKB2749655$\spuninst\spuninst.exe"Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"Update for Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe"Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"Windows PowerShell 1.0-->"C:\WINDOWS\$NtUninstallKB926139-v2$\spuninst\spuninst.exe"Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"======Security center information======AV: Microsoft Security Essentials======System event log======Computer Name: DEEZGOOD-D8793AEvent Code: 7023Message: The Application Management service terminated with the following error:The specified module could not be found.Record Number: 877Source Name: Service Control ManagerTime Written: 20121230142407.000000-360Event Type: errorUser:Computer Name: DEEZGOOD-D8793AEvent Code: 7023Message: The Application Management service terminated with the following error:The specified module could not be found.Record Number: 874Source Name: Service Control ManagerTime Written: 20121230142407.000000-360Event Type: errorUser:Computer Name: DEEZGOOD-D8793AEvent Code: 7023Message: The Application Management service terminated with the following error:The specified module could not be found.Record Number: 871Source Name: Service Control ManagerTime Written: 20121230142407.000000-360Event Type: errorUser:Computer Name: DEEZGOOD-D8793AEvent Code: 4226Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.Record Number: 827Source Name: TcpipTime Written: 20121230141129.000000-360Event Type: warningUser:Computer Name: DEEZGOOD-D8793AEvent Code: 20Message: Printer Driver Microsoft XPS Document Writer for Windows NT x86 Version-3 was added or updated. Files:- (null).Record Number: 753Source Name: PrintTime Written: 20121230124707.000000-360Event Type: warningUser: NT AUTHORITY\SYSTEM=====Application event log=====Computer Name: DEEZGOOD-D8793AEvent Code: 5000Message:Record Number: 193Source Name: Microsoft Security ClientTime Written: 20121230120438.000000-360Event Type: errorUser:Computer Name: DEEZGOOD-D8793AEvent Code: 5000Message: EventType mptelemetry, P1 0x80070003, P2 moac, P3 cachereset, P4 4.1.522.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.Record Number: 190Source Name: MPSampleSubmissionTime Written: 20121230120236.000000-360Event Type: errorUser:Computer Name: DEEZGOOD-D8793AEvent Code: 1000Message: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module kernel32.dll, version 5.1.2600.2180, fault address 0x0000a2c8.Record Number: 183Source Name: Application ErrorTime Written: 20121230120127.000000-360Event Type: errorUser:Computer Name: DEEZGOOD-D8793AEvent Code: 1000Message: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module kernel32.dll, version 5.1.2600.2180, fault address 0x0000a2c8.Record Number: 178Source Name: Application ErrorTime Written: 20121230120000.000000-360Event Type: errorUser:Computer Name: DEEZGOOD-D8793AEvent Code: 1000Message: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module kernel32.dll, version 5.1.2600.2180, fault address 0x0000a2c8.Record Number: 176Source Name: Application ErrorTime Written: 20121230115930.000000-360Event Type: errorUser:======Environment variables======"ComSpec"=%SystemRoot%\system32\cmd.exe"Path"=C:\Program Files\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\WINDOWS\system32\WindowsPowerShell\v1.0"windir"=%SystemRoot%"FP_NO_HOST_CHECK"=NO"OS"=Windows_NT"PROCESSOR_ARCHITECTURE"=x86"PROCESSOR_LEVEL"=6"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 42 Stepping 7, GenuineIntel"PROCESSOR_REVISION"=2a07"NUMBER_OF_PROCESSORS"=4"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1"TEMP"=%SystemRoot%\TEMP"TMP"=%SystemRoot%\TEMP-----------------EOF----------------- Link to post Share on other sites More sharing options...
MicQsenoch Posted January 1, 2013 Author ID:629248 Share Posted January 1, 2013 Logfile of random's system information tool 1.09 (written by random/random)Run by Michael Senff at 2013-01-01 11:57:05Microsoft Windows XP Home Edition Service Pack 3System drive C: has 50 GB (70%) free of 71 GBTotal RAM: 3564 MB (75% free)Logfile of Trend Micro HijackThis v2.0.4Scan saved at 11:57:10 AM, on 1/1/2013Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exec:\Program Files\Microsoft Security Client\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\SUPERAntiSpyware\SASCORE.EXEC:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exeC:\WINDOWS\RTHDCPL.EXEC:\Program Files\Microsoft Security Client\msseces.exeC:\Program Files\AVG Secure Search\vprot.exeC:\WINDOWS\system32\RunDLL32.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Pando Networks\Media Booster\PMB.exeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\ERUNT\ERUNT.EXEC:\Documents and Settings\Michael Senff\My Documents\Downloads\RSIT.exeC:\Program Files\trend micro\Michael Senff.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg.com/?cid={E63FE547-FCA7-4CEE-A237-B076D05B947B}&mid=〈=&ds=&pr=&d=&v=&sap=hpR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dllO3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dllO4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXEO4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkeyO4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -loginO4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquietO4 - HKLM\..\RunOnce: [Z1] C:\Documents and Settings\Michael Senff\Desktop\mbar\mbar.exe /cleanup /sO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeO4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exeO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1356889323531O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dllO22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dllO22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dllO23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXEO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: AppleChargerSrv - Unknown owner - C:\WINDOWS\system32\AppleChargerSrv.exeO23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exeO23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exeO23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exeO23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exeO23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exeO23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exeO23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exeO23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe--End of file - 6300 bytes======Scheduled tasks folder======C:\WINDOWS\tasks\Adobe Flash Player Updater.jobC:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.jobC:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.jobC:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.jobC:\WINDOWS\tasks\MpIdleTask.jobC:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 8fdb9f41-1323-4f9b-89f5-9acb22c206d6.jobC:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task f741a3d6-a2d2-44a2-a58b-53aee11d3046.job=========Mozilla firefox=========ProfilePath - C:\Documents and Settings\Michael Senff\Application Data\Mozilla\Firefox\Profiles\8v50ytho.default"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\"avg@toolbar"=C:\Documents and Settings\All Users\Application Data\AVG Secure Search\FireFoxExt\13.2.0.5[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]"Description"=Adobe® Flash® Player 11.5.502.135 Plugin"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]"Description"="Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/DownloadManager,version=1.1]"Description"=Microsoft Download Manager"Path"=C:\WINDOWS\[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]"Description"=Windows Presentation Foundation plug-in for Mozilla browsers"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]"Description"=This plugin detects and launches Pando Media Booster"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]"Description"=Google Update"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]"Description"=Google Update"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dllC:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}C:\Program Files\Mozilla Firefox\components\binary.manifestbrowsercomps.dllC:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xmlavg-secure-search.xmlbing.xmleBay.xmlgoogle.xmltwitter.xmlwikipedia.xmlyahoo.xml======Registry dump======[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]AVG Security Toolbar - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll [2012-12-31 1796552][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll [2012-12-31 1796552][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2011-10-14 20064872]"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-09-12 947176]"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2012-12-31 997320]"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2012-11-30 15524712]"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2012-12-03 1982312][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]"Z1"=C:\Documents and Settings\Michael Senff\Desktop\mbar\mbar.exe [2013-01-01 1342312][HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2012-11-01 4763008]"Pando Media Booster"=C:\Program Files\Pando Networks\Media Booster\PMB.exe [2012-12-30 3093624][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-18 113024][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE][HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]"dontdisplaylastusername"=0"legalnoticecaption"="legalnoticetext"="shutdownwithoutlogon"=1"undockwithoutlogon"=1[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]"NoDriveTypeAutoRun"=145[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]"HonorAutoRunSetting"=1[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019""%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000""C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe""C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster""C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019""%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000""C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]"midimapper"=midimap.dll"msacm.imaadpcm"=imaadp32.acm"msacm.msadpcm"=msadp32.acm"msacm.msg711"=msg711.acm"msacm.msgsm610"=msgsm32.acm"msacm.trspch"=tssoft32.acm"vidc.cvid"=iccvid.dll"vidc.I420"=msh263.drv"vidc.iv31"=ir32_32.dll"vidc.iv32"=ir32_32.dll"vidc.iv41"=ir41_32.ax"vidc.iyuv"=iyuv_32.dll"vidc.mrle"=msrle32.dll"vidc.msvc"=msvidc32.dll"vidc.uyvy"=msyuv.dll"vidc.yuy2"=msyuv.dll"vidc.yvu9"=tsbyuv.dll"vidc.yvyu"=msyuv.dll"wavemapper"=msacm32.drv"msacm.msg723"=msg723.acm"vidc.M263"=msh263.drv"vidc.M261"=msh261.drv"msacm.msaudio1"=msaud32.acm"msacm.sl_anet"=sl_anet.acm"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax"vidc.iv50"=ir50_32.dll"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm"wave"=wdmaud.drv"midi"=wdmaud.drv"mixer"=wdmaud.drv"aux"=wdmaud.drv"wave1"=wdmaud.drv"midi1"=wdmaud.drv"mixer1"=wdmaud.drv"wave2"=wdmaud.drv"midi2"=wdmaud.drv"mixer2"=wdmaud.drv"wave3"=wdmaud.drv"midi3"=wdmaud.drv"mixer3"=wdmaud.drv"wave4"=wdmaud.drv"midi4"=wdmaud.drv"mixer4"=wdmaud.drv======List of files/folders created in the last 1 month======2013-01-01 11:57:05 ----D---- C:\rsit2013-01-01 11:57:05 ----D---- C:\Program Files\trend micro2013-01-01 11:51:48 ----D---- C:\Program Files\ERUNT2013-01-01 09:43:27 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys2012-12-31 18:12:57 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe2012-12-31 18:12:55 ----D---- C:\Program Files\AGEIA Technologies2012-12-31 18:12:22 ----D---- C:\Documents and Settings\Michael Senff\Application Data\AVG Secure Search2012-12-31 18:11:27 ----A---- C:\WINDOWS\system32\nvhdagenco3220103.dll2012-12-31 18:11:25 ----A---- C:\WINDOWS\system32\nvopencl.dll2012-12-31 18:11:25 ----A---- C:\WINDOWS\system32\nvdispgenco32.dll2012-12-31 18:11:25 ----A---- C:\WINDOWS\system32\nvdispco32.dll2012-12-31 18:03:49 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Secure Search2012-12-31 18:03:47 ----D---- C:\WINDOWS\system32\cache2012-12-31 18:03:45 ----A---- C:\WINDOWS\system32\drivers\avgtpx86.sys2012-12-30 16:21:30 ----D---- C:\Documents and Settings\Michael Senff\Application Data\LolClient2012-12-30 16:05:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$2012-12-30 16:05:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2712808$2012-12-30 16:04:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$2012-12-30 16:04:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2659262$2012-12-30 16:04:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$2012-12-30 16:04:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$2012-12-30 16:04:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2758857$2012-12-30 16:04:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$2012-12-30 16:04:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$2012-12-30 16:04:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$2012-12-30 16:04:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$2012-12-30 16:04:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2779030$2012-12-30 16:03:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$2012-12-30 16:03:54 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$2012-12-30 16:03:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$2012-12-30 16:03:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$2012-12-30 16:03:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2691442$2012-12-30 16:02:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$2012-12-30 16:02:04 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$2012-12-30 16:02:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2779562$2012-12-30 16:01:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$2012-12-30 16:01:51 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$2012-12-30 16:01:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$2012-12-30 16:01:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2655992$2012-12-30 16:00:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2724197$2012-12-30 16:00:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$2012-12-30 16:00:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$2012-12-30 16:00:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$2012-12-30 16:00:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$2012-12-30 16:00:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2736233$2012-12-30 15:59:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2686509$2012-12-30 15:59:53 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$2012-12-30 15:59:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$2012-12-30 15:59:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$2012-12-30 15:59:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2476490$2012-12-30 15:59:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$2012-12-30 15:59:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$2012-12-30 15:59:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2624667$2012-12-30 15:58:57 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$2012-12-30 15:57:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2719985$2012-12-30 15:57:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$2012-12-30 15:57:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2753842-v2$2012-12-30 15:57:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2770660$2012-12-30 15:57:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$2012-12-30 15:56:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$2012-12-30 15:56:25 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$2012-12-30 15:56:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$2012-12-30 15:56:13 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$2012-12-30 15:56:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$2012-12-30 15:56:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$2012-12-30 15:55:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2653956$2012-12-30 15:55:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2749655$2012-12-30 15:55:42 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$2012-12-30 15:55:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$2012-12-30 15:55:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2698365$2012-12-30 15:55:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$2012-12-30 15:55:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219-v2$2012-12-30 15:55:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2727528$2012-12-30 15:55:11 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$2012-12-30 15:55:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2723135-v2$2012-12-30 15:55:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2618451$2012-12-30 15:54:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2661254-v2$2012-12-30 15:54:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$2012-12-30 15:54:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2676562$2012-12-30 15:52:19 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$2012-12-30 15:49:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$2012-12-30 15:49:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$2012-12-30 15:49:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$2012-12-30 15:49:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$2012-12-30 15:49:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2661637$2012-12-30 15:49:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$2012-12-30 15:49:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$2012-12-30 15:49:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$2012-12-30 15:19:57 ----A---- C:\WINDOWS\system32\XAudio2_2.dll2012-12-30 15:19:57 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll2012-12-30 15:19:57 ----A---- C:\WINDOWS\system32\d3dx10_39.dll2012-12-30 15:19:57 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll2012-12-30 15:19:56 ----A---- C:\WINDOWS\system32\D3DX9_39.dll2012-12-30 15:19:53 ----D---- C:\WINDOWS\Logs2012-12-30 15:13:05 ----D---- C:\Riot Games2012-12-30 14:35:56 ----N---- C:\WINDOWS\system32\iacenc.dll2012-12-30 14:30:26 ----D---- C:\Documents and Settings\All Users\Application Data\PMB Files2012-12-30 14:30:18 ----D---- C:\Program Files\Pando Networks2012-12-30 14:30:15 ----A---- C:\WINDOWS\system32\mucltui.dll2012-12-30 14:28:23 ----D---- C:\Documents and Settings\Michael Senff\Application Data\Adobe2012-12-30 14:27:23 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe2012-12-30 14:25:39 ----D---- C:\Documents and Settings\Michael Senff\Application Data\MSNInstaller2012-12-30 14:23:53 ----D---- C:\Documents and Settings\Michael Senff\Application Data\Mozilla2012-12-30 14:23:44 ----D---- C:\Program Files\Mozilla Maintenance Service2012-12-30 14:23:44 ----D---- C:\Documents and Settings\All Users\Application Data\Mozilla2012-12-30 14:23:31 ----D---- C:\Program Files\Mozilla Firefox2012-12-30 14:17:08 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA2012-12-30 14:16:47 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\OpenCL.dll2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\nvoglnt.dll2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\nvhdap32.dll2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\nvhdagenco322040.dll2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\nvgenco322060.dll2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\nvdispco3220140.dll2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\nvcuvid.dll2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\nvcuvenc.dll2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\nvcuda.dll2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\drivers\nvhda32.sys2012-12-30 14:14:52 ----A---- C:\WINDOWS\system32\nvcompiler.dll2012-12-30 14:14:52 ----A---- C:\WINDOWS\system32\nvapi.dll2012-12-30 14:14:42 ----D---- C:\Program Files\NVIDIA Corporation2012-12-30 14:13:51 ----D---- C:\NVIDIA2012-12-30 13:03:45 ----A---- C:\WINDOWS\system32\d3d9caps.dat2012-12-30 13:01:47 ----D---- C:\Program Files\Google2012-12-30 13:01:47 ----D---- C:\Documents and Settings\Michael Senff\Application Data\SUPERAntiSpyware.com2012-12-30 13:01:40 ----D---- C:\Program Files\SUPERAntiSpyware2012-12-30 13:01:40 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com2012-12-30 12:58:35 ----D---- C:\Documents and Settings\Michael Senff\Application Data\Malwarebytes2012-12-30 12:58:24 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes2012-12-30 12:58:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware2012-12-30 12:58:23 ----A---- C:\WINDOWS\system32\drivers\mbam.sys2012-12-30 12:50:41 ----D---- C:\Documents and Settings\Michael Senff\Application Data\ElevatedDiagnostics2012-12-30 12:49:48 ----D---- C:\WINDOWS\system32\windowspowershell2012-12-30 12:49:44 ----HDC---- C:\WINDOWS\$NtUninstallKB926139-v2$2012-12-30 12:46:34 ----D---- C:\WINDOWS\Prefetch2012-12-30 12:45:33 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$2012-12-30 12:45:29 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$2012-12-30 12:45:24 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$2012-12-30 12:45:20 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$2012-12-30 12:45:17 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$2012-12-30 12:45:14 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$2012-12-30 12:45:10 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$2012-12-30 12:45:07 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$2012-12-30 12:45:04 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$2012-12-30 12:45:00 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$2012-12-30 12:44:57 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$2012-12-30 12:44:53 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$2012-12-30 12:44:49 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$2012-12-30 12:44:45 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$2012-12-30 12:44:42 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$2012-12-30 12:44:38 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$2012-12-30 12:44:34 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$2012-12-30 12:44:31 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$2012-12-30 12:44:28 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$2012-12-30 12:44:24 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$2012-12-30 12:44:21 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$2012-12-30 12:44:18 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$2012-12-30 12:44:14 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$2012-12-30 12:44:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$2012-12-30 12:44:07 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$2012-12-30 12:44:04 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$2012-12-30 12:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$2012-12-30 12:43:57 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$2012-12-30 12:43:53 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$2012-12-30 12:43:50 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$2012-12-30 12:43:47 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$2012-12-30 12:43:42 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$2012-12-30 12:43:38 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$2012-12-30 12:43:35 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$2012-12-30 12:43:29 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$2012-12-30 12:43:25 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$2012-12-30 12:43:22 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$2012-12-30 12:43:19 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$2012-12-30 12:43:15 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$2012-12-30 12:43:12 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$2012-12-30 12:43:09 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$2012-12-30 12:43:05 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$2012-12-30 12:43:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$2012-12-30 12:42:56 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$2012-12-30 12:42:51 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$2012-12-30 12:42:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$2012-12-30 12:42:44 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$2012-12-30 12:42:41 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$2012-12-30 12:42:37 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$2012-12-30 12:42:33 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$2012-12-30 12:42:29 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$2012-12-30 12:42:25 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$2012-12-30 12:42:22 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$2012-12-30 12:42:19 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$2012-12-30 12:42:16 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$2012-12-30 12:42:12 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$2012-12-30 12:42:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$2012-12-30 12:40:53 ----D---- C:\WINDOWS\system32\scripting2012-12-30 12:40:53 ----D---- C:\WINDOWS\system32\en2012-12-30 12:40:53 ----D---- C:\WINDOWS\system32\bits2012-12-30 12:40:53 ----D---- C:\WINDOWS\l2schemas2012-12-30 12:38:40 ----D---- C:\WINDOWS\network diagnostic2012-12-30 12:36:50 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$2012-12-30 12:36:49 ----D---- C:\WINDOWS\EHome2012-12-30 12:28:45 ----HDC---- C:\WINDOWS\$NtUninstallKB980218_0$2012-12-30 12:28:42 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$2012-12-30 12:28:38 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$2012-12-30 12:28:34 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$2012-12-30 12:28:29 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$2012-12-30 12:28:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$2012-12-30 12:28:22 ----HDC---- C:\WINDOWS\$NtUninstallKB960859_0$2012-12-30 12:27:21 ----HDC---- C:\WINDOWS\$NtUninstallKB971468_0$2012-12-30 12:27:15 ----HDC---- C:\WINDOWS\$NtUninstallKB979683_0$2012-12-30 12:27:06 ----HDC---- C:\WINDOWS\$NtUninstallKB935448$2012-12-30 12:27:03 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$2012-12-30 12:27:00 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$2012-12-30 12:26:57 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$2012-12-30 12:26:49 ----HDC---- C:\WINDOWS\$NtUninstallKB980232_0$2012-12-30 12:26:44 ----HDC---- C:\WINDOWS\$NtUninstallKB955759_0$2012-12-30 12:26:40 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$2012-12-30 12:26:36 ----HDC---- C:\WINDOWS\$NtUninstallKB969059_0$2012-12-30 12:26:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593_0$2012-12-30 12:26:27 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$2012-12-30 12:26:23 ----HDC---- C:\WINDOWS\$NtUninstallKB978037_0$2012-12-30 12:26:19 ----HDC---- C:\WINDOWS\$NtUninstallKB975713_0$2012-12-30 12:26:14 ----HDC---- C:\WINDOWS\$NtUninstallKB971657_0$2012-12-30 12:26:10 ----HDC---- C:\WINDOWS\$NtUninstallKB978338_0$2012-12-30 12:26:01 ----HDC---- C:\WINDOWS\$NtUninstallKB961118_0$2012-12-30 12:25:58 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$2012-12-30 12:25:54 ----HDC---- C:\WINDOWS\$NtUninstallKB972270_0$2012-12-30 12:24:31 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_0$2012-12-30 12:24:19 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$2012-12-30 12:24:12 ----HDC---- C:\WINDOWS\$NtUninstallKB956844_0$2012-12-30 12:24:09 ----HDC---- C:\WINDOWS\$NtUninstallKB961501_0$2012-12-30 12:22:51 ----HDC---- C:\WINDOWS\$NtUninstallKB975561_0$2012-12-30 12:22:41 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$2012-12-30 12:22:38 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$2012-12-30 12:22:35 ----HDC---- C:\WINDOWS\$NtUninstallKB973869_0$2012-12-30 12:22:32 ----HDC---- C:\WINDOWS\$NtUninstallKB975025_0$2012-12-30 12:22:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$2012-12-30 12:22:24 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$2012-12-30 12:22:21 ----HDC---- C:\WINDOWS\$NtUninstallKB974571_0$2012-12-30 12:22:17 ----HDC---- C:\WINDOWS\$NtUninstallKB975560_0$2012-12-30 12:22:13 ----HDC---- C:\WINDOWS\$NtUninstallKB973507_0$2012-12-30 12:22:10 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$2012-12-30 12:22:06 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_0$2012-12-30 12:22:02 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$2012-12-30 12:21:59 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$2012-12-30 12:21:56 ----HDC---- C:\WINDOWS\$NtUninstallKB978601_0$2012-12-30 12:21:52 ----HDC---- C:\WINDOWS\$NtUninstallKB979559_0$2012-12-30 12:21:36 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$2012-12-30 12:21:32 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$2012-12-30 12:21:26 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$2012-12-30 12:21:23 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$2012-12-30 12:21:15 ----HDC---- C:\WINDOWS\$NtUninstallKB977914_0$2012-12-30 12:21:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$2012-12-30 12:21:03 ----HDC---- C:\WINDOWS\$NtUninstallKB978542_0$2012-12-30 12:20:58 ----HDC---- C:\WINDOWS\$NtUninstallKB970238_0$2012-12-30 12:20:55 ----HDC---- C:\WINDOWS\$NtUninstallKB979309_0$2012-12-30 12:20:51 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$2012-12-30 12:20:48 ----HDC---- C:\WINDOWS\$NtUninstallKB979482_0$2012-12-30 12:20:45 ----HDC---- C:\WINDOWS\$NtUninstallKB978706_0$2012-12-30 12:20:40 ----D---- C:\WINDOWS\ServicePackFiles2012-12-30 12:20:38 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$2012-12-30 12:20:32 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$2012-12-30 12:20:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973815_0$2012-12-30 12:20:25 ----HDC---- C:\WINDOWS\$NtUninstallKB975562_0$2012-12-30 12:19:05 ----D---- C:\WINDOWS\ie8updates2012-12-30 12:19:01 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$2012-12-30 12:18:55 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$2012-12-30 12:18:51 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9L$2012-12-30 12:17:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$2012-12-30 12:17:34 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$2012-12-30 12:17:14 ----A---- C:\WINDOWS\system32\MRT.exe2012-12-30 12:17:08 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_0$2012-12-30 12:17:03 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$2012-12-30 12:15:17 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys2012-12-30 12:15:17 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys2012-12-30 12:15:16 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys2012-12-30 12:15:16 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys2012-12-30 12:15:16 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys2012-12-30 12:15:16 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys2012-12-30 12:15:16 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys2012-12-30 12:15:16 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys2012-12-30 12:15:16 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys2012-12-30 12:15:16 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys2012-12-30 12:15:16 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys2012-12-30 12:15:15 ----N---- C:\WINDOWS\system32\drivers\recagent.sys2012-12-30 12:15:15 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys2012-12-30 12:15:15 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys2012-12-30 12:15:15 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys2012-12-30 12:15:15 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys2012-12-30 12:15:15 ----A---- C:\WINDOWS\system32\drivers\nv4_mini.sys2012-12-30 12:15:12 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys2012-12-30 12:15:12 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys2012-12-30 12:15:11 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys2012-12-30 12:15:11 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys2012-12-30 12:07:36 ----N---- C:\WINDOWS\system32\drivers\bthport.sys2012-12-30 12:05:04 ----N---- C:\WINDOWS\system32\tzchange.exe2012-12-30 12:04:14 ----N---- C:\WINDOWS\system32\MpSigStub.exe2012-12-30 12:03:25 ----A---- C:\WINDOWS\system32\xpsp4res.dll2012-12-30 12:03:25 ----A---- C:\WINDOWS\system32\xpsp3res.dll2012-12-30 12:02:08 ----D---- C:\Program Files\Microsoft Security Client2012-12-30 11:58:37 ----D---- C:\Documents and Settings\Michael Senff\Application Data\Macromedia2012-12-30 11:58:34 ----A---- C:\WINDOWS\system32\wpa.bak2012-12-30 11:56:32 ----D---- C:\Documents and Settings\Michael Senff\Application Data\MicrosoftSecurityEssentialsPackages2012-12-30 11:54:29 ----HDC---- C:\WINDOWS\$NtUninstallKB914882$2012-12-30 11:51:16 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage2012-12-30 11:50:51 ----D---- C:\WINDOWS\system32\PreInstall2012-12-30 11:50:50 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$2012-12-30 11:43:58 ----A---- C:\WINDOWS\system32\wups2.dll2012-12-30 11:43:57 ----D---- C:\WINDOWS\system32\SoftwareDistribution2012-12-30 11:33:53 ----D---- C:\WINDOWS\WBEM2012-12-30 11:33:18 ----HDC---- C:\WINDOWS\ie82012-12-30 11:28:10 ----A---- C:\WINDOWS\gdrv.sys2012-12-30 11:28:08 ----D---- C:\WINDOWS\Minidump2012-12-30 11:27:40 ----D---- C:\Program Files\Common Files\AVG Secure Search2012-12-30 11:27:39 ----D---- C:\Program Files\AVG Secure Search2012-12-30 11:03:20 ----N---- C:\WINDOWS\system32\spmsg.dll2012-12-30 11:03:18 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$2012-12-30 11:03:14 ----HD---- C:\WINDOWS\$hf_mig$2012-12-30 11:02:59 ----D---- C:\Program Files\Microsoft Download Manager2012-12-30 09:45:24 ----D---- C:\WINDOWS\system32\Lang2012-12-30 09:44:07 ----A---- C:\WINDOWS\system32\drivers\splitter.sys2012-12-30 09:44:06 ----A---- C:\WINDOWS\system32\drivers\GVTDrv.sys2012-12-30 09:44:05 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys2012-12-30 09:44:04 ----A---- C:\WINDOWS\system32\drivers\dmusic.sys2012-12-30 09:44:02 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys2012-12-30 09:44:01 ----A---- C:\WINDOWS\system32\drivers\aec.sys2012-12-30 09:44:00 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys2012-12-30 09:43:59 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys2012-12-30 09:43:59 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys2012-12-30 09:43:58 ----A---- C:\WINDOWS\system32\drivers\mskssrv.sys2012-12-30 09:43:57 ----A---- C:\WINDOWS\system32\drivers\mspqm.sys2012-12-30 09:43:56 ----A---- C:\WINDOWS\system32\drivers\mspclock.sys2012-12-30 09:41:59 ----D---- C:\Program Files\AMD2012-12-30 09:41:28 ----A---- C:\WINDOWS\system32\drivers\AppleCharger.sys2012-12-30 09:41:28 ----A---- C:\WINDOWS\system32\AppleChargerSrv.exe2012-12-30 09:41:23 ----D---- C:\Program Files\Gigabyte2012-12-30 09:41:17 ----A---- C:\WINDOWS\system32\drivers\IntelMEFWVer.dll2012-12-30 09:41:16 ----A---- C:\WINDOWS\system32\log.txt2012-12-30 09:41:16 ----A---- C:\WINDOWS\IsUninst.exe2012-12-30 09:41:14 ----D---- C:\Program Files\Common Files\postureAgent2012-12-30 09:41:11 ----A---- C:\WINDOWS\system32\drivers\HECI.sys2012-12-30 09:41:11 ----A---- C:\WINDOWS\system32\difxapi.dll2012-12-30 09:40:58 ----D---- C:\Documents and Settings\Michael Senff\Application Data\InstallShield2012-12-30 09:40:39 ----D---- C:\WINDOWS\system32\RTCOM2012-12-30 09:40:36 ----A---- C:\WINDOWS\system32\ksuser.dll2012-12-30 09:40:36 ----A---- C:\WINDOWS\system32\drivers\drmk.sys2012-12-30 09:40:26 ----D---- C:\Program Files\Etron Technology2012-12-30 09:40:24 ----A---- C:\WINDOWS\system32\RTNUninst32.dll2012-12-30 09:40:24 ----A---- C:\WINDOWS\system32\RtNicProp32.dll2012-12-30 09:40:24 ----A---- C:\WINDOWS\system32\drivers\Rtenicxp.sys2012-12-30 09:40:14 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$2012-12-30 09:40:11 ----A---- C:\WINDOWS\vncutil.exe2012-12-30 09:40:10 ----A---- C:\WINDOWS\SOUNDMAN.EXE2012-12-30 09:40:10 ----A---- C:\WINDOWS\SkyTel.exe2012-12-30 09:40:09 ----A---- C:\WINDOWS\RtlUpd.exe2012-12-30 09:40:07 ----A---- C:\WINDOWS\system32\RtkCoLDRXP.dll2012-12-30 09:40:07 ----A---- C:\WINDOWS\system32\RtkCoInstIIXP.dll2012-12-30 09:40:07 ----A---- C:\WINDOWS\system32\drivers\RtkHDAud.sys2012-12-30 09:40:07 ----A---- C:\WINDOWS\RtkAudioService.exe2012-12-30 09:40:05 ----A---- C:\WINDOWS\RTLCPL.EXE2012-12-30 09:39:59 ----A---- C:\WINDOWS\system32\drivers\RTAIODAT.DAT2012-12-30 09:39:59 ----A---- C:\WINDOWS\RTHDCPL.EXE2012-12-30 09:39:58 ----A---- C:\WINDOWS\system32\drivers\Monfilt.sys2012-12-30 09:39:57 ----A---- C:\WINDOWS\MicCal.exe2012-12-30 09:39:47 ----A---- C:\WINDOWS\ALCMTR.EXE2012-12-30 09:39:46 ----A---- C:\WINDOWS\ALCWZRD.EXE2012-12-30 09:39:45 ----D---- C:\Program Files\Realtek2012-12-30 09:39:45 ----A---- C:\WINDOWS\system32\drivers\Ambfilt.sys2012-12-30 09:39:44 ----HD---- C:\Program Files\InstallShield Installation Information2012-12-30 09:39:40 ----R---- C:\WINDOWS\RtlExUpd.dll2012-12-30 09:39:35 ----D---- C:\Program Files\Common Files\InstallShield2012-12-30 09:39:00 ----D---- C:\WINDOWS\system32\ReinstallBackups2012-12-30 09:38:58 ----RA---- C:\WINDOWS\system32\CSVer.dll2012-12-30 09:38:58 ----DC---- C:\WINDOWS\system32\DRVSTORE2012-12-30 09:38:58 ----D---- C:\Program Files\Intel2012-12-30 09:38:53 ----D---- C:\Intel2012-12-30 09:38:19 ----D---- C:\WINDOWS\system32\XPSViewer2012-12-30 09:38:17 ----D---- C:\WINDOWS\system32\en-US2012-12-30 09:38:17 ----D---- C:\Program Files\MSBuild2012-12-30 09:38:14 ----D---- C:\Program Files\Reference Assemblies2012-12-30 09:38:00 ----N---- C:\WINDOWS\system32\xpssvcs.dll2012-12-30 09:38:00 ----N---- C:\WINDOWS\system32\xpsshhdr.dll2012-12-30 09:38:00 ----N---- C:\WINDOWS\system32\prntvpt.dll2012-12-30 09:38:00 ----D---- C:\931dd4e9d3fec63017e138d32012-12-30 09:37:43 ----RSD---- C:\WINDOWS\assembly2012-12-30 09:37:34 ----D---- C:\WINDOWS\Microsoft.NET2012-12-30 09:37:19 ----A---- C:\WINDOWS\system32\spupdsvc.exe2012-12-30 09:37:18 ----HDC---- C:\WINDOWS\$NtUninstallWIC$2012-12-30 09:37:16 ----D---- C:\Program Files\MSXML 6.02012-12-30 09:36:12 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$2012-12-30 09:35:44 ----RA---- C:\WINDOWS\GSetup.exe2012-12-30 09:35:44 ----A---- C:\WINDOWS\GSetup.ini2012-12-29 13:34:51 ----A---- C:\WINDOWS\system32\h323log.txt2012-12-29 13:29:24 ----A---- C:\WINDOWS\system32\drivers\audstub.sys2012-12-29 13:29:01 ----A---- C:\WINDOWS\system32\drivers\redbook.sys2012-12-29 13:28:28 ----A---- C:\WINDOWS\system32\usbui.dll2012-12-29 13:27:47 ----A---- C:\WINDOWS\imsins.BAK2012-12-29 13:27:45 ----SHD---- C:\WINDOWS\Installer2012-12-29 13:27:45 ----D---- C:\Program Files\Common Files\ODBC2012-12-29 13:27:45 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI2012-12-29 13:27:45 ----A---- C:\WINDOWS\ODBCINST.INI2012-12-29 13:27:42 ----D---- C:\Program Files\Common Files\SpeechEngines2012-12-29 13:27:41 ----RD---- C:\Program Files2012-12-29 13:27:41 ----D---- C:\Program Files\Common Files\Microsoft Shared2012-12-29 13:27:41 ----D---- C:\Program Files\Common Files2012-12-29 13:27:39 ----RA---- C:\WINDOWS\system32\kbdtuq.dll2012-12-29 13:27:39 ----RA---- C:\WINDOWS\system32\kbdtuf.dll2012-12-29 13:27:39 ----RA---- C:\WINDOWS\system32\kbdazel.dll2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbdycc.dll2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbduzb.dll2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbdur.dll2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbdtat.dll2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbdru1.dll2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbdru.dll2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbdmon.dll2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbdkyr.dll2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbdkaz.dll2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbdaze.dll2012-12-29 13:27:36 ----RA---- C:\WINDOWS\system32\kbdbu.dll2012-12-29 13:27:36 ----RA---- C:\WINDOWS\system32\kbdblr.dll2012-12-29 13:27:35 ----RA---- C:\WINDOWS\system32\kbdhept.dll2012-12-29 13:27:35 ----RA---- C:\WINDOWS\system32\kbdhela3.dll2012-12-29 13:27:35 ----RA---- C:\WINDOWS\system32\kbdhela2.dll2012-12-29 13:27:35 ----RA---- C:\WINDOWS\system32\kbdhe319.dll2012-12-29 13:27:34 ----RA---- C:\WINDOWS\system32\kbdhe220.dll2012-12-29 13:27:34 ----RA---- C:\WINDOWS\system32\kbdhe.dll2012-12-29 13:27:34 ----RA---- C:\WINDOWS\system32\kbdgkl.dll2012-12-29 13:27:33 ----RA---- C:\WINDOWS\system32\kbdlv1.dll2012-12-29 13:27:33 ----RA---- C:\WINDOWS\system32\kbdlv.dll2012-12-29 13:27:33 ----RA---- C:\WINDOWS\system32\kbdlt1.dll2012-12-29 13:27:33 ----RA---- C:\WINDOWS\system32\kbdlt.dll2012-12-29 13:27:33 ----RA---- C:\WINDOWS\system32\kbdest.dll2012-12-29 13:27:31 ----RA---- C:\WINDOWS\system32\kbdsl1.dll2012-12-29 13:27:31 ----RA---- C:\WINDOWS\system32\kbdsl.dll2012-12-29 13:27:31 ----RA---- C:\WINDOWS\system32\kbdro.dll2012-12-29 13:27:31 ----RA---- C:\WINDOWS\system32\kbdpl1.dll2012-12-29 13:27:31 ----RA---- C:\WINDOWS\system32\kbdpl.dll2012-12-29 13:27:30 ----RA---- C:\WINDOWS\system32\kbdycl.dll2012-12-29 13:27:30 ----RA---- C:\WINDOWS\system32\kbdhu1.dll2012-12-29 13:27:30 ----RA---- C:\WINDOWS\system32\kbdhu.dll2012-12-29 13:27:30 ----RA---- C:\WINDOWS\system32\kbdcz2.dll2012-12-29 13:27:30 ----RA---- C:\WINDOWS\system32\kbdcz1.dll2012-12-29 13:27:30 ----RA---- C:\WINDOWS\system32\kbdcz.dll2012-12-29 13:27:30 ----RA---- C:\WINDOWS\system32\kbdcr.dll2012-12-29 13:27:30 ----RA---- C:\WINDOWS\system32\KBDAL.DLL2012-12-29 13:27:29 ----A---- C:\WINDOWS\system32\irclass.dll2012-12-29 13:27:29 ----A---- C:\WINDOWS\system32\dgrpsetu.dll2012-12-29 13:27:28 ----A---- C:\WINDOWS\system32\spxcoins.dll2012-12-29 13:27:28 ----A---- C:\WINDOWS\system32\EqnClass.Dll2012-12-29 13:27:28 ----A---- C:\WINDOWS\system32\dgsetup.dll2012-12-29 13:27:26 ----N---- C:\WINDOWS\system32\CONFIG.TMP2012-12-29 13:27:26 ----A---- C:\WINDOWS\TASKMAN.EXE2012-12-29 13:27:26 ----A---- C:\WINDOWS\system32\drivers\irenum.sys2012-12-29 13:27:26 ----A---- C:\WINDOWS\system32\batt.dll2012-12-29 13:27:25 ----A---- C:\WINDOWS\system32\storprop.dll2012-12-29 13:27:25 ----A---- C:\WINDOWS\notepad.exe2012-12-29 13:27:20 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini2012-12-29 13:27:18 ----RA---- C:\WINDOWS\SET8.tmp2012-12-29 13:27:15 ----RA---- C:\WINDOWS\SET4.tmp2012-12-29 13:27:14 ----RA---- C:\WINDOWS\SET3.tmp2012-12-29 13:27:10 ----D---- C:\WINDOWS\system32\CatRoot22012-12-29 13:27:10 ----D---- C:\WINDOWS\system32\CatRoot2012-12-29 13:27:04 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft2012-12-29 13:26:46 ----A---- C:\WINDOWS\setuplog.txt2012-12-29 13:26:45 ----D---- C:\Documents and Settings2012-12-29 13:26:44 ----SHD---- C:\System Volume Information2012-12-29 13:26:44 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT2012-12-29 13:26:07 ----SH---- C:\boot.ini2012-12-29 13:20:21 ----RSHDC---- C:\WINDOWS\system32\dllcache2012-12-29 13:20:21 ----RSD---- C:\WINDOWS\Fonts2012-12-29 13:20:21 ----RD---- C:\WINDOWS\Web2012-12-29 13:20:21 ----HD---- C:\WINDOWS\inf2012-12-29 13:20:21 ----D---- C:\WINDOWS\WinSxS2012-12-29 13:20:21 ----D---- C:\WINDOWS\twain_322012-12-29 13:20:21 ----D---- C:\WINDOWS\Temp2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\wins2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\wbem2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\usmt2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\spool2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\ShellExt2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\Setup2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\ras2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\oobe2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\npp2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\mui2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\inetsrv2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\IME2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\icsxml2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\ias2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\export2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\drivers\etc2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\drivers\disdn2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\drivers2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\dhcp2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\config2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\3com_dmi2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\30762012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\20522012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\10542012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\10422012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\10412012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\10372012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\10332012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\10312012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\10282012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\10252012-12-29 13:20:21 ----D---- C:\WINDOWS\system322012-12-29 13:20:21 ----D---- C:\WINDOWS\system2012-12-29 13:20:21 ----D---- C:\WINDOWS\security2012-12-29 13:20:21 ----D---- C:\WINDOWS\Resources2012-12-29 13:20:21 ----D---- C:\WINDOWS\repair2012-12-29 13:20:21 ----D---- C:\WINDOWS\Provisioning2012-12-29 13:20:21 ----D---- C:\WINDOWS\PeerNet2012-12-29 13:20:21 ----D---- C:\WINDOWS\pchealth2012-12-29 13:20:21 ----D---- C:\WINDOWS\mui2012-12-29 13:20:21 ----D---- C:\WINDOWS\msapps2012-12-29 13:20:21 ----D---- C:\WINDOWS\msagent2012-12-29 13:20:21 ----D---- C:\WINDOWS\Media2012-12-29 13:20:21 ----D---- C:\WINDOWS\java2012-12-29 13:20:21 ----D---- C:\WINDOWS\ime2012-12-29 13:20:21 ----D---- C:\WINDOWS\Help2012-12-29 13:20:21 ----D---- C:\WINDOWS\Driver Cache2012-12-29 13:20:21 ----D---- C:\WINDOWS\Debug2012-12-29 13:20:21 ----D---- C:\WINDOWS\Cursors2012-12-29 13:20:21 ----D---- C:\WINDOWS\Connection Wizard2012-12-29 13:20:21 ----D---- C:\WINDOWS\Config2012-12-29 13:20:21 ----D---- C:\WINDOWS\AppPatch2012-12-29 13:20:21 ----D---- C:\WINDOWS\addins2012-12-29 13:20:21 ----D---- C:\WINDOWS2012-12-29 13:20:21 ----ASH---- C:\pagefile.sys2012-12-29 12:56:36 ----D---- C:\Program Files\Common Files\Adobe2012-12-29 12:53:14 ----SHD---- C:\RECYCLER2012-12-29 12:41:55 ----D---- C:\Documents and Settings\Michael Senff\Application Data\Identities2012-12-29 12:41:54 ----HD---- C:\Program Files\Uninstall Information2012-12-29 12:41:52 ----ASH---- C:\Documents and Settings\Michael Senff\Application Data\desktop.ini2012-12-29 12:41:51 ----SD---- C:\Documents and Settings\Michael Senff\Application Data\Microsoft2012-12-29 12:41:19 ----D---- C:\WINDOWS\SoftwareDistribution2012-12-29 12:41:18 ----SD---- C:\WINDOWS\system32\Microsoft2012-12-29 12:41:18 ----A---- C:\WINDOWS\SchedLgU.Txt2012-12-29 12:40:27 ----AS---- C:\WINDOWS\bootstat.dat2012-12-29 12:39:26 ----D---- C:\WINDOWS\system32\xircom2012-12-29 12:39:26 ----D---- C:\Program Files\xerox2012-12-29 12:39:26 ----D---- C:\Program Files\microsoft frontpage2012-12-29 12:39:20 ----RASH---- C:\MSDOS.SYS2012-12-29 12:39:20 ----RASH---- C:\IO.SYS2012-12-29 12:39:20 ----A---- C:\WINDOWS\control.ini2012-12-29 12:39:20 ----A---- C:\CONFIG.SYS2012-12-29 12:39:20 ----A---- C:\AUTOEXEC.BAT2012-12-29 12:39:15 ----A---- C:\WINDOWS\OEWABLog.txt2012-12-29 12:39:13 ----A---- C:\WINDOWS\system32\mapi32.dll2012-12-29 12:38:49 ----SD---- C:\WINDOWS\Downloaded Program Files2012-12-29 12:38:49 ----RD---- C:\WINDOWS\Offline Web Pages2012-12-29 12:38:44 ----HD---- C:\Program Files\WindowsUpdate2012-12-29 12:38:29 ----D---- C:\WINDOWS\system32\DirectX2012-12-29 12:38:10 ----A---- C:\WINDOWS\system32\atrace.dll2012-12-29 12:38:07 ----A---- C:\WINDOWS\system32\desktop.ini2012-12-29 12:38:07 ----A---- C:\WINDOWS\desktop.ini2012-12-29 12:38:01 ----A---- C:\WINDOWS\system32\nmevtmsg.dll2012-12-29 12:38:00 ----A---- C:\WINDOWS\system32\acctres.dll2012-12-29 12:37:59 ----D---- C:\Program Files\Common Files\Services2012-12-29 12:37:57 ----SD---- C:\WINDOWS\Tasks2012-12-29 12:37:57 ----A---- C:\WINDOWS\system32\icfgnt5.dll2012-12-29 12:37:56 ----D---- C:\Program Files\Common Files\MSSoap2012-12-29 12:37:52 ----D---- C:\WINDOWS\srchasst2012-12-29 12:37:51 ----D---- C:\WINDOWS\system32\Macromed2012-12-29 12:37:48 ----A---- C:\WINDOWS\system32\wuweb.dll2012-12-29 12:37:48 ----A---- C:\WINDOWS\system32\wucltui.dll2012-12-29 12:37:48 ----A---- C:\WINDOWS\system32\wuauserv.dll2012-12-29 12:37:48 ----A---- C:\WINDOWS\system32\wuaueng1.dll2012-12-29 12:37:47 ----A---- C:\WINDOWS\system32\wups.dll2012-12-29 12:37:47 ----A---- C:\WINDOWS\system32\wuaueng.dll2012-12-29 12:37:47 ----A---- C:\WINDOWS\system32\wuauclt1.exe2012-12-29 12:37:47 ----A---- C:\WINDOWS\system32\wuauclt.exe2012-12-29 12:37:47 ----A---- C:\WINDOWS\system32\wuapi.dll2012-12-29 12:37:47 ----A---- C:\WINDOWS\system32\bitsprx3.dll2012-12-29 12:37:47 ----A---- C:\WINDOWS\system32\bitsprx2.dll2012-12-29 12:37:46 ----A---- C:\WINDOWS\system32\qmgrprxy.dll2012-12-29 12:37:46 ----A---- C:\WINDOWS\system32\qmgr.dll2012-12-29 12:37:42 ----D---- C:\Program Files\Movie Maker2012-12-29 12:37:39 ----A---- C:\WINDOWS\system32\safrslv.dll2012-12-29 12:37:39 ----A---- C:\WINDOWS\system32\safrdm.dll2012-12-29 12:37:39 ----A---- C:\WINDOWS\system32\safrcdlg.dll2012-12-29 12:37:38 ----A---- C:\WINDOWS\system32\racpldlg.dll2012-12-29 12:37:35 ----A---- C:\WINDOWS\system32\fltmc.exe2012-12-29 12:37:35 ----A---- C:\WINDOWS\system32\fltlib.dll2012-12-29 12:37:35 ----A---- C:\WINDOWS\system32\drivers\fltmgr.sys2012-12-29 12:37:34 ----D---- C:\WINDOWS\system32\Restore2012-12-29 12:37:34 ----A---- C:\WINDOWS\system32\srsvc.dll2012-12-29 12:37:34 ----A---- C:\WINDOWS\system32\srrstr.dll2012-12-29 12:37:34 ----A---- C:\WINDOWS\system32\srclient.dll2012-12-29 12:37:34 ----A---- C:\WINDOWS\system32\drivers\sr.sys2012-12-29 12:37:33 ----A---- C:\WINDOWS\system32\nmmkcert.dll2012-12-29 12:37:33 ----A---- C:\WINDOWS\system32\msconf.dll2012-12-29 12:37:33 ----A---- C:\WINDOWS\system32\mnmsrvc.exe2012-12-29 12:37:33 ----A---- C:\WINDOWS\system32\mnmdd.dll2012-12-29 12:37:33 ----A---- C:\WINDOWS\system32\isrdbg32.dll2012-12-29 12:37:33 ----A---- C:\WINDOWS\system32\ils.dll2012-12-29 12:37:30 ----D---- C:\Program Files\NetMeeting2012-12-29 12:37:30 ----A---- C:\WINDOWS\system32\msoert2.dll2012-12-29 12:37:30 ----A---- C:\WINDOWS\system32\msoeacct.dll2012-12-29 12:37:29 ----A---- C:\WINDOWS\system32\inetres.dll2012-12-29 12:37:28 ----A---- C:\WINDOWS\system32\inetcomm.dll2012-12-29 12:37:26 ----D---- C:\Program Files\Outlook Express2012-12-29 12:37:26 ----A---- C:\WINDOWS\system32\schedsvc.dll2012-12-29 12:37:26 ----A---- C:\WINDOWS\system32\mstinit.exe2012-12-29 12:37:26 ----A---- C:\WINDOWS\system32\mstask.dll2012-12-29 12:37:25 ----A---- C:\WINDOWS\system32\isign32.dll2012-12-29 12:37:25 ----A---- C:\WINDOWS\system32\inetcfg.dll2012-12-29 12:37:25 ----A---- C:\WINDOWS\system32\icwphbk.dll2012-12-29 12:37:25 ----A---- C:\WINDOWS\system32\icwdial.dll2012-12-29 12:37:20 ----D---- C:\Program Files\Common Files\System2012-12-29 12:37:19 ----D---- C:\Program Files\Internet Explorer2012-12-29 12:37:17 ----A---- C:\WINDOWS\system32\emptyregdb.dat2012-12-29 12:37:11 ----D---- C:\Program Files\ComPlus Applications2012-12-29 12:37:10 ----A---- C:\WINDOWS\vbaddin.ini2012-12-29 12:37:10 ----A---- C:\WINDOWS\vb.ini2012-12-29 12:37:07 ----D---- C:\WINDOWS\Registration2012-12-29 12:36:53 ----D---- C:\Program Files\Windows Media Player2012-12-29 12:36:53 ----D---- C:\Program Files\Online Services2012-12-29 12:36:50 ----D---- C:\Program Files\Messenger2012-12-29 12:36:46 ----D---- C:\Program Files\MSN Gaming Zone2012-12-29 12:36:46 ----A---- C:\WINDOWS\system32\write.exe2012-12-29 12:36:39 ----A---- C:\WINDOWS\system32\sndvol32.exe2012-12-29 12:36:39 ----A---- C:\WINDOWS\system32\hticons.dll2012-12-29 12:36:38 ----A---- C:\WINDOWS\system32\winchat.exe2012-12-29 12:36:38 ----A---- C:\WINDOWS\system32\avwav.dll2012-12-29 12:36:38 ----A---- C:\WINDOWS\system32\avtapi.dll2012-12-29 12:36:38 ----A---- C:\WINDOWS\system32\avmeter.dll2012-12-29 12:36:32 ----A---- C:\WINDOWS\system32\getuname.dll2012-12-29 12:36:32 ----A---- C:\WINDOWS\system32\charmap.exe2012-12-29 12:36:31 ----A---- C:\WINDOWS\system32\winmine.exe2012-12-29 12:36:31 ----A---- C:\WINDOWS\system32\sol.exe2012-12-29 12:36:31 ----A---- C:\WINDOWS\system32\mshearts.exe2012-12-29 12:36:31 ----A---- C:\WINDOWS\system32\calc.exe2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\usrlogon.cmd2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\tsshutdn.exe2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\tslabels.ini2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\tskill.exe2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\tsdiscon.exe2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\tscon.exe2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\shadow.exe2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\rwinsta.exe2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\reset.exe2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\regini.exe2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\rdpcfgex.dll2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\qwinsta.exe2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\freecell.exe2012-12-29 12:36:29 ----A---- C:\WINDOWS\system32\qappsrv.exe2012-12-29 12:36:29 ----A---- C:\WINDOWS\system32\msg.exe2012-12-29 12:36:29 ----A---- C:\WINDOWS\system32\msdtcprf.ini2012-12-29 12:36:29 ----A---- C:\WINDOWS\system32\logoff.exe2012-12-29 12:36:29 ----A---- C:\WINDOWS\system32\cdmodem.dll2012-12-29 12:36:28 ----A---- C:\WINDOWS\system32\stclient.dll2012-12-29 12:36:28 ----A---- C:\WINDOWS\system32\mtxlegih.dll2012-12-29 12:36:28 ----A---- C:\WINDOWS\system32\mtxex.dll2012-12-29 12:36:28 ----A---- C:\WINDOWS\system32\mtxdm.dll2012-12-29 12:36:28 ----A---- C:\WINDOWS\system32\dcomcnfg.exe2012-12-29 12:36:28 ----A---- C:\WINDOWS\system32\comsnap.dll2012-12-29 12:36:28 ----A---- C:\WINDOWS\system32\comrepl.dll2012-12-29 12:36:28 ----A---- C:\WINDOWS\system32\comaddin.dll2012-12-29 12:36:24 ----A---- C:\WINDOWS\system32\wmimgmt.msc2012-12-29 12:36:09 ----D---- C:\Program Files\MSN2012-12-29 12:36:08 ----A---- C:\WINDOWS\system32\sndrec32.exe2012-12-29 12:36:08 ----A---- C:\WINDOWS\system32\accwiz.exe2012-12-29 12:36:07 ----D---- C:\Program Files\Windows NT2012-12-29 12:36:07 ----A---- C:\WINDOWS\system32\mspaint.exe2012-12-29 12:36:07 ----A---- C:\WINDOWS\system32\mplay32.exe2012-12-29 12:36:07 ----A---- C:\WINDOWS\system32\hypertrm.dll2012-12-29 12:36:06 ----A---- C:\WINDOWS\system32\tscfgwmi.dll2012-12-29 12:36:06 ----A---- C:\WINDOWS\system32\spider.exe2012-12-29 12:36:06 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys2012-12-29 12:36:06 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys2012-12-29 12:36:06 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys2012-12-29 12:36:06 ----A---- C:\WINDOWS\system32\clipbrd.exe2012-12-29 12:36:05 ----A---- C:\WINDOWS\system32\sessmgr.exe2012-12-29 12:36:05 ----A---- C:\WINDOWS\system32\remotepg.dll2012-12-29 12:36:05 ----A---- C:\WINDOWS\system32\rdshost.exe2012-12-29 12:36:05 ----A---- C:\WINDOWS\system32\rdsaddin.exe2012-12-29 12:36:05 ----A---- C:\WINDOWS\system32\mstscax.dll2012-12-29 12:36:05 ----A---- C:\WINDOWS\system32\mstsc.exe2012-12-29 12:36:04 ----A---- C:\WINDOWS\system32\tscupgrd.exe2012-12-29 12:36:04 ----A---- C:\WINDOWS\system32\termsrv.dll2012-12-29 12:36:04 ----A---- C:\WINDOWS\system32\rdpwsx.dll2012-12-29 12:36:04 ----A---- C:\WINDOWS\system32\rdpsnd.dll2012-12-29 12:36:04 ----A---- C:\WINDOWS\system32\rdpclip.exe2012-12-29 12:36:04 ----A---- C:\WINDOWS\system32\rdchost.dll2012-12-29 12:36:04 ----A---- C:\WINDOWS\system32\qprocess.exe2012-12-29 12:36:04 ----A---- C:\WINDOWS\system32\icaapi.dll2012-12-29 12:36:04 ----A---- C:\WINDOWS\system32\cfgbkend.dll2012-12-29 12:36:03 ----D---- C:\WINDOWS\system32\MsDtc2012-12-29 12:36:03 ----A---- C:\WINDOWS\system32\mtxoci.dll2012-12-29 12:36:03 ----A---- C:\WINDOWS\system32\msdtcuiu.dll2012-12-29 12:36:03 ----A---- C:\WINDOWS\system32\msdtctm.dll2012-12-29 12:36:03 ----A---- C:\WINDOWS\system32\msdtcprx.dll2012-12-29 12:36:02 ----A---- C:\WINDOWS\system32\xolehlp.dll2012-12-29 12:36:02 ----A---- C:\WINDOWS\system32\msdtclog.dll2012-12-29 12:36:02 ----A---- C:\WINDOWS\system32\msdtc.exe2012-12-29 12:36:01 ----D---- C:\WINDOWS\system32\Com2012-12-29 12:36:01 ----A---- C:\WINDOWS\system32\colbact.dll2012-12-29 12:36:01 ----A---- C:\WINDOWS\system32\clbcatex.dll2012-12-29 12:36:01 ----A---- C:\WINDOWS\system32\catsrvut.dll2012-12-29 12:36:01 ----A---- C:\WINDOWS\system32\catsrvps.dll2012-12-29 12:36:01 ----A---- C:\WINDOWS\system32\catsrv.dll2012-12-29 12:36:00 ----A---- C:\WINDOWS\system32\comuid.dll2012-12-29 12:36:00 ----A---- C:\WINDOWS\system32\comsvcs.dll2012-12-29 12:35:59 ----A---- C:\WINDOWS\system32\clbcatq.dll2012-12-29 12:35:55 ----A---- C:\WINDOWS\system32\servdeps.dll2012-12-29 12:35:54 ----A---- C:\WINDOWS\system32\mmfutil.dll2012-12-29 12:35:54 ----A---- C:\WINDOWS\system32\licwmi.dll2012-12-29 12:35:54 ----A---- C:\WINDOWS\system32\cmprops.dll2012-12-29 12:35:51 ----A---- C:\WINDOWS\system32\drivers\termdd.sys2012-12-29 12:35:51 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys======List of files/folders modified in the last 1 month======2012-12-29 13:27:41 ----A---- C:\WINDOWS\system.ini2012-12-29 12:39:20 ----A---- C:\WINDOWS\win.ini2012-12-29 12:39:07 ----ASH---- C:\WINDOWS\fonts\desktop.ini2012-12-16 06:23:59 ----A---- C:\WINDOWS\system32\atmfd.dll2012-12-03 09:40:50 ----A---- C:\WINDOWS\system32\nv4_disp.dll======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2012-08-30 193552]R1 AppleCharger;AppleCharger; C:\WINDOWS\system32\DRIVERS\AppleCharger.sys [2011-11-02 19056]R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys []R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]R1 MpKslbb24b5ac;MpKslbb24b5ac; \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{03167648-FD3C-4EDC-A195-A457655F447E}\MpKslbb24b5ac.sys []R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\WINDOWS\System32\Drivers\EtronHub3.sys [2011-08-17 45056]R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\WINDOWS\System32\Drivers\EtronXHCI.sys [2011-08-17 64896]R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2011-11-22 6452328]R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []R3 MEI;Intel® Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2010-09-21 41088]R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-12-03 11053992]R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2012-07-03 124264]R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2011-08-24 323816]S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-17 1691480]S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []S3 GENERICDRV;GENERICDRV; \??\C:\Program Files\GIGABYTE\ET6\amifldrv32.sys []S3 GVTDrv;GVTDrv; \??\C:\WINDOWS\system32\Drivers\GVTDrv.sys []S3 mbamchameleon;mbamchameleon; \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys []S3 mbr;mbr; \??\C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\mbr.sys []S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-17 1395800]S3 ndiscm;Motorola SURFboard USB Cable Modem Windows Driver; C:\WINDOWS\system32\DRIVERS\NetMotCM.sys []S3 usbstor;usbstor; C:\WINDOWS\system32\drivers\usbstor.sys [2008-04-13 26368]======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2012-07-11 116608]R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-10-05 325656]R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-09-12 20472]R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2012-11-30 164712]R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-12-03 1259880]R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-12-31 711112]S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-31 116648]S2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-31 250808]S3 AppleChargerSrv;AppleChargerSrv; C:\WINDOWS\system32\AppleChargerSrv.exe [2010-04-06 31272]S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-31 116648]S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-11-29 115168]S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]-----------------EOF----------------- Link to post Share on other sites More sharing options...
MicQsenoch Posted January 1, 2013 Author ID:629250 Share Posted January 1, 2013 Step 4 log Results of screen317's Security Check version 0.99.56 Windows XP Service Pack 3 x86 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! AVG Security Toolbar Microsoft Security Essentials `````````Anti-malware/Other Utilities Check:````````` SUPERAntiSpyware Malwarebytes Anti-Malware version 1.70.0.1100 Adobe Flash Player 11.5.502.135 Mozilla Firefox (17.0.1) Google Chrome 22.0.1229.95 Google Chrome 23.0.1271.97 ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: 26% Defragment your hard drive soon! (Do NOT defrag if SSD!)````````````````````End of Log`````````````````````` Link to post Share on other sites More sharing options...
MicQsenoch Posted January 1, 2013 Author ID:629260 Share Posted January 1, 2013 Step 5Ran bit deffender and it did not find anything, however i did not see a button that would give me any log.Step 6 ReportRogueKiller V8.4.2 [Dec 31 2012] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/Website : http://tigzy.geekstogo.com/roguekiller.phpBlog : http://tigzyrk.blogspot.com/Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits versionStarted in : Normal modeUser : Michael Senff [Admin rights]Mode : Scan -- Date : 01/01/2013 12:22:22¤¤¤ Bad processes : 0 ¤¤¤¤¤¤ Registry Entries : 2 ¤¤¤[RUN][sUSP PATH] HKLM\[...]\RunOnce : Z1 (C:\Documents and Settings\Michael Senff\Desktop\mbar\mbar.exe /cleanup /s) -> FOUND[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND¤¤¤ Particular Files / Folders: ¤¤¤¤¤¤ Driver : [LOADED] ¤¤¤SSDT[257] : NtTerminateProcess @ 0x805D22D8 -> HOOKED (\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS @ 0xB4528640)¤¤¤ HOSTS File: ¤¤¤--> C:\WINDOWS\system32\drivers\etc\hosts127.0.0.1 localhost¤¤¤ MBR Check: ¤¤¤+++++ PhysicalDrive0: WDC WD740GD-00FLC0 +++++--- User ---[MBR] 7a1a556ce49d71bcb5d738cd79245330[bSP] 10c4b9629b14d9b3e29e74b07b251d9d : Windows XP MBR CodePartition table:0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 70896 MoUser = LL1 ... OK!User = LL2 ... OK!Finished : << RKreport[1]_S_01012013_02d1222.txt >>RKreport[1]_S_01012013_02d1222.txt Link to post Share on other sites More sharing options...
MicQsenoch Posted January 1, 2013 Author ID:629263 Share Posted January 1, 2013 FYI, will be heading to a new years party. Will be back later this afternoon. Link to post Share on other sites More sharing options...
Maurice Naggar Posted January 1, 2013 ID:629388 Share Posted January 1, 2013 Did you get and run Malwarebytes Anti-rootkit on your own? Please delete MBAR.exe on your desktop.And if you did not buy S*perantispyware, kindly remove it from auto-starting with Windows.While I am helping you, for the duration & until I give the all clear, do NOT get or run any tools or fixes, nor make changes without first checking with me.Just please follow my guidance. Disable your anti-virus program, How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware ProgramsPlease disconnect any USB or external drives from the computer before you run this scan!Right-Click RogueKiller and select Run as Administrator.Wait until Prescan finishes.On the RogueKiller console, click the Registry tab.Put a check next to all of these and uncheck the rest: (if found)[RUN][sUSP PATH] HKLM\[...]\RunOnce : Z1 (C:\Documents and Settings\Michael Senff\Desktop\mbar\mbar.exe /cleanup /s) -> FOUNDThen click on Delete on the right hand column under Options.When done, logoff & Restart the system.The log will be found as RKreportCopy & Paste the contents into next reply.Step 2Please read carefully and follow these steps.Download TDSSKiller and save it to your Desktop.Double-Click on TDSSKiller.exe to run the application, then on Start Scan.If running Vista or Windows 7, do a RIGHT-Click and select Run as Administrator to start TDSSKILLER.exe.If an infected file is detected, the default action will be Cure, click on Continue.If a suspicious file is detected, the default action will be Skip, click on Continue.If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please chooseSkip and click on ContinueIt may ask you to reboot the computer to complete the process. Click on Reboot Now.If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.Step 3Download and Save McAfee Stinger to your Desktophttp://www.mcafee.com/us/downloads/free-tools/stinger.aspxClose all browsers before starting. Disable your antivirus program and anti-malware,if any.How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware ProgramsOn Windows 7 & Vista systems, Right Click and select Run as Administrator.On XP, double-click to start it.The GUI interface will look like thisThe C drive is the default for scanning.Press the Preferences button. In the top right-block "On virus detection", click RenameIn the bottom block "Heuristic network check for suspicious files" select HighClick the Scan Now button.When done, use the File menu and select Save report to fileStinger.txt is the log report and will be saved to your Desktop. I will need a copy of that log.Stinger is a standalone utility used to detect and remove specific malware. It is not a full scan for all types of malware or viruses.It is not intended as virus protection.Step 4Download Dr.Web CureIt to the desktop. Turn OFF your antivirus program.How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware ProgramsDoubleclick the drweb-cureit.exe file, then on Start and allow to run the express scan This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan. Once the short scan has finished, chose the Complete Scan. Select all drives. A red dot shows which drives have been chosen. Click the green arrow at the right, and the scan will start. Click 'Yes to all' if it asks if you want to cure/move the file. When the scan has finished, look and see if you can click the following icon next to the files found: If so, click it and then click the next icon right below and select Move incurable as you'll see in next image: This will move it to the %userprofile%\DoctorWeb\quarantaine-folder if it can't be cured. (this in case if we need samples) After selecting, in the Dr.Web CureIt menu on top, click file and choose save report list Save the report to your desktop. The report will be called DrWeb.csv Close Dr.Web Cureit. Reboot your computer to allow files that were in use to be moved/deleted during reboot. After reboot, post the contents of the log from Dr.Web you saved previously in your next reply. NOTE: During the scan, a pop-up window will open asking for full version purchase. Simply close the window by clicking on X in upper right corner.Re-Enable your antivirus program when all done. Link to post Share on other sites More sharing options...
MicQsenoch Posted January 2, 2013 Author ID:629476 Share Posted January 2, 2013 I ran those programs before I found this website and realized I may have a larger problem on my hands.Rouge Killer log 2RogueKiller V8.4.2 [Dec 31 2012] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/Website : http://tigzy.geekstogo.com/roguekiller.phpBlog : http://tigzyrk.blogspot.com/Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits versionStarted in : Normal modeUser : Michael Senff [Admin rights]Mode : Remove -- Date : 01/01/2013 19:31:56¤¤¤ Bad processes : 0 ¤¤¤¤¤¤ Registry Entries : 2 ¤¤¤[RUN][sUSP PATH] HKLM\[...]\RunOnce : Z1 (C:\Documents and Settings\Michael Senff\Desktop\mbar\mbar.exe /cleanup /s) -> DELETED[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NOT SELECTED¤¤¤ Particular Files / Folders: ¤¤¤¤¤¤ Driver : [LOADED] ¤¤¤SSDT[257] : NtTerminateProcess @ 0x805D22D8 -> HOOKED (\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS @ 0xB4528640)¤¤¤ HOSTS File: ¤¤¤--> C:\WINDOWS\system32\drivers\etc\hosts127.0.0.1 localhost¤¤¤ MBR Check: ¤¤¤+++++ PhysicalDrive0: WDC WD740GD-00FLC0 +++++--- User ---[MBR] 7a1a556ce49d71bcb5d738cd79245330[bSP] 10c4b9629b14d9b3e29e74b07b251d9d : Windows XP MBR CodePartition table:0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 70896 MoUser = LL1 ... OK!User = LL2 ... OK!Finished : << RKreport[2]_D_01012013_02d1931.txt >>RKreport[1]_S_01012013_02d1222.txt ; RKreport[2]_D_01012013_02d1931.txt Link to post Share on other sites More sharing options...
MicQsenoch Posted January 2, 2013 Author ID:629477 Share Posted January 2, 2013 Step 2 log19:39:23.0015 2628 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:3519:39:23.0546 2628 ============================================================19:39:23.0546 2628 Current date / time: 2013/01/01 19:39:23.054619:39:23.0546 2628 SystemInfo:19:39:23.0546 2628 19:39:23.0546 2628 OS Version: 5.1.2600 ServicePack: 3.019:39:23.0546 2628 Product type: Workstation19:39:23.0546 2628 ComputerName: DEEZGOOD-D8793A19:39:23.0546 2628 UserName: Michael Senff19:39:23.0546 2628 Windows directory: C:\WINDOWS19:39:23.0546 2628 System windows directory: C:\WINDOWS19:39:23.0546 2628 Processor architecture: Intel x8619:39:23.0546 2628 Number of processors: 419:39:23.0546 2628 Page size: 0x100019:39:23.0546 2628 Boot type: Normal boot19:39:23.0546 2628 ============================================================19:39:24.0296 2628 Drive \Device\Harddisk0\DR0 - Size: 0x114FE27E00 (69.25 Gb), SectorSize: 0x200, Cylinders: 0x234F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000005419:39:24.0296 2628 ============================================================19:39:24.0296 2628 \Device\Harddisk0\DR0:19:39:24.0296 2628 MBR partitions:19:39:24.0296 2628 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x8A7818F19:39:24.0296 2628 ============================================================19:39:24.0328 2628 C: <-> \Device\Harddisk0\DR0\Partition119:39:24.0328 2628 ============================================================19:39:24.0328 2628 Initialize success19:39:24.0328 2628 ============================================================19:39:33.0656 3288 ============================================================19:39:33.0656 3288 Scan started19:39:33.0656 3288 Mode: Manual;19:39:33.0656 3288 ============================================================19:39:33.0890 3288 ================ Scan system memory ========================19:39:33.0890 3288 System memory - ok19:39:33.0890 3288 ================ Scan services =============================19:39:33.0937 3288 Abiosdsk - ok19:39:33.0937 3288 abp480n5 - ok19:39:33.0968 3288 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys19:39:33.0968 3288 ACPI - ok19:39:33.0984 3288 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys19:39:33.0984 3288 ACPIEC - ok19:39:34.0015 3288 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe19:39:34.0015 3288 AdobeFlashPlayerUpdateSvc - ok19:39:34.0015 3288 adpu160m - ok19:39:34.0031 3288 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys19:39:34.0031 3288 aec - ok19:39:34.0062 3288 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys19:39:34.0062 3288 AFD - ok19:39:34.0062 3288 Aha154x - ok19:39:34.0062 3288 aic78u2 - ok19:39:34.0062 3288 aic78xx - ok19:39:34.0078 3288 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll19:39:34.0078 3288 Alerter - ok19:39:34.0093 3288 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe19:39:34.0093 3288 ALG - ok19:39:34.0093 3288 AliIde - ok19:39:34.0140 3288 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys19:39:34.0187 3288 Ambfilt - ok19:39:34.0187 3288 amsint - ok19:39:34.0203 3288 [ F5F0F78286A849BC0E45E0E99065B04F ] AppleCharger C:\WINDOWS\system32\DRIVERS\AppleCharger.sys19:39:34.0203 3288 AppleCharger - ok19:39:34.0203 3288 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\WINDOWS\system32\AppleChargerSrv.exe19:39:34.0203 3288 AppleChargerSrv - ok19:39:34.0203 3288 AppMgmt - ok19:39:34.0203 3288 asc - ok19:39:34.0203 3288 asc3350p - ok19:39:34.0203 3288 asc3550 - ok19:39:34.0250 3288 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe19:39:34.0250 3288 aspnet_state - ok19:39:34.0265 3288 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys19:39:34.0265 3288 AsyncMac - ok19:39:34.0265 3288 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys19:39:34.0265 3288 atapi - ok19:39:34.0265 3288 Atdisk - ok19:39:34.0281 3288 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys19:39:34.0281 3288 Atmarpc - ok19:39:34.0296 3288 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll19:39:34.0296 3288 AudioSrv - ok19:39:34.0312 3288 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys19:39:34.0312 3288 audstub - ok19:39:34.0328 3288 [ 57D83B82117C2DDB9D7E9AEA691CEDFC ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys19:39:34.0343 3288 avgtp - ok19:39:34.0359 3288 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys19:39:34.0359 3288 Beep - ok19:39:34.0375 3288 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll19:39:34.0390 3288 BITS - ok19:39:34.0406 3288 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll19:39:34.0406 3288 Browser - ok19:39:34.0421 3288 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys19:39:34.0421 3288 cbidf2k - ok19:39:34.0421 3288 cd20xrnt - ok19:39:34.0437 3288 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys19:39:34.0437 3288 Cdaudio - ok19:39:34.0453 3288 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys19:39:34.0453 3288 Cdfs - ok19:39:34.0453 3288 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys19:39:34.0453 3288 Cdrom - ok19:39:34.0453 3288 Changer - ok19:39:34.0468 3288 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe19:39:34.0468 3288 CiSvc - ok19:39:34.0484 3288 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe19:39:34.0484 3288 ClipSrv - ok19:39:34.0484 3288 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe19:39:34.0484 3288 clr_optimization_v2.0.50727_32 - ok19:39:34.0484 3288 CmdIde - ok19:39:34.0484 3288 COMSysApp - ok19:39:34.0500 3288 Cpqarray - ok19:39:34.0500 3288 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll19:39:34.0500 3288 CryptSvc - ok19:39:34.0500 3288 dac2w2k - ok19:39:34.0500 3288 dac960nt - ok19:39:34.0531 3288 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll19:39:34.0531 3288 DcomLaunch - ok19:39:34.0546 3288 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll19:39:34.0546 3288 Dhcp - ok19:39:34.0546 3288 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys19:39:34.0546 3288 Disk - ok19:39:34.0546 3288 dmadmin - ok19:39:34.0578 3288 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys19:39:34.0609 3288 dmboot - ok19:39:34.0609 3288 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys19:39:34.0609 3288 dmio - ok19:39:34.0625 3288 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys19:39:34.0625 3288 dmload - ok19:39:34.0640 3288 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll19:39:34.0640 3288 dmserver - ok19:39:34.0640 3288 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys19:39:34.0640 3288 DMusic - ok19:39:34.0671 3288 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll19:39:34.0671 3288 Dnscache - ok19:39:34.0687 3288 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll19:39:34.0687 3288 Dot3svc - ok19:39:34.0687 3288 dpti2o - ok19:39:34.0703 3288 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys19:39:34.0703 3288 drmkaud - ok19:39:34.0718 3288 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll19:39:34.0718 3288 EapHost - ok19:39:34.0734 3288 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll19:39:34.0734 3288 ERSvc - ok19:39:34.0750 3288 [ 0A780BCC1ACA1DF2BBDECE33E981D4F8 ] EtronHub3 C:\WINDOWS\system32\Drivers\EtronHub3.sys19:39:34.0750 3288 EtronHub3 - ok19:39:34.0765 3288 [ 5D8923FA7470B3FDD06D0E57D1242343 ] EtronXHCI C:\WINDOWS\system32\Drivers\EtronXHCI.sys19:39:34.0765 3288 EtronXHCI - ok19:39:34.0781 3288 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe19:39:34.0781 3288 Eventlog - ok19:39:34.0796 3288 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll19:39:34.0796 3288 EventSystem - ok19:39:34.0812 3288 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys19:39:34.0812 3288 Fastfat - ok19:39:34.0843 3288 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll19:39:34.0843 3288 FastUserSwitchingCompatibility - ok19:39:34.0843 3288 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys19:39:34.0843 3288 Fdc - ok19:39:34.0843 3288 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys19:39:34.0843 3288 Fips - ok19:39:34.0859 3288 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys19:39:34.0859 3288 Flpydisk - ok19:39:34.0875 3288 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys19:39:34.0875 3288 FltMgr - ok19:39:34.0906 3288 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe19:39:34.0906 3288 FontCache3.0.0.0 - ok19:39:34.0906 3288 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys19:39:34.0906 3288 Fs_Rec - ok19:39:34.0906 3288 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys19:39:34.0906 3288 Ftdisk - ok19:39:34.0937 3288 [ D556CB79967E92B5CC69686D16C1D846 ] gdrv C:\WINDOWS\gdrv.sys19:39:34.0937 3288 gdrv - ok19:39:34.0984 3288 [ 51876DECB54BBF027EF052229CE43339 ] GENERICDRV C:\Program Files\GIGABYTE\ET6\amifldrv32.sys19:39:34.0984 3288 GENERICDRV - ok19:39:35.0000 3288 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys19:39:35.0000 3288 Gpc - ok19:39:35.0031 3288 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe19:39:35.0031 3288 gupdate - ok19:39:35.0031 3288 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe19:39:35.0031 3288 gupdatem - ok19:39:35.0046 3288 [ 689A8EEF2A2D62B28A0A578A6196531C ] GVTDrv C:\WINDOWS\system32\Drivers\GVTDrv.sys19:39:35.0046 3288 GVTDrv - ok19:39:35.0062 3288 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys19:39:35.0062 3288 HDAudBus - ok19:39:35.0093 3288 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll19:39:35.0093 3288 helpsvc - ok19:39:35.0093 3288 HidServ - ok19:39:35.0109 3288 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys19:39:35.0109 3288 hidusb - ok19:39:35.0125 3288 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll19:39:35.0125 3288 hkmsvc - ok19:39:35.0125 3288 hpn - ok19:39:35.0156 3288 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys19:39:35.0156 3288 HTTP - ok19:39:35.0171 3288 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll19:39:35.0171 3288 HTTPFilter - ok19:39:35.0171 3288 i2omgmt - ok19:39:35.0171 3288 i2omp - ok19:39:35.0187 3288 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys19:39:35.0187 3288 i8042prt - ok19:39:35.0218 3288 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe19:39:35.0218 3288 IDriverT - ok19:39:35.0265 3288 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe19:39:35.0296 3288 idsvc - ok19:39:35.0312 3288 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys19:39:35.0312 3288 Imapi - ok19:39:35.0312 3288 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe19:39:35.0312 3288 ImapiService - ok19:39:35.0312 3288 ini910u - ok19:39:35.0453 3288 [ 5A4308F76EAE30A7C3337B7B9E9B63E9 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys19:39:35.0468 3288 IntcAzAudAddService - ok19:39:35.0484 3288 IntelIde - ok19:39:35.0484 3288 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys19:39:35.0484 3288 intelppm - ok19:39:35.0500 3288 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys19:39:35.0500 3288 Ip6Fw - ok19:39:35.0515 3288 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys19:39:35.0515 3288 IpFilterDriver - ok19:39:35.0531 3288 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys19:39:35.0531 3288 IpInIp - ok19:39:35.0531 3288 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys19:39:35.0531 3288 IpNat - ok19:39:35.0546 3288 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys19:39:35.0546 3288 IPSec - ok19:39:35.0546 3288 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys19:39:35.0546 3288 IRENUM - ok19:39:35.0562 3288 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys19:39:35.0562 3288 isapnp - ok19:39:35.0562 3288 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys19:39:35.0562 3288 Kbdclass - ok19:39:35.0578 3288 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys19:39:35.0578 3288 kmixer - ok19:39:35.0593 3288 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys19:39:35.0593 3288 KSecDD - ok19:39:35.0609 3288 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll19:39:35.0609 3288 lanmanserver - ok19:39:35.0609 3288 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll19:39:35.0625 3288 lanmanworkstation - ok19:39:35.0625 3288 lbrtfdc - ok19:39:35.0625 3288 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll19:39:35.0625 3288 LmHosts - ok19:39:35.0656 3288 [ 0803906D607A9B83184447B75B60ECC2 ] LMS C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe19:39:35.0656 3288 LMS - ok19:39:35.0671 3288 [ 4A5FFDF0FE830C448830BD4B02B02B4B ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys19:39:35.0671 3288 mbamchameleon - ok19:39:35.0687 3288 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys19:39:35.0687 3288 MBAMProtector - ok19:39:35.0703 3288 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe19:39:35.0703 3288 MBAMScheduler - ok19:39:35.0734 3288 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe19:39:35.0734 3288 MBAMService - ok19:39:35.0750 3288 [ CFCB18986426A2D8E66F1992636221D0 ] MEI C:\WINDOWS\system32\DRIVERS\HECI.sys19:39:35.0750 3288 MEI - ok19:39:35.0765 3288 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll19:39:35.0765 3288 Messenger - ok19:39:35.0781 3288 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys19:39:35.0781 3288 mnmdd - ok19:39:35.0796 3288 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe19:39:35.0796 3288 mnmsrvc - ok19:39:35.0812 3288 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys19:39:35.0812 3288 Modem - ok19:39:35.0843 3288 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys19:39:35.0875 3288 Monfilt - ok19:39:35.0890 3288 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys19:39:35.0890 3288 Mouclass - ok19:39:35.0906 3288 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys19:39:35.0906 3288 mouhid - ok19:39:35.0921 3288 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys19:39:35.0921 3288 MountMgr - ok19:39:35.0953 3288 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe19:39:35.0953 3288 MozillaMaintenance - ok19:39:35.0968 3288 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys19:39:35.0968 3288 MpFilter - ok19:39:35.0968 3288 mraid35x - ok19:39:35.0984 3288 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys19:39:35.0984 3288 MRxDAV - ok19:39:36.0015 3288 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys19:39:36.0015 3288 MRxSmb - ok19:39:36.0031 3288 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe19:39:36.0031 3288 MSDTC - ok19:39:36.0031 3288 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys19:39:36.0031 3288 Msfs - ok19:39:36.0031 3288 MSIServer - ok19:39:36.0046 3288 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys19:39:36.0046 3288 MSKSSRV - ok19:39:36.0078 3288 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe19:39:36.0078 3288 MsMpSvc - ok19:39:36.0078 3288 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys19:39:36.0078 3288 MSPCLOCK - ok19:39:36.0093 3288 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys19:39:36.0093 3288 MSPQM - ok19:39:36.0093 3288 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys19:39:36.0093 3288 mssmbios - ok19:39:36.0109 3288 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys19:39:36.0109 3288 Mup - ok19:39:36.0140 3288 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll19:39:36.0140 3288 napagent - ok19:39:36.0156 3288 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys19:39:36.0156 3288 NDIS - ok19:39:36.0156 3288 ndiscm - ok19:39:36.0187 3288 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys19:39:36.0187 3288 NdisTapi - ok19:39:36.0187 3288 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys19:39:36.0187 3288 Ndisuio - ok19:39:36.0203 3288 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys19:39:36.0203 3288 NdisWan - ok19:39:36.0203 3288 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys19:39:36.0203 3288 NDProxy - ok19:39:36.0203 3288 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys19:39:36.0203 3288 NetBIOS - ok19:39:36.0218 3288 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys19:39:36.0234 3288 NetBT - ok19:39:36.0250 3288 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe19:39:36.0250 3288 NetDDE - ok19:39:36.0250 3288 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe19:39:36.0250 3288 NetDDEdsdm - ok19:39:36.0265 3288 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe19:39:36.0265 3288 Netlogon - ok19:39:36.0281 3288 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll19:39:36.0281 3288 Netman - ok19:39:36.0312 3288 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe19:39:36.0312 3288 NetTcpPortSharing - ok19:39:36.0328 3288 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll19:39:36.0328 3288 Nla - ok19:39:36.0328 3288 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys19:39:36.0343 3288 Npfs - ok19:39:36.0359 3288 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys19:39:36.0359 3288 Ntfs - ok19:39:36.0359 3288 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe19:39:36.0359 3288 NtLmSsp - ok19:39:36.0390 3288 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll19:39:36.0390 3288 NtmsSvc - ok19:39:36.0406 3288 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys19:39:36.0406 3288 Null - ok19:39:36.0890 3288 [ A0A12B3824889E07CB5D19C30F058E68 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys19:39:36.0937 3288 nv - ok19:39:36.0953 3288 [ A211AB524324E84C2C805B52DFCDD544 ] NVHDA C:\WINDOWS\system32\drivers\nvhda32.sys19:39:36.0953 3288 NVHDA - ok19:39:36.0968 3288 [ 36E24031C29E6BB6F905CCB41FC987C0 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe19:39:36.0968 3288 NVSvc - ok19:39:37.0031 3288 [ EF14502139880F7C3DDCF0D7CA12F370 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe19:39:37.0062 3288 nvUpdatusService - ok19:39:37.0078 3288 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys19:39:37.0078 3288 NwlnkFlt - ok19:39:37.0078 3288 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys19:39:37.0078 3288 NwlnkFwd - ok19:39:37.0093 3288 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys19:39:37.0093 3288 Parport - ok19:39:37.0093 3288 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys19:39:37.0093 3288 PartMgr - ok19:39:37.0125 3288 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys19:39:37.0125 3288 ParVdm - ok19:39:37.0125 3288 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys19:39:37.0125 3288 PCI - ok19:39:37.0125 3288 PCIDump - ok19:39:37.0125 3288 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys19:39:37.0125 3288 PCIIde - ok19:39:37.0140 3288 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys19:39:37.0140 3288 Pcmcia - ok19:39:37.0140 3288 PDCOMP - ok19:39:37.0140 3288 PDFRAME - ok19:39:37.0156 3288 PDRELI - ok19:39:37.0156 3288 PDRFRAME - ok19:39:37.0156 3288 perc2 - ok19:39:37.0156 3288 perc2hib - ok19:39:37.0171 3288 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe19:39:37.0171 3288 PlugPlay - ok19:39:37.0171 3288 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe19:39:37.0171 3288 PolicyAgent - ok19:39:37.0187 3288 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys19:39:37.0187 3288 PptpMiniport - ok19:39:37.0187 3288 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe19:39:37.0187 3288 ProtectedStorage - ok19:39:37.0187 3288 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys19:39:37.0187 3288 PSched - ok19:39:37.0203 3288 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys19:39:37.0203 3288 Ptilink - ok19:39:37.0203 3288 ql1080 - ok19:39:37.0203 3288 Ql10wnt - ok19:39:37.0203 3288 ql12160 - ok19:39:37.0203 3288 ql1240 - ok19:39:37.0203 3288 ql1280 - ok19:39:37.0218 3288 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys19:39:37.0218 3288 RasAcd - ok19:39:37.0234 3288 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll19:39:37.0234 3288 RasAuto - ok19:39:37.0250 3288 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys19:39:37.0250 3288 Rasl2tp - ok19:39:37.0265 3288 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll19:39:37.0265 3288 RasMan - ok19:39:37.0265 3288 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys19:39:37.0265 3288 RasPppoe - ok19:39:37.0265 3288 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys19:39:37.0265 3288 Raspti - ok19:39:37.0281 3288 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys19:39:37.0281 3288 Rdbss - ok19:39:37.0296 3288 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys19:39:37.0296 3288 RDPCDD - ok19:39:37.0312 3288 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys19:39:37.0312 3288 RDPWD - ok19:39:37.0328 3288 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe19:39:37.0343 3288 RDSessMgr - ok19:39:37.0343 3288 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys19:39:37.0343 3288 redbook - ok19:39:37.0359 3288 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll19:39:37.0359 3288 RemoteAccess - ok19:39:37.0359 3288 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe19:39:37.0359 3288 RpcLocator - ok19:39:37.0390 3288 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll19:39:37.0390 3288 RpcSs - ok19:39:37.0406 3288 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe19:39:37.0406 3288 RSVP - ok19:39:37.0421 3288 [ D3578C3806ED545E5C36B2A20F5C0B5A ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys19:39:37.0421 3288 RTLE8023xp - ok19:39:37.0421 3288 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe19:39:37.0421 3288 SamSs - ok19:39:37.0421 3288 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe19:39:37.0421 3288 SCardSvr - ok19:39:37.0453 3288 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll19:39:37.0453 3288 Schedule - ok19:39:37.0468 3288 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys19:39:37.0468 3288 Secdrv - ok19:39:37.0468 3288 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll19:39:37.0484 3288 seclogon - ok19:39:37.0484 3288 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll19:39:37.0484 3288 SENS - ok19:39:37.0484 3288 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys19:39:37.0484 3288 Serial - ok19:39:37.0515 3288 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys19:39:37.0515 3288 Sfloppy - ok19:39:37.0531 3288 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll19:39:37.0531 3288 SharedAccess - ok19:39:37.0546 3288 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll19:39:37.0546 3288 ShellHWDetection - ok19:39:37.0546 3288 Simbad - ok19:39:37.0546 3288 Sparrow - ok19:39:37.0562 3288 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys19:39:37.0562 3288 splitter - ok19:39:37.0578 3288 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe19:39:37.0578 3288 Spooler - ok19:39:37.0593 3288 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys19:39:37.0593 3288 sr - ok19:39:37.0609 3288 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll19:39:37.0609 3288 srservice - ok19:39:37.0640 3288 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys19:39:37.0640 3288 Srv - ok19:39:37.0656 3288 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll19:39:37.0656 3288 SSDPSRV - ok19:39:37.0671 3288 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll19:39:37.0687 3288 stisvc - ok19:39:37.0703 3288 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys19:39:37.0703 3288 swenum - ok19:39:37.0703 3288 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys19:39:37.0703 3288 swmidi - ok19:39:37.0703 3288 SwPrv - ok19:39:37.0703 3288 symc810 - ok19:39:37.0718 3288 symc8xx - ok19:39:37.0718 3288 sym_hi - ok19:39:37.0718 3288 sym_u3 - ok19:39:37.0718 3288 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys19:39:37.0718 3288 sysaudio - ok19:39:37.0734 3288 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe19:39:37.0750 3288 SysmonLog - ok19:39:37.0750 3288 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll19:39:37.0750 3288 TapiSrv - ok19:39:37.0781 3288 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys19:39:37.0781 3288 Tcpip - ok19:39:37.0796 3288 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys19:39:37.0796 3288 TDPIPE - ok19:39:37.0796 3288 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys19:39:37.0796 3288 TDTCP - ok19:39:37.0812 3288 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys19:39:37.0812 3288 TermDD - ok19:39:37.0828 3288 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll19:39:37.0828 3288 TermService - ok19:39:37.0828 3288 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll19:39:37.0828 3288 Themes - ok19:39:37.0828 3288 TosIde - ok19:39:37.0843 3288 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll19:39:37.0843 3288 TrkWks - ok19:39:37.0843 3288 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys19:39:37.0859 3288 Udfs - ok19:39:37.0859 3288 ultra - ok19:39:37.0937 3288 [ EB79C6C91A99930015EF29AE7FA802D1 ] UNS C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe19:39:38.0000 3288 UNS - ok19:39:38.0015 3288 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys19:39:38.0031 3288 Update - ok19:39:38.0046 3288 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll19:39:38.0046 3288 upnphost - ok19:39:38.0062 3288 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe19:39:38.0062 3288 UPS - ok19:39:38.0078 3288 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys19:39:38.0078 3288 usbehci - ok19:39:38.0078 3288 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys19:39:38.0078 3288 usbhub - ok19:39:38.0078 3288 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\drivers\usbstor.sys19:39:38.0078 3288 usbstor - ok19:39:38.0093 3288 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys19:39:38.0093 3288 VgaSave - ok19:39:38.0093 3288 ViaIde - ok19:39:38.0093 3288 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys19:39:38.0093 3288 VolSnap - ok19:39:38.0109 3288 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe19:39:38.0125 3288 VSS - ok19:39:38.0156 3288 [ 7D110D645030C05A06C3CD08D1E47D0A ] vToolbarUpdater13.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe19:39:38.0171 3288 vToolbarUpdater13.2.0 - ok19:39:38.0187 3288 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll19:39:38.0187 3288 W32Time - ok19:39:38.0203 3288 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys19:39:38.0203 3288 Wanarp - ok19:39:38.0203 3288 WDICA - ok19:39:38.0203 3288 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys19:39:38.0203 3288 wdmaud - ok19:39:38.0218 3288 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll19:39:38.0218 3288 WebClient - ok19:39:38.0250 3288 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll19:39:38.0265 3288 winmgmt - ok19:39:38.0281 3288 [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll19:39:38.0281 3288 WmdmPmSN - ok19:39:38.0296 3288 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe19:39:38.0296 3288 WmiApSrv - ok19:39:38.0312 3288 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll19:39:38.0312 3288 wscsvc - ok19:39:38.0328 3288 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll19:39:38.0328 3288 wuauserv - ok19:39:38.0343 3288 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll19:39:38.0359 3288 WZCSVC - ok19:39:38.0359 3288 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll19:39:38.0375 3288 xmlprov - ok19:39:38.0375 3288 ================ Scan global ===============================19:39:38.0390 3288 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll19:39:38.0421 3288 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll19:39:38.0421 3288 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll19:39:38.0437 3288 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe19:39:38.0437 3288 [Global] - ok19:39:38.0437 3288 ================ Scan MBR ==================================19:39:38.0437 3288 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR019:39:38.0546 3288 \Device\Harddisk0\DR0 - ok19:39:38.0546 3288 ================ Scan VBR ==================================19:39:38.0546 3288 [ 696F7D88C63A76A446D140FEC7690767 ] \Device\Harddisk0\DR0\Partition119:39:38.0562 3288 \Device\Harddisk0\DR0\Partition1 - ok19:39:38.0562 3288 ============================================================19:39:38.0562 3288 Scan finished19:39:38.0562 3288 ============================================================19:39:38.0562 3268 Detected object count: 019:39:38.0562 3268 Actual detected object count: 0 Link to post Share on other sites More sharing options...
MicQsenoch Posted January 2, 2013 Author ID:629483 Share Posted January 2, 2013 Step 3 logMcAfee® Labs Stinger Version 10.2.0.936 built on Jan 1 2013Copyright © 2012 McAfee, Inc. All Rights Reserved.Virus data file v1000.0000 created on Jan 1 2013.Ready to scan for 6091 viruses, trojans and variants.Scan initiated on Tue Jan 01 19:44:59 2013Rootkit scan result : Clean Master Boot Record(s):....1 Possibly Infected:.............0 Boot Sector(s):.................1 Possibly Infected: ............0 Number of clean files: 8520Scan initiated on Tue Jan 01 19:51:29 2013Rootkit scan result : Clean Master Boot Record(s):....1 Possibly Infected:.............0 Boot Sector(s):.................1 Possibly Infected: ............0 Number of clean files: 8586 Link to post Share on other sites More sharing options...
MicQsenoch Posted January 2, 2013 Author ID:629502 Share Posted January 2, 2013 =============================================================================Dr.Web Scanner SE for Windows v7.0.100.12030© Doctor Web, Ltd., 1992-2012Scan session started 2013/01/01 20:07:43Module location : c:\documents and settings\michael senff\local settings\temp\8CD95628-6839BAB8-8251CD28-34F710F0\=============================================================================OPTION [Automatic Apply Actions] NOOPTION [Turn Off Computer After Scan] NOOPTION [use Sound Alerts] NOOPTION [block Network] NOOPTION [Protect Process] NOOPTION [Protect Raw Disk] NOUsing language: "English"Available instances: 6Instances used: 6Platform: Windows XP Home x86 (Build 2600), Service Pack 3API Version: 2.2Scanning Engine version: 8.0.1.11280Virus Finding Engine version: 7.0.4.9250Total 89 virus bases are loaded from c:\documents and settings\michael senff\local settings\temp\8CD95628-6839BAB8-8251CD28-34F710F0vd2yjdma 7.0 9015eded52680399ec1df18349ecbcd74f613b02 2013/01/01 18:10:28 908 records - OKneisoa6b 7.0 f5d1425097a34628f8d752212dabf9732d209c98 2011/07/25 09:20:03 1 record - OKpnsktmnf 7.0 4c38b4db39d5be63a02c898d2438b6c04405a48f 2013/01/01 13:02:18 3916 records - OKt7pfoqgj 7.0 805b6089c867549c75f843eac96b759c3f8d101f 2012/12/30 21:05:41 18184 records - OKysjt6e70 7.0 c12a817c1f95bb9fd8238ef0d5f68868a8d95686 2012/12/23 21:05:33 30183 records - OKdcjtn7qk 7.0 33def496782eb5b7b1cc93fdb036a1b62fa6a2fd 2012/12/16 21:06:21 25519 records - OKnts2jtjx 7.0 422abae03c588822f412aa9aae50578a1d61737e 2012/12/09 21:05:04 20358 records - OKn6nzvpdy 7.0 a4f0d0ecad4fb6e0afdb1925f4e0b7863b9d03fa 2012/12/02 21:06:19 20133 records - OKrciabzrq 7.0 86daa918ee3de1e4c1e5dea6f9b5f63544cf8814 2012/11/25 21:05:22 27311 records - OKkxx242nk 7.0 6556881c748e1f894eb9c7943ebae67017e1aec2 2012/11/18 21:06:09 29434 records - OK0tc4jzi6 7.0 559141ef34f9e6226bb58560e9b52e4cc5165150 2012/11/11 21:06:22 26900 records - OKcur0kazg 7.0 cc55013e63ff89319ec772e34d77056c7108cd3b 2012/11/04 21:05:22 25164 records - OK05oqcdxs 7.0 f477dc247d9b562bb64fd4f46a7dcbdf7124eb60 2012/10/28 22:06:37 30226 records - OKndrb99tv 7.0 abaf5f7fda7308fcf7573b193bbf2116723e9802 2012/10/21 22:04:37 16441 records - OKjet4em2a 7.0 5adc85528fb49e201d4bc61eca580d6839cc4a4c 2012/10/14 22:05:04 26289 records - OKg022mtpl 7.0 da8cf3fbd81206bb3d8103347a439f920a74bbe2 2012/10/07 22:05:51 27278 records - OKdedkzu0s 7.0 5988744d3cb357f1a013427d466e2d79ab5f8907 2012/09/30 22:05:11 17444 records - OKn18t5qzi 7.0 d4a0dabf4a4df0f79805c6ccdc025f796765e786 2012/09/23 22:06:30 21205 records - OK5i4lciua 7.0 82ed005784d9e258213070a0cd8bfceff345018d 2012/09/16 22:05:43 11686 records - OKba0jf7bz 7.0 a95ae63004b8d857c2db055f4e47c15bfc97f626 2012/09/09 22:04:34 12677 records - OK7knz0vya 7.0 c39bf233d25242ae9ed8cf204b9b788c8f45ab79 2012/09/02 22:05:28 10118 records - OK2c3cc7bp 7.0 d37b5484b009947b7cdd3837dafe8148615401c2 2012/08/26 22:05:26 12602 records - OKlaz4svn3 7.0 41bf1347794ab7060dec7aaecc1d1d95cf6fecb5 2012/08/19 22:04:05 18298 records - OK00zstied 7.0 1a997511e5892aaeb69b3db70e06676af36382e3 2012/08/12 22:05:19 17126 records - OKz7inloz3 7.0 f7226c59914e3683e538e668c3b664af3232654d 2012/08/05 22:03:53 20539 records - OK13cbkgyc 7.0 4035c8d3b617bf935a317a8c57efaa8e835a61f4 2012/07/29 22:05:26 19330 records - OK4blf9nhz 7.0 09b55bc000f184ed426f1d8b9665669346fe5e71 2012/07/22 22:05:34 19692 records - OKgz065ne2 7.0 f746c097f298e94faa9db94e6f64ef9fd4a7b010 2012/07/15 22:05:43 14727 records - OKng6y0ln0 7.0 792a6a25a17e764390440cd4c2c6ca5a97ab162f 2012/07/08 22:04:33 19485 records - OKjae4x1dz 7.0 ca9905c39e3d93428a4db65a192debe9fbd7acf7 2012/07/01 22:04:55 22898 records - OKon8w4e4q 7.0 dc29c610b866c66ba5327e7830452b2460149a35 2012/06/24 22:05:17 20551 records - OKm1cnqcni 7.0 c28739bea153508d12942ac9a61abd475d0a0404 2012/06/17 22:03:35 9661 records - OKbsxqi1u9 7.0 e5b5835a7c512120c5348e31483a4caa2a845d28 2012/06/10 22:04:32 23632 records - OKsg7ay0yu 7.0 61853ce89026ef0ebbd80174f1b7dd5d25bbc63a 2012/06/03 22:04:41 12423 records - OKszyb64sl 7.0 4e6c9897e153b47ca97b7da48ceed23e555a7761 2012/05/27 22:04:26 15493 records - OKa3of1pu2 7.0 35f4c105cecd8ec1fd01714abebf30f8f3efb96e 2012/05/20 22:03:29 13065 records - OKi99csduf 7.0 3522aa84677411aa7d67796bb05ea3ab62f02a71 2012/05/13 22:04:24 16238 records - OKr2u0dpqq 7.0 7597333540eda537bd42c0a17d4a6526ad247a2e 2012/05/06 22:04:33 11570 records - OKdwwlku9v 7.0 867814380363bc6ad605acf4b96e02c54dbd60f7 2012/04/29 22:03:28 15478 records - OKzn7nidtp 7.0 3c04f402d91a19039cb9c223c435dc4ea1bb3da4 2012/04/22 22:05:05 11881 records - OK3f5cdptq 7.0 8d0220a2a50b367e61a51d3b29c2659cde41bb7f 2012/04/15 22:03:29 13578 records - OK60uskbwf 7.0 b79dc6f5832ad390108d1880694ec538e8b34bb0 2012/04/08 22:05:02 14292 records - OK2hrx1bk1 7.0 8ff7cc095c43c2154275b7a54a89bf365e8daf4a 2012/04/01 22:03:24 14084 records - OKwusvly0y 7.0 9502a428b32be4ad08556134e271c9ba03195398 2012/03/25 22:04:43 19126 records - OKuj5y1cme 7.0 28c2fabbc645aff41baac12b911a8499ea163536 2012/03/18 22:03:23 14920 records - OKkbuk6hfc 7.0 86de597ff06e58206f94263f2eef33cb41b2530c 2012/03/11 22:03:25 19017 records - OKzmpd1ovn 7.0 5bd1d666e7c9ca70c34e591dc6c55314ce4b11af 2012/03/04 21:04:32 19691 records - OKc5pou474 7.0 15a9d10c451d2fcf124700f29f557d9bf338e671 2012/02/26 21:03:21 23605 records - OKuxgg0rpp 7.0 5647d941e5358105ca6558dce78873f06c48d5dc 2012/02/19 21:03:45 19067 records - OK4idkbdzp 7.0 c9b2600cb665ce34e0ccd0f19e0a88cd44437f51 2012/02/12 21:04:49 19019 records - OKsenpbwkw 7.0 9df2e129e78a9d9ab491186da1329c1dd1190e17 2012/02/05 21:05:25 28028 records - OK5dge7qmy 7.0 b69b9504a51b8777b8e95a4680dc8ac1d8d8c25d 2012/01/29 21:08:41 29444 records - OKgq8olt25 7.0 3d7431bdee1a22d6329e017f348db7760f2645ac 2012/01/23 02:22:13 19353 records - OKts4vjrbl 7.0 e04570f78fb00d758abdf77c534a460980e102c0 2012/01/15 21:12:31 20747 records - OKmd0w92v1 7.0 2de2479b112c4416e2375343f57ca789b042aecc 2012/01/08 21:04:30 28052 records - OK3jdosabx 7.0 c4bd9612ff1f71d8bd23b4f1bc114eed1ae2ee6b 2012/01/01 21:04:40 12183 records - OKpqrn25km 7.0 28b1d218ade8f05fdc8550c7456ac3b74f705208 2011/12/25 21:03:33 19984 records - OKq66r8rp5 7.0 539e41e8f3d97a6f347600c7cef903d9f34e0518 2011/12/18 21:08:45 22627 records - OKtg6afcyk 7.0 f8e81968965f555bce0d02fc9933fee840b97aaf 2011/12/12 14:20:22 49580 records - OKnhz50bw5 7.0 14751e0f442bba3efc08ee12d82a2815c61cfeb6 2011/12/04 02:00:00 45195 records - OK0oao9ybr 7.0 5bc1f5e30792d018658f2dcdb35fc0bcbdcf4e1e 2011/12/04 01:00:00 171075 records - OK72bqybon 7.0 0f948a7d416c556bfc8a8be2c2c39f998fee6d9e 2011/12/04 00:00:00 170820 records - OKvz1bijda 7.0 9357c3cc73a4a374346a678f197daa22496c7ae5 2011/12/03 23:00:00 171279 records - OK9ky53qsk 7.0 ae56b06b3d6f1e13c5f10cce4ed68f2cccbf3298 2011/12/03 22:00:00 170253 records - OKevutvfnk 7.0 fdaab5c1079d02c94f20d07c39d638cad79d8771 2011/12/03 21:00:00 170291 records - OK9wgs10jp 7.0 b59d8841e65d7670b2aae7f2b65734269f6c4fe3 2011/12/03 20:00:00 170501 records - OKhw0bbm8g 7.0 3946b1d195434cf7a70d144da71c87559475c58f 2011/12/03 19:00:00 353582 records - OKerhrr0a1 7.0 8df4695f74ea5949551df6044720694e204b13d7 2011/12/03 18:00:00 852776 records - OKsni6aqxc 7.0 26ec3c7918125b3887aece02a889e2a605a427b3 2013/01/01 18:10:57 785 records - OKi0seglip 7.0 cfbe9cf43615f7856e4c35f0fc02e2baf12e39e7 2012/12/16 21:14:14 1725 records - OKil9gczgy 7.0 047694e79b1a8d295f27ea9c6565062404f84a57 2012/11/11 21:12:52 2050 records - OKjcjydt6v 7.0 f3413603f4ee1c88018a78c1f6faf2abeb8fa8c1 2012/09/23 22:13:14 1456 records - OKi16libsy 7.0 8871f579eeb7e5e7b70c6dd898afd27391d7daf4 2012/06/24 22:12:36 1421 records - OKfmygzlo9 7.0 3ee43130fe7fec4b367a791892a444d0a791b29b 2012/03/25 22:12:30 1385 records - OKx0x8egvs 7.0 fddc5d687537580c7166dbf117d591593bc62261 2012/01/22 22:56:09 1653 records - OKr3utp6kk 7.0 63f8e4864730a8014f1ac0fe810745fa7e0fb4d8 2013/01/01 18:10:45 1215 records - OKlghp8ppe 7.0 cdf3a9d2dcab57f90c378d9eefacbfd358a42699 2012/12/09 21:23:23 1620 records - OKec23fubw 7.0 c0726ba000e840272f0810b89051e6daa8799084 2012/11/04 21:23:16 1658 records - OK9fnm37mb 7.0 216611859de0125bf130d6324d43c9115cb05def 2012/10/07 22:23:20 1465 records - OKppz31w63 7.0 264c14ad60c4423ec292f5f8b182e4448504dfa9 2012/09/09 22:23:14 1588 records - OKa2v624wd 7.0 33197bfe9efefa9db33725d240757103c625b601 2012/07/22 22:22:36 1702 records - OK1s48t9jt 7.0 74d8e114edb84b95bc09d5a2a36191d15a61e2cb 2012/06/10 22:22:36 1659 records - OKg6iy9kbo 7.0 79ca8239f310688d2b9c314fa3d738a34985cce3 2012/04/29 22:22:34 1670 records - OKrmt0aykz 7.0 aac27e986e3731e5260cb76f5b14558e36660dec 2012/03/11 22:22:28 1729 records - OKe5pmvbxw 7.0 fa5c96b8be693a20c2a295e3545419e6f117fdc4 2012/01/29 21:23:00 1523 records - OK3s02dm22 7.0 e9b21e0a3578ef2e2067f4876309671ddc78f65f 2011/12/18 21:22:29 1805 records - OK0i9s83yd 7.0 8f7a8f6f55130f6becc5331ab38dc2108746b8aa 2011/12/03 17:00:00 26456 records - OKzufndlbt 7.0 e6d52b11d2f7d405ccd31347da3b6fde69825168 2011/12/03 16:00:00 74279 records - OK1j9lq59x 7.0 e20ffde4bbc58e0585b0b3b2f324bc91272c2360 2011/12/03 15:00:00 1 record - OKTotal records count: 3527078Anti-rootkit module version (API 5.00 / 5.00)Using c:\documents and settings\michael senff\local settings\temp\8CD95628-6839BAB8-8251CD28-34F710F0\bgbjacyk.key as Dr.Web ® Key fileThis Dr.Web ® Key is for 1 computer (A User)=============================================================================Dr.Web Scanner SE for Windows v7.0.100.12030© Doctor Web, Ltd., 1992-2012Scan session started 2013/01/01 20:09:02Module location : c:\documents and settings\michael senff\local settings\temp\9F31666D-D4A2DF9D-836AF6A9-BE2689FB\=============================================================================OPTION [Automatic Apply Actions] NOOPTION [Turn Off Computer After Scan] NOOPTION [use Sound Alerts] NOOPTION [block Network] NOOPTION [Protect Process] NOOPTION [Protect Raw Disk] NOUsing language: "English"=============================================================================Dr.Web Scanner SE for Windows v7.0.100.12030© Doctor Web, Ltd., 1992-2012Scan session started 2013/01/01 20:09:32Module location : c:\documents and settings\michael senff\local settings\temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\=============================================================================OPTION [Automatic Apply Actions] NOOPTION [Turn Off Computer After Scan] NOOPTION [use Sound Alerts] NOOPTION [block Network] NOOPTION [Protect Process] NOOPTION [Protect Raw Disk] NOUsing language: "English"Available instances: 6Instances used: 6Platform: Windows XP Home x86 (Build 2600), Service Pack 3API Version: 2.2Scanning Engine version: 8.0.1.11280Virus Finding Engine version: 7.0.4.9250Total 89 virus bases are loaded from c:\documents and settings\michael senff\local settings\temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891Bvd2yjdma 7.0 9015eded52680399ec1df18349ecbcd74f613b02 2013/01/01 18:10:28 908 records - OKneisoa6b 7.0 f5d1425097a34628f8d752212dabf9732d209c98 2011/07/25 09:20:03 1 record - OKpnsktmnf 7.0 4c38b4db39d5be63a02c898d2438b6c04405a48f 2013/01/01 13:02:18 3916 records - OKt7pfoqgj 7.0 805b6089c867549c75f843eac96b759c3f8d101f 2012/12/30 21:05:41 18184 records - OKysjt6e70 7.0 c12a817c1f95bb9fd8238ef0d5f68868a8d95686 2012/12/23 21:05:33 30183 records - OKdcjtn7qk 7.0 33def496782eb5b7b1cc93fdb036a1b62fa6a2fd 2012/12/16 21:06:21 25519 records - OKnts2jtjx 7.0 422abae03c588822f412aa9aae50578a1d61737e 2012/12/09 21:05:04 20358 records - OKn6nzvpdy 7.0 a4f0d0ecad4fb6e0afdb1925f4e0b7863b9d03fa 2012/12/02 21:06:19 20133 records - OKrciabzrq 7.0 86daa918ee3de1e4c1e5dea6f9b5f63544cf8814 2012/11/25 21:05:22 27311 records - OKkxx242nk 7.0 6556881c748e1f894eb9c7943ebae67017e1aec2 2012/11/18 21:06:09 29434 records - OK0tc4jzi6 7.0 559141ef34f9e6226bb58560e9b52e4cc5165150 2012/11/11 21:06:22 26900 records - OKcur0kazg 7.0 cc55013e63ff89319ec772e34d77056c7108cd3b 2012/11/04 21:05:22 25164 records - OK05oqcdxs 7.0 f477dc247d9b562bb64fd4f46a7dcbdf7124eb60 2012/10/28 22:06:37 30226 records - OKndrb99tv 7.0 abaf5f7fda7308fcf7573b193bbf2116723e9802 2012/10/21 22:04:37 16441 records - OKjet4em2a 7.0 5adc85528fb49e201d4bc61eca580d6839cc4a4c 2012/10/14 22:05:04 26289 records - OKg022mtpl 7.0 da8cf3fbd81206bb3d8103347a439f920a74bbe2 2012/10/07 22:05:51 27278 records - OKdedkzu0s 7.0 5988744d3cb357f1a013427d466e2d79ab5f8907 2012/09/30 22:05:11 17444 records - OKn18t5qzi 7.0 d4a0dabf4a4df0f79805c6ccdc025f796765e786 2012/09/23 22:06:30 21205 records - OK5i4lciua 7.0 82ed005784d9e258213070a0cd8bfceff345018d 2012/09/16 22:05:43 11686 records - OKba0jf7bz 7.0 a95ae63004b8d857c2db055f4e47c15bfc97f626 2012/09/09 22:04:34 12677 records - OK7knz0vya 7.0 c39bf233d25242ae9ed8cf204b9b788c8f45ab79 2012/09/02 22:05:28 10118 records - OK2c3cc7bp 7.0 d37b5484b009947b7cdd3837dafe8148615401c2 2012/08/26 22:05:26 12602 records - OKlaz4svn3 7.0 41bf1347794ab7060dec7aaecc1d1d95cf6fecb5 2012/08/19 22:04:05 18298 records - OK00zstied 7.0 1a997511e5892aaeb69b3db70e06676af36382e3 2012/08/12 22:05:19 17126 records - OKz7inloz3 7.0 f7226c59914e3683e538e668c3b664af3232654d 2012/08/05 22:03:53 20539 records - OK13cbkgyc 7.0 4035c8d3b617bf935a317a8c57efaa8e835a61f4 2012/07/29 22:05:26 19330 records - OK4blf9nhz 7.0 09b55bc000f184ed426f1d8b9665669346fe5e71 2012/07/22 22:05:34 19692 records - OKgz065ne2 7.0 f746c097f298e94faa9db94e6f64ef9fd4a7b010 2012/07/15 22:05:43 14727 records - OKng6y0ln0 7.0 792a6a25a17e764390440cd4c2c6ca5a97ab162f 2012/07/08 22:04:33 19485 records - OKjae4x1dz 7.0 ca9905c39e3d93428a4db65a192debe9fbd7acf7 2012/07/01 22:04:55 22898 records - OKon8w4e4q 7.0 dc29c610b866c66ba5327e7830452b2460149a35 2012/06/24 22:05:17 20551 records - OKm1cnqcni 7.0 c28739bea153508d12942ac9a61abd475d0a0404 2012/06/17 22:03:35 9661 records - OKbsxqi1u9 7.0 e5b5835a7c512120c5348e31483a4caa2a845d28 2012/06/10 22:04:32 23632 records - OKsg7ay0yu 7.0 61853ce89026ef0ebbd80174f1b7dd5d25bbc63a 2012/06/03 22:04:41 12423 records - OKszyb64sl 7.0 4e6c9897e153b47ca97b7da48ceed23e555a7761 2012/05/27 22:04:26 15493 records - OKa3of1pu2 7.0 35f4c105cecd8ec1fd01714abebf30f8f3efb96e 2012/05/20 22:03:29 13065 records - OKi99csduf 7.0 3522aa84677411aa7d67796bb05ea3ab62f02a71 2012/05/13 22:04:24 16238 records - OKr2u0dpqq 7.0 7597333540eda537bd42c0a17d4a6526ad247a2e 2012/05/06 22:04:33 11570 records - OKdwwlku9v 7.0 867814380363bc6ad605acf4b96e02c54dbd60f7 2012/04/29 22:03:28 15478 records - OKzn7nidtp 7.0 3c04f402d91a19039cb9c223c435dc4ea1bb3da4 2012/04/22 22:05:05 11881 records - OK3f5cdptq 7.0 8d0220a2a50b367e61a51d3b29c2659cde41bb7f 2012/04/15 22:03:29 13578 records - OK60uskbwf 7.0 b79dc6f5832ad390108d1880694ec538e8b34bb0 2012/04/08 22:05:02 14292 records - OK2hrx1bk1 7.0 8ff7cc095c43c2154275b7a54a89bf365e8daf4a 2012/04/01 22:03:24 14084 records - OKwusvly0y 7.0 9502a428b32be4ad08556134e271c9ba03195398 2012/03/25 22:04:43 19126 records - OKuj5y1cme 7.0 28c2fabbc645aff41baac12b911a8499ea163536 2012/03/18 22:03:23 14920 records - OKkbuk6hfc 7.0 86de597ff06e58206f94263f2eef33cb41b2530c 2012/03/11 22:03:25 19017 records - OKzmpd1ovn 7.0 5bd1d666e7c9ca70c34e591dc6c55314ce4b11af 2012/03/04 21:04:32 19691 records - OKc5pou474 7.0 15a9d10c451d2fcf124700f29f557d9bf338e671 2012/02/26 21:03:21 23605 records - OKuxgg0rpp 7.0 5647d941e5358105ca6558dce78873f06c48d5dc 2012/02/19 21:03:45 19067 records - OK4idkbdzp 7.0 c9b2600cb665ce34e0ccd0f19e0a88cd44437f51 2012/02/12 21:04:49 19019 records - OKsenpbwkw 7.0 9df2e129e78a9d9ab491186da1329c1dd1190e17 2012/02/05 21:05:25 28028 records - OK5dge7qmy 7.0 b69b9504a51b8777b8e95a4680dc8ac1d8d8c25d 2012/01/29 21:08:41 29444 records - OKgq8olt25 7.0 3d7431bdee1a22d6329e017f348db7760f2645ac 2012/01/23 02:22:13 19353 records - OKts4vjrbl 7.0 e04570f78fb00d758abdf77c534a460980e102c0 2012/01/15 21:12:31 20747 records - OKmd0w92v1 7.0 2de2479b112c4416e2375343f57ca789b042aecc 2012/01/08 21:04:30 28052 records - OK3jdosabx 7.0 c4bd9612ff1f71d8bd23b4f1bc114eed1ae2ee6b 2012/01/01 21:04:40 12183 records - OKpqrn25km 7.0 28b1d218ade8f05fdc8550c7456ac3b74f705208 2011/12/25 21:03:33 19984 records - OKq66r8rp5 7.0 539e41e8f3d97a6f347600c7cef903d9f34e0518 2011/12/18 21:08:45 22627 records - OKtg6afcyk 7.0 f8e81968965f555bce0d02fc9933fee840b97aaf 2011/12/12 14:20:22 49580 records - OKnhz50bw5 7.0 14751e0f442bba3efc08ee12d82a2815c61cfeb6 2011/12/04 02:00:00 45195 records - OK0oao9ybr 7.0 5bc1f5e30792d018658f2dcdb35fc0bcbdcf4e1e 2011/12/04 01:00:00 171075 records - OK72bqybon 7.0 0f948a7d416c556bfc8a8be2c2c39f998fee6d9e 2011/12/04 00:00:00 170820 records - OKvz1bijda 7.0 9357c3cc73a4a374346a678f197daa22496c7ae5 2011/12/03 23:00:00 171279 records - OK9ky53qsk 7.0 ae56b06b3d6f1e13c5f10cce4ed68f2cccbf3298 2011/12/03 22:00:00 170253 records - OKevutvfnk 7.0 fdaab5c1079d02c94f20d07c39d638cad79d8771 2011/12/03 21:00:00 170291 records - OK9wgs10jp 7.0 b59d8841e65d7670b2aae7f2b65734269f6c4fe3 2011/12/03 20:00:00 170501 records - OKhw0bbm8g 7.0 3946b1d195434cf7a70d144da71c87559475c58f 2011/12/03 19:00:00 353582 records - OKerhrr0a1 7.0 8df4695f74ea5949551df6044720694e204b13d7 2011/12/03 18:00:00 852776 records - OKsni6aqxc 7.0 26ec3c7918125b3887aece02a889e2a605a427b3 2013/01/01 18:10:57 785 records - OKi0seglip 7.0 cfbe9cf43615f7856e4c35f0fc02e2baf12e39e7 2012/12/16 21:14:14 1725 records - OKil9gczgy 7.0 047694e79b1a8d295f27ea9c6565062404f84a57 2012/11/11 21:12:52 2050 records - OKjcjydt6v 7.0 f3413603f4ee1c88018a78c1f6faf2abeb8fa8c1 2012/09/23 22:13:14 1456 records - OKi16libsy 7.0 8871f579eeb7e5e7b70c6dd898afd27391d7daf4 2012/06/24 22:12:36 1421 records - OKfmygzlo9 7.0 3ee43130fe7fec4b367a791892a444d0a791b29b 2012/03/25 22:12:30 1385 records - OKx0x8egvs 7.0 fddc5d687537580c7166dbf117d591593bc62261 2012/01/22 22:56:09 1653 records - OKr3utp6kk 7.0 63f8e4864730a8014f1ac0fe810745fa7e0fb4d8 2013/01/01 18:10:45 1215 records - OKlghp8ppe 7.0 cdf3a9d2dcab57f90c378d9eefacbfd358a42699 2012/12/09 21:23:23 1620 records - OKec23fubw 7.0 c0726ba000e840272f0810b89051e6daa8799084 2012/11/04 21:23:16 1658 records - OK9fnm37mb 7.0 216611859de0125bf130d6324d43c9115cb05def 2012/10/07 22:23:20 1465 records - OKppz31w63 7.0 264c14ad60c4423ec292f5f8b182e4448504dfa9 2012/09/09 22:23:14 1588 records - OKa2v624wd 7.0 33197bfe9efefa9db33725d240757103c625b601 2012/07/22 22:22:36 1702 records - OK1s48t9jt 7.0 74d8e114edb84b95bc09d5a2a36191d15a61e2cb 2012/06/10 22:22:36 1659 records - OKg6iy9kbo 7.0 79ca8239f310688d2b9c314fa3d738a34985cce3 2012/04/29 22:22:34 1670 records - OKrmt0aykz 7.0 aac27e986e3731e5260cb76f5b14558e36660dec 2012/03/11 22:22:28 1729 records - OKe5pmvbxw 7.0 fa5c96b8be693a20c2a295e3545419e6f117fdc4 2012/01/29 21:23:00 1523 records - OK3s02dm22 7.0 e9b21e0a3578ef2e2067f4876309671ddc78f65f 2011/12/18 21:22:29 1805 records - OK0i9s83yd 7.0 8f7a8f6f55130f6becc5331ab38dc2108746b8aa 2011/12/03 17:00:00 26456 records - OKzufndlbt 7.0 e6d52b11d2f7d405ccd31347da3b6fde69825168 2011/12/03 16:00:00 74279 records - OK1j9lq59x 7.0 e20ffde4bbc58e0585b0b3b2f324bc91272c2360 2011/12/03 15:00:00 1 record - OKTotal records count: 3527078Anti-rootkit module version (API 5.00 / 5.00)Using c:\documents and settings\michael senff\local settings\temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\bgbjacyk.key as Dr.Web ® Key fileThis Dr.Web ® Key is for 1 computer (A User)-----------------------------------------------------------------------------Start scanning-----------------------------------------------------------------------------Command line used:-rpcep:\pipe\1C7BE5A87 -rpcpr:np /protmodeObject(s) to scan: - Scan processes in memory - Scan boot sectors - Scan startup directory - Scanning for rootkits - C:\AUTOEXEC.BAT - C:\boot.ini - C:\CONFIG.SYS - C:\csb.log - C:\end - C:\extensions.sqlite - C:\Install.log - C:\IO.SYS - C:\MSDOS.SYS - C:\NTDETECT.COM - C:\ntldr - C:\pagefile.sys - C:\RHDSetup.log - C:\TDSSKiller.2.8.15.0_01.01.2013_19.39.23_log.txt - C:\WINDOWS\system32\ - C:\Documents and Settings\Michael Senff\My Documents\ - C:\WINDOWS\TEMP\ - C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\System Process - file not foundc:\program files\nvidia corporation\nvidia update core\daemonu.exe - Okc:\program files\intel\intel® management engine components\uns\uns.exe - Okc:\program files\common files\avg secure search\vtoolbarupdater\13.2.0\toolbarupdater.exe - Okc:\windows\system32\smss.exe - Ok>c:\windows\rthdcpl.exe is BINARYRES containerc:\windows\rthdcpl.exe - containerc:\windows\system32\csrss.exe - Okc:\windows\system32\winlogon.exe - Okc:\windows\system32\services.exe - Okc:\windows\system32\lsass.exe - Okc:\windows\system32\svchost.exe - Okc:\program files\microsoft security client\msseces.exe - Okc:\windows\system32\alg.exe - Okc:\program files\microsoft security client\msmpeng.exe - Okc:\program files\avg secure search\vprot.exe - Okc:\windows\system32\spoolsv.exe - Okc:\windows\explorer.exe - Okc:\windows\system32\wscntfy.exe - Okc:\program files\intel\intel® management engine components\lms\lms.exe - Okc:\windows\system32\nvsvc32.exe - Okc:\windows\system32\rundll32.exe - Okc:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\6qpfy1g7.exe - Okc:\program files\mozilla firefox\firefox.exe - Okc:\windows\system32\ctfmon.exe - Ok>c:\program files\pando networks\media booster\pmb.exe is ZLIB containerc:\program files\pando networks\media booster\pmb.exe - container>c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\h35pdxp9.exe is BINARYRES containerc:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\h35pdxp9.exe - containerc:\windows\system32\wbem\wmiprvse.exe - Ok>c:\documents and settings\michael senff\my documents\downloads\drweb-cureit.exe is BINARYRES container>>c:\documents and settings\michael senff\my documents\downloads\drweb-cureit.exe\data001 - packed by BINARYRES>>c:\documents and settings\michael senff\my documents\downloads\drweb-cureit.exe\data002 - packed by BINARYRESc:\documents and settings\michael senff\my documents\downloads\drweb-cureit.exe - containerc:\documents and settings\michael senff\my documents\downloads\drweb-cureit.exe:Zone.Identifier - Okc:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\ggv5nwpp.exe - Okc:\windows\system32\ntdll.dll - Ok>c:\windows\system32\xpsp2res.dll is BINARYRES container>>c:\windows\system32\xpsp2res.dll\data001 is JS-HTML container>>c:\windows\system32\xpsp2res.dll\data002 is JS-HTML container>>c:\windows\system32\xpsp2res.dll\data003 is JS-HTML container>>c:\windows\system32\xpsp2res.dll\data004 is JS-HTML containerc:\windows\system32\xpsp2res.dll - containerc:\windows\system32\winhttp.dll - Okc:\windows\system32\uxtheme.dll - Okc:\windows\system32\netapi32.dll - Okc:\windows\system32\comctl32.dll - Okc:\windows\system32\hnetcfg.dll - Okc:\windows\system32\rsaenh.dll - Okc:\windows\system32\dssenh.dll - Okc:\windows\system32\mswsock.dll - Okc:\windows\system32\wshtcpip.dll - Okc:\windows\system32\ws2help.dll - Okc:\windows\system32\ws2_32.dll - Okc:\windows\system32\samlib.dll - Okc:\windows\system32\imm32.dll - Okc:\windows\system32\schannel.dll - Okc:\windows\system32\userenv.dll - Okc:\windows\system32\psapi.dll - Okc:\windows\system32\wintrust.dll - Okc:\windows\system32\imagehlp.dll - Okc:\windows\system32\iphlpapi.dll - Okc:\windows\system32\dnsapi.dll - Okc:\windows\system32\wldap32.dll - Ok>c:\windows\system32\winrnr.dll - packed by FLY-CODEc:\windows\system32\winrnr.dll - Okc:\windows\system32\rasadhlp.dll - Okc:\windows\system32\clbcatq.dll - Okc:\windows\system32\comres.dll - Okc:\windows\system32\oleaut32.dll - Okc:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Ok>c:\windows\system32\ole32.dll is BINARYRES containerc:\windows\system32\ole32.dll - containerc:\windows\system32\ntmarta.dll - Okc:\windows\system32\crypt32.dll - Okc:\windows\system32\msasn1.dll - Okc:\windows\system32\version.dll - Okc:\windows\system32\msvcrt.dll - Okc:\windows\system32\advapi32.dll - Okc:\windows\system32\rpcrt4.dll - Okc:\windows\system32\gdi32.dll - Okc:\windows\system32\shlwapi.dll - Okc:\windows\system32\secur32.dll - Okc:\windows\system32\kernel32.dll - Ok>c:\windows\system32\shell32.dll is BINARYRES container>>c:\windows\system32\shell32.dll\data001 is JS-HTML containerc:\windows\system32\shell32.dll - containerc:\windows\system32\user32.dll - Okc:\windows\system32\sxs.dll - Okc:\program files\intel\intel® management engine components\uns\statusstrings.dll - Okc:\program files\intel\intel® management engine components\uns\xerces-c_2_7.dll - Okc:\windows\system32\wsock32.dll - Ok>c:\windows\system32\setupapi.dll - packed by BINARYRES>>c:\windows\system32\setupapi.dll - packed by MS COMPRESSc:\windows\system32\setupapi.dll - Okc:\windows\system32\normaliz.dll - Okc:\windows\system32\wininet.dll - Okc:\windows\system32\iertutil.dll - Okc:\windows\system32\urlmon.dll - Okc:\windows\system32\mpr.dll - Ok>c:\windows\system32\msacm32.drv - packed by FLY-CODEc:\windows\system32\msacm32.drv - Okc:\windows\system32\wdmaud.drv - Okc:\windows\system32\winspool.drv - Okc:\windows\system32\ksuser.dll - Okc:\windows\system32\dsound.dll - Okc:\windows\system32\msctf.dll - Okc:\windows\system32\msctfime.ime - Okc:\windows\system32\comdlg32.dll - Okc:\windows\system32\winmm.dll - Okc:\windows\system32\midimap.dll - Okc:\windows\system32\msacm32.dll - Okc:\windows\system32\hhctrl.ocx - Okc:\windows\system32\csrsrv.dll - Okc:\windows\system32\basesrv.dll - Okc:\windows\system32\winsrv.dll - Okc:\windows\system32\odbcint.dll - Okc:\windows\system32\dimsntfy.dll - Okc:\windows\system32\winscard.dll - Okc:\windows\system32\odbc32.dll - Okc:\windows\system32\profmap.dll - Ok>c:\windows\system32\nddeapi.dll - packed by FLY-CODEc:\windows\system32\nddeapi.dll - Okc:\windows\system32\wlnotify.dll - Okc:\windows\system32\msgina.dll - Ok>c:\windows\system32\winsta.dll - packed by FLY-CODEc:\windows\system32\winsta.dll - Okc:\windows\system32\cscdll.dll - Okc:\windows\system32\cryptdll.dll - Okc:\windows\system32\atl.dll - Okc:\windows\system32\sfc.dll - Okc:\windows\system32\regapi.dll - Okc:\windows\system32\sfc_os.dll - Okc:\windows\system32\mprapi.dll - Okc:\windows\system32\adsldpc.dll - Okc:\windows\system32\rtutils.dll - Okc:\windows\system32\wtsapi32.dll - Okc:\windows\system32\authz.dll - Okc:\windows\system32\shsvcs.dll - Okc:\windows\system32\cscui.dll - Okc:\windows\system32\apphelp.dll - Okc:\windows\system32\msv1_0.dll - Okc:\windows\system32\activeds.dll - Okc:\windows\apppatch\acadproc.dll - Okc:\windows\system32\shimeng.dll - Okc:\windows\system32\ncobjapi.dll - Okc:\windows\system32\cabinet.dll - Okc:\windows\system32\msvcp60.dll - Okc:\windows\system32\eventlog.dll - Okc:\windows\system32\umpnpmgr.dll - Okc:\windows\system32\scesrv.dll - Okc:\windows\system32\msprivs.dll - Okc:\windows\apppatch\acgenral.dll - Okc:\windows\system32\kerberos.dll - Okc:\windows\system32\winipsec.dll - Okc:\windows\system32\pstorsvc.dll - Okc:\windows\system32\psbase.dll - Okc:\windows\system32\ipsecsvc.dll - Okc:\windows\system32\scecli.dll - Okc:\windows\system32\samsrv.dll - Okc:\windows\system32\netlogon.dll - Okc:\windows\system32\lsasrv.dll - Okc:\windows\system32\oakley.dll - Okc:\windows\system32\ntdsapi.dll - Okc:\windows\system32\w32time.dll - Okc:\windows\system32\wdigest.dll - Okc:\windows\system32\icaapi.dll - Okc:\windows\system32\mstlsapi.dll - Okc:\windows\system32\termsrv.dll - Okc:\windows\system32\rpcss.dll - Okc:\program files\microsoft security client\eppmanifest.dll - Okc:\windows\system32\msftedit.dll - Okc:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll - Okc:\program files\microsoft security client\mpclient.dll - Okc:\program files\microsoft security client\sqmapi.dll - Okc:\windows\system32\msxml3.dll - Ok>c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d873c0aa-3bbe-4452-a0dd-17897ba963e0}\mpengine.dll is BINARYRES containerc:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d873c0aa-3bbe-4452-a0dd-17897ba963e0}\mpengine.dll - containerc:\windows\system32\fltlib.dll - Okc:\program files\microsoft security client\mpsvc.dll - Okc:\program files\microsoft security client\mprtp.dll - Okc:\windows\system32\wbem\wmiprvsd.dll - Okc:\windows\system32\dot3api.dll - Okc:\windows\system32\wscsvc.dll - Okc:\windows\system32\wuauserv.dll - Okc:\windows\system32\wuaueng.dll - Okc:\windows\system32\unimdm.tsp - Okc:\windows\system32\ndptsp.tsp - Okc:\windows\system32\kmddsp.tsp - Okc:\windows\system32\ipconf.tsp - Okc:\windows\system32\hidphone.tsp - Okc:\windows\system32\h323.tsp - Okc:\windows\system32\wbem\wmisvc.dll - Okc:\windows\system32\qmgr.dll - Okc:\windows\system32\onex.dll - Okc:\windows\system32\eappprxy.dll - Okc:\windows\system32\wbem\ncprov.dll - Okc:\windows\system32\mspatcha.dll - Okc:\windows\system32\esent.dll - Okc:\windows\system32\mfcsubs.dll - Okc:\windows\system32\advpack.dll - Okc:\windows\system32\ipnathlp.dll - Okc:\windows\system32\hid.dll - Okc:\windows\system32\catsrvut.dll - Okc:\windows\system32\catsrv.dll - Okc:\windows\system32\audiosrv.dll - Ok>c:\windows\system32\uniplat.dll - packed by FLY-CODEc:\windows\system32\uniplat.dll - Okc:\windows\system32\rasppp.dll - Okc:\windows\system32\sensapi.dll - Okc:\windows\system32\sens.dll - Okc:\windows\system32\ntlsapi.dll - Okc:\windows\system32\qutil.dll - Okc:\windows\system32\eapolqec.dll - Okc:\windows\system32\rasqec.dll - Okc:\windows\system32\wzcsapi.dll - Okc:\windows\system32\tapisrv.dll - Okc:\windows\system32\dot3dlg.dll - Okc:\windows\system32\seclogon.dll - Okc:\windows\system32\wbem\wbemcons.dll - Okc:\windows\system32\eappcfg.dll - Okc:\windows\system32\powrprof.dll - Okc:\windows\system32\wbem\wbemsvc.dll - Okc:\windows\system32\ssdpapi.dll - Okc:\windows\pchealth\helpctr\binaries\pchsvc.dll - Okc:\windows\system32\msidle.dll - Okc:\windows\system32\ersvc.dll - Okc:\windows\system32\wbem\wmiutils.dll - Okc:\windows\system32\trkwks.dll - Okc:\windows\system32\srvsvc.dll - Okc:\windows\system32\resutils.dll - Okc:\windows\system32\mtxclu.dll - Okc:\windows\system32\colbact.dll - Okc:\windows\system32\srsvc.dll - Okc:\windows\system32\wbem\repdrvfs.dll - Okc:\windows\system32\wbem\wbemcomn.dll - Okc:\windows\system32\wbem\esscli.dll - Okc:\windows\system32\wbem\wbemess.dll - Okc:\windows\system32\vssapi.dll - Okc:\windows\system32\cryptui.dll - Okc:\windows\system32\netcfgx.dll - Okc:\windows\system32\wbem\fastprox.dll - Okc:\windows\system32\rastapi.dll - Okc:\windows\system32\cryptnet.dll - Okc:\windows\system32\wbem\wbemcore.dll - Okc:\windows\system32\netshell.dll - Okc:\windows\system32\comsvcs.dll - Okc:\windows\system32\shfolder.dll - Okc:\windows\system32\rasdlg.dll - Okc:\windows\system32\rastls.dll - Okc:\windows\system32\raschap.dll - Okc:\windows\system32\credui.dll - Okc:\windows\system32\cryptsvc.dll - Okc:\windows\system32\clusapi.dll - Okc:\windows\system32\wmi.dll - Okc:\windows\system32\browser.dll - Okc:\windows\system32\upnp.dll - Okc:\windows\system32\wkssvc.dll - Okc:\windows\system32\rasman.dll - Okc:\windows\system32\tapi32.dll - Okc:\windows\system32\rasapi32.dll - Okc:\windows\system32\schedsvc.dll - Okc:\windows\system32\es.dll - Okc:\windows\system32\certcli.dll - Okc:\windows\system32\netman.dll - Okc:\windows\system32\msi.dll - Okc:\windows\system32\dhcpcsvc.dll - Okc:\windows\system32\wzcsvc.dll - Okc:\windows\system32\rasmans.dll - Okc:\windows\system32\dnsrslvr.dll - Okc:\windows\system32\lmhsvc.dll - Okc:\windows\system32\ssdpsrv.dll - Okc:\program files\common files\avg secure search\sitesafetyinstaller\13.2.0\sitesafety.dll - Okc:\program files\common files\avg secure search\dntinstaller\13.2.0\avgdttbx.dll - Okc:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll - Okc:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll - Okc:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - Okc:\windows\system32\netrap.dll - Okc:\windows\system32\usbmon.dll - Okc:\windows\system32\tcpmon.dll - Ok>c:\windows\system32\pjlmon.dll - packed by FLY-CODEc:\windows\system32\pjlmon.dll - Okc:\windows\system32\cnbjmon.dll - Okc:\windows\system32\spoolss.dll - Okc:\windows\system32\inetpp.dll - Okc:\windows\system32\localspl.dll - Okc:\windows\system32\win32spl.dll - Okc:\windows\system32\webclnt.dll - Okc:\windows\system32\webcheck.dll - Okc:\windows\system32\ieframe.dll - Okc:\windows\system32\themeui.dll - Okc:\windows\system32\wzcdlg.dll - Okc:\windows\system32\msutb.dll - Okc:\windows\system32\duser.dll - Ok>c:\windows\system32\browselc.dll is BINARYRES container>>c:\windows\system32\browselc.dll\data004 is JS-HTML container>>c:\windows\system32\browselc.dll\data008 is JS-HTML container>>c:\windows\system32\browselc.dll\data012 is JS-HTML container>>c:\windows\system32\browselc.dll\data013 is ZLIB containerc:\windows\system32\browselc.dll - container>c:\windows\system32\shdoclc.dll is BINARYRES container>>c:\windows\system32\shdoclc.dll\data001 is JS-HTML container>>c:\windows\system32\shdoclc.dll\data002 is JS-HTML container>>c:\windows\system32\shdoclc.dll\data003 is JS-HTML container>>c:\windows\system32\shdoclc.dll\data004 is JS-HTML container>>c:\windows\system32\shdoclc.dll\data005 is JS-HTML container>>c:\windows\system32\shdoclc.dll\data006 is JS-HTML containerc:\windows\system32\shdoclc.dll - containerc:\windows\system32\ntlanman.dll - Okc:\windows\system32\netui1.dll - Okc:\windows\system32\netui0.dll - Okc:\windows\system32\batmeter.dll - Okc:\windows\system32\mlang.dll - Okc:\windows\system32\drprov.dll - Okc:\windows\system32\davclnt.dll - Okc:\windows\system32\browseui.dll - Okc:\windows\system32\stobject.dll - Okc:\windows\system32\msimg32.dll - Ok>c:\windows\system32\linkinfo.dll - packed by FLY-CODEc:\windows\system32\linkinfo.dll - Okc:\windows\system32\ntshrui.dll - Okc:\windows\system32\shdocvw.dll - Okc:\windows\system32\nvapi.dll - Okc:\program files\nvidia corporation\update common\nvupdt.dll - Okc:\program files\nvidia corporation\update common\easydaemonapiu.dll - Okc:\program files\nvidia corporation\update common\nvupdtr.dll - Okc:\windows\system32\nvmctray.dll - Okc:\windows\system32\oleacc.dll - Ok>c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\3jjqtynh.dll is BINARYRES container>>c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\3jjqtynh.dll\data003 - packed by BINARYRES>>c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\3jjqtynh.dll\data004 - packed by BINARYRESc:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\3jjqtynh.dll - containerc:\windows\system32\odbcbcp.dll - Okc:\windows\system32\pdh.dll - Okc:\program files\mozilla firefox\nspr4.dll - Okc:\program files\mozilla firefox\plc4.dll - Okc:\program files\mozilla firefox\plds4.dll - Okc:\program files\mozilla firefox\mozalloc.dll - Okc:\program files\mozilla firefox\mozjs.dll - Okc:\program files\mozilla firefox\nssutil3.dll - Okc:\program files\mozilla firefox\nss3.dll - Okc:\program files\mozilla firefox\smime3.dll - Okc:\program files\mozilla firefox\ssl3.dll - Okc:\program files\mozilla firefox\mozsqlite3.dll - Okc:\program files\mozilla firefox\gkmedias.dll - Okc:\program files\mozilla firefox\xul.dll - Okc:\program files\mozilla firefox\xpcom.dll - Okc:\program files\mozilla firefox\components\browsercomps.dll - Okc:\program files\mozilla firefox\softokn3.dll - Okc:\program files\mozilla firefox\nssdbm3.dll - Okc:\program files\mozilla firefox\freebl3.dll - Okc:\program files\mozilla firefox\nssckbi.dll - Okc:\program files\mozilla firefox\mozglue.dll - Okc:\windows\system32\d3d9.dll - Okc:\windows\system32\dbghelp.dll - Okc:\program files\microsoft security client\mpoav.dll - Okc:\windows\system32\feclient.dll - Okc:\windows\system32\d3d8thk.dll - Okc:\windows\system32\mscms.dll - Okc:\windows\system32\t2embed.dll - Okc:\windows\system32\lz32.dll - Okc:\windows\system32\usp10.dll - Okc:\program files\mozilla firefox\msvcp100.dll - Okc:\program files\mozilla firefox\msvcr100.dll - Ok>c:\program files\pando networks\media booster\plc4.dll - packed by FLY-CODEc:\program files\pando networks\media booster\plc4.dll - Okc:\program files\pando networks\media booster\bugsplat.dll - Okc:\program files\pando networks\media booster\plds4.dll - Okc:\program files\pando networks\media booster\nss3.dll - Okc:\program files\pando networks\media booster\softokn3.dll - Okc:\program files\pando networks\media booster\ssl3.dll - Okc:\program files\pando networks\media booster\smime3.dll - Okc:\program files\pando networks\media booster\freebl3.dll - Okc:\program files\pando networks\media booster\nspr4.dll - Okc:\windows\system32\perfctrs.dll - Okc:\windows\system32\icmp.dll - Okc:\program files\pando networks\media booster\microsoft.vc90.crt\msvcp90.dll - Okc:\program files\pando networks\media booster\microsoft.vc90.crt\msvcr90.dll - Okc:\windows\system32\wbem\wbemprox.dll - Okc:\windows\system32\wbem\cimwin32.dll - Okc:\windows\system32\perfos.dll - Okc:\windows\system32\wbem\framedyn.dll - Okc:\windows\system32\security.dll - Okc:\windows\system32\mstask.dll - Ok Link to post Share on other sites More sharing options...
MicQsenoch Posted January 2, 2013 Author ID:629503 Share Posted January 2, 2013 c:\documents and settings\updatususer\start menu\programs\startup\desktop.ini - Okc:\documents and settings\michael senff\start menu\programs\startup\desktop.ini - Okc:\windows\system32\config\systemprofile\start menu\programs\startup\desktop.ini - Okc:\documents and settings\default user\start menu\programs\startup\desktop.ini - Okc:\documents and settings\all users\start menu\programs\startup\desktop.ini - Okc:\windows\system32\dot3cfg.dll - Okc:\windows\system32\napmontr.dll - Okc:\windows\system32\fwcfg.dll - Okc:\windows\system32\hnetmon.dll - Okc:\windows\system32\dgnet.dll - Okc:\windows\system32\ipxpromn.dll - Okc:\windows\system32\ipxmontr.dll - Okc:\windows\system32\rasmontr.dll - Okc:\windows\system32\ippromon.dll - Okc:\windows\system32\ifmon.dll - Okc:\windows\system32\ipmontr.dll - Okc:\windows\system32\ipv6mon.dll - Okc:\windows\system32\dfrg.msc - Okc:\windows\system32\cleanmgr.exe - Okc:\windows\system32\calc.exe - Okc:\windows\system32\rdpwsx.dll - Okc:\windows\system32\rdpclip.exe - Okc:\windows\system32\rdpcfgex.dll - Okc:\windows\system32\cmd.exe - Okc:\windows\system32\msobjs.dll - Okc:\windows\system32\msaudite.dll - Okc:\windows\system32\iassvcs.dll - Okc:\windows\system32\win32k.sys - Okc:\windows\system32\syssetup.dll - Okc:\windows\system32\savedump.exe - Okc:\windows\system32\rsvpmsg.dll - Okc:\windows\system32\ntmsevt.dll - Okc:\windows\system32\napipsec.dll - Okc:\program files\microsoft security client\mpevmsg.dll - Okc:\windows\system32\rtm.dll - Okc:\windows\system32\spmsg.dll - Okc:\windows\system32\dhcpqec.dll - Okc:\windows\system32\mprmsg.dll - Okc:\windows\system32\netmsg.dll - Okc:\windows\system32\iologmsg.dll - Okc:\windows\system32\wuaucpl.cpl.mui - Okc:\windows\system32\xpob2res.dll - Okc:\windows\system32\wbem\wmiapres.dll - Okc:\windows\system32\dpcdll.dll - Okc:\windows\system32\netevent.dll - Okc:\windows\system32\msvbvm60.dll - Okc:\windows\microsoft.net\framework\v2.0.50727\eventlogmessages.dll - Okc:\windows\system32\safrslv.dll - Okc:\windows\system32\safrdm.dll - Okc:\windows\system32\perfmon.exe - Okc:\windows\system32\prflbmsg.dll - Okc:\program files\nvidia corporation\nview\nview.dll - Okc:\windows\system32\msshavmsg.dll - Okc:\windows\system32\nmevtmsg.dll - Ok>c:\program files\microsoft security client\msmpres.dll is ZLIB containerc:\program files\microsoft security client\msmpres.dll - containerc:\windows\system32\loadperf.dll - Okc:\windows\pchealth\helpctr\binaries\hcappres.dll - Okc:\windows\system32\drwtsn32.exe - Okc:\windows\system32\ulib.dll - Okc:\windows\system32\pautoenr.dll - Okc:\windows\system32\faultrep.dll - Okc:\program files\common files\microsoft shared\dw\dw20.exe - Okc:\windows\microsoft.net\framework\v3.0\windows communication foundation\servicemodelevents.dll.mui - Okc:\windows\system32\query.dll - Ok>c:\windows\system32\icardres.dll.mui is BINARYRES containerc:\windows\system32\icardres.dll.mui - containerc:\windows\microsoft.net\framework\v2.0.50727\aspnet_rc.dll - Okc:\program files\avg secure search\13.2.0.5\avg secure search_toolbar.dll - Okc:\program files\nvidia corporation\nview\nvshell.dll - Okc:\program files\microsoft security client\shellext.dll - Okc:\windows\system32\xpsshhdr.dll - Okc:\windows\system32\dfshim.dll - Okc:\windows\system32\wmpshell.dll - Okc:\program files\outlook express\wabfind.dll - Okc:\windows\system32\cabview.dll - Okc:\windows\system32\mmcshext.dll - Okc:\windows\system32\photowiz.dll - Okc:\windows\system32\dfsshlex.dll - Okc:\windows\msagent\agentpsh.dll - Okc:\windows\system32\mydocs.dll - Okc:\windows\system32\dsuiext.dll - Okc:\windows\system32\dsquery.dll - Okc:\windows\system32\docprop2.dll - Okc:\windows\system32\msieftp.dll - Okc:\windows\system32\extmgr.dll - Okc:\windows\system32\zipfldr.dll - Okc:\windows\system32\netplwiz.dll - Ok>c:\windows\system32\shimgvw.dll is BINARYRES container>>c:\windows\system32\shimgvw.dll\data001 is JS-HTML container>>c:\windows\system32\shimgvw.dll\data002 is JS-HTML containerc:\windows\system32\shimgvw.dll - container>c:\windows\system32\appwiz.cpl is BINARYRES container>>c:\windows\system32\appwiz.cpl\data001 is JS-HTML container>>c:\windows\system32\appwiz.cpl\data003 is JS-HTML container>>c:\windows\system32\appwiz.cpl\data004 is JS-HTML container>>c:\windows\system32\appwiz.cpl\data006 is JS-HTML container>>c:\windows\system32\appwiz.cpl\data008 is JS-HTML container>>c:\windows\system32\appwiz.cpl\data009 is JS-HTML container>>c:\windows\system32\appwiz.cpl\data011 is JS-HTML container>>c:\windows\system32\appwiz.cpl\data012 is JS-HTML container>>c:\windows\system32\appwiz.cpl\data014 is JS-HTML container>>c:\windows\system32\appwiz.cpl\data015 is JS-HTML container>>c:\windows\system32\appwiz.cpl\data016 is JS-HTML containerc:\windows\system32\appwiz.cpl - containerc:\windows\system32\occache.dll - Okc:\windows\system32\sendmail.dll - Okc:\windows\system32\shmedia.dll - Okc:\windows\system32\twext.dll - Ok>c:\windows\system32\wuaucpl.cpl - packed by FLY-CODEc:\windows\system32\wuaucpl.cpl - Okc:\program files\common files\system\ole db\oledb32.dll - Okc:\windows\system32\wshext.dll - Okc:\windows\system32\remotepg.dll - Okc:\windows\system32\wiashext.dll - Okc:\windows\system32\cryptext.dll - Ok>c:\windows\system32\deskperf.dll - packed by FLY-CODEc:\windows\system32\deskperf.dll - Ok>c:\windows\system32\fontext.dll is BINARYRES container>>c:\windows\system32\fontext.dll\data001 - packed by MS COMPRESS>>c:\windows\system32\fontext.dll\data002 - packed by MS COMPRESSc:\windows\system32\fontext.dll - containerc:\windows\system32\hticons.dll - Okc:\windows\system32\syncui.dll - Okc:\windows\system32\dskquoui.dll - Okc:\windows\system32\printui.dll - Okc:\windows\system32\ntlanui2.dll - Okc:\windows\system32\diskcopy.dll - Okc:\windows\system32\shscrap.dll - Okc:\windows\system32\slayerxp.dll - Okc:\windows\system32\dssec.dll - Ok>c:\windows\system32\deskmon.dll - packed by FLY-CODEc:\windows\system32\deskmon.dll - Okc:\windows\system32\deskadp.dll - Okc:\windows\system32\docprop.dll - Okc:\windows\system32\rshx32.dll - Okc:\windows\system32\icmui.dll - Okc:\windows\system32\mmsys.cpl - Okc:\windows\system32\wiascr.dll - Okc:\program files\common files\avg secure search\viprotocolinstaller\13.2.0\viprotocol.dll - Okc:\windows\system32\inetcomm.dll - Okc:\windows\system32\itss.dll - Okc:\windows\system32\msvidctl.dll - Okc:\windows\system32\mshtml.dll - Okc:\windows\system32\mscoree.dll - Okc:\windows\system32\rsvpsp.dll - Okc:\windows\system32\sclgntfy.dll - Okc:\windows\system32\ntsd.exe - Okc:\windows\system32\xmlprov.dll - Okc:\windows\system32\drivers\ws2ifsl.sys - Okc:\windows\system32\wbem\wmiapsrv.exe - Okc:\windows\system32\wbem\wmiaprpl.dll - Okc:\windows\system32\mspmsnsv.dll - Okc:\windows\system32\winsock.dll - Okc:\windows\system32\drivers\wdmaud.sys - Okc:\windows\system32\drivers\wanarp.sys - Okc:\windows\system32\vssvc.exe - Okc:\windows\system32\drivers\volsnap.sys - Okc:\windows\system32\drivers\vga.sys - Okc:\windows\system32\drivers\usbstor.sys - Okc:\windows\system32\drivers\usbhub.sys - Okc:\windows\system32\drivers\usbehci.sys - Okc:\windows\system32\ups.exe - Okc:\windows\system32\upnphost.dll - Okc:\windows\system32\drivers\update.sys - Okc:\windows\system32\drivers\udfs.sys - Okc:\windows\system32\tsddd.dll - Okc:\windows\system32\drivers\termdd.sys - Okc:\windows\system32\drivers\tdtcp.sys - Okc:\windows\system32\drivers\tdpipe.sys - Okc:\windows\system32\drivers\tcpip.sys - Okc:\windows\system32\smlogsvc.exe - Okc:\windows\system32\drivers\sysaudio.sys - Okc:\windows\system32\drivers\swmidi.sys - Okc:\windows\system32\drivers\swenum.sys - Okc:\windows\system32\wiaservc.dll - Okc:\windows\system32\drivers\srv.sys - Okc:\windows\system32\drivers\sr.sys - Okc:\windows\system32\drivers\splitter.sys - Okc:\windows\system32\drivers\sfloppy.sys - Okc:\windows\system32\drivers\serial.sys - Okc:\windows\system32\drivers\secdrv.sys - Okc:\windows\system32\drivers\scsiport.sys - Okc:\windows\system32\scardsvr.exe - Okc:\windows\system32\drivers\rtenicxp.sys - Okc:\windows\system32\rsvp.exe - Okc:\windows\system32\locator.exe - Okc:\windows\system32\mprdim.dll - Okc:\windows\system32\drivers\redbook.sys - Okc:\windows\system32\sessmgr.exe - Okc:\windows\system32\drivers\rdpwd.sys - Okc:\windows\system32\rdpdd.dll - Okc:\windows\system32\drivers\rdpcdd.sys - Okc:\windows\system32\drivers\rdbss.sys - Okc:\windows\system32\drivers\raspti.sys - Okc:\windows\system32\drivers\raspppoe.sys - Okc:\windows\system32\drivers\rasl2tp.sys - Okc:\windows\system32\rasauto.dll - Okc:\windows\system32\drivers\rasacd.sys - Okc:\windows\system32\drivers\ptilink.sys - Okc:\windows\system32\drivers\psched.sys - Okc:\windows\system32\drivers\raspptp.sys - Okc:\windows\system32\perfproc.dll - Okc:\windows\system32\perfnet.dll - Okc:\windows\system32\perfdisk.dll - Okc:\windows\system32\drivers\pcmcia.sys - Okc:\windows\system32\drivers\pciide.sys - Okc:\windows\system32\drivers\pci.sys - Okc:\windows\system32\drivers\parvdm.sys - Okc:\windows\system32\drivers\partmgr.sys - Okc:\windows\system32\drivers\parport.sys - Okc:\windows\system32\drivers\nwlnkfwd.sys - Okc:\windows\system32\drivers\nwlnkflt.sys - Okc:\windows\system32\drivers\nvhda32.sys - Okc:\windows\system32\drivers\nv4_mini.sys - Okc:\windows\system32\drivers\null.sys - Okc:\windows\system32\ntmssvc.dll - Okc:\windows\system32\drivers\ntfs.sys - Okc:\windows\system32\drivers\npfs.sys - Okc:\windows\microsoft.net\framework\v3.0\windows communication foundation\smsvchost.exe - Okc:\windows\system32\netdde.exe - Okc:\windows\system32\drivers\netbt.sys - Okc:\windows\system32\drivers\netbios.sys - Okc:\windows\system32\drivers\ndproxy.sys - Okc:\windows\system32\drivers\ndiswan.sys - Okc:\windows\system32\drivers\ndisuio.sys - Okc:\windows\system32\drivers\ndistapi.sys - Okc:\windows\system32\drivers\ndis.sys - Okc:\windows\system32\qagentrt.dll - Okc:\windows\system32\drivers\mup.sys - Okc:\windows\system32\drivers\mssmbios.sys - Okc:\windows\system32\drivers\mspqm.sys - Okc:\windows\system32\drivers\mspclock.sys - Okc:\windows\system32\drivers\mskssrv.sys - Okc:\windows\system32\msiexec.exe - Okc:\windows\system32\drivers\msfs.sys - Okc:\windows\system32\drivers\bridge.sys - Okc:\windows\system32\msdtc.exe - Okc:\windows\system32\drivers\mrxsmb.sys - Okc:\windows\system32\drivers\mrxdav.sys - Okc:\windows\system32\drivers\mpfilter.sys - Okc:\program files\mozilla maintenance service\maintenanceservice.exe - Okc:\windows\system32\drivers\mountmgr.sys - Okc:\windows\system32\drivers\mouhid.sys - Okc:\windows\system32\drivers\mouclass.sys - Okc:\windows\system32\drivers\monfilt.sys - Okc:\windows\system32\drivers\modem.sys - Okc:\windows\system32\mnmsrvc.exe - Okc:\windows\system32\mnmdd.dll - Okc:\windows\system32\msgsvc.dll - Okc:\windows\system32\drivers\heci.sys - Okc:\program files\malwarebytes' anti-malware\mbamservice.exe - Okc:\program files\malwarebytes' anti-malware\mbamscheduler.exe - Okc:\windows\system32\drivers\mbam.sys - Okc:\windows\system32\drivers\mbamchameleon.sys - Okc:\windows\system32\drivers\ksecdd.sys - Okc:\windows\system32\drivers\kmixer.sys - Okc:\windows\system32\drivers\kbdclass.sys - Okc:\windows\system32\drivers\isapnp.sys - Okc:\windows\system32\drivers\irenum.sys - Okc:\windows\system32\drivers\ipsec.sys - Okc:\windows\system32\drivers\ipnat.sys - Okc:\windows\system32\drivers\ipinip.sys - Okc:\windows\system32\drivers\ipfltdrv.sys - Okc:\windows\system32\drivers\ip6fw.sys - Okc:\windows\system32\drivers\intelppm.sys - Okc:\windows\system32\drivers\rtkhdaud.sys - Okc:\windows\system32\imapi.exe - Okc:\windows\system32\drivers\imapi.sys - Okc:\windows\microsoft.net\framework\v3.0\windows communication foundation\infocard.exe - Okc:\program files\common files\installshield\driver\11\intel 32\idrivert.exe - Okc:\windows\system32\drivers\i8042prt.sys - Okc:\windows\system32\w3ssl.dll - Okc:\windows\system32\drivers\http.sys - Okc:\windows\system32\kmsvc.dll - Okc:\windows\system32\drivers\hidusb.sys - Okc:\windows\system32\drivers\hdaudbus.sys - Okc:\windows\system32\drivers\gvtdrv.sys - Okc:\program files\google\update\googleupdate.exe - Okc:\windows\system32\drivers\msgpc.sys - Okc:\program files\gigabyte\et6\amifldrv32.sys - Okc:\windows\gdrv.sys - Okc:\windows\system32\drivers\ftdisk.sys - Okc:\windows\system32\drivers\fs_rec.sys - Okc:\windows\microsoft.net\framework\v3.0\wpf\presentationfontcache.exe - Okc:\windows\system32\drivers\fltmgr.sys - Okc:\windows\system32\drivers\flpydisk.sys - Okc:\windows\system32\drivers\fips.sys - Okc:\windows\system32\drivers\fdc.sys - Okc:\windows\system32\drivers\fastfat.sys - Okc:\windows\system32\drivers\etronxhci.sys - Okc:\windows\system32\drivers\etronhub3.sys - Okc:\windows\system32\eapsvc.dll - Okc:\windows\system32\drivers\drmkaud.sys - Okc:\windows\system32\dot3svc.dll - Okc:\windows\system32\drivers\dmusic.sys - Okc:\windows\system32\dmserver.dll - Okc:\windows\system32\drivers\dmload.sys - Okc:\windows\system32\drivers\dmio.sys - Okc:\windows\system32\drivers\dmboot.sys - Okc:\windows\system32\dmadmin.exe - Okc:\windows\system32\drivers\disk.sys - Okc:\windows\system32\dllhost.exe - Okc:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe - Okc:\windows\system32\clipsrv.exe - Okc:\windows\system32\cisvc.exe - Okc:\windows\system32\drivers\cdrom.sys - Okc:\windows\system32\drivers\cdfs.sys - Okc:\windows\system32\drivers\cdaudio.sys - Okc:\windows\system32\drivers\cbidf2k.sys - Okc:\windows\system32\drivers\beep.sys - Okc:\windows\system32\drivers\avgtpx86.sys - Okc:\windows\system32\drivers\audstub.sys - Okc:\windows\system32\drivers\atmarpc.sys - Okc:\windows\system32\drivers\atapi.sys - Okc:\windows\system32\drivers\asyncmac.sys - Okc:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe - Okc:\windows\system32\applechargersrv.exe - Okc:\windows\system32\drivers\applecharger.sys - Okc:\windows\system32\drivers\ambfilt.sys - Okc:\windows\system32\alrsvc.dll - Okc:\windows\system32\drivers\afd.sys - Okc:\windows\system32\drivers\aec.sys - Okc:\windows\system32\macromed\flash\flashplayerupdateservice.exe - Okc:\windows\system32\drivers\acpiec.sys - Okc:\windows\system32\drivers\acpi.sys - Okc:\windows\system32\mscories.dll - Okc:\windows\system32\ie4uinit.exe - Okc:\windows\inf\wmp.inf - Okc:\windows\inf\msmsgs.inf - Okc:\windows\inf\msnetmtg.inf - Okc:\windows\system32\\user.exe - Okc:\program files\outlook express\setup50.exe - Okc:\windows\system32\regsvr32.exe - Okc:\windows\system32\shmgrate.exe - Okc:\windows\inf\unregmp2.exe - Okc:\windows\system32\ieudinit.exe - Okc:\windows\system32\url.dll - Okc:\windows\system32\olethk32.dll - Okc:\windows\system32\olesvr32.dll - Okc:\windows\system32\olecnv32.dll - Okc:\windows\system32\olecli32.dll - Okc:\program files\nvidia corporation\nview\nwiz.exe - Okc:\windows\system32\nvcpl.dll - Okc:\windows\system32\logon.scr - Okc:\windows\system32\logonui.exe - Okc:\windows\system32\dot3gpclnt.dll - Okc:\windows\system32\iedkcs32.dll - Okc:\windows\system32\dskquota.dll - Okc:\windows\system32\msnsspc.dll - Okc:\windows\system32\digest.dll - Okc:\windows\system32\msapsspc.dll - Okc:\windows\npmsdm.dll - Ok>c:\windows\system32\muweb.dll is CAB archivec:\windows\system32\muweb.dll - Okc:\windows\system32\muweb.dll - archivec:\windows\system32\wuweb.dll - Ok>c:\windows\downloaded program files\qsax.dll - packed by UPXc:\windows\downloaded program files\qsax.dll - Okc:\windows\system32\legitcheckcontrol.dll - Okc:\program files\messenger\msmsgs.exe - Okc:\windows\network diagnostic\xpnetdiag.exe - Okc:\program files\pando networks\media booster\pmb.cpl - Okc:\program files\common files\microsoft shared\speech\sapi.cpl - Okc:\windows\system32\netsetup.cpl - Okc:\windows\system32\firewall.cpl - Okc:\windows\system32\autochk.exe - Okc:\windows\system32\userinit.exe - Okc:\windows\system32\l3codeca.acm - Okc:\windows\system32\ir50_32.dll - Okc:\windows\system32\iac25_32.ax - Okc:\windows\system32\sl_anet.acm - Okc:\windows\system32\msaud32.acm - Okc:\windows\system32\msh261.drv - Okc:\windows\system32\msg723.acm - Okc:\windows\system32\tsbyuv.dll - Okc:\windows\system32\msyuv.dll - Okc:\windows\system32\msvidc32.dll - Okc:\windows\system32\msrle32.dll - Okc:\windows\system32\iyuv_32.dll - Okc:\windows\system32\ir41_32.ax - Okc:\windows\system32\ir32_32.dll - Okc:\windows\system32\msh263.drv - Okc:\windows\system32\iccvid.dll - Okc:\windows\system32\tssoft32.acm - Okc:\windows\system32\msgsm32.acm - Okc:\windows\system32\msg711.acm - Okc:\windows\system32\msadp32.acm - Okc:\windows\system32\imaadp32.acm - Okc:\windows\system32\ntkrnlpa.exe - Okc:\documents and settings\michael senff\local settings\temp\1af96bff7.sys - file not foundc:\windows\system32\hal.dll - Okc:\windows\system32\drivers\videoprt.sys - Okc:\windows\system32\drivers\usbport.sys - OkProcess :0 - read errorProcess System:4 - OkProcess \SystemRoot\System32\smss.exe:624 - OkProcess \??\C:\WINDOWS\system32\csrss.exe:684 - OkProcess \??\C:\WINDOWS\system32\winlogon.exe:708 - OkProcess C:\WINDOWS\system32\services.exe:752 - OkProcess C:\WINDOWS\system32\lsass.exe:764 - OkProcess C:\WINDOWS\system32\svchost.exe:932 - OkProcess C:\WINDOWS\system32\svchost.exe:1020 - OkProcess c:\Program Files\Microsoft Security Client\MsMpEng.exe:1116 - OkProcess C:\WINDOWS\System32\svchost.exe:1152 - OkProcess C:\WINDOWS\system32\svchost.exe:1240 - OkProcess C:\WINDOWS\system32\svchost.exe:1308 - OkProcess C:\WINDOWS\system32\spoolsv.exe:1580 - OkProcess C:\WINDOWS\system32\svchost.exe:1736 - OkProcess C:\WINDOWS\Explorer.EXE:1756 - OkProcess C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe:1868 - OkProcess C:\WINDOWS\system32\nvsvc32.exe:1952 - OkProcess C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:188 - OkProcess C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe:260 - OkProcess C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe:460 - OkProcess C:\WINDOWS\system32\wscntfy.exe:1852 - OkProcess C:\WINDOWS\RTHDCPL.EXE:648 - OkProcess C:\Program Files\Microsoft Security Client\msseces.exe:1092 - OkProcess C:\Program Files\AVG Secure Search\vprot.exe:1404 - OkProcess C:\WINDOWS\system32\RunDLL32.exe:1988 - OkProcess C:\WINDOWS\system32\ctfmon.exe:2708 - OkProcess C:\Program Files\Pando Networks\Media Booster\PMB.exe:2988 - OkProcess C:\WINDOWS\System32\alg.exe:1096 - OkProcess C:\Program Files\Mozilla Firefox\firefox.exe:2696 - OkProcess C:\Documents and Settings\Michael Senff\My Documents\Downloads\drweb-cureit.exe:3420 - OkProcess c:\documents and settings\michael senff\local settings\temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ggv5nwpp.exe:3468 - OkProcess c:\documents and settings\michael senff\local settings\temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\h35pdxp9.exe:3324 - OkProcess c:\documents and settings\michael senff\local settings\temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\6qpfy1g7.exe:2544 - OkHDD0 MBR - OkHDD0 Active OS\2 or WinNT Boot Sector - Okc:\documents and settings\all users\start menu\programs\startup\desktop.ini - Okc:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\6qpfy1g7.exe - Okc:\documents and settings\michael senff\start menu\programs\startup\desktop.ini - Ok>c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\3jjqtynh.dll is BINARYRES container>>c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\3jjqtynh.dll\data003 - packed by BINARYRESc:\program files\avg secure search\13.2.0.5\avg secure search_toolbar.dll - Okc:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\ggv5nwpp.exe - Ok>>c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\3jjqtynh.dll\data004 - packed by BINARYRES>c:\documents and settings\michael senff\my documents\downloads\drweb-cureit.exe is BINARYRES container>c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d873c0aa-3bbe-4452-a0dd-17897ba963e0}\mpengine.dll is BINARYRES container>>c:\documents and settings\michael senff\my documents\downloads\drweb-cureit.exe\data001 - packed by BINARYRESc:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\3jjqtynh.dll - container>>c:\documents and settings\michael senff\my documents\downloads\drweb-cureit.exe\data002 - packed by BINARYRES>c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\h35pdxp9.exe is BINARYRES containerc:\documents and settings\michael senff\my documents\downloads\drweb-cureit.exe - containerc:\program files\common files\avg secure search\dntinstaller\13.2.0\avgdttbx.dll - Okc:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d873c0aa-3bbe-4452-a0dd-17897ba963e0}\mpengine.dll - containerc:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\h35pdxp9.exe - containerc:\program files\common files\avg secure search\sitesafetyinstaller\13.2.0\sitesafety.dll - Okc:\program files\common files\installshield\driver\11\intel 32\idrivert.exe - Okc:\program files\common files\avg secure search\viprotocolinstaller\13.2.0\viprotocol.dll - Okc:\program files\avg secure search\vprot.exe - Okc:\program files\gigabyte\et6\amifldrv32.sys - Okc:\program files\common files\microsoft shared\speech\sapi.cpl - Okc:\program files\google\update\googleupdate.exe - Okc:\program files\common files\system\ole db\oledb32.dll - Okc:\program files\intel\intel® management engine components\uns\statusstrings.dll - Okc:\program files\common files\avg secure search\vtoolbarupdater\13.2.0\toolbarupdater.exe - Okc:\program files\intel\intel® management engine components\lms\lms.exe - Okc:\program files\common files\microsoft shared\dw\dw20.exe - Okc:\program files\malwarebytes' anti-malware\mbamscheduler.exe - Okc:\program files\microsoft security client\eppmanifest.dll - Okc:\program files\intel\intel® management engine components\uns\xerces-c_2_7.dll - Okc:\program files\microsoft security client\mpclient.dll - Okc:\program files\microsoft security client\mpevmsg.dll - Okc:\program files\malwarebytes' anti-malware\mbamservice.exe - Okc:\program files\messenger\msmsgs.exe - Okc:\program files\microsoft security client\mpcmdrun.exe - Okc:\program files\microsoft security client\msmpeng.exe - Okc:\program files\microsoft security client\mpoav.dll - Okc:\program files\microsoft security client\mprtp.dll - Okc:\program files\microsoft security client\shellext.dll - Ok>c:\program files\microsoft security client\msmpres.dll is ZLIB containerc:\program files\microsoft security client\sqmapi.dll - Okc:\program files\mozilla firefox\components\browsercomps.dll - Okc:\program files\microsoft security client\msseces.exe - Okc:\program files\mozilla firefox\firefox.exe - Okc:\program files\microsoft security client\mpsvc.dll - Okc:\program files\mozilla firefox\mozalloc.dll - Okc:\program files\mozilla firefox\mozglue.dll - Okc:\program files\intel\intel® management engine components\uns\uns.exe - Okc:\program files\mozilla firefox\mozsqlite3.dll - Okc:\program files\mozilla firefox\freebl3.dll - Okc:\program files\mozilla firefox\nspr4.dll - Okc:\program files\mozilla firefox\mozjs.dll - Okc:\program files\mozilla firefox\msvcp100.dll - Okc:\program files\mozilla firefox\gkmedias.dll - Okc:\program files\mozilla firefox\msvcr100.dll - Okc:\program files\mozilla firefox\nssutil3.dll - Okc:\program files\mozilla firefox\plc4.dll - Okc:\program files\mozilla firefox\nss3.dll - Okc:\program files\mozilla firefox\plds4.dll - Okc:\program files\mozilla firefox\nssdbm3.dll - Okc:\program files\mozilla firefox\nssckbi.dll - Okc:\program files\mozilla firefox\xpcom.dll - Okc:\program files\mozilla firefox\smime3.dll - Okc:\program files\mozilla firefox\ssl3.dll - Okc:\program files\mozilla firefox\softokn3.dll - Okc:\program files\mozilla maintenance service\maintenanceservice.exe - Okc:\program files\nvidia corporation\nview\nvshell.dll - Okc:\program files\microsoft security client\msmpres.dll - containerc:\program files\nvidia corporation\nview\nview.dll - Okc:\program files\nvidia corporation\nvidia update core\daemonu.exe - Okc:\program files\nvidia corporation\update common\easydaemonapiu.dll - Okc:\program files\nvidia corporation\update common\nvupdtr.dll - Okc:\program files\outlook express\setup50.exe - Okc:\program files\nvidia corporation\nview\nwiz.exe - Okc:\program files\outlook express\wabfind.dll - Okc:\program files\pando networks\media booster\bugsplat.dll - Okc:\program files\pando networks\media booster\nspr4.dll - Okc:\program files\pando networks\media booster\microsoft.vc90.crt\msvcr90.dll - Okc:\program files\pando networks\media booster\microsoft.vc90.crt\msvcp90.dll - Ok>c:\program files\pando networks\media booster\plc4.dll - packed by FLY-CODEc:\program files\pando networks\media booster\plds4.dll - Okc:\program files\pando networks\media booster\freebl3.dll - Okc:\program files\pando networks\media booster\nss3.dll - Okc:\program files\pando networks\media booster\smime3.dll - Okc:\program files\nvidia corporation\update common\nvupdt.dll - Okc:\program files\pando networks\media booster\pmb.cpl - Okc:\program files\pando networks\media booster\plc4.dll - Okc:\program files\pando networks\media booster\ssl3.dll - Okc:\windows\apppatch\acadproc.dll - Okc:\program files\pando networks\media booster\softokn3.dll - Okc:\windows\gdrv.sys - Ok>c:\windows\downloaded program files\qsax.dll - packed by UPXc:\windows\inf\msmsgs.inf - Okc:\windows\inf\msnetmtg.inf - Ok>c:\program files\pando networks\media booster\pmb.exe is ZLIB containerc:\program files\pando networks\media booster\pmb.exe - containerc:\windows\inf\unregmp2.exe - Okc:\windows\inf\wmp.inf - Okc:\windows\microsoft.net\framework\v2.0.50727\aspnet_rc.dll - Okc:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe - Okc:\windows\apppatch\acgenral.dll - Okc:\windows\explorer.exe - Okc:\windows\microsoft.net\framework\v3.0\windows communication foundation\servicemodelevents.dll.mui - Okc:\windows\microsoft.net\framework\v3.0\windows communication foundation\smsvchost.exe - Okc:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe - Okc:\windows\microsoft.net\framework\v2.0.50727\eventlogmessages.dll - Okc:\windows\msagent\agentpsh.dll - Okc:\windows\microsoft.net\framework\v3.0\wpf\presentationfontcache.exe - Okc:\program files\mozilla firefox\xul.dll - Okc:\windows\microsoft.net\framework\v3.0\windows communication foundation\infocard.exe - Okc:\windows\pchealth\helpctr\binaries\hcappres.dll - Okc:\windows\pchealth\helpctr\binaries\pchsvc.dll - Okc:\windows\npmsdm.dll - Okc:\windows\system32\adsldpc.dll - Okc:\windows\system32\activeds.dll - Okc:\windows\network diagnostic\xpnetdiag.exe - Okc:\windows\system32\advpack.dll - Okc:\windows\system32\alrsvc.dll - Okc:\windows\downloaded program files\qsax.dll - Okc:\windows\system32\apphelp.dll - Okc:\windows\system32\advapi32.dll - Okc:\windows\system32\atl.dll - Okc:\windows\system32\audiosrv.dll - Okc:\windows\system32\authz.dll - Okc:\windows\system32\basesrv.dll - Ok>c:\windows\system32\browselc.dll is BINARYRES container>c:\windows\system32\appwiz.cpl is BINARYRES containerc:\windows\system32\batmeter.dll - Ok>>c:\windows\system32\appwiz.cpl\data001 is JS-HTML container>>c:\windows\system32\browselc.dll\data004 is JS-HTML containerc:\windows\system32\browser.dll - Ok>>c:\windows\system32\appwiz.cpl\data003 is JS-HTML containerc:\windows\system32\autochk.exe - Ok>>c:\windows\system32\appwiz.cpl\data004 is JS-HTML container>>c:\windows\system32\browselc.dll\data008 is JS-HTML container>>c:\windows\system32\appwiz.cpl\data006 is JS-HTML container>>c:\windows\system32\browselc.dll\data012 is JS-HTML container>>c:\windows\system32\browselc.dll\data013 is ZLIB containerc:\windows\system32\browselc.dll - container>>c:\windows\system32\appwiz.cpl\data008 is JS-HTML containerc:\windows\system32\cabinet.dll - Ok>>c:\windows\system32\appwiz.cpl\data009 is JS-HTML containerc:\windows\system32\cabview.dll - Ok>>c:\windows\system32\appwiz.cpl\data011 is JS-HTML containerc:\windows\system32\alg.exe - Ok>>c:\windows\system32\appwiz.cpl\data012 is JS-HTML containerc:\windows\system32\certcli.dll - Ok>>c:\windows\system32\appwiz.cpl\data014 is JS-HTML containerc:\windows\system32\catsrv.dll - Ok>>c:\windows\system32\appwiz.cpl\data015 is JS-HTML containerc:\windows\system32\browseui.dll - Okc:\windows\system32\cisvc.exe - Okc:\windows\system32\catsrvut.dll - Ok>>c:\windows\system32\appwiz.cpl\data016 is JS-HTML containerc:\windows\system32\appwiz.cpl - containerc:\windows\system32\clusapi.dll - Okc:\windows\system32\cnbjmon.dll - Okc:\windows\system32\clbcatq.dll - Okc:\windows\system32\cmd.exe - Okc:\windows\system32\comres.dll - Okc:\windows\system32\comctl32.dll - Okc:\windows\system32\comdlg32.dll - Okc:\windows\system32\colbact.dll - Okc:\windows\system32\cryptdll.dll - Okc:\windows\system32\credui.dll - Okc:\windows\system32\cryptext.dll - Okc:\windows\system32\comsvcs.dll - Okc:\windows\system32\cryptsvc.dll - Okc:\windows\system32\cryptnet.dll - Okc:\windows\system32\crypt32.dll - Okc:\windows\system32\clipsrv.exe - Okc:\windows\system32\csrss.exe - Okc:\windows\system32\csrsrv.dll - Okc:\windows\system32\cryptui.dll - Okc:\windows\system32\cscdll.dll - Okc:\windows\system32\d3d8thk.dll - Okc:\windows\system32\davclnt.dll - Ok>c:\windows\rthdcpl.exe is BINARYRES containerc:\windows\system32\cscui.dll - Ok>c:\windows\system32\deskmon.dll - packed by FLY-CODEc:\windows\system32\deskadp.dll - Okc:\windows\system32\ctfmon.exe - Ok>c:\windows\system32\deskperf.dll - packed by FLY-CODEc:\windows\system32\dbghelp.dll - Okc:\windows\system32\deskmon.dll - Okc:\windows\system32\deskperf.dll - Okc:\windows\system32\dfshim.dll - Okc:\windows\system32\dhcpqec.dll - Okc:\windows\system32\dfsshlex.dll - Okc:\windows\system32\dhcpcsvc.dll - Okc:\windows\system32\dimsntfy.dll - Okc:\windows\system32\digest.dll - Okc:\windows\system32\dllhost.exe - Okc:\windows\system32\d3d9.dll - Okc:\windows\system32\dnsrslvr.dll - Okc:\windows\system32\dmadmin.exe - Okc:\windows\system32\dmserver.dll - Okc:\windows\system32\dnsapi.dll - Okc:\windows\system32\diskcopy.dll - Okc:\windows\system32\docprop.dll - Okc:\windows\system32\dot3api.dll - Okc:\windows\system32\docprop2.dll - Okc:\windows\system32\dot3dlg.dll - Okc:\windows\system32\drivers\acpiec.sys - Okc:\windows\system32\dot3svc.dll - Okc:\windows\system32\dot3gpclnt.dll - Okc:\windows\system32\dpcdll.dll - Okc:\windows\system32\drivers\beep.sys - Okc:\windows\system32\drivers\avgtpx86.sys - Okc:\windows\system32\drivers\cbidf2k.sys - Okc:\windows\system32\drivers\cdaudio.sys - Okc:\windows\system32\drivers\afd.sys - Okc:\windows\system32\drivers\cdfs.sys - Okc:\windows\system32\drivers\disk.sys - Okc:\windows\system32\drivers\dmload.sys - Okc:\windows\system32\drivers\bridge.sys - Okc:\windows\system32\drivers\fdc.sys - Okc:\windows\system32\drivers\dmio.sys - Okc:\windows\system32\drivers\fastfat.sys - Okc:\windows\system32\drivers\fs_rec.sys - Okc:\windows\system32\drivers\flpydisk.sys - Okc:\windows\system32\drivers\gvtdrv.sys - Okc:\windows\system32\drivers\dmboot.sys - Okc:\windows\system32\drivers\fips.sys - Okc:\windows\system32\drivers\ip6fw.sys - Okc:\windows\system32\drivers\ksecdd.sys - Okc:\windows\system32\drivers\modem.sys - Okc:\windows\system32\drivers\mbamchameleon.sys - Okc:\windows\system32\drivers\ipnat.sys - Okc:\windows\system32\drivers\mountmgr.sys - Okc:\windows\system32\drivers\msfs.sys - Okc:\windows\system32\drivers\mbam.sys - Okc:\windows\system32\drivers\ndproxy.sys - Okc:\windows\system32\drivers\netbios.sys - Okc:\windows\system32\drivers\ndisuio.sys - Okc:\windows\system32\drivers\mup.sys - Okc:\windows\system32\drivers\npfs.sys - Okc:\windows\system32\drivers\null.sys - Okc:\windows\system32\drivers\parport.sys - Okc:\windows\system32\drivers\partmgr.sys - Okc:\windows\system32\drivers\parvdm.sys - Okc:\windows\system32\drivers\netbt.sys - Okc:\windows\system32\drivers\ndis.sys - Okc:\windows\system32\drivers\rdpcdd.sys - Okc:\windows\system32\drivers\pci.sys - Okc:\windows\system32\drivers\pcmcia.sys - Okc:\windows\system32\drivers\sfloppy.sys - Okc:\windows\system32\drivers\scsiport.sys - Okc:\windows\system32\drivers\rdpwd.sys - Okc:\windows\system32\drivers\serial.sys - Okc:\windows\system32\drivers\tdi.sys - Okc:\windows\system32\drivers\tdtcp.sys - Okc:\windows\system32\drivers\tdpipe.sys - Okc:\windows\system32\drivers\usbstor.sys - Okc:\windows\system32\drivers\sr.sys - Okc:\windows\system32\drivers\udfs.sys - Okc:\windows\system32\drivers\vga.sys - Okc:\windows\system32\drivers\volsnap.sys - Okc:\windows\rthdcpl.exe - containerc:\windows\system32\drivers\ws2ifsl.sys - Okc:\windows\system32\drprov.dll - Okc:\windows\system32\drivers\tcpip.sys - Okc:\windows\system32\dskquota.dll - Okc:\windows\system32\dsquery.dll - Okc:\windows\system32\drivers\ntfs.sys - Okc:\windows\system32\dskquoui.dll - Okc:\windows\system32\dssec.dll - Okc:\windows\system32\eapolqec.dll - Okc:\windows\system32\dsuiext.dll - Okc:\windows\system32\dsound.dll - Okc:\windows\system32\dssenh.dll - Okc:\windows\system32\ersvc.dll - Okc:\windows\system32\eappprxy.dll - Okc:\windows\system32\eappcfg.dll - Okc:\windows\system32\eapsvc.dll - Okc:\windows\system32\duser.dll - Okc:\windows\system32\es.dll - Okc:\windows\system32\extmgr.dll - Okc:\windows\system32\eventlog.dll - Okc:\windows\system32\faultrep.dll - Okc:\windows\system32\feclient.dll - Okc:\windows\system32\drwtsn32.exe - Okc:\windows\system32\fltlib.dll - Okc:\windows\system32\firewall.cpl - Okc:\windows\system32\gdi32.dll - Okc:\windows\system32\hid.dll - Okc:\windows\system32\hidphone.tsp - Okc:\windows\system32\esent.dll - Okc:\windows\system32\hticons.dll - Okc:\windows\system32\iassvcs.dll - Okc:\windows\system32\icaapi.dll - Ok>c:\windows\system32\fontext.dll is BINARYRES container>>c:\windows\system32\fontext.dll\data001 - packed by MS COMPRESSc:\windows\system32\iac25_32.ax - Okc:\windows\system32\h323.tsp - Okc:\windows\system32\hhctrl.ocx - Okc:\windows\system32\hnetcfg.dll - Ok>>c:\windows\system32\fontext.dll\data002 - packed by MS COMPRESSc:\windows\system32\iccvid.dll - Okc:\windows\system32\fontext.dll - containerc:\windows\system32\icmp.dll - Okc:\windows\system32\icmui.dll - Ok>c:\windows\system32\icardres.dll.mui is BINARYRES containerc:\windows\system32\ie4uinit.exe - Okc:\windows\system32\imaadp32.acm - Okc:\windows\system32\iedkcs32.dll - Okc:\windows\system32\imapi.exe - Okc:\windows\system32\imm32.dll - Okc:\windows\system32\iertutil.dll - Okc:\windows\system32\icardres.dll.mui - containerc:\windows\system32\inetpp.dll - Okc:\windows\system32\iologmsg.dll - Okc:\windows\system32\ipconf.tsp - Okc:\windows\system32\ieudinit.exe - Okc:\windows\system32\inetcomm.dll - Okc:\windows\system32\imagehlp.dll - Okc:\windows\system32\iphlpapi.dll - Okc:\windows\system32\ir32_32.dll - Okc:\windows\system32\ipsecsvc.dll - Okc:\windows\system32\ieframe.dll - Okc:\windows\system32\ipnathlp.dll - Okc:\windows\system32\iyuv_32.dll - Okc:\windows\system32\kmddsp.tsp - Okc:\windows\system32\ir50_32.dll - Okc:\windows\system32\itss.dll - Okc:\windows\system32\kmsvc.dll - Okc:\windows\system32\kerberos.dll - Okc:\windows\system32\ksuser.dll - Okc:\windows\system32\ir41_32.ax - Ok>c:\windows\system32\linkinfo.dll - packed by FLY-CODEc:\windows\system32\kernel32.dll - Okc:\windows\system32\lmhsvc.dll - Okc:\windows\system32\l3codeca.acm - Okc:\windows\system32\loadperf.dll - Okc:\windows\system32\locator.exe - Okc:\windows\system32\localspl.dll - Okc:\windows\system32\linkinfo.dll - Okc:\windows\system32\lz32.dll - Okc:\windows\system32\logon.scr - Okc:\windows\system32\lsass.exe - Okc:\windows\system32\mfcsubs.dll - Okc:\windows\system32\midimap.dll - Okc:\windows\system32\legitcheckcontrol.dll - Okc:\windows\system32\lsasrv.dll - Okc:\windows\system32\mnmdd.dll - Okc:\windows\system32\logonui.exe - Okc:\windows\system32\macromed\flash\flashplayerupdateservice.exe - Okc:\windows\system32\mlang.dll - Okc:\windows\system32\mpr.dll - Okc:\windows\system32\mnmsrvc.exe - Okc:\windows\system32\mprdim.dll - Okc:\windows\system32\mmcshext.dll - Okc:\windows\system32\mmsys.cpl - Okc:\windows\system32\mprmsg.dll - Ok>c:\windows\system32\msacm32.drv - packed by FLY-CODEc:\windows\system32\mprapi.dll - Okc:\windows\system32\msadp32.acm - Okc:\windows\system32\msasn1.dll - Okc:\windows\system32\msaudite.dll - Okc:\windows\system32\msapsspc.dll - Okc:\windows\system32\msacm32.dll - Okc:\windows\system32\mscms.dll - Okc:\windows\system32\mscories.dll - Okc:\windows\system32\msacm32.drv - Okc:\windows\system32\mscoree.dll - Okc:\windows\system32\msdtc.exe - Okc:\windows\system32\msg711.acm - Okc:\windows\system32\msaud32.acm - Okc:\windows\system32\msctfime.ime - Okc:\windows\system32\msctf.dll - Okc:\windows\system32\msgsm32.acm - Okc:\windows\system32\msg723.acm - Okc:\windows\system32\msgsvc.dll - Okc:\windows\system32\msh261.drv - Okc:\windows\system32\msh263.drv - Okc:\windows\system32\msftedit.dll - Okc:\windows\system32\msgina.dll - Okc:\windows\system32\msiexec.exe - Okc:\windows\system32\msieftp.dll - Okc:\windows\system32\msidle.dll - Okc:\windows\system32\msimg32.dll - Okc:\windows\system32\msobjs.dll - Okc:\windows\system32\mspatcha.dll - Okc:\windows\system32\msprivs.dll - Okc:\windows\system32\msrle32.dll - Okc:\windows\system32\msshavmsg.dll - Okc:\windows\system32\msnsspc.dll - Okc:\windows\system32\mstask.dll - Okc:\windows\system32\msi.dll - Okc:\windows\system32\mstlsapi.dll - Okc:\windows\system32\msv1_0.dll - Okc:\windows\system32\msutb.dll - Okc:\windows\system32\mspmsnsv.dll - Okc:\windows\system32\msvidc32.dll - Okc:\windows\system32\msvcp60.dll - Okc:\windows\system32\msvcrt.dll - Okc:\windows\system32\msyuv.dll - Okc:\windows\system32\mswsock.dll - Okc:\windows\system32\mtxclu.dll - Okc:\windows\system32\mydocs.dll - Okc:\windows\system32\mshtml.dll - Ok>c:\windows\system32\muweb.dll is CAB archivec:\windows\system32\muweb.dll - Okc:\windows\system32\muweb.dll - archivec:\windows\system32\msvbvm60.dll - Okc:\windows\system32\napipsec.dll - Ok>c:\windows\system32\nddeapi.dll - packed by FLY-CODEc:\windows\system32\ncobjapi.dll - Okc:\windows\system32\ndptsp.tsp - Okc:\windows\system32\msvidctl.dll - Okc:\windows\system32\netapi32.dll - Okc:\windows\system32\msxml3.dll - Okc:\windows\system32\nddeapi.dll - Okc:\windows\system32\netdde.exe - Okc:\windows\system32\netevent.dll - Okc:\windows\system32\netmsg.dll - Okc:\windows\system32\netrap.dll - Okc:\windows\system32\netcfgx.dll - Okc:\windows\system32\netsetup.cpl - Okc:\windows\system32\netui0.dll - Okc:\windows\system32\netman.dll - Okc:\windows\system32\netlogon.dll - Okc:\windows\system32\nmevtmsg.dll - Okc:\windows\system32\normaliz.dll - Okc:\windows\system32\ntdsapi.dll - Okc:\windows\system32\netplwiz.dll - Okc:\windows\system32\netui1.dll - Okc:\windows\system32\ntlanman.dll - Okc:\windows\system32\ntlsapi.dll - Okc:\windows\system32\ntdll.dll - Okc:\windows\system32\ntlanui2.dll - Okc:\windows\system32\ntmarta.dll - Okc:\windows\system32\netshell.dll - Okc:\windows\system32\ntmsevt.dll - Okc:\windows\system32\ntshrui.dll - Okc:\windows\system32\ntmssvc.dll - Okc:\windows\system32\ntsd.exe - Okc:\windows\system32\oakley.dll - Okc:\windows\system32\nvmctray.dll - Okc:\windows\system32\occache.dll - Okc:\windows\system32\nvsvc32.exe - Okc:\windows\system32\odbcint.dll - Okc:\windows\system32\odbc32.dll - Okc:\windows\system32\odbcbcp.dll - Okc:\windows\system32\oleacc.dll - Okc:\windows\system32\oleaut32.dll - Okc:\windows\system32\olecnv32.dll - Okc:\windows\system32\olesvr32.dll - Okc:\windows\system32\olethk32.dll - Okc:\windows\system32\olecli32.dll - Okc:\windows\system32\pautoenr.dll - Ok>c:\windows\system32\ole32.dll is BINARYRES containerc:\windows\system32\onex.dll - Okc:\windows\system32\perfctrs.dll - Okc:\windows\system32\ole32.dll - containerc:\windows\system32\perfdisk.dll - Okc:\windows\system32\perfnet.dll - Okc:\windows\system32\pdh.dll - Okc:\windows\system32\perfmon.exe - Okc:\windows\system32\nvapi.dll - Okc:\windows\system32\perfos.dll - Okc:\windows\system32\perfproc.dll - Ok>c:\windows\system32\pjlmon.dll - packed by FLY-CODEc:\windows\system32\powrprof.dll - Okc:\windows\system32\pjlmon.dll - Okc:\windows\system32\prflbmsg.dll - Okc:\windows\system32\photowiz.dll - Okc:\windows\system32\nvcpl.dll - Okc:\windows\system32\profmap.dll - Okc:\windows\system32\psapi.dll - Okc:\windows\system32\pstorsvc.dll - Okc:\windows\system32\printui.dll - Okc:\windows\system32\psbase.dll - Okc:\windows\system32\qutil.dll - Okc:\windows\system32\qagentrt.dll - Okc:\windows\system32\rasadhlp.dll - Okc:\windows\system32\qmgr.dll - Okc:\windows\system32\raschap.dll - Okc:\windows\system32\rasauto.dll - Okc:\windows\system32\query.dll - Okc:\windows\system32\rasman.dll - Okc:\windows\system32\rasapi32.dll - Okc:\windows\system32\rasqec.dll - Okc:\windows\system32\rdpdd.dll - Okc:\windows\system32\rastapi.dll - Okc:\windows\system32\rasppp.dll - Okc:\windows\system32\regapi.dll - Okc:\windows\system32\rastls.dll - Okc:\windows\system32\rasdlg.dll - Okc:\windows\system32\rasmans.dll - Okc:\windows\system32\resutils.dll - Okc:\windows\system32\rshx32.dll - Okc:\windows\system32\remotepg.dll - Okc:\windows\system32\regsvr32.exe - Okc:\windows\system32\rsvpmsg.dll - Okc:\windows\system32\rpcrt4.dll - Okc:\windows\system32\rsvp.exe - Okc:\windows\system32\rsaenh.dll - Okc:\windows\system32\rundll32.exe - Okc:\windows\system32\rtm.dll - Okc:\windows\system32\rtutils.dll - Okc:\windows\system32\safrslv.dll - Okc:\windows\system32\rsvpsp.dll - Okc:\windows\system32\safrdm.dll - Okc:\windows\system32\samlib.dll - Okc:\windows\system32\rpcss.dll - Okc:\windows\system32\scardsvr.exe - Okc:\windows\system32\schannel.dll - Okc:\windows\system32\scesrv.dll - Okc:\windows\system32\scecli.dll - Okc:\windows\system32\savedump.exe - Okc:\windows\system32\seclogon.dll - Okc:\windows\system32\samsrv.dll - Okc:\windows\system32\sclgntfy.dll - Okc:\windows\system32\sendmail.dll - Okc:\windows\system32\sensapi.dll - Okc:\windows\system32\secur32.dll - Okc:\windows\system32\sens.dll - Okc:\windows\system32\sfc.dll - Okc:\windows\system32\schedsvc.dll - Okc:\windows\system32\services.exe - Okc:\windows\system32\sessmgr.exe - Okc:\windows\system32\shfolder.dll - Ok>c:\windows\system32\shdoclc.dll is BINARYRES container>>c:\windows\system32\shdoclc.dll\data001 is JS-HTML containerc:\windows\system32\sfc_os.dll - Okc:\windows\system32\shimeng.dll - Ok>>c:\windows\system32\shdoclc.dll\data002 is JS-HTML container>>c:\windows\system32\shdoclc.dll\data003 is JS-HTML container>c:\windows\system32\setupapi.dll - packed by BINARYRES>>c:\windows\system32\setupapi.dll - packed by MS COMPRESS>>c:\windows\system32\shdoclc.dll\data004 is JS-HTML containerc:\windows\system32\setupapi.dll - Okc:\windows\system32\shlwapi.dll - Okc:\windows\system32\shdocvw.dll - Ok>>c:\windows\system32\shdoclc.dll\data005 is JS-HTML container>>c:\windows\system32\shdoclc.dll\data006 is JS-HTML container>c:\windows\system32\shimgvw.dll is BINARYRES container>>c:\windows\system32\shimgvw.dll\data001 is JS-HTML containerc:\windows\system32\shmgrate.exe - Ok>>c:\windows\system32\shimgvw.dll\data002 is JS-HTML containerc:\windows\system32\shdoclc.dll - containerc:\windows\system32\shscrap.dll - Okc:\windows\system32\shimgvw.dll - containerc:\windows\system32\shmedia.dll - Okc:\windows\system32\slayerxp.dll - Okc:\windows\system32\shsvcs.dll - Ok>c:\windows\system32\shell32.dll is BINARYRES container>>c:\windows\system32\shell32.dll\data001 is JS-HTML containerc:\windows\system32\smss.exe - Okc:\windows\system32\spmsg.dll - Okc:\windows\system32\sl_anet.acm - Okc:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - Okc:\windows\system32\shell32.dll - containerc:\windows\system32\smlogsvc.exe - Okc:\windows\system32\spoolss.dll - Okc:\windows\system32\ssdpapi.dll - Okc:\windows\system32\srvsvc.dll - Okc:\windows\system32\srsvc.dll - Okc:\windows\system32\spoolsv.exe - Okc:\windows\system32\stobject.dll - Okc:\windows\system32\ssdpsrv.dll - Okc:\windows\system32\svchost.exe - Okc:\windows\system32\sxs.dll - Okc:\windows\system32\syncui.dll - Okc:\windows\system32\t2embed.dll - Okc:\windows\system32\tcpmon.dll - Okc:\windows\system32\tapi32.dll - Okc:\windows\system32\trkwks.dll - Okc:\windows\system32\tsbyuv.dll - Okc:\windows\system32\tapisrv.dll - Okc:\windows\system32\tssoft32.acm - Okc:\windows\system32\tsddd.dll - Okc:\windows\system32\syssetup.dll - Okc:\windows\system32\twext.dll - Okc:\windows\system32\ulib.dll - Okc:\windows\system32\termsrv.dll - Ok>c:\windows\system32\uniplat.dll - packed by FLY-CODEc:\windows\system32\umpnpmgr.dll - Okc:\windows\system32\themeui.dll - Okc:\windows\system32\unimdm.tsp - Okc:\windows\system32\ups.exe - Okc:\windows\system32\upnp.dll - Okc:\windows\system32\url.dll - Okc:\windows\system32\usbmon.dll - Okc:\windows\system32\upnphost.dll - Okc:\windows\system32\userinit.exe - Okc:\windows\system32\uniplat.dll - Okc:\windows\system32\uxtheme.dll - Okc:\windows\system32\version.dll - Okc:\windows\system32\user32.dll - Okc:\windows\system32\urlmon.dll - Okc:\windows\system32\usp10.dll - Okc:\windows\system32\userenv.dll - Okc:\windows\system32\w3ssl.dll - Okc:\windows\system32\wbem\ncprov.dll - Okc:\windows\system32\wbem\esscli.dll - Okc:\windows\system32\vssvc.exe - Okc:\windows\system32\w32time.dll - Okc:\windows\system32\vssapi.dll - Okc:\windows\system32\wbem\wbemcomn.dll - Okc:\windows\system32\wbem\fastprox.dll - Okc:\windows\system32\wbem\wbemprox.dll - Okc:\windows\system32\wbem\wbemsvc.dll - Okc:\windows\system32\wbem\repdrvfs.dll - Okc:\windows\system32\wbem\wmiapres.dll - Okc:\windows\system32\wbem\wmiaprpl.dll - Okc:\windows\system32\wbem\wbemcore.dll - Okc:\windows\system32\wbem\wmisvc.dll - Okc:\windows\system32\wbem\wmiapsrv.exe - Okc:\windows\system32\wdigest.dll - Okc:\windows\system32\wbem\wbemess.dll - Okc:\windows\system32\wbem\wmiutils.dll - Okc:\windows\system32\wdmaud.drv - Okc:\windows\system32\wbem\wmiprvsd.dll - Okc:\windows\system32\webclnt.dll - Okc:\windows\system32\wbem\winmgmt.exe - Okc:\windows\system32\webcheck.dll - Okc:\windows\system32\wiascr.dll - Okc:\windows\system32\winhttp.dll - Okc:\windows\system32\wiaservc.dll - Okc:\windows\system32\win32spl.dll - Okc:\windows\system32\wiashext.dll - Okc:\windows\system32\winipsec.dll - Ok>c:\windows\system32\winrnr.dll - packed by FLY-CODEc:\windows\system32\winscard.dll - Okc:\windows\system32\winsock.dll - Okc:\windows\system32\winmm.dll - Okc:\windows\system32\winrnr.dll - Okc:\windows\system32\winspool.drv - Okc:\windows\system32\wininet.dll - Ok>c:\windows\system32\winsta.dll - packed by FLY-CODEc:\windows\system32\wkssvc.dll - Okc:\windows\system32\winlogon.exe - Okc:\windows\system32\wintrust.dll - Okc:\windows\system32\winsrv.dll - Okc:\windows\system32\wmi.dll - Okc:\windows\system32\wlnotify.dll - Okc:\windows\system32\ws2_32.dll - Okc:\windows\system32\ws2help.dll - Okc:\windows\system32\wldap32.dll - Okc:\windows\system32\wmpshell.dll - Okc:\windows\system32\win32k.sys - Okc:\windows\system32\wscsvc.dll - Okc:\windows\system32\wscntfy.exe - Okc:\windows\system32\wsock32.dll - Okc:\windows\system32\wtsapi32.dll - Okc:\windows\system32\wshtcpip.dll - Okc:\windows\system32\wuaucpl.cpl.mui - Okc:\windows\system32\wuauserv.dll - Okc:\windows\system32\wshext.dll - Ok>c:\windows\system32\wuaucpl.cpl - packed by FLY-CODEc:\windows\system32\wzcsapi.dll - Okc:\windows\system32\wuweb.dll - Okc:\windows\system32\winsta.dll - Okc:\windows\system32\xmlprov.dll - Okc:\windows\system32\wzcdlg.dll - Okc:\windows\system32\wzcsvc.dll - Okc:\windows\system32\xpob2res.dll - Okc:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll - Okc:\windows\system32\wuaueng.dll - Okc:\windows\system32\xpsshhdr.dll - Okc:\windows\system32\zipfldr.dll - Okc:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll - Okc:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Ok>c:\windows\system32\xpsp2res.dll is BINARYRES container>>c:\windows\system32\xpsp2res.dll\data001 is JS-HTML containerc:\windows\system32\wuaucpl.cpl - Okc:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll - Ok>>c:\windows\system32\xpsp2res.dll\data002 is JS-HTML container>>c:\windows\system32\xpsp2res.dll\data003 is JS-HTML container>>c:\windows\system32\xpsp2res.dll\data004 is JS-HTML containerc:\windows\system32\xpsp2res.dll - containerd:\autorun.ico - Okd:\autorun.inf - Okd:\autorun.exe - OkC:\AUTOEXEC.BAT - OkC:\CONFIG.SYS - OkC:\end - OkC:\extensions.sqlite - OkC:\csb.log - OkC:\IO.SYS - OkC:\boot.ini - OkC:\pagefile.sys - read errorC:\MSDOS.SYS - OkC:\Install.log - OkC:\RHDSetup.log - OkC:\TDSSKiller.2.8.15.0_01.01.2013_19.39.23_log.txt - OkC:\WINDOWS\system32\$winnt$.inf - OkC:\ntldr - OkC:\WINDOWS\system32\12520437.cpx - OkC:\WINDOWS\system32\12520850.cpx - OkC:\NTDETECT.COM - OkC:\WINDOWS\system32\aaaamon.dll - OkC:\WINDOWS\system32\acctres.dll - OkC:\WINDOWS\system32\6to4svc.dll - OkC:\WINDOWS\system32\access.cpl - OkC:\WINDOWS\system32\acelpdec.ax - OkC:\WINDOWS\system32\aaclient.dll - OkC:\WINDOWS\system32\activeds.dll - OkC:\WINDOWS\system32\accwiz.exe - OkC:\WINDOWS\system32\activeds.tlb - OkC:\WINDOWS\system32\aclui.dll - OkC:\WINDOWS\system32\acledit.dll - OkC:\WINDOWS\system32\actxprxy.dll - OkC:\WINDOWS\system32\actmovie.exe - Ok>C:\WINDOWS\system32\admparse.dll - packed by FLY-CODEC:\WINDOWS\system32\adptif.dll - OkC:\WINDOWS\system32\adsldpc.dll - OkC:\WINDOWS\system32\adsmsext.dll - OkC:\WINDOWS\system32\advpack.dll - OkC:\WINDOWS\system32\advpack.dll.mui - OkC:\WINDOWS\system32\admparse.dll - OkC:\WINDOWS\system32\advapi32.dll - OkC:\WINDOWS\system32\adsldp.dll - OkC:\WINDOWS\system32\amcompat.tlb - OkC:\WINDOWS\system32\alrsvc.dll - OkC:\WINDOWS\system32\ansi.sys - OkC:\WINDOWS\system32\adsnt.dll - OkC:\WINDOWS\system32\append.exe - OkC:\WINDOWS\system32\amstream.dll - OkC:\WINDOWS\system32\ahui.exe - OkC:\WINDOWS\system32\AppleChargerSrv.exe - OkC:\WINDOWS\system32\apcups.dll - OkC:\WINDOWS\system32\apphelp.dll - OkC:\WINDOWS\system32\arp.exe - OkC:\WINDOWS\system32\asferror.dll - OkC:\WINDOWS\system32\alg.exe - OkC:\WINDOWS\system32\asycfilt.dll - OkC:\WINDOWS\system32\ALSNDMGR.CPL - OkC:\WINDOWS\system32\at.exe - OkC:\WINDOWS\system32\asctrls.ocx - OkC:\WINDOWS\system32\ati2cqag.dll - Ok>C:\WINDOWS\system32\appwiz.cpl is BINARYRES container>>C:\WINDOWS\system32\appwiz.cpl\data001 is JS-HTML containerC:\WINDOWS\system32\ativdaxx.ax - Ok>>C:\WINDOWS\system32\appwiz.cpl\data003 is JS-HTML container>>C:\WINDOWS\system32\appwiz.cpl\data004 is JS-HTML containerC:\WINDOWS\system32\ati2dvag.dll - Ok>>C:\WINDOWS\system32\appwiz.cpl\data006 is JS-HTML containerC:\WINDOWS\system32\ati2dvaa.dll - OkC:\WINDOWS\system32\ativmvxx.ax - Ok>>C:\WINDOWS\system32\appwiz.cpl\data008 is JS-HTML containerC:\WINDOWS\system32\atkctrs.dll - Ok>>C:\WINDOWS\system32\appwiz.cpl\data009 is JS-HTML container>>C:\WINDOWS\system32\appwiz.cpl\data011 is JS-HTML containerC:\WINDOWS\system32\atl.dll - Ok>>C:\WINDOWS\system32\appwiz.cpl\data012 is JS-HTML container>>C:\WINDOWS\system32\appwiz.cpl\data014 is JS-HTML container>>C:\WINDOWS\system32\appwiz.cpl\data015 is JS-HTML containerC:\WINDOWS\system32\atmadm.exe - Ok>>C:\WINDOWS\system32\appwiz.cpl\data016 is JS-HTML containerC:\WINDOWS\system32\appwiz.cpl - containerC:\WINDOWS\system32\ati3d1ag.dll - OkC:\WINDOWS\system32\ativvaxx.dll - OkC:\WINDOWS\system32\atmpvcno.dll - OkC:\WINDOWS\system32\atmlib.dll - OkC:\WINDOWS\system32\atmfd.dll - OkC:\WINDOWS\system32\atrace.dll - OkC:\WINDOWS\system32\auditusr.exe - OkC:\WINDOWS\system32\attrib.exe - OkC:\WINDOWS\system32\authz.dll - OkC:\WINDOWS\system32\audiosrv.dll - OkC:\WINDOWS\system32\AUTOEXEC.NT - OkC:\WINDOWS\system32\autodisc.dll - OkC:\WINDOWS\system32\autochk.exe - Ok>C:\WINDOWS\system32\autolfn.exe - packed by FLY-CODEC:\WINDOWS\system32\avicap.dll - OkC:\WINDOWS\system32\ativtmxx.dll - OkC:\WINDOWS\system32\autoconv.exe - OkC:\WINDOWS\system32\avifil32.dll - OkC:\WINDOWS\system32\avmeter.dll - OkC:\WINDOWS\system32\ati3duag.dll - OkC:\WINDOWS\system32\avifile.dll - OkC:\WINDOWS\system32\avicap32.dll - OkC:\WINDOWS\system32\basesrv.dll - OkC:\WINDOWS\system32\autofmt.exe - OkC:\WINDOWS\system32\batt.dll - OkC:\WINDOWS\system32\avwav.dll - OkC:\WINDOWS\system32\bios1.rom - OkC:\WINDOWS\system32\bidispl.dll - Ok Link to post Share on other sites More sharing options...
MicQsenoch Posted January 2, 2013 Author ID:629504 Share Posted January 2, 2013 C:\WINDOWS\system32\batmeter.dll - OkC:\WINDOWS\system32\azroles.dll - OkC:\WINDOWS\system32\bios4.rom - OkC:\WINDOWS\system32\bitsprx2.dll - OkC:\WINDOWS\system32\bitsprx3.dll - OkC:\WINDOWS\system32\avtapi.dll - OkC:\WINDOWS\system32\bitsprx4.dll - OkC:\WINDOWS\system32\bootok.exe - OkC:\WINDOWS\system32\bootvid.dll - OkC:\WINDOWS\system32\bootvrfy.exe - OkC:\WINDOWS\system32\bopomofo.uce - OkC:\WINDOWS\system32\blackbox.dll - Ok>C:\WINDOWS\system32\browselc.dll is BINARYRES container>>C:\WINDOWS\system32\browselc.dll\data004 is JS-HTML container>>C:\WINDOWS\system32\browselc.dll\data008 is JS-HTML containerC:\WINDOWS\system32\blastcln.exe - OkC:\WINDOWS\system32\browser.dll - OkC:\WINDOWS\system32\autolfn.exe - Ok>>C:\WINDOWS\system32\browselc.dll\data012 is JS-HTML containerC:\WINDOWS\system32\browsewm.dll - OkC:\WINDOWS\system32\bthci.dll - Ok>>C:\WINDOWS\system32\browselc.dll\data013 is ZLIB containerC:\WINDOWS\system32\BuzzingBee.wav - OkC:\WINDOWS\system32\browselc.dll - containerC:\WINDOWS\system32\bthserv.dll - OkC:\WINDOWS\system32\cabinet.dll - OkC:\WINDOWS\system32\cabview.dll - OkC:\WINDOWS\system32\browseui.dll - OkC:\WINDOWS\system32\cacls.exe - OkC:\WINDOWS\system32\bthprops.cpl - OkC:\WINDOWS\system32\calc.exe - OkC:\WINDOWS\system32\camocx.dll - OkC:\WINDOWS\system32\catsrv.dll - OkC:\WINDOWS\system32\btpanui.dll - OkC:\WINDOWS\system32\catsrvps.dll - OkC:\WINDOWS\system32\capesnpn.dll - OkC:\WINDOWS\system32\cards.dll - Ok>C:\WINDOWS\system32\cdm.dll - packed by FLY-CODE>C:\WINDOWS\system32\cdmodem.dll - packed by FLY-CODEC:\WINDOWS\system32\catsrvut.dll - OkC:\WINDOWS\system32\ccfgnt.dll - OkC:\WINDOWS\system32\cdplayer.exe.manifest - OkC:\WINDOWS\system32\cdmodem.dll - Ok>C:\WINDOWS\system32\cdfview.dll is BINARYRES container>>C:\WINDOWS\system32\cdfview.dll\data001 is JS-HTML containerC:\WINDOWS\system32\certcli.dll - OkC:\WINDOWS\system32\certmgr.msc - Ok>>C:\WINDOWS\system32\cdfview.dll\data002 is JS-HTML containerC:\WINDOWS\system32\cdm.dll - OkC:\WINDOWS\system32\cfgmgr32.dll - OkC:\WINDOWS\system32\cdfview.dll - containerC:\WINDOWS\system32\cfgbkend.dll - OkC:\WINDOWS\system32\chcp.com - OkC:\WINDOWS\system32\chkdsk.exe - OkC:\WINDOWS\system32\chkntfs.exe - OkC:\WINDOWS\system32\ciadv.msc - OkC:\WINDOWS\system32\charmap.exe - OkC:\WINDOWS\system32\cidaemon.exe - OkC:\WINDOWS\system32\cewmdm.dll - OkC:\WINDOWS\system32\ciadmin.dll - OkC:\WINDOWS\system32\certmgr.dll - OkC:\WINDOWS\system32\clb.dll - OkC:\WINDOWS\system32\ciodm.dll - OkC:\WINDOWS\system32\cic.dll - OkC:\WINDOWS\system32\cisvc.exe - Ok>C:\WINDOWS\system32\cliconf.chm is CHM containerC:\WINDOWS\system32\ckcnv.exe - OkC:\WINDOWS\system32\clbcatex.dll - OkC:\WINDOWS\system32\clbcatq.dll - OkC:\WINDOWS\system32\cliconfg.rll - OkC:\WINDOWS\system32\cliconfg.dll - OkC:\WINDOWS\system32\cleanmgr.exe - OkC:\WINDOWS\system32\clipsrv.exe - OkC:\WINDOWS\system32\cliconfg.exe - OkC:\WINDOWS\system32\clusapi.dll - OkC:\WINDOWS\system32\clipbrd.exe - Ok>C:\WINDOWS\system32\cdosys.dll is BINARYRES container>>C:\WINDOWS\system32\cdosys.dll\data001 is JS-HTML containerC:\WINDOWS\system32\cdosys.dll - containerC:\WINDOWS\system32\cmcfg32.dll - OkC:\WINDOWS\system32\cmmgr32.hlp - OkC:\WINDOWS\system32\cmos.ram - Ok>>C:\WINDOWS\system32\cliconf.chm\Basics\mailto.js is JS-HTML containerC:\WINDOWS\system32\cmd.exe - OkC:\WINDOWS\system32\cmpbk32.dll - OkC:\WINDOWS\system32\cmdl32.exe - Ok>>C:\WINDOWS\system32\cliconf.chm\Basics\shared.js is JS-HTML containerC:\WINDOWS\system32\cmsetacl.dll - OkC:\WINDOWS\system32\cmutil.dll - OkC:\WINDOWS\system32\cmmon32.exe - OkC:\WINDOWS\system32\cnbjmon.dll - OkC:\WINDOWS\system32\cmstp.exe - OkC:\WINDOWS\system32\cnetcfg.dll - OkC:\WINDOWS\system32\cnvfat.dll - OkC:\WINDOWS\system32\cmdial32.dll - OkC:\WINDOWS\system32\cmprops.dll - OkC:\WINDOWS\system32\comcat.dll - Ok>>C:\WINDOWS\system32\cliconf.chm\Basics\vs70.js is JS-HTML containerC:\WINDOWS\system32\comm.drv - Ok>>C:\WINDOWS\system32\cliconf.chm\Basics\vs70link.js is JS-HTML containerC:\WINDOWS\system32\command.com - OkC:\WINDOWS\system32\colbact.dll - OkC:\WINDOWS\system32\commdlg.dll - OkC:\WINDOWS\system32\comaddin.dll - OkC:\WINDOWS\system32\comctl32.dll - OkC:\WINDOWS\system32\compact.exe - OkC:\WINDOWS\system32\comp.exe - OkC:\WINDOWS\system32\comdlg32.dll - OkC:\WINDOWS\system32\compobj.dll - OkC:\WINDOWS\system32\compmgmt.msc - OkC:\WINDOWS\system32\cliconf.chm - containerC:\WINDOWS\system32\comres.dll - OkC:\WINDOWS\system32\comrepl.dll - Ok>C:\WINDOWS\system32\compatui.dll is BINARYRES containerC:\WINDOWS\system32\CONFIG.NT - Ok>>C:\WINDOWS\system32\compatui.dll\data002 is JS-HTML containerC:\WINDOWS\system32\compatui.dll - containerC:\WINDOWS\system32\CONFIG.TMP - OkC:\WINDOWS\system32\compstui.dll - OkC:\WINDOWS\system32\comsnap.dll - OkC:\WINDOWS\system32\control.exe - OkC:\WINDOWS\system32\comsvcs.dll - OkC:\WINDOWS\system32\console.dll - OkC:\WINDOWS\system32\convert.exe - OkC:\WINDOWS\system32\country.sys - OkC:\WINDOWS\system32\comuid.dll - OkC:\WINDOWS\system32\corpol.dll - OkC:\WINDOWS\system32\conime.exe - OkC:\WINDOWS\system32\credssp.dll - OkC:\WINDOWS\system32\cryptdll.dll - OkC:\WINDOWS\system32\credui.dll - OkC:\WINDOWS\system32\confmsp.dll - OkC:\WINDOWS\system32\crypt32.dll - OkC:\WINDOWS\system32\cryptdlg.dll - OkC:\WINDOWS\system32\cryptext.dll - OkC:\WINDOWS\system32\crtdll.dll - OkC:\WINDOWS\system32\cryptnet.dll - OkC:\WINDOWS\system32\cryptsvc.dll - OkC:\WINDOWS\system32\cscdll.dll - OkC:\WINDOWS\system32\csrsrv.dll - OkC:\WINDOWS\system32\csrss.exe - OkC:\WINDOWS\system32\cscript.exe - OkC:\WINDOWS\system32\cscui.dll - OkC:\WINDOWS\system32\ctl3dv2.dll - OkC:\WINDOWS\system32\ctype.nls - OkC:\WINDOWS\system32\cryptui.dll - OkC:\WINDOWS\system32\csseqchk.dll - OkC:\WINDOWS\system32\c_037.nls - OkC:\WINDOWS\system32\c_10006.nls - OkC:\WINDOWS\system32\c_10000.nls - OkC:\WINDOWS\system32\c_10007.nls - OkC:\WINDOWS\system32\c_10017.nls - OkC:\WINDOWS\system32\c_10010.nls - OkC:\WINDOWS\system32\c_10029.nls - OkC:\WINDOWS\system32\ctfmon.exe - OkC:\WINDOWS\system32\c_10081.nls - OkC:\WINDOWS\system32\c_10082.nls - OkC:\WINDOWS\system32\c_1251.nls - OkC:\WINDOWS\system32\c_1250.nls - OkC:\WINDOWS\system32\c_10079.nls - OkC:\WINDOWS\system32\c_1026.nls - OkC:\WINDOWS\system32\c_1253.nls - OkC:\WINDOWS\system32\c_1252.nls - OkC:\WINDOWS\system32\c_1254.nls - OkC:\WINDOWS\system32\c_1255.nls - OkC:\WINDOWS\system32\c_1256.nls - OkC:\WINDOWS\system32\c_1257.nls - OkC:\WINDOWS\system32\c_1258.nls - OkC:\WINDOWS\system32\c_20261.nls - OkC:\WINDOWS\system32\c_20127.nls - OkC:\WINDOWS\system32\c_20866.nls - OkC:\WINDOWS\system32\c_20905.nls - OkC:\WINDOWS\system32\c_21866.nls - OkC:\WINDOWS\system32\c_28592.nls - OkC:\WINDOWS\system32\c_28593.nls - OkC:\WINDOWS\system32\c_28591.nls - OkC:\WINDOWS\system32\C_28595.NLS - OkC:\WINDOWS\system32\C_28594.NLS - OkC:\WINDOWS\system32\c_28598.nls - OkC:\WINDOWS\system32\C_28597.NLS - OkC:\WINDOWS\system32\c_28603.nls - OkC:\WINDOWS\system32\c_28599.nls - OkC:\WINDOWS\system32\c_28605.nls - OkC:\WINDOWS\system32\c_437.nls - OkC:\WINDOWS\system32\c_737.nls - OkC:\WINDOWS\system32\c_500.nls - OkC:\WINDOWS\system32\c_775.nls - OkC:\WINDOWS\system32\c_850.nls - OkC:\WINDOWS\system32\c_852.nls - OkC:\WINDOWS\system32\c_855.nls - OkC:\WINDOWS\system32\c_861.nls - OkC:\WINDOWS\system32\c_860.nls - OkC:\WINDOWS\system32\c_857.nls - OkC:\WINDOWS\system32\c_863.nls - OkC:\WINDOWS\system32\CSVer.dll - OkC:\WINDOWS\system32\c_865.nls - OkC:\WINDOWS\system32\c_866.nls - OkC:\WINDOWS\system32\c_869.nls - OkC:\WINDOWS\system32\c_874.nls - OkC:\WINDOWS\system32\c_875.nls - OkC:\WINDOWS\system32\ctl3d32.dll - OkC:\WINDOWS\system32\d3d8thk.dll - OkC:\WINDOWS\system32\c_949.nls - OkC:\WINDOWS\system32\d3d9caps.dat - OkC:\WINDOWS\system32\c_932.nls - OkC:\WINDOWS\system32\c_936.nls - OkC:\WINDOWS\system32\c_950.nls - OkC:\WINDOWS\system32\d3dpmesh.dll - OkC:\WINDOWS\system32\d3dim.dll - OkC:\WINDOWS\system32\d3d9.dll - OkC:\WINDOWS\system32\d3dim700.dll - OkC:\WINDOWS\system32\d3dramp.dll - Ok>C:\WINDOWS\system32\d3dx10_39.dll - packed by PESTUBC:\WINDOWS\system32\d3drm.dll - OkC:\WINDOWS\system32\d3dxof.dll - OkC:\WINDOWS\system32\d3dx10_39.dll - OkC:\WINDOWS\system32\dataclen.dll - OkC:\WINDOWS\system32\davclnt.dll - OkC:\WINDOWS\system32\d3d8.dll - Ok>C:\WINDOWS\system32\D3DCompiler_39.dll - packed by PESTUBC:\WINDOWS\system32\datime.dll - OkC:\WINDOWS\system32\daxctle.ocx - OkC:\WINDOWS\system32\dbmsrpcn.dll - OkC:\WINDOWS\system32\dbghelp.dll - OkC:\WINDOWS\system32\dbnetlib.dll - OkC:\WINDOWS\system32\dcache.bin - Ok>C:\WINDOWS\system32\dbnmpntw.dll - packed by FLY-CODEC:\WINDOWS\system32\dciman32.dll - OkC:\WINDOWS\system32\dbnmpntw.dll - OkC:\WINDOWS\system32\D3DCompiler_39.dll - OkC:\WINDOWS\system32\ddeml.dll - OkC:\WINDOWS\system32\dcomcnfg.exe - OkC:\WINDOWS\system32\ddrawex.dll - Ok>C:\WINDOWS\system32\debug.exe - packed by EXEPACKC:\WINDOWS\system32\debug.exe - OkC:\WINDOWS\system32\ddraw.dll - OkC:\WINDOWS\system32\danim.dll - OkC:\WINDOWS\system32\deskadp.dll - OkC:\WINDOWS\system32\desk.cpl - Ok>C:\WINDOWS\system32\deskmon.dll - packed by FLY-CODEC:\WINDOWS\system32\defrag.exe - OkC:\WINDOWS\system32\desktop.ini - OkC:\WINDOWS\system32\ddeshare.exe - Ok>C:\WINDOWS\system32\deskperf.dll - packed by FLY-CODEC:\WINDOWS\system32\devmgmt.msc - OkC:\WINDOWS\system32\dbgeng.dll - OkC:\WINDOWS\system32\devenum.dll - OkC:\WINDOWS\system32\dfrg.msc - OkC:\WINDOWS\system32\deskmon.dll - OkC:\WINDOWS\system32\deskperf.dll - OkC:\WINDOWS\system32\dfrgfat.exe - OkC:\WINDOWS\system32\dfrgntfs.exe - Ok>C:\WINDOWS\system32\dfrgres.dll is BINARYRES containerC:\WINDOWS\system32\dfrgsnap.dll - OkC:\WINDOWS\system32\dfrgres.dll - containerC:\WINDOWS\system32\devmgr.dll - OkC:\WINDOWS\system32\dfsshlex.dll - OkC:\WINDOWS\system32\dfrgui.dll - OkC:\WINDOWS\system32\dgnet.dll - OkC:\WINDOWS\system32\dhcpcsvc.dll - OkC:\WINDOWS\system32\dhcpqec.dll - OkC:\WINDOWS\system32\dfshim.dll - OkC:\WINDOWS\system32\dgsetup.dll - OkC:\WINDOWS\system32\dhcpsapi.dll - OkC:\WINDOWS\system32\dgrpsetu.dll - OkC:\WINDOWS\system32\digest.dll - OkC:\WINDOWS\system32\diantz.exe - OkC:\WINDOWS\system32\dhcpmon.dll - OkC:\WINDOWS\system32\dimap.dll - OkC:\WINDOWS\system32\dimsntfy.dll - OkC:\WINDOWS\system32\dimsroam.dll - OkC:\WINDOWS\system32\diactfrm.dll - OkC:\WINDOWS\system32\diskcomp.com - OkC:\WINDOWS\system32\difxapi.dll - OkC:\WINDOWS\system32\diskcopy.com - OkC:\WINDOWS\system32\dinput8.dll - OkC:\WINDOWS\system32\dinput.dll - OkC:\WINDOWS\system32\diskmgmt.msc - OkC:\WINDOWS\system32\diskperf.exe - OkC:\WINDOWS\system32\dispex.dll - OkC:\WINDOWS\system32\diskcopy.dll - OkC:\WINDOWS\system32\dllhst3g.exe - OkC:\WINDOWS\system32\D3DX9_39.dll - OkC:\WINDOWS\system32\dmband.dll - OkC:\WINDOWS\system32\dmadmin.exe - OkC:\WINDOWS\system32\dllhost.exe - OkC:\WINDOWS\system32\dmcompos.dll - OkC:\WINDOWS\system32\diskpart.exe - OkC:\WINDOWS\system32\dmintf.dll - OkC:\WINDOWS\system32\dmloader.dll - OkC:\WINDOWS\system32\dmdskres.dll - OkC:\WINDOWS\system32\dmocx.dll - OkC:\WINDOWS\system32\dmdskmgr.dll - OkC:\WINDOWS\system32\dmdlgs.dll - OkC:\WINDOWS\system32\dmime.dll - OkC:\WINDOWS\system32\dmconfig.dll - OkC:\WINDOWS\system32\dmserver.dll - OkC:\WINDOWS\system32\dmscript.dll - OkC:\WINDOWS\system32\dmremote.exe - OkC:\WINDOWS\system32\dmstyle.dll - Ok>C:\WINDOWS\system32\dmutil.dll - packed by FLY-CODEC:\WINDOWS\system32\dmview.ocx - OkC:\WINDOWS\system32\dnsapi.dll - OkC:\WINDOWS\system32\dnsrslvr.dll - OkC:\WINDOWS\system32\docprop.dll - OkC:\WINDOWS\system32\dmsynth.dll - OkC:\WINDOWS\system32\dmusic.dll - OkC:\WINDOWS\system32\docprop2.dll - OkC:\WINDOWS\system32\doskey.exe - OkC:\WINDOWS\system32\dot3cfg.dll - OkC:\WINDOWS\system32\dosx.exe - OkC:\WINDOWS\system32\dot3api.dll - OkC:\WINDOWS\system32\dot3dlg.dll - OkC:\WINDOWS\system32\dmutil.dll - OkC:\WINDOWS\system32\dot3gpclnt.dll - OkC:\WINDOWS\system32\dpcdll.dll - OkC:\WINDOWS\system32\dot3msm.dll - OkC:\WINDOWS\system32\dplay.dll - OkC:\WINDOWS\system32\dot3svc.dll - OkC:\WINDOWS\system32\dpnaddr.dll - OkC:\WINDOWS\system32\dpmodemx.dll - OkC:\WINDOWS\system32\dpnhpast.dll - OkC:\WINDOWS\system32\dpnhupnp.dll - OkC:\WINDOWS\system32\dpnlobby.dll - OkC:\WINDOWS\system32\dplaysvr.exe - OkC:\WINDOWS\system32\dplayx.dll - OkC:\WINDOWS\system32\dot3ui.dll - OkC:\WINDOWS\system32\dpnmodem.dll - OkC:\WINDOWS\system32\dpvacm.dll - OkC:\WINDOWS\system32\dpserial.dll - OkC:\WINDOWS\system32\dpnet.dll - OkC:\WINDOWS\system32\dpnwsock.dll - OkC:\WINDOWS\system32\dpwsock.dll - OkC:\WINDOWS\system32\dpnsvr.exe - OkC:\WINDOWS\system32\dpvsetup.exe - OkC:\WINDOWS\system32\dpwsockx.dll - OkC:\WINDOWS\system32\dpvvox.dll - OkC:\WINDOWS\system32\drmstor.dll - OkC:\WINDOWS\system32\drmclien.dll - OkC:\WINDOWS\system32\drprov.dll - OkC:\WINDOWS\system32\dpvoice.dll - OkC:\WINDOWS\system32\ds32gt.dll - OkC:\WINDOWS\system32\drwatson.exe - OkC:\WINDOWS\system32\ds16gt.dLL - OkC:\WINDOWS\system32\dsauth.dll - OkC:\WINDOWS\system32\dskquota.dll - OkC:\WINDOWS\system32\dsdmoprp.dll - OkC:\WINDOWS\system32\dsound.vxd - OkC:\WINDOWS\system32\drwtsn32.exe - OkC:\WINDOWS\system32\dskquoui.dll - OkC:\WINDOWS\system32\drmv2clt.dll - OkC:\WINDOWS\system32\dsdmo.dll - OkC:\WINDOWS\system32\dsprpres.dll - OkC:\WINDOWS\system32\dssec.dll - OkC:\WINDOWS\system32\dsquery.dll - OkC:\WINDOWS\system32\dsound.dll - OkC:\WINDOWS\system32\dssenh.dll - OkC:\WINDOWS\system32\dsprop.dll - OkC:\WINDOWS\system32\dsuiext.dll - OkC:\WINDOWS\system32\dswave.dll - OkC:\WINDOWS\system32\duser.dll - OkC:\WINDOWS\system32\dvdplay.exe - OkC:\WINDOWS\system32\dssec.dat - OkC:\WINDOWS\system32\dumprep.exe - OkC:\WINDOWS\system32\dvdupgrd.exe - OkC:\WINDOWS\system32\dwwin.exe - OkC:\WINDOWS\system32\dx7vb.dll - OkC:\WINDOWS\system32\dxdiagn.dll - OkC:\WINDOWS\system32\dsound3d.dll - OkC:\WINDOWS\system32\dxmasf.dll - OkC:\WINDOWS\system32\eapolqec.dll - Ok>C:\WINDOWS\system32\dxva2.dll - packed by FLY-CODEC:\WINDOWS\system32\dx8vb.dll - OkC:\WINDOWS\system32\eappcfg.dll - OkC:\WINDOWS\system32\eapp3hst.dll - OkC:\WINDOWS\system32\dxtrans.dll - OkC:\WINDOWS\system32\dxtmsft.dll - OkC:\WINDOWS\system32\dxva2.dll - OkC:\WINDOWS\system32\eappprxy.dll - OkC:\WINDOWS\system32\eappgnui.dll - Ok>C:\WINDOWS\system32\edit.com - packed by EXEPACKC:\WINDOWS\system32\eapsvc.dll - OkC:\WINDOWS\system32\edit.hlp - OkC:\WINDOWS\system32\eapqec.dll - OkC:\WINDOWS\system32\ega.cpi - Ok>C:\WINDOWS\system32\edlin.exe - packed by EXEPACKC:\WINDOWS\system32\emptyregdb.dat - OkC:\WINDOWS\system32\edlin.exe - OkC:\WINDOWS\system32\dxdiag.exe - OkC:\WINDOWS\system32\eapphost.dll - OkC:\WINDOWS\system32\edit.com - OkC:\WINDOWS\system32\encapi.dll - OkC:\WINDOWS\system32\ersvc.dll - OkC:\WINDOWS\system32\els.dll - Ok>C:\WINDOWS\system32\esentprf.dll - packed by FLY-CODEC:\WINDOWS\system32\es.dll - OkC:\WINDOWS\system32\esentprf.hxx - OkC:\WINDOWS\system32\encdec.dll - OkC:\WINDOWS\system32\esentprf.dll - OkC:\WINDOWS\system32\EqnClass.Dll - OkC:\WINDOWS\system32\esent.dll - OkC:\WINDOWS\system32\esentprf.ini - OkC:\WINDOWS\system32\esentutl.exe - OkC:\WINDOWS\system32\eula.txt - OkC:\WINDOWS\system32\eventcls.dll - OkC:\WINDOWS\system32\eventlog.dll - OkC:\WINDOWS\system32\eventvwr.msc - Ok>C:\WINDOWS\system32\exe2bin.exe - packed by EXEPACKC:\WINDOWS\system32\exe2bin.exe - Ok>C:\WINDOWS\system32\expand.exe - packed by BINARYRES>>C:\WINDOWS\system32\expand.exe - packed by MS COMPRESSC:\WINDOWS\system32\expand.exe - OkC:\WINDOWS\system32\eudcedit.exe - OkC:\WINDOWS\system32\extmgr.dll - OkC:\WINDOWS\system32\eventvwr.exe - Ok>C:\WINDOWS\system32\fastopen.exe - packed by EXEPACK>>C:\WINDOWS\system32\fastopen.exe - packed by COM2EXEC:\WINDOWS\system32\fastopen.exe - OkC:\WINDOWS\system32\evr.dll - OkC:\WINDOWS\system32\extrac32.exe - OkC:\WINDOWS\system32\exts.dll - OkC:\WINDOWS\system32\faultrep.dll - OkC:\WINDOWS\system32\fc.exe - OkC:\WINDOWS\system32\feclient.dll - OkC:\WINDOWS\system32\expsrv.dll - OkC:\WINDOWS\system32\find.exe - OkC:\WINDOWS\system32\finger.exe - OkC:\WINDOWS\system32\esent97.dll - OkC:\WINDOWS\system32\findstr.exe - OkC:\WINDOWS\system32\firewall.cpl - OkC:\WINDOWS\system32\fixmapi.exe - OkC:\WINDOWS\system32\faxpatch.exe - OkC:\WINDOWS\system32\fltlib.dll - OkC:\WINDOWS\system32\FlashPlayerCPLApp.cpl - OkC:\WINDOWS\system32\FNTCACHE.DAT - OkC:\WINDOWS\system32\filemgmt.dll - OkC:\WINDOWS\system32\fltmc.exe - OkC:\WINDOWS\system32\fmifs.dll - OkC:\WINDOWS\system32\fldrclnr.dll - OkC:\WINDOWS\system32\fontsub.dll - OkC:\WINDOWS\system32\FlashPlayerApp.exe - OkC:\WINDOWS\system32\framebuf.dll - Ok>C:\WINDOWS\system32\fontext.dll is BINARYRES container>>C:\WINDOWS\system32\fontext.dll\data001 - packed by MS COMPRESSC:\WINDOWS\system32\fsmgmt.msc - OkC:\WINDOWS\system32\forcedos.exe - OkC:\WINDOWS\system32\format.com - Ok>>C:\WINDOWS\system32\fontext.dll\data002 - packed by MS COMPRESSC:\WINDOWS\system32\fontext.dll - containerC:\WINDOWS\system32\fontview.exe - OkC:\WINDOWS\system32\fsusd.dll - OkC:\WINDOWS\system32\fsutil.exe - OkC:\WINDOWS\system32\ftp.exe - OkC:\WINDOWS\system32\fwcfg.dll - OkC:\WINDOWS\system32\gb2312.uce - OkC:\WINDOWS\system32\g711codc.ax - OkC:\WINDOWS\system32\gdi.exe - OkC:\WINDOWS\system32\geo.nls - OkC:\WINDOWS\system32\gcdef.dll - OkC:\WINDOWS\system32\ftsrch.dll - OkC:\WINDOWS\system32\gdi32.dll - OkC:\WINDOWS\system32\freecell.exe - OkC:\WINDOWS\system32\gpkrsrc.dll - OkC:\WINDOWS\system32\fsquirt.exe - OkC:\WINDOWS\system32\graphics.com - OkC:\WINDOWS\system32\graftabl.com - OkC:\WINDOWS\system32\graphics.pro - OkC:\WINDOWS\system32\GVTunner.ref - OkC:\WINDOWS\system32\gpkcsp.dll - OkC:\WINDOWS\system32\glu32.dll - OkC:\WINDOWS\system32\h323log.txt - OkC:\WINDOWS\system32\HAL.DLL - OkC:\WINDOWS\system32\hccoin.dll - OkC:\WINDOWS\system32\grpconv.exe - OkC:\WINDOWS\system32\h323.tsp - OkC:\WINDOWS\system32\glmf32.dll - OkC:\WINDOWS\system32\HdAudRes.dll - Ok>C:\WINDOWS\system32\HdAProp.dll - packed by FLY-CODEC:\WINDOWS\system32\getuname.dll - OkC:\WINDOWS\system32\help.exe - OkC:\WINDOWS\system32\hdwwiz.cpl - OkC:\WINDOWS\system32\HdAShCut.exe - OkC:\WINDOWS\system32\hid.dll - OkC:\WINDOWS\system32\himem.sys - OkC:\WINDOWS\system32\hidphone.tsp - OkC:\WINDOWS\system32\HdAProp.dll - OkC:\WINDOWS\system32\hhsetup.dll - OkC:\WINDOWS\system32\hhctrl.ocx - OkC:\WINDOWS\system32\hnetmon.dll - OkC:\WINDOWS\system32\hlink.dll - OkC:\WINDOWS\system32\homepage.inf - OkC:\WINDOWS\system32\hostname.exe - OkC:\WINDOWS\system32\hnetcfg.dll - OkC:\WINDOWS\system32\hsfcisp2.dll - OkC:\WINDOWS\system32\hticons.dll - OkC:\WINDOWS\system32\hnetwiz.dll - OkC:\WINDOWS\system32\httpapi.dll - OkC:\WINDOWS\system32\hotplug.dll - OkC:\WINDOWS\system32\htui.dll - OkC:\WINDOWS\system32\iac25_32.ax - OkC:\WINDOWS\system32\h323msp.dll - OkC:\WINDOWS\system32\iacenc.dll - Ok>C:\WINDOWS\system32\html.iec - packed by PESTUBC:\WINDOWS\system32\iashlpr.dll - OkC:\WINDOWS\system32\iasads.dll - OkC:\WINDOWS\system32\iasacct.dll - Ok>C:\WINDOWS\system32\iaspolcy.dll - packed by FLY-CODEC:\WINDOWS\system32\iasnap.dll - OkC:\WINDOWS\system32\iaspolcy.dll - OkC:\WINDOWS\system32\iasrad.dll - OkC:\WINDOWS\system32\html.iec - OkC:\WINDOWS\system32\iassam.dll - OkC:\WINDOWS\system32\iassvcs.dll - OkC:\WINDOWS\system32\icaapi.dll - OkC:\WINDOWS\system32\iasrecst.dll - OkC:\WINDOWS\system32\icardres.dll - OkC:\WINDOWS\system32\hypertrm.dll - OkC:\WINDOWS\system32\icfgnt5.dll - OkC:\WINDOWS\system32\iccvid.dll - OkC:\WINDOWS\system32\icardie.dll - OkC:\WINDOWS\system32\icmp.dll - Ok>C:\WINDOWS\system32\icardres.dll.mui is BINARYRES containerC:\WINDOWS\system32\icmui.dll - OkC:\WINDOWS\system32\icrav03.rat - OkC:\WINDOWS\system32\iassdo.dll - OkC:\WINDOWS\system32\icwdial.dll - OkC:\WINDOWS\system32\ideograf.uce - OkC:\WINDOWS\system32\icardres.dll.mui - containerC:\WINDOWS\system32\icm32.dll - OkC:\WINDOWS\system32\icwphbk.dll - OkC:\WINDOWS\system32\idndl.dll - OkC:\WINDOWS\system32\ie4uinit.exe.mui - OkC:\WINDOWS\system32\IE8Eula.rtf - OkC:\WINDOWS\system32\ie4uinit.exe - OkC:\WINDOWS\system32\ieakeng.dll - OkC:\WINDOWS\system32\idq.dll - OkC:\WINDOWS\system32\ieakui.dll - OkC:\WINDOWS\system32\iedkcs32.dll - OkC:\WINDOWS\system32\ieaksie.dll - OkC:\WINDOWS\system32\icardagt.exe - OkC:\WINDOWS\system32\iedkcs32.dll.mui - OkC:\WINDOWS\system32\ieencode.dll - OkC:\WINDOWS\system32\iepeers.dll - OkC:\WINDOWS\system32\ieapfltr.dll - OkC:\WINDOWS\system32\iesetup.dll - OkC:\WINDOWS\system32\ieframe.dll - OkC:\WINDOWS\system32\iertutil.dll - OkC:\WINDOWS\system32\ieudinit.exe - OkC:\WINDOWS\system32\ieui.dll - OkC:\WINDOWS\system32\iernonce.dll - OkC:\WINDOWS\system32\ieframe.dll.mui - OkC:\WINDOWS\system32\ifmon.dll - OkC:\WINDOWS\system32\igmpagnt.dll - OkC:\WINDOWS\system32\iexpress.exe - OkC:\WINDOWS\system32\ifsutil.dll - OkC:\WINDOWS\system32\imaadp32.acm - OkC:\WINDOWS\system32\ieuinit.inf - OkC:\WINDOWS\system32\imeshare.dll - OkC:\WINDOWS\system32\imgutil.dll - OkC:\WINDOWS\system32\ils.dll - OkC:\WINDOWS\system32\imapi.exe - OkC:\WINDOWS\system32\imagehlp.dll - OkC:\WINDOWS\system32\imm32.dll - OkC:\WINDOWS\system32\inetmib1.dll - OkC:\WINDOWS\system32\inetcplc.dll - OkC:\WINDOWS\system32\inetcomm.dll - OkC:\WINDOWS\system32\inetpp.dll - OkC:\WINDOWS\system32\inetcfg.dll - OkC:\WINDOWS\system32\inetppui.dll - Ok>C:\WINDOWS\system32\inetres.dll is BINARYRES container>>C:\WINDOWS\system32\inetres.dll\data001 is JS-HTML containerC:\WINDOWS\system32\inetres.dll - containerC:\WINDOWS\system32\infocardapi.dll - OkC:\WINDOWS\system32\infocardcpl.cpl - OkC:\WINDOWS\system32\inseng.dll - OkC:\WINDOWS\system32\initpki.dll - OkC:\WINDOWS\system32\input.dll - OkC:\WINDOWS\system32\iologmsg.dll - OkC:\WINDOWS\system32\ipconf.tsp - OkC:\WINDOWS\system32\infosoft.dll - OkC:\WINDOWS\system32\iphlpapi.dll - OkC:\WINDOWS\system32\ipconfig.exe - OkC:\WINDOWS\system32\intl.cpl - OkC:\WINDOWS\system32\ipmontr.dll - OkC:\WINDOWS\system32\iprop.dll - OkC:\WINDOWS\system32\iprtprio.dll - OkC:\WINDOWS\system32\ippromon.dll - OkC:\WINDOWS\system32\inetcpl.cpl - OkC:\WINDOWS\system32\instcat.sql - OkC:\WINDOWS\system32\ipnathlp.dll - OkC:\WINDOWS\system32\ipsec6.exe - OkC:\WINDOWS\system32\ipsecsvc.dll - OkC:\WINDOWS\system32\ipv6mon.dll - OkC:\WINDOWS\system32\iprtrmgr.dll - OkC:\WINDOWS\system32\ieapfltr.dat - OkC:\WINDOWS\system32\ipv6.exe - OkC:\WINDOWS\system32\ipxmontr.dll - OkC:\WINDOWS\system32\ipxpromn.dll - OkC:\WINDOWS\system32\ipxrip.dll - OkC:\WINDOWS\system32\ipxwan.dll - OkC:\WINDOWS\system32\ipsecsnp.dll - OkC:\WINDOWS\system32\ipxroute.exe - OkC:\WINDOWS\system32\ipxrtmgr.dll - OkC:\WINDOWS\system32\ipxsap.dll - OkC:\WINDOWS\system32\ipsmsnap.dll - OkC:\WINDOWS\system32\ir32_32.dll - Ok>C:\WINDOWS\system32\ir41_qc.dll - packed by FLY-CODEC:\WINDOWS\system32\ir50_qc.dll - Ok>C:\WINDOWS\system32\ir50_qcx.dll - packed by FLY-CODEC:\WINDOWS\system32\ir41_32.ax - OkC:\WINDOWS\system32\ir50_32.dll - OkC:\WINDOWS\system32\ir41_qcx.dll - OkC:\WINDOWS\system32\irclass.dll - OkC:\WINDOWS\system32\isrdbg32.dll - OkC:\WINDOWS\system32\isign32.dll - OkC:\WINDOWS\system32\ir41_qc.dll - OkC:\WINDOWS\system32\itircl.dll - OkC:\WINDOWS\system32\itss.dll - OkC:\WINDOWS\system32\ir50_qcx.dll - OkC:\WINDOWS\system32\iyuv_32.dll - OkC:\WINDOWS\system32\irprops.cpl - OkC:\WINDOWS\system32\ixsso.dll - OkC:\WINDOWS\system32\iuengine.dll - OkC:\WINDOWS\system32\jgpl400.dll - OkC:\WINDOWS\system32\jgmd400.dll - OkC:\WINDOWS\system32\ivfsrc.ax - OkC:\WINDOWS\system32\jgdw400.dll - OkC:\WINDOWS\system32\jgsh400.dll - OkC:\WINDOWS\system32\jgsd400.dll - OkC:\WINDOWS\system32\joy.cpl - OkC:\WINDOWS\system32\jsproxy.dll - OkC:\WINDOWS\system32\kanji_1.uce - OkC:\WINDOWS\system32\kanji_2.uce - OkC:\WINDOWS\system32\jet500.dll - OkC:\WINDOWS\system32\kb16.com - OkC:\WINDOWS\system32\kbdaze.dll - OkC:\WINDOWS\system32\KBDAL.DLL - OkC:\WINDOWS\system32\kbdbe.dll - OkC:\WINDOWS\system32\kbdazel.dll - OkC:\WINDOWS\system32\jobexec.dll - OkC:\WINDOWS\system32\kbdbhc.dll - OkC:\WINDOWS\system32\kbdbene.dll - OkC:\WINDOWS\system32\kbdblr.dll - OkC:\WINDOWS\system32\kbdbr.dll - OkC:\WINDOWS\system32\kbdca.dll - OkC:\WINDOWS\system32\kbdbu.dll - OkC:\WINDOWS\system32\kbdcan.dll - OkC:\WINDOWS\system32\kbdcr.dll - OkC:\WINDOWS\system32\jscript.dll - OkC:\WINDOWS\system32\kbdcz.dll - OkC:\WINDOWS\system32\kbdcz1.dll - OkC:\WINDOWS\system32\kbdcz2.dll - OkC:\WINDOWS\system32\kbddv.dll - OkC:\WINDOWS\system32\kbdda.dll - OkC:\WINDOWS\system32\kbdest.dll - OkC:\WINDOWS\system32\kbdes.dll - OkC:\WINDOWS\system32\kbdfc.dll - OkC:\WINDOWS\system32\kbdfi.dll - OkC:\WINDOWS\system32\kbdfi1.dll - OkC:\WINDOWS\system32\kbdfo.dll - OkC:\WINDOWS\system32\kbdfr.dll - OkC:\WINDOWS\system32\kbdgkl.dll - OkC:\WINDOWS\system32\kbdgae.dll - OkC:\WINDOWS\system32\kbdgr1.dll - OkC:\WINDOWS\system32\kbdgr.dll - OkC:\WINDOWS\system32\kbdhe220.dll - OkC:\WINDOWS\system32\kbdhe.dll - OkC:\WINDOWS\system32\kbdhe319.dll - OkC:\WINDOWS\system32\kbdhept.dll - OkC:\WINDOWS\system32\kbdhela2.dll - OkC:\WINDOWS\system32\kbdic.dll - OkC:\WINDOWS\system32\kbdhu1.dll - OkC:\WINDOWS\system32\kbdhu.dll - OkC:\WINDOWS\system32\jgaw400.dll - OkC:\WINDOWS\system32\kbdhela3.dll - OkC:\WINDOWS\system32\kbdit142.dll - OkC:\WINDOWS\system32\kbdir.dll - OkC:\WINDOWS\system32\kbdinbe1.dll - OkC:\WINDOWS\system32\kbdit.dll - OkC:\WINDOWS\system32\kbdinben.dll - OkC:\WINDOWS\system32\kbdinmal.dll - OkC:\WINDOWS\system32\kbdla.dll - OkC:\WINDOWS\system32\kbdiultn.dll - OkC:\WINDOWS\system32\kbdlt.dll - OkC:\WINDOWS\system32\kbdkaz.dll - OkC:\WINDOWS\system32\kbdkyr.dll - OkC:\WINDOWS\system32\kbdlt1.dll - OkC:\WINDOWS\system32\kbdlv.dll - OkC:\WINDOWS\system32\kbdlv1.dll - OkC:\WINDOWS\system32\kbdmac.dll - OkC:\WINDOWS\system32\kbdmaori.dll - OkC:\WINDOWS\system32\kbdmlt48.dll - OkC:\WINDOWS\system32\kbdmlt47.dll - OkC:\WINDOWS\system32\kbdne.dll - OkC:\WINDOWS\system32\kbdmon.dll - OkC:\WINDOWS\system32\kbdnec.dll - OkC:\WINDOWS\system32\kbdnepr.dll - OkC:\WINDOWS\system32\kbdpl.dll - OkC:\WINDOWS\system32\kbdno.dll - OkC:\WINDOWS\system32\kbdpash.dll - OkC:\WINDOWS\system32\kbdpl1.dll - OkC:\WINDOWS\system32\kbdno1.dll - OkC:\WINDOWS\system32\kbdru.dll - OkC:\WINDOWS\system32\kbdpo.dll - OkC:\WINDOWS\system32\kbdru1.dll - OkC:\WINDOWS\system32\kbdro.dll - OkC:\WINDOWS\system32\kbdsg.dll - OkC:\WINDOWS\system32\kbdsl1.dll - OkC:\WINDOWS\system32\kbdsl.dll - OkC:\WINDOWS\system32\kbdsf.dll - OkC:\WINDOWS\system32\kbdsmsfi.dll - OkC:\WINDOWS\system32\kbdsmsno.dll - OkC:\WINDOWS\system32\kbdtuf.dll - OkC:\WINDOWS\system32\kbdsp.dll - OkC:\WINDOWS\system32\kbdsw.dll - OkC:\WINDOWS\system32\kbdtat.dll - OkC:\WINDOWS\system32\kbduk.dll - OkC:\WINDOWS\system32\kbdtuq.dll - OkC:\WINDOWS\system32\kbdus.dll - OkC:\WINDOWS\system32\kbdusl.dll - OkC:\WINDOWS\system32\kbdukx.dll - OkC:\WINDOWS\system32\kbdusx.dll - OkC:\WINDOWS\system32\kbdusr.dll - OkC:\WINDOWS\system32\kbdur.dll - OkC:\WINDOWS\system32\kbdycc.dll - OkC:\WINDOWS\system32\kbduzb.dll - OkC:\WINDOWS\system32\kbdycl.dll - OkC:\WINDOWS\system32\key01.sys - OkC:\WINDOWS\system32\keyboard.drv - OkC:\WINDOWS\system32\kd1394.dll - OkC:\WINDOWS\system32\kdcom.dll - OkC:\WINDOWS\system32\keyboard.sys - OkC:\WINDOWS\system32\kmddsp.tsp - OkC:\WINDOWS\system32\kerberos.dll - OkC:\WINDOWS\system32\korean.uce - OkC:\WINDOWS\system32\kmsvc.dll - OkC:\WINDOWS\system32\ksuser.dll - OkC:\WINDOWS\system32\l2gpstore.dll - OkC:\WINDOWS\system32\krnl386.exe - OkC:\WINDOWS\system32\kernel32.dll - OkC:\WINDOWS\system32\keymgr.dll - OkC:\WINDOWS\system32\label.exe - OkC:\WINDOWS\system32\laprxy.dll - OkC:\WINDOWS\system32\l3codeca.acm - OkC:\WINDOWS\system32\ksproxy.ax - OkC:\WINDOWS\system32\l3codecx.ax - OkC:\WINDOWS\system32\langwrbk.dll - OkC:\WINDOWS\system32\licmgr10.dll - OkC:\WINDOWS\system32\lanman.drv - Ok>C:\WINDOWS\system32\linkinfo.dll - packed by FLY-CODEC:\WINDOWS\system32\licwmi.dll - OkC:\WINDOWS\system32\lmhsvc.dll - OkC:\WINDOWS\system32\licdll.dll - OkC:\WINDOWS\system32\loadfix.com - OkC:\WINDOWS\system32\linkinfo.dll - OkC:\WINDOWS\system32\loadperf.dll - OkC:\WINDOWS\system32\lnkstub.exe - OkC:\WINDOWS\system32\locale.nls - OkC:\WINDOWS\system32\LegitCheckControl.DLL - OkC:\WINDOWS\system32\lights.exe - OkC:\WINDOWS\system32\lodctr.exe - OkC:\WINDOWS\system32\localui.dll - OkC:\WINDOWS\system32\locator.exe - OkC:\WINDOWS\system32\localspl.dll - OkC:\WINDOWS\system32\log.txt - read errorC:\WINDOWS\system32\loghours.dll - OkC:\WINDOWS\system32\logman.exe - OkC:\WINDOWS\system32\logoff.exe - OkC:\WINDOWS\system32\logonui.exe.manifest - OkC:\WINDOWS\system32\logagent.exe - OkC:\WINDOWS\system32\localsec.dll - OkC:\WINDOWS\system32\LoopyMusic.wav - OkC:\WINDOWS\system32\logon.scr - OkC:\WINDOWS\system32\lpq.exe - Ok>C:\WINDOWS\system32\lpk.dll - packed by FLY-CODEC:\WINDOWS\system32\lpr.exe - OkC:\WINDOWS\system32\lmrt.dll - OkC:\WINDOWS\system32\lprmonui.dll - OkC:\WINDOWS\system32\logonui.exe - OkC:\WINDOWS\system32\lprhelp.dll - OkC:\WINDOWS\system32\lz32.dll - OkC:\WINDOWS\system32\l_except.nls - OkC:\WINDOWS\system32\lsass.exe - OkC:\WINDOWS\system32\lzexpand.dll - OkC:\WINDOWS\system32\lusrmgr.msc - OkC:\WINDOWS\system32\lpk.dll - OkC:\WINDOWS\system32\l_intl.nls - OkC:\WINDOWS\system32\mag_hook.dll - OkC:\WINDOWS\system32\lsasrv.dll - OkC:\WINDOWS\system32\mcastmib.dll - OkC:\WINDOWS\system32\magnify.exe - OkC:\WINDOWS\system32\makecab.exe - OkC:\WINDOWS\system32\mcd32.dll - OkC:\WINDOWS\system32\mchgrcoi.dll - OkC:\WINDOWS\system32\mcdsrv32.dll - OkC:\WINDOWS\system32\mciavi.drv - OkC:\WINDOWS\system32\mapistub.dll - OkC:\WINDOWS\system32\mapi32.dll - OkC:\WINDOWS\system32\mciole16.dll - OkC:\WINDOWS\system32\mcicda.dll - OkC:\WINDOWS\system32\mciseq.drv - OkC:\WINDOWS\system32\main.cpl - OkC:\WINDOWS\system32\mciqtz32.dll - Ok>C:\WINDOWS\system32\mciseq.dll - packed by FLY-CODEC:\WINDOWS\system32\mciavi32.dll - OkC:\WINDOWS\system32\mciwave.drv - OkC:\WINDOWS\system32\mciwave.dll - OkC:\WINDOWS\system32\mciseq.dll - OkC:\WINDOWS\system32\mciole32.dll - Ok>C:\WINDOWS\system32\mem.exe - packed by EXEPACKC:\WINDOWS\system32\mdhcp.dll - OkC:\WINDOWS\system32\mem.exe - OkC:\WINDOWS\system32\mdminst.dll - OkC:\WINDOWS\system32\mf3216.dll - OkC:\WINDOWS\system32\mdmxsdk.dll - OkC:\WINDOWS\system32\mdwmdmsp.dll - OkC:\WINDOWS\system32\mfcsubs.dll - OkC:\WINDOWS\system32\mfevtps.exe.378c.deleteme - OkC:\WINDOWS\system32\mfevtps.exe.8a67.deleteme - OkC:\WINDOWS\system32\mfc42.dll - OkC:\WINDOWS\system32\mib.bin - OkC:\WINDOWS\system32\mgmtapi.dll - OkC:\WINDOWS\system32\midimap.dll - OkC:\WINDOWS\system32\miglibnt.dll - OkC:\WINDOWS\system32\microsoft.managementconsole.dll - OkC:\WINDOWS\system32\mimefilt.dll - OkC:\WINDOWS\system32\mfc40u.dll - OkC:\WINDOWS\system32\mll_hp.dll - OkC:\WINDOWS\system32\migpwd.exe - OkC:\WINDOWS\system32\mfc40.dll - OkC:\WINDOWS\system32\mll_mtf.dll - OkC:\WINDOWS\system32\mlang.dat - OkC:\WINDOWS\system32\mll_qic.dll - OkC:\WINDOWS\system32\mlang.dll - OkC:\WINDOWS\system32\mmcfxcommon.dll - OkC:\WINDOWS\system32\mfc42u.dll - OkC:\WINDOWS\system32\mmcbase.dll - OkC:\WINDOWS\system32\mmcperf.exe - OkC:\WINDOWS\system32\mmcex.dll - OkC:\WINDOWS\system32\mmdriver.inf - OkC:\WINDOWS\system32\mmdrv.dll - OkC:\WINDOWS\system32\mmfutil.dll - OkC:\WINDOWS\system32\mmtask.tsk - OkC:\WINDOWS\system32\mmsystem.dll - OkC:\WINDOWS\system32\mnmdd.dll - OkC:\WINDOWS\system32\mmsys.cpl - OkC:\WINDOWS\system32\mmutilse.dll - OkC:\WINDOWS\system32\mnmsrvc.exe - OkC:\WINDOWS\system32\mmcshext.dll - OkC:\WINDOWS\system32\mobsync.dll - OkC:\WINDOWS\system32\mode.com - OkC:\WINDOWS\system32\modex.dll - OkC:\WINDOWS\system32\more.com - OkC:\WINDOWS\system32\moricons.dll - OkC:\WINDOWS\system32\mountvol.exe - OkC:\WINDOWS\system32\mouse.drv - OkC:\WINDOWS\system32\mobsync.exe - OkC:\WINDOWS\system32\modemui.dll - OkC:\WINDOWS\system32\mp43dmod.dll - OkC:\WINDOWS\system32\mp4sdmod.dll - OkC:\WINDOWS\system32\mpeg2data.ax - OkC:\WINDOWS\system32\mpg4dmod.dll - Ok>C:\WINDOWS\system32\mmc.exe is BINARYRES container>>C:\WINDOWS\system32\mmc.exe\data001 is JS-HTML containerC:\WINDOWS\system32\mpg2splt.ax - OkC:\WINDOWS\system32\mpnotify.exe - Ok>>C:\WINDOWS\system32\mmc.exe\data002 is JS-HTML containerC:\WINDOWS\system32\mpg4ds32.ax - OkC:\WINDOWS\system32\mpr.dll - OkC:\WINDOWS\system32\mprapi.dll - OkC:\WINDOWS\system32\mplay32.exe - OkC:\WINDOWS\system32\mprdim.dll - Ok>>C:\WINDOWS\system32\mmc.exe\data003 is JS-HTML containerC:\WINDOWS\system32\mprmsg.dll - OkC:\WINDOWS\system32\mprddm.dll - Ok>>C:\WINDOWS\system32\mmc.exe\data004 is JS-HTML containerC:\WINDOWS\system32\mrinfo.exe - OkC:\WINDOWS\system32\mprui.dll - Ok>>C:\WINDOWS\system32\mmc.exe\data005 is JS-HTML containerC:\WINDOWS\system32\msacm.dll - Ok>>C:\WINDOWS\system32\mmc.exe\data006 is JS-HTML containerC:\WINDOWS\system32\mmc.exe - containerC:\WINDOWS\system32\msaatext.dll - OkC:\WINDOWS\system32\msacm32.dll - Ok>C:\WINDOWS\system32\msacm32.drv - packed by FLY-CODEC:\WINDOWS\system32\msadp32.acm - OkC:\WINDOWS\system32\MpSigStub.exe - OkC:\WINDOWS\system32\msafd.dll - OkC:\WINDOWS\system32\msacm32.drv - OkC:\WINDOWS\system32\msapsspc.dll - OkC:\WINDOWS\system32\msasn1.dll - OkC:\WINDOWS\system32\mscat32.dll - OkC:\WINDOWS\system32\msaudite.dll - OkC:\WINDOWS\system32\mscdexnt.exe - OkC:\WINDOWS\system32\mscms.dll - Ok>C:\WINDOWS\system32\mmcndmgr.dll is BINARYRES container>>C:\WINDOWS\system32\mmcndmgr.dll\data001 is JS-HTML containerC:\WINDOWS\system32\mmcndmgr.dll - containerC:\WINDOWS\system32\msaud32.acm - OkC:\WINDOWS\system32\mscoree.dll - OkC:\WINDOWS\system32\mscorier.dll - OkC:\WINDOWS\system32\msconf.dll - OkC:\WINDOWS\system32\mscories.dll - OkC:\WINDOWS\system32\mscpx32r.dll - OkC:\WINDOWS\system32\msadds32.ax - OkC:\WINDOWS\system32\mscpxl32.dll - OkC:\WINDOWS\system32\msctfp.dll - OkC:\WINDOWS\system32\msdatsrc.tlb - OkC:\WINDOWS\system32\msctfime.ime - OkC:\WINDOWS\system32\msdmo.dll - OkC:\WINDOWS\system32\msctf.dll - OkC:\WINDOWS\system32\msdadiag.dll - OkC:\WINDOWS\system32\msdart.dll - OkC:\WINDOWS\system32\msdtcprf.h - OkC:\WINDOWS\system32\msdtc.exe - OkC:\WINDOWS\system32\msdtcprf.ini - OkC:\WINDOWS\system32\msdtclog.dll - OkC:\WINDOWS\system32\msdbg2.dll - OkC:\WINDOWS\system32\msdtcuiu.dll - OkC:\WINDOWS\system32\msdxmlc.dll - OkC:\WINDOWS\system32\msencode.dll - OkC:\WINDOWS\system32\msdtcprx.dll - OkC:\WINDOWS\system32\msdxm.ocx - OkC:\WINDOWS\system32\msfeedsbs.dll - OkC:\WINDOWS\system32\msdtctm.dll - OkC:\WINDOWS\system32\msexch40.dll - OkC:\WINDOWS\system32\msg.exe - OkC:\WINDOWS\system32\msg711.acm - OkC:\WINDOWS\system32\msfeedssync.exe - OkC:\WINDOWS\system32\msg723.acm - OkC:\WINDOWS\system32\msgsm32.acm - OkC:\WINDOWS\system32\msgsvc.dll - OkC:\WINDOWS\system32\msftedit.dll - OkC:\WINDOWS\system32\msexcl40.dll - OkC:\WINDOWS\system32\msh263.drv - OkC:\WINDOWS\system32\msh261.drv - OkC:\WINDOWS\system32\mshearts.exe - OkC:\WINDOWS\system32\mshta.exe.mui - OkC:\WINDOWS\system32\msgina.dll - OkC:\WINDOWS\system32\msfeeds.dll - OkC:\WINDOWS\system32\mshtmled.dll - OkC:\WINDOWS\system32\mshtmler.dll - OkC:\WINDOWS\system32\mshta.exe - OkC:\WINDOWS\system32\msident.dll - OkC:\WINDOWS\system32\msidle.dll - OkC:\WINDOWS\system32\msidntld.dll - OkC:\WINDOWS\system32\msi.dll - OkC:\WINDOWS\system32\msiexec.exe - OkC:\WINDOWS\system32\msieftp.dll - OkC:\WINDOWS\system32\msimg32.dll - OkC:\WINDOWS\system32\msimtf.dll - Ok>C:\WINDOWS\system32\msisip.dll - packed by FLY-CODEC:\WINDOWS\system32\msihnd.dll - OkC:\WINDOWS\system32\mshtml.dll - OkC:\WINDOWS\system32\msisip.dll - OkC:\WINDOWS\system32\mshtml.tlb - OkC:\WINDOWS\system32\msjint40.dll - OkC:\WINDOWS\system32\msjter40.dll - OkC:\WINDOWS\system32\msimsg.dll - OkC:\WINDOWS\system32\msls31.dll - OkC:\WINDOWS\system32\msjtes40.dll - OkC:\WINDOWS\system32\mslbui.dll - OkC:\WINDOWS\system32\msnetobj.dll - OkC:\WINDOWS\system32\msltus40.dll - OkC:\WINDOWS\system32\msnsspc.dll - OkC:\WINDOWS\system32\msobjs.dll - OkC:\WINDOWS\system32\msjetoledb40.dll - OkC:\WINDOWS\system32\msorc32r.dll - OkC:\WINDOWS\system32\msoert2.dll - OkC:\WINDOWS\system32\msorcl32.dll - OkC:\WINDOWS\system32\mspatcha.dll - OkC:\WINDOWS\system32\msoeacct.dll - OkC:\WINDOWS\system32\msjet40.dll - Ok>C:\WINDOWS\system32\MRT.exe is BINARYRES containerC:\WINDOWS\system32\mspaint.exe - OkC:\WINDOWS\system32\msprivs.dll - OkC:\WINDOWS\system32\msports.dll - OkC:\WINDOWS\system32\msr2cenu.dll - OkC:\WINDOWS\system32\mspbde40.dll - OkC:\WINDOWS\system32\mspmsnsv.dll - OkC:\WINDOWS\system32\msratelc.dll - OkC:\WINDOWS\system32\msr2c.dll - OkC:\WINDOWS\system32\mspmsp.dll - OkC:\WINDOWS\system32\msrating.dll.mui - OkC:\WINDOWS\system32\msrecr40.dll - OkC:\WINDOWS\system32\msrclr40.dll - OkC:\WINDOWS\system32\msrle32.dll - OkC:\WINDOWS\system32\msrating.dll - OkC:\WINDOWS\system32\msscds32.ax - OkC:\WINDOWS\system32\mssap.dll - OkC:\WINDOWS\system32\msrepl40.dll - OkC:\WINDOWS\system32\msrd2x40.dll - OkC:\WINDOWS\system32\msshavmsg.dll - OkC:\WINDOWS\system32\msscript.ocx - OkC:\WINDOWS\system32\msscp.dll - OkC:\WINDOWS\system32\mssip32.dll - OkC:\WINDOWS\system32\msrd3x40.dll - OkC:\WINDOWS\system32\msswch.dll - OkC:\WINDOWS\system32\mssign32.dll - OkC:\WINDOWS\system32\mssha.dll - OkC:\WINDOWS\system32\msswchx.exe - OkC:\WINDOWS\system32\mstask.dll - OkC:\WINDOWS\system32\mstlsapi.dll - OkC:\WINDOWS\system32\mstinit.exe - OkC:\WINDOWS\system32\mstext40.dll - OkC:\WINDOWS\system32\mstime.dll - OkC:\WINDOWS\system32\msv1_0.dll - OkC:\WINDOWS\system32\msutb.dll - OkC:\WINDOWS\system32\msvcirt.dll - OkC:\WINDOWS\system32\mstsc.exe - OkC:\WINDOWS\system32\msvbvm60.dll - OkC:\WINDOWS\system32\msvcp60.dll - OkC:\WINDOWS\system32\msvcrt.dll - OkC:\WINDOWS\system32\msvcrt40.dll - OkC:\WINDOWS\system32\msvcrt20.dll - OkC:\WINDOWS\system32\msvfw32.dll - OkC:\WINDOWS\system32\msvcp50.dll - OkC:\WINDOWS\system32\msvidc32.dll - OkC:\WINDOWS\system32\msvideo.dll - OkC:\WINDOWS\system32\msw3prt.dll - OkC:\WINDOWS\system32\msvbvm50.dll - Ok>>C:\WINDOWS\system32\MRT.exe\data001 is BINARYRES containerC:\WINDOWS\system32\mswebdvd.dll - OkC:\WINDOWS\system32\msvidctl.dll - OkC:\WINDOWS\system32\mstscax.dll - OkC:\WINDOWS\system32\mswsock.dll - OkC:\WINDOWS\system32\mswmdm.dll - OkC:\WINDOWS\system32\mswdat10.dll - OkC:\WINDOWS\system32\msxbde40.dll - OkC:\WINDOWS\system32\msxml2r.dll - OkC:\WINDOWS\system32\msxml3r.dll - OkC:\WINDOWS\system32\mswstr10.dll - OkC:\WINDOWS\system32\msxml6r.dll - OkC:\WINDOWS\system32\msxmlr.dll - OkC:\WINDOWS\system32\msyuv.dll - OkC:\WINDOWS\system32\mtxclu.dll - Ok>C:\WINDOWS\system32\msxml.dll is BINARYRES container>>C:\WINDOWS\system32\msxml.dll\data001 is JS-HTML container>>C:\WINDOWS\system32\msxml.dll\data002 is JS-HTML container>>C:\WINDOWS\system32\msxml.dll\data003 is JS-HTML containerC:\WINDOWS\system32\msxml.dll - containerC:\WINDOWS\system32\mtxex.dll - OkC:\WINDOWS\system32\msxml3.dll - OkC:\WINDOWS\system32\mtxlegih.dll - OkC:\WINDOWS\system32\mtxoci.dll - OkC:\WINDOWS\system32\mtxdm.dll - Ok>C:\WINDOWS\system32\msxml2.dll is BINARYRES container>>C:\WINDOWS\system32\msxml2.dll\data001 is JS-HTML containerC:\WINDOWS\system32\mucltui.dll.mui - Ok>>C:\WINDOWS\system32\msxml2.dll\data002 is JS-HTML container>>C:\WINDOWS\system32\msxml2.dll\data003 is JS-HTML containerC:\WINDOWS\system32\msxml2.dll - container>C:\WINDOWS\system32\muweb.dll is CAB archiveC:\WINDOWS\system32\muweb.dll - OkC:\WINDOWS\system32\muweb.dll - archiveC:\WINDOWS\system32\mycomput.dll - OkC:\WINDOWS\system32\mucltui.dll - OkC:\WINDOWS\system32\napipsec.dll - OkC:\WINDOWS\system32\mydocs.dll - OkC:\WINDOWS\system32\napmontr.dll - OkC:\WINDOWS\system32\narrator.exe - OkC:\WINDOWS\system32\nbtstat.exe - OkC:\WINDOWS\system32\narrhook.dll - OkC:\WINDOWS\system32\ncpa.cpl - OkC:\WINDOWS\system32\ncpa.cpl.manifest - OkC:\WINDOWS\system32\ncobjapi.dll - OkC:\WINDOWS\system32\napstat.exe - OkC:\WINDOWS\system32\ncxpnt.dll - Ok>C:\WINDOWS\system32\nddeapi.dll - packed by FLY-CODEC:\WINDOWS\system32\nddeapir.exe - OkC:\WINDOWS\system32\msxml6.dll - OkC:\WINDOWS\system32\nddenb32.dll - OkC:\WINDOWS\system32\nddeapi.dll - OkC:\WINDOWS\system32\ndptsp.tsp - OkC:\WINDOWS\system32\net.exe - OkC:\WINDOWS\system32\net.hlp - OkC:\WINDOWS\system32\netapi.dll - OkC:\WINDOWS\system32\net1.exe - OkC:\WINDOWS\system32\netapi32.dll - OkC:\WINDOWS\system32\netevent.dll - OkC:\WINDOWS\system32\netdde.exe - OkC:\WINDOWS\system32\mtxparhd.dll - OkC:\WINDOWS\system32\netfxperf.dll - OkC:\WINDOWS\system32\neth.dll - OkC:\WINDOWS\system32\netmsg.dll - OkC:\WINDOWS\system32\netcfgx.dll - OkC:\WINDOWS\system32\netlogon.dll - OkC:\WINDOWS\system32\netrap.dll - OkC:\WINDOWS\system32\netsetup.cpl - OkC:\WINDOWS\system32\netman.dll - OkC:\WINDOWS\system32\netid.dll - OkC:\WINDOWS\system32\netplwiz.dll - OkC:\WINDOWS\system32\netstat.exe - OkC:\WINDOWS\system32\netsh.exe - OkC:\WINDOWS\system32\netui0.dll - OkC:\WINDOWS\system32\netui1.dll - OkC:\WINDOWS\system32\netshell.dll - OkC:\WINDOWS\system32\newdev.dll - OkC:\WINDOWS\system32\netui2.dll - OkC:\WINDOWS\system32\nlsdl.dll - Ok>C:\WINDOWS\system32\nlsfunc.exe - packed by EXEPACKC:\WINDOWS\system32\nmevtmsg.dll - OkC:\WINDOWS\system32\nlsfunc.exe - OkC:\WINDOWS\system32\noise.cht - OkC:\WINDOWS\system32\noise.chs - OkC:\WINDOWS\system32\noise.dat - Ok>C:\WINDOWS\system32\netsetup.exe is CAB archiveC:\WINDOWS\system32\netsetup.exe - OkC:\WINDOWS\system32\netsetup.exe - archiveC:\WINDOWS\system32\noise.eng - OkC:\WINDOWS\system32\noise.enu - OkC:\WINDOWS\system32\noise.esn - OkC:\WINDOWS\system32\nmmkcert.dll - OkC:\WINDOWS\system32\noise.deu - OkC:\WINDOWS\system32\nlhtml.dll - OkC:\WINDOWS\system32\noise.nld - OkC:\WINDOWS\system32\noise.ita - OkC:\WINDOWS\system32\noise.sve - OkC:\WINDOWS\system32\noise.fra - OkC:\WINDOWS\system32\noise.tha - OkC:\WINDOWS\system32\normidna.nls - OkC:\WINDOWS\system32\normaliz.dll - OkC:\WINDOWS\system32\normnfc.nls - OkC:\WINDOWS\system32\normnfkc.nls - OkC:\WINDOWS\system32\normnfd.nls - OkC:\WINDOWS\system32\nscompat.tlb - OkC:\WINDOWS\system32\normnfkd.nls - OkC:\WINDOWS\system32\ntdos.sys - OkC:\WINDOWS\system32\npptools.dll - OkC:\WINDOWS\system32\ntdos404.sys - OkC:\WINDOWS\system32\ntdos412.sys - OkC:\WINDOWS\system32\ntdos411.sys - OkC:\WINDOWS\system32\nslookup.exe - OkC:\WINDOWS\system32\notepad.exe - OkC:\WINDOWS\system32\ntdos804.sys - OkC:\WINDOWS\system32\ntdll.dll - OkC:\WINDOWS\system32\ntimage.gif - OkC:\WINDOWS\system32\ntio.sys - OkC:\WINDOWS\system32\ntio404.sys - OkC:\WINDOWS\system32\ntio412.sys - OkC:\WINDOWS\system32\ntio804.sys - OkC:\WINDOWS\system32\ntdsapi.dll - OkC:\WINDOWS\system32\ntlanman.dll - OkC:\WINDOWS\system32\ntlanui2.dll - OkC:\WINDOWS\system32\ntio411.sys - OkC:\WINDOWS\system32\ntlsapi.dll - OkC:\WINDOWS\system32\ntlanui.dll - OkC:\WINDOWS\system32\ntmsevt.dll - OkC:\WINDOWS\system32\ntmarta.dll - OkC:\WINDOWS\system32\ntmsmgr.msc - OkC:\WINDOWS\system32\ntmsapi.dll - OkC:\WINDOWS\system32\ntmsoprq.msc - OkC:\WINDOWS\system32\ntmsdba.dll - OkC:\WINDOWS\system32\ntmssvc.dll - OkC:\WINDOWS\system32\ntprint.dll - OkC:\WINDOWS\system32\ntkrnlpa.exe - OkC:\WINDOWS\system32\ntshrui.dll - OkC:\WINDOWS\system32\ntsd.exe - OkC:\WINDOWS\system32\ntsdexts.dll - OkC:\WINDOWS\system32\ntmsmgr.dll - OkC:\WINDOWS\system32\ntvdmd.dll - OkC:\WINDOWS\system32\ntvdm.exe - OkC:\WINDOWS\system32\ntoskrnl.exe - Ok>C:\WINDOWS\system32\nusrmgr.cpl is BINARYRES container>>C:\WINDOWS\system32\nusrmgr.cpl\data001 is JS-HTML container>>C:\WINDOWS\system32\nusrmgr.cpl\data002 is JS-HTML container>>C:\WINDOWS\system32\nusrmgr.cpl\data003 is JS-HTML container>>C:\WINDOWS\system32\nusrmgr.cpl\data004 is JS-HTML container>>C:\WINDOWS\system32\nusrmgr.cpl\data005 is JS-HTML container>>C:\WINDOWS\system32\nusrmgr.cpl\data006 is JS-HTML container>>C:\WINDOWS\system32\nusrmgr.cpl\data007 is JS-HTML containerC:\WINDOWS\system32\nvcolor.exe - Ok>>C:\WINDOWS\system32\nusrmgr.cpl\data008 is JS-HTML container>>C:\WINDOWS\system32\nusrmgr.cpl\data009 is JS-HTML container>>C:\WINDOWS\system32\nusrmgr.cpl\data010 is JS-HTML container>>C:\WINDOWS\system32\nusrmgr.cpl\data011 is JS-HTML container>>C:\WINDOWS\system32\nusrmgr.cpl\data012 is JS-HTML container>>C:\WINDOWS\system32\nusrmgr.cpl\data013 is JS-HTML container>>C:\WINDOWS\system32\nusrmgr.cpl\data014 is JS-HTML containerC:\WINDOWS\system32\nvapi.dll - Ok>>C:\WINDOWS\system32\nusrmgr.cpl\data015 is JS-HTML container>>C:\WINDOWS\system32\nusrmgr.cpl\data016 is JS-HTML container>>C:\WINDOWS\system32\nusrmgr.cpl\data017 is JS-HTML container>>C:\WINDOWS\system32\nusrmgr.cpl\data018 is JS-HTML containerC:\WINDOWS\system32\nv4_disp.dll - Ok>>C:\WINDOWS\system32\nusrmgr.cpl\data019 is JS-HTML container>>C:\WINDOWS\system32\nusrmgr.cpl\data020 is JS-HTML container>>C:\WINDOWS\system32\nusrmgr.cpl\data021 is JS-HTML container>>C:\WINDOWS\system32\nusrmgr.cpl\data022 is JS-HTML container>>C:\WINDOWS\system32\nusrmgr.cpl\data023 is JS-HTML containerC:\WINDOWS\system32\nusrmgr.cpl - containerC:\WINDOWS\system32\nvcpl.dll - OkC:\WINDOWS\system32\nvdata.bin - OkC:\WINDOWS\system32\nvdata.data - OkC:\WINDOWS\system32\nvdispco32.dll - OkC:\WINDOWS\system32\nvcuvenc.dll - OkC:\WINDOWS\system32\nvdispco3220140.dll - OkC:\WINDOWS\system32\nvdrsdb0.bin - OkC:\WINDOWS\system32\nvdrsdb1.bin - OkC:\WINDOWS\system32\nvdrssel.bin - OkC:\WINDOWS\system32\nvdrswr.lk - OkC:\WINDOWS\system32\nvcuvid.dll - OkC:\WINDOWS\system32\nvdispgenco32.dll - OkC:\WINDOWS\system32\nvgenco322060.dll - OkC:\WINDOWS\system32\nvhdagenco3220103.dll - OkC:\WINDOWS\system32\nvinfo.pb - OkC:\WINDOWS\system32\nvhdagenco322040.dll - OkC:\WINDOWS\system32\nvmctray.dll - Ok>C:\WINDOWS\system32\nvhdap32.dll - packed by PESTUB>C:\WINDOWS\system32\nvmccs.dll is ZLIB containerC:\WINDOWS\system32\nvmccs.dll - containerC:\WINDOWS\system32\nvhdap32.dll - OkC:\WINDOWS\system32\nvcuda.dll - OkC:\WINDOWS\system32\nvrsar.dll - OkC:\WINDOWS\system32\nvrscs.dll - OkC:\WINDOWS\system32\nvrsda.dll - OkC:\WINDOWS\system32\nvrsde.dll - OkC:\WINDOWS\system32\nvrsel.dll - OkC:\WINDOWS\system32\nvoglnt.dll - OkC:\WINDOWS\system32\nvrseng.dll - OkC:\WINDOWS\system32\nvrsfi.dll - OkC:\WINDOWS\system32\nvrses.dll - OkC:\WINDOWS\system32\nvrsesm.dll - OkC:\WINDOWS\system32\nvrsfr.dll - OkC:\WINDOWS\system32\nvrshu.dll - OkC:\WINDOWS\system32\nvrshe.dll - OkC:\WINDOWS\system32\nvrsit.dll - OkC:\WINDOWS\system32\nvrsja.dll - OkC:\WINDOWS\system32\nvrsko.dll - OkC:\WINDOWS\system32\nvcompiler.dll - OkC:\WINDOWS\system32\nvrsno.dll - OkC:\WINDOWS\system32\nvrsnl.dll - OkC:\WINDOWS\system32\nvrspl.dll - OkC:\WINDOWS\system32\nvrspt.dll - OkC:\WINDOWS\system32\nvrsru.dll - OkC:\WINDOWS\system32\nvrsptb.dll - OkC:\WINDOWS\system32\nvrssk.dll - OkC:\WINDOWS\system32\nvrssl.dll - OkC:\WINDOWS\system32\nvrssv.dll - OkC:\WINDOWS\system32\nvrstr.dll - OkC:\WINDOWS\system32\nvrsth.dll - OkC:\WINDOWS\system32\nvwddi.dll - OkC:\WINDOWS\system32\nwc.cpl.manifest - OkC:\WINDOWS\system32\nvrszhc.dll - OkC:\WINDOWS\system32\nvrszht.dll - OkC:\WINDOWS\system32\nvsvc32.exe - OkC:\WINDOWS\system32\oakley.dll - OkC:\WINDOWS\system32\occache.dll - OkC:\WINDOWS\system32\odbc16gt.dll - OkC:\WINDOWS\system32\nwprovau.dll - OkC:\WINDOWS\system32\odbc32.dll - OkC:\WINDOWS\system32\odbc32gt.dll - OkC:\WINDOWS\system32\ocmanage.dll - OkC:\WINDOWS\system32\odbcbcp.dll - OkC:\WINDOWS\system32\objsel.dll - OkC:\WINDOWS\system32\odbcconf.rsp - OkC:\WINDOWS\system32\odbcconf.dll - OkC:\WINDOWS\system32\odbccp32.cpl - OkC:\WINDOWS\system32\odbcconf.exe - OkC:\WINDOWS\system32\odbcad32.exe - OkC:\WINDOWS\system32\odbccr32.dll - OkC:\WINDOWS\system32\odbcint.dll - OkC:\WINDOWS\system32\odbccp32.dll - OkC:\WINDOWS\system32\odbcp32r.dll - OkC:\WINDOWS\system32\odbccu32.dll - OkC:\WINDOWS\system32\odbcji32.dll - OkC:\WINDOWS\system32\oddbse32.dll - OkC:\WINDOWS\system32\odexl32.dll - OkC:\WINDOWS\system32\odfox32.dll - OkC:\WINDOWS\system32\odtext32.dll - OkC:\WINDOWS\system32\odpdx32.dll - OkC:\WINDOWS\system32\odbctrac.dll - OkC:\WINDOWS\system32\oembios.dat - OkC:\WINDOWS\system32\oembios.sig - OkC:\WINDOWS\system32\odbcjt32.dll - OkC:\WINDOWS\system32\ole2.dll - OkC:\WINDOWS\system32\oembios.bin - OkC:\WINDOWS\system32\ole2disp.dll - OkC:\WINDOWS\system32\ole2nls.dll - OkC:\WINDOWS\system32\oleaccrc.dll - OkC:\WINDOWS\system32\oleacc.dll - OkC:\WINDOWS\system32\offfilt.dll - OkC:\WINDOWS\system32\olecli.dll - OkC:\WINDOWS\system32\oleaut32.dll - OkC:\WINDOWS\system32\olecnv32.dll - OkC:\WINDOWS\system32\olecli32.dll - OkC:\WINDOWS\system32\nvopencl.dll - Ok>C:\WINDOWS\system32\ole32.dll is BINARYRES containerC:\WINDOWS\system32\ole32.dll - containerC:\WINDOWS\system32\oledlg.dll - OkC:\WINDOWS\system32\oleprn.dll - OkC:\WINDOWS\system32\olesvr32.dll - OkC:\WINDOWS\system32\olesvr.dll - OkC:\WINDOWS\system32\olethk32.dll - OkC:\WINDOWS\system32\olepro32.dll - OkC:\WINDOWS\system32\onex.dll - OkC:\WINDOWS\system32\osuninst.dll - OkC:\WINDOWS\system32\osuninst.exe - OkC:\WINDOWS\system32\p2p.dll - OkC:\WINDOWS\system32\osk.exe - OkC:\WINDOWS\system32\p2pgasvc.dll - OkC:\WINDOWS\system32\p2pnetsh.dll - OkC:\WINDOWS\system32\OpenCL.dll - OkC:\WINDOWS\system32\p2pgraph.dll - OkC:\WINDOWS\system32\packager.exe - OkC:\WINDOWS\system32\panmap.dll - OkC:\WINDOWS\system32\pathping.exe - OkC:\WINDOWS\system32\pcl.sep - OkC:\WINDOWS\system32\pautoenr.dll - OkC:\WINDOWS\system32\p2psvc.dll - OkC:\WINDOWS\system32\pdh.dll - OkC:\WINDOWS\system32\opengl32.dll - OkC:\WINDOWS\system32\perfc009.dat - OkC:\WINDOWS\system32\perfci.h - OkC:\WINDOWS\system32\perfci.ini - OkC:\WINDOWS\system32\perfd009.dat - OkC:\WINDOWS\system32\pentnt.exe - OkC:\WINDOWS\system32\paqsp.dll - OkC:\WINDOWS\system32\perffilt.h - OkC:\WINDOWS\system32\perffilt.ini - OkC:\WINDOWS\system32\perfctrs.dll - OkC:\WINDOWS\system32\perfh009.dat - OkC:\WINDOWS\system32\perfdisk.dll - OkC:\WINDOWS\system32\perfi009.dat - OkC:\WINDOWS\system32\perfmon.msc - OkC:\WINDOWS\system32\perfnet.dll - OkC:\WINDOWS\system32\PerfStringBackup.INI - OkC:\WINDOWS\system32\perfwci.h - OkC:\WINDOWS\system32\perfwci.ini - OkC:\WINDOWS\system32\perfproc.dll - OkC:\WINDOWS\system32\perfos.dll - Ok>C:\WINDOWS\system32\perfts.dll - packed by FLY-CODEC:\WINDOWS\system32\perfmon.exe - OkC:\WINDOWS\system32\pid.dll - OkC:\WINDOWS\system32\perfts.dll - OkC:\WINDOWS\system32\pid.inf - OkC:\WINDOWS\system32\photowiz.dll - OkC:\WINDOWS\system32\pidgen.dll - OkC:\WINDOWS\system32\pifmgr.dll - Ok>C:\WINDOWS\system32\pjlmon.dll - packed by FLY-CODEC:\WINDOWS\system32\ping.exe - OkC:\WINDOWS\system32\pmspl.dll - OkC:\WINDOWS\system32\ping6.exe - OkC:\WINDOWS\system32\plustab.dll - OkC:\WINDOWS\system32\pjlmon.dll - OkC:\WINDOWS\system32\pngfilt.dll - OkC:\WINDOWS\system32\photometadatahandler.dll - OkC:\WINDOWS\system32\pnrpnsp.dll - OkC:\WINDOWS\system32\powrprof.dll - OkC:\WINDOWS\system32\polstore.dll - OkC:\WINDOWS\system32\powercfg.exe - OkC:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll - OkC:\WINDOWS\system32\powercfg.cpl - OkC:\WINDOWS\system32\prflbmsg.dll - OkC:\WINDOWS\system32\print.exe - OkC:\WINDOWS\system32\PresentationHostProxy.dll - OkC:\WINDOWS\system32\prntvpt.dll - OkC:\WINDOWS\system32\proctexe.ocx - OkC:\WINDOWS\system32\prodspec.ini - OkC:\WINDOWS\system32\PresentationHost.exe - OkC:\WINDOWS\system32\printui.dll - OkC:\WINDOWS\system32\profmap.dll - OkC:\WINDOWS\system32\proxycfg.exe - OkC:\WINDOWS\system32\psapi.dll - OkC:\WINDOWS\system32\psbase.dll - OkC:\WINDOWS\system32\pschdcnt.h - OkC:\WINDOWS\system32\pschdprf.dll - OkC:\WINDOWS\system32\pscript.sep - OkC:\WINDOWS\system32\progman.exe - OkC:\WINDOWS\system32\psnppagn.dll - OkC:\WINDOWS\system32\pschdprf.ini - OkC:\WINDOWS\system32\pubprn.vbs - OkC:\WINDOWS\system32\PresentationNative_v0300.dll - OkC:\WINDOWS\system32\pstorsvc.dll - OkC:\WINDOWS\system32\pstorec.dll - OkC:\WINDOWS\system32\proquota.exe - OkC:\WINDOWS\system32\qappsrv.exe - OkC:\WINDOWS\system32\qagent.dll - OkC:\WINDOWS\system32\qagentrt.dll - OkC:\WINDOWS\system32\qcliprov.dll - OkC:\WINDOWS\system32\qasf.dll - OkC:\WINDOWS\system32\qcap.dll - OkC:\WINDOWS\system32\qmgr.dll - OkC:\WINDOWS\system32\qmgrprxy.dll - OkC:\WINDOWS\system32\qdvd.dll - OkC:\WINDOWS\system32\qosname.dll - OkC:\WINDOWS\system32\qdv.dll - OkC:\WINDOWS\system32\qprocess.exe - OkC:\WINDOWS\system32\qutil.dll - OkC:\WINDOWS\system32\qedit.dll - OkC:\WINDOWS\system32\qedwipes.dll - OkC:\WINDOWS\system32\rasadhlp.dll - OkC:\WINDOWS\system32\qwinsta.exe - OkC:\WINDOWS\system32\racpldlg.dll - OkC:\WINDOWS\system32\rasauto.dll - OkC:\WINDOWS\system32\rasapi32.dll - OkC:\WINDOWS\system32\rasautou.exe - OkC:\WINDOWS\system32\query.dll - OkC:\WINDOWS\system32\rasctrnm.h - OkC:\WINDOWS\system32\rasctrs.dll - OkC:\WINDOWS\system32\rasctrs.ini - OkC:\WINDOWS\system32\raschap.dll - OkC:\WINDOWS\system32\rasman.dll - OkC:\WINDOWS\system32\rasdial.exe - OkC:\WINDOWS\system32\rasmontr.dll - OkC:\WINDOWS\system32\rasmans.dll - OkC:\WINDOWS\system32\quartz.dll - OkC:\WINDOWS\system32\rasqec.dll - OkC:\WINDOWS\system32\rasmxs.dll - OkC:\WINDOWS\system32\rasdlg.dll - Ok>C:\WINDOWS\system32\rasser.dll - packed by FLY-CODEC:\WINDOWS\system32\rasrad.dll - OkC:\WINDOWS\system32\rasppp.dll - OkC:\WINDOWS\system32\rassapi.dll - OkC:\WINDOWS\system32\rastapi.dll - OkC:\WINDOWS\system32\rcbdyctl.dll - OkC:\WINDOWS\system32\rastls.dll - OkC:\WINDOWS\system32\rasser.dll - OkC:\WINDOWS\system32\rdpcfgex.dll - OkC:\WINDOWS\system32\rcp.exe - OkC:\WINDOWS\system32\rdpdd.dll - OkC:\WINDOWS\system32\rdpsnd.dll - OkC:\WINDOWS\system32\rdchost.dll - OkC:\WINDOWS\system32\rdpwsx.dll - OkC:\WINDOWS\system32\rcimlby.exe - OkC:\WINDOWS\system32\recover.exe - OkC:\WINDOWS\system32\redir.exe - OkC:\WINDOWS\system32\rdsaddin.exe - OkC:\WINDOWS\system32\rdshost.exe - OkC:\WINDOWS\system32\regapi.dll - OkC:\WINDOWS\system32\reg.exe - OkC:\WINDOWS\system32\regedt32.exe - OkC:\WINDOWS\system32\regini.exe - OkC:\WINDOWS\system32\rdpclip.exe - OkC:\WINDOWS\system32\regsvc.dll - OkC:\WINDOWS\system32\rasphone.exe - OkC:\WINDOWS\system32\regwiz.exe - OkC:\WINDOWS\system32\remotepg.dll - OkC:\WINDOWS\system32\remotesp.tsp - OkC:\WINDOWS\system32\replace.exe - Ok>C:\WINDOWS\system32\reset.exe - packed by FLY-CODEC:\WINDOWS\system32\regsvr32.exe - OkC:\WINDOWS\system32\resutils.dll - OkC:\WINDOWS\system32\rend.dll - OkC:\WINDOWS\system32\rexec.exe - OkC:\WINDOWS\system32\reset.exe - OkC:\WINDOWS\system32\riched32.dll - OkC:\WINDOWS\system32\rnr20.dll - OkC:\WINDOWS\system32\regwizc.dll - OkC:\WINDOWS\system32\route.exe - OkC:\WINDOWS\system32\rgb9rast_2.dll - OkC:\WINDOWS\system32\routemon.exe - OkC:\WINDOWS\system32\routetab.dll - OkC:\WINDOWS\system32\rpcns4.dll - OkC:\WINDOWS\system32\rhttpaa.dll - OkC:\WINDOWS\system32\rsaci.rat - OkC:\WINDOWS\system32\rpcrt4.dll - OkC:\WINDOWS\system32\riched20.dll - OkC:\WINDOWS\system32\rsh.exe - OkC:\WINDOWS\system32\rsaenh.dll - OkC:\WINDOWS\system32\rshx32.dll - OkC:\WINDOWS\system32\rsmps.dll - OkC:\WINDOWS\system32\rsm.exe - OkC:\WINDOWS\system32\rpcss.dll - OkC:\WINDOWS\system32\rsvp.ini - OkC:\WINDOWS\system32\rsvpcnts.h - OkC:\WINDOWS\system32\rsvp.exe - OkC:\WINDOWS\system32\rsvpmsg.dll - Ok>C:\WINDOWS\system32\rsvpperf.dll - packed by FLY-CODEC:\WINDOWS\system32\rsvpperf.dll - OkC:\WINDOWS\system32\rsvpsp.dll - OkC:\WINDOWS\system32\rsmsink.exe - OkC:\WINDOWS\system32\rtipxmib.dll - OkC:\WINDOWS\system32\RtkCoLDRXP.dll - OkC:\WINDOWS\system32\rsmui.exe - OkC:\WINDOWS\system32\rtcshare.exe - OkC:\WINDOWS\system32\RtkCoInstIIXP.dll - OkC:\WINDOWS\system32\rtm.dll - OkC:\WINDOWS\system32\RtNicProp32.dll - OkC:\WINDOWS\system32\rtutils.dll - OkC:\WINDOWS\system32\runas.exe - OkC:\WINDOWS\system32\RTNUninst32.dll - OkC:\WINDOWS\system32\rundll32.exe - OkC:\WINDOWS\system32\rwinsta.exe - OkC:\WINDOWS\system32\runonce.exe - OkC:\WINDOWS\system32\safrdm.dll - OkC:\WINDOWS\system32\safrslv.dll - OkC:\WINDOWS\system32\safrcdlg.dll - OkC:\WINDOWS\system32\samlib.dll - OkC:\WINDOWS\system32\sapi.cpl.manifest - OkC:\WINDOWS\system32\s3gnb.dll - OkC:\WINDOWS\system32\samsrv.dll - OkC:\WINDOWS\system32\sc.exe - OkC:\WINDOWS\system32\savedump.exe - OkC:\WINDOWS\system32\scarddlg.dll - OkC:\WINDOWS\system32\sbe.dll - OkC:\WINDOWS\system32\sbeio.dll - OkC:\WINDOWS\system32\scardsvr.exe - OkC:\WINDOWS\system32\RTSndMgr.CPL - OkC:\WINDOWS\system32\scardssp.dll - OkC:\WINDOWS\system32\scecli.dll - OkC:\WINDOWS\system32\sccbase.dll - OkC:\WINDOWS\system32\scesrv.dll - OkC:\WINDOWS\system32\sclgntfy.dll - OkC:\WINDOWS\system32\schannel.dll - OkC:\WINDOWS\system32\sccsccp.dll - OkC:\WINDOWS\system32\scredir.dll - OkC:\WINDOWS\system32\schedsvc.dll - OkC:\WINDOWS\system32\sdhcinst.dll - OkC:\WINDOWS\system32\scrrun.dll - OkC:\WINDOWS\system32\seclogon.dll - OkC:\WINDOWS\system32\scrnsave.scr - OkC:\WINDOWS\system32\secupd.dat - OkC:\WINDOWS\system32\scrobj.dll - OkC:\WINDOWS\system32\secupd.sig - OkC:\WINDOWS\system32\sdpblb.dll - OkC:\WINDOWS\system32\security.dll - OkC:\WINDOWS\system32\sdbinst.exe - OkC:\WINDOWS\system32\secur32.dll - OkC:\WINDOWS\system32\sensapi.dll - OkC:\WINDOWS\system32\sens.dll - OkC:\WINDOWS\system32\sendmail.dll - OkC:\WINDOWS\system32\senscfg.dll - OkC:\WINDOWS\system32\serialui.dll - OkC:\WINDOWS\system32\services.msc - OkC:\WINDOWS\system32\serwvdrv.dll - OkC:\WINDOWS\system32\sendcmsg.dll - OkC:\WINDOWS\system32\services.exe - OkC:\WINDOWS\system32\sessmgr.exe - OkC:\WINDOWS\system32\servdeps.dll - OkC:\WINDOWS\system32\setup.bmp - Ok>C:\WINDOWS\system32\setupapi.dll - packed by BINARYRES Link to post Share on other sites More sharing options...
MicQsenoch Posted January 2, 2013 Author ID:629505 Share Posted January 2, 2013 >>C:\WINDOWS\system32\setupapi.dll - packed by MS COMPRESSC:\WINDOWS\system32\setupapi.dll - OkC:\WINDOWS\system32\setver.exe - OkC:\WINDOWS\system32\sethc.exe - OkC:\WINDOWS\system32\sfc.dll - OkC:\WINDOWS\system32\sfc.exe - OkC:\WINDOWS\system32\setupn.exe - OkC:\WINDOWS\system32\setup.exe - OkC:\WINDOWS\system32\sfmapi.dll - Ok>C:\WINDOWS\system32\share.exe - packed by EXEPACK>>C:\WINDOWS\system32\share.exe - packed by COM2EXEC:\WINDOWS\system32\share.exe - OkC:\WINDOWS\system32\shadow.exe - OkC:\WINDOWS\system32\sfcfiles.dll - OkC:\WINDOWS\system32\setupdll.dll - OkC:\WINDOWS\system32\shell.dll - OkC:\WINDOWS\system32\sfc_os.dll - Ok>C:\WINDOWS\system32\shdoclc.dll is BINARYRES container>>C:\WINDOWS\system32\shdoclc.dll\data001 is JS-HTML containerC:\WINDOWS\system32\shfolder.dll - Ok>>C:\WINDOWS\system32\shdoclc.dll\data002 is JS-HTML container>>C:\WINDOWS\system32\shdoclc.dll\data003 is JS-HTML containerC:\WINDOWS\system32\shgina.dll - OkC:\WINDOWS\system32\shellstyle.dll - Ok>>C:\WINDOWS\system32\shdoclc.dll\data004 is JS-HTML containerC:\WINDOWS\system32\shiftjis.uce - OkC:\WINDOWS\system32\shimeng.dll - OkC:\WINDOWS\system32\shdocvw.dll - Ok>>C:\WINDOWS\system32\shdoclc.dll\data005 is JS-HTML container>>C:\WINDOWS\system32\shdoclc.dll\data006 is JS-HTML containerC:\WINDOWS\system32\shdoclc.dll - containerC:\WINDOWS\system32\shlwapi.dll - OkC:\WINDOWS\system32\shmedia.dll - OkC:\WINDOWS\system32\shrpubw.exe - Ok>C:\WINDOWS\system32\shell32.dll is BINARYRES container>C:\WINDOWS\system32\shimgvw.dll is BINARYRES container>>C:\WINDOWS\system32\shell32.dll\data001 is JS-HTML containerC:\WINDOWS\system32\shscrap.dll - Ok>>C:\WINDOWS\system32\shimgvw.dll\data001 is JS-HTML containerC:\WINDOWS\system32\shsvcs.dll - Ok>>C:\WINDOWS\system32\shimgvw.dll\data002 is JS-HTML containerC:\WINDOWS\system32\shell32.dll - containerC:\WINDOWS\system32\shimgvw.dll - containerC:\WINDOWS\system32\sigtab.dll - OkC:\WINDOWS\system32\shmgrate.exe - OkC:\WINDOWS\system32\simpdata.tlb - OkC:\WINDOWS\system32\shutdown.exe - OkC:\WINDOWS\system32\sisbkup.dll - OkC:\WINDOWS\system32\skdll.dll - OkC:\WINDOWS\system32\sigverif.exe - OkC:\WINDOWS\system32\slayerxp.dll - OkC:\WINDOWS\system32\slbrccsp.dll - OkC:\WINDOWS\system32\slbiop.dll - OkC:\WINDOWS\system32\slcoinst.dll - OkC:\WINDOWS\system32\skeys.exe - OkC:\WINDOWS\system32\slbcsp.dll - OkC:\WINDOWS\system32\slgen.dll - OkC:\WINDOWS\system32\slserv.exe - OkC:\WINDOWS\system32\sl_anet.acm - OkC:\WINDOWS\system32\smbinst.exe - OkC:\WINDOWS\system32\slextspk.dll - OkC:\WINDOWS\system32\smss.exe - OkC:\WINDOWS\system32\smlogsvc.exe - OkC:\WINDOWS\system32\snmpapi.dll - OkC:\WINDOWS\system32\sndrec32.exe - OkC:\WINDOWS\system32\softpub.dll - OkC:\WINDOWS\system32\sndvol32.exe - OkC:\WINDOWS\system32\smlogcfg.dll - OkC:\WINDOWS\system32\sortkey.nls - OkC:\WINDOWS\system32\sorttbls.nls - OkC:\WINDOWS\system32\sound.drv - OkC:\WINDOWS\system32\sort.exe - OkC:\WINDOWS\system32\snmpsnap.dll - OkC:\WINDOWS\system32\spmsg.dll - OkC:\WINDOWS\system32\slrundll.exe - OkC:\WINDOWS\system32\spdwnwxp.exe - OkC:\WINDOWS\system32\spnpinst.exe - OkC:\WINDOWS\system32\spoolss.dll - OkC:\WINDOWS\system32\spnike.dll - OkC:\WINDOWS\system32\sol.exe - OkC:\WINDOWS\system32\sprestrt.exe - OkC:\WINDOWS\system32\spider.exe - OkC:\WINDOWS\system32\sprio600.dll - OkC:\WINDOWS\system32\spupdsvc.exe - OkC:\WINDOWS\system32\spupdwxp.log - OkC:\WINDOWS\system32\spupdwxp.exe - Ok>C:\WINDOWS\system32\sqlsodbc.chm is CHM containerC:\WINDOWS\system32\spxcoins.dll - OkC:\WINDOWS\system32\sprio800.dll - OkC:\WINDOWS\system32\spoolsv.exe - OkC:\WINDOWS\system32\sqlsrv32.rll - OkC:\WINDOWS\system32\sqlwid.dll - OkC:\WINDOWS\system32\sqlsrv32.dll - OkC:\WINDOWS\system32\sqlwoa.dll - OkC:\WINDOWS\system32\srclient.dll - Ok>>C:\WINDOWS\system32\sqlsodbc.chm\Basics\mailto.js is JS-HTML containerC:\WINDOWS\system32\sqlunirl.dll - OkC:\WINDOWS\system32\srvsvc.dll - OkC:\WINDOWS\system32\srsvc.dll - Ok>>C:\WINDOWS\system32\sqlsodbc.chm\Basics\shared.js is JS-HTML containerC:\WINDOWS\system32\srrstr.dll - OkC:\WINDOWS\system32\ssdpapi.dll - OkC:\WINDOWS\system32\sqlsodbc.chm - containerC:\WINDOWS\system32\ssdpsrv.dll - OkC:\WINDOWS\system32\ssbezier.scr - OkC:\WINDOWS\system32\ssmarque.scr - Ok>C:\WINDOWS\system32\ss3dfo.scr is ZLIB containerC:\WINDOWS\system32\ssmyst.scr - OkC:\WINDOWS\system32\ssflwbox.scr - OkC:\WINDOWS\system32\ss3dfo.scr - containerC:\WINDOWS\system32\stclient.dll - OkC:\WINDOWS\system32\stdole2.tlb - OkC:\WINDOWS\system32\ssstars.scr - OkC:\WINDOWS\system32\stdole32.tlb - OkC:\WINDOWS\system32\sti.dll - OkC:\WINDOWS\system32\stimon.exe - OkC:\WINDOWS\system32\ssmypics.scr - OkC:\WINDOWS\system32\storage.dll - OkC:\WINDOWS\system32\sti_ci.dll - OkC:\WINDOWS\system32\sspipes.scr - OkC:\WINDOWS\system32\stobject.dll - OkC:\WINDOWS\system32\streamci.dll - OkC:\WINDOWS\system32\storprop.dll - OkC:\WINDOWS\system32\sstext3d.scr - OkC:\WINDOWS\system32\strmfilt.dll - OkC:\WINDOWS\system32\subrange.uce - OkC:\WINDOWS\system32\subst.exe - OkC:\WINDOWS\system32\svcpack.dll - OkC:\WINDOWS\system32\svchost.exe - OkC:\WINDOWS\system32\synceng.dll - OkC:\WINDOWS\system32\strmdll.dll - OkC:\WINDOWS\system32\swprv.dll - OkC:\WINDOWS\system32\syncui.dll - OkC:\WINDOWS\system32\sysedit.exe - OkC:\WINDOWS\system32\sxs.dll - OkC:\WINDOWS\system32\sysinv.dll - OkC:\WINDOWS\system32\syncapp.exe - OkC:\WINDOWS\system32\sysdm.cpl - OkC:\WINDOWS\system32\sysprint.sep - OkC:\WINDOWS\system32\sysprtj.sep - OkC:\WINDOWS\system32\syskey.exe - OkC:\WINDOWS\system32\system.drv - OkC:\WINDOWS\system32\sysmon.ocx - OkC:\WINDOWS\system32\sysocmgr.exe - OkC:\WINDOWS\system32\systray.exe - OkC:\WINDOWS\system32\tapi.dll - OkC:\WINDOWS\system32\tapiperf.dll - OkC:\WINDOWS\system32\t2embed.dll - OkC:\WINDOWS\system32\tapi32.dll - OkC:\WINDOWS\system32\tapiui.dll - OkC:\WINDOWS\system32\syssetup.dll - OkC:\WINDOWS\system32\tapisrv.dll - OkC:\WINDOWS\system32\taskman.exe - OkC:\WINDOWS\system32\tcpmib.dll - OkC:\WINDOWS\system32\tcpmon.dll - OkC:\WINDOWS\system32\tcmsetup.exe - OkC:\WINDOWS\system32\tcpmonui.dll - OkC:\WINDOWS\system32\tcpsvcs.exe - OkC:\WINDOWS\system32\tcpmon.ini - OkC:\WINDOWS\system32\taskmgr.exe - OkC:\WINDOWS\system32\telephon.cpl - OkC:\WINDOWS\system32\tdc.ocx - OkC:\WINDOWS\system32\tftp.exe - Ok>C:\WINDOWS\system32\telnet.exe - packed by FLY-CODEC:\WINDOWS\system32\termsrv.dll - OkC:\WINDOWS\system32\ticrf.rat - OkC:\WINDOWS\system32\telnet.exe - OkC:\WINDOWS\system32\themeui.dll - OkC:\WINDOWS\system32\timer.drv - OkC:\WINDOWS\system32\termmgr.dll - OkC:\WINDOWS\system32\toolhelp.dll - OkC:\WINDOWS\system32\tapi3.dll - OkC:\WINDOWS\system32\tracert.exe - OkC:\WINDOWS\system32\traffic.dll - OkC:\WINDOWS\system32\tracert6.exe - OkC:\WINDOWS\system32\timedate.cpl - OkC:\WINDOWS\system32\tree.com - OkC:\WINDOWS\system32\tsbyuv.dll - OkC:\WINDOWS\system32\tourstart.exe - OkC:\WINDOWS\system32\tscfgwmi.dll - OkC:\WINDOWS\system32\tscon.exe - OkC:\WINDOWS\system32\tsappcmp.dll - OkC:\WINDOWS\system32\trkwks.dll - OkC:\WINDOWS\system32\tsd32.dll - OkC:\WINDOWS\system32\tsddd.dll - OkC:\WINDOWS\system32\tslabels.h - OkC:\WINDOWS\system32\tsdiscon.exe - OkC:\WINDOWS\system32\tskill.exe - OkC:\WINDOWS\system32\tsgqec.dll - OkC:\WINDOWS\system32\tssoft32.acm - OkC:\WINDOWS\system32\tslabels.ini - OkC:\WINDOWS\system32\tsshutdn.exe - OkC:\WINDOWS\system32\TsWpfWrp.exe - OkC:\WINDOWS\system32\tspkg.dll - OkC:\WINDOWS\system32\twext.dll - OkC:\WINDOWS\system32\TZLog.log - OkC:\WINDOWS\system32\typelib.dll - OkC:\WINDOWS\system32\tscupgrd.exe - OkC:\WINDOWS\system32\tzchange.exe - OkC:\WINDOWS\system32\txflog.dll - OkC:\WINDOWS\system32\udhisapi.dll - OkC:\WINDOWS\system32\ufat.dll - OkC:\WINDOWS\system32\umdmxfrm.dll - OkC:\WINDOWS\system32\unicode.nls - OkC:\WINDOWS\system32\umandlg.dll - OkC:\WINDOWS\system32\ulib.dll - OkC:\WINDOWS\system32\umpnpmgr.dll - OkC:\WINDOWS\system32\unimdmat.dll - Ok>C:\WINDOWS\system32\uniplat.dll - packed by FLY-CODEC:\WINDOWS\system32\unimdm.tsp - OkC:\WINDOWS\system32\unlodctr.exe - OkC:\WINDOWS\system32\uniplat.dll - OkC:\WINDOWS\system32\unicows.dll - OkC:\WINDOWS\system32\uiautomationcore.dll - OkC:\WINDOWS\system32\upnp.dll - OkC:\WINDOWS\system32\ups.exe - OkC:\WINDOWS\system32\upnphost.dll - OkC:\WINDOWS\system32\ureg.dll - OkC:\WINDOWS\system32\upnpcont.exe - OkC:\WINDOWS\system32\untfs.dll - OkC:\WINDOWS\system32\url.dll - OkC:\WINDOWS\system32\user.exe - OkC:\WINDOWS\system32\usbmon.dll - OkC:\WINDOWS\system32\upnpui.dll - OkC:\WINDOWS\system32\usbui.dll - OkC:\WINDOWS\system32\userinit.exe - OkC:\WINDOWS\system32\urlmon.dll - OkC:\WINDOWS\system32\usp10.dll - OkC:\WINDOWS\system32\usrcntra.dll - OkC:\WINDOWS\system32\user32.dll - OkC:\WINDOWS\system32\usrdpa.dll - OkC:\WINDOWS\system32\usrcoina.dll - OkC:\WINDOWS\system32\userenv.dll - OkC:\WINDOWS\system32\usrlogon.cmd - OkC:\WINDOWS\system32\usrlbva.dll - OkC:\WINDOWS\system32\usrfaxa.dll - OkC:\WINDOWS\system32\usrrtosa.dll - OkC:\WINDOWS\system32\usrmlnka.exe - OkC:\WINDOWS\system32\usrprbda.exe - OkC:\WINDOWS\system32\usrdtea.dll - OkC:\WINDOWS\system32\usrsdpia.dll - Ok>C:\WINDOWS\system32\usrv42a.dll - packed by FLY-CODEC:\WINDOWS\system32\usrsvpia.dll - OkC:\WINDOWS\system32\usrshuta.exe - OkC:\WINDOWS\system32\usrvoica.dll - OkC:\WINDOWS\system32\usrv80a.dll - OkC:\WINDOWS\system32\utildll.dll - OkC:\WINDOWS\system32\usrvpa.dll - OkC:\WINDOWS\system32\v7vga.rom - OkC:\WINDOWS\system32\uxtheme.dll - OkC:\WINDOWS\system32\vbisurf.ax - OkC:\WINDOWS\system32\vcdex.dll - OkC:\WINDOWS\system32\usrv42a.dll - OkC:\WINDOWS\system32\vdmdbg.dll - OkC:\WINDOWS\system32\ver.dll - OkC:\WINDOWS\system32\vdmredir.dll - OkC:\WINDOWS\system32\verifier.dll - OkC:\WINDOWS\system32\vbscript.dll - OkC:\WINDOWS\system32\verclsid.exe - OkC:\WINDOWS\system32\version.dll - OkC:\WINDOWS\system32\vfpodbc.dll - OkC:\WINDOWS\system32\verifier.exe - OkC:\WINDOWS\system32\vga.dll - OkC:\WINDOWS\system32\vga.drv - OkC:\WINDOWS\system32\vga256.dll - OkC:\WINDOWS\system32\View Channels.scf - OkC:\WINDOWS\system32\vga64k.dll - OkC:\WINDOWS\system32\vidcap.ax - OkC:\WINDOWS\system32\vjoy.dll - OkC:\WINDOWS\system32\vssadmin.exe - OkC:\WINDOWS\system32\vss_ps.dll - OkC:\WINDOWS\system32\vssapi.dll - OkC:\WINDOWS\system32\utilman.exe - OkC:\WINDOWS\system32\vssvc.exe - OkC:\WINDOWS\system32\vbajet32.dll - OkC:\WINDOWS\system32\watchdog.sys - OkC:\WINDOWS\system32\w32time.dll - OkC:\WINDOWS\system32\w3ssl.dll - OkC:\WINDOWS\system32\w32tm.exe - OkC:\WINDOWS\system32\wbcache.deu - OkC:\WINDOWS\system32\w32topl.dll - OkC:\WINDOWS\system32\wbcache.enu - OkC:\WINDOWS\system32\wbcache.esn - OkC:\WINDOWS\system32\wbcache.fra - OkC:\WINDOWS\system32\wbcache.ita - OkC:\WINDOWS\system32\wbcache.nld - OkC:\WINDOWS\system32\wbcache.sve - OkC:\WINDOWS\system32\wbdbase.deu - OkC:\WINDOWS\system32\wbdbase.enu - OkC:\WINDOWS\system32\wbdbase.esn - OkC:\WINDOWS\system32\wbdbase.fra - OkC:\WINDOWS\system32\wdigest.dll - OkC:\WINDOWS\system32\wavemsp.dll - OkC:\WINDOWS\system32\wbdbase.ita - OkC:\WINDOWS\system32\wbdbase.nld - OkC:\WINDOWS\system32\wdl.trm - OkC:\WINDOWS\system32\wbdbase.sve - OkC:\WINDOWS\system32\wdmaud.drv - OkC:\WINDOWS\system32\webclnt.dll - OkC:\WINDOWS\system32\webhits.dll - OkC:\WINDOWS\system32\webcheck.dll - OkC:\WINDOWS\system32\wfwnet.drv - Ok>C:\WINDOWS\system32\webfldrs.msi is OLE containerC:\WINDOWS\system32\webvw.dll - OkC:\WINDOWS\system32\wiadss.dll - OkC:\WINDOWS\system32\wextract.exe - OkC:\WINDOWS\system32\wiascr.dll - OkC:\WINDOWS\system32\wiadefui.dll - OkC:\WINDOWS\system32\wiaacmgr.exe - OkC:\WINDOWS\system32\wiasf.ax - OkC:\WINDOWS\system32\wiaservc.dll - OkC:\WINDOWS\system32\wifeman.dll - OkC:\WINDOWS\system32\wiavideo.dll - OkC:\WINDOWS\system32\wiashext.dll - Ok>>C:\WINDOWS\system32\webfldrs.msi\stream001 is CAB archiveC:\WINDOWS\system32\webfldrs.msi\stream001 - OkC:\WINDOWS\system32\webfldrs.msi - OkC:\WINDOWS\system32\webfldrs.msi - containerC:\WINDOWS\system32\wiavusd.dll - OkC:\WINDOWS\system32\win87em.dll - OkC:\WINDOWS\system32\win32spl.dll - OkC:\WINDOWS\system32\win.com - OkC:\WINDOWS\system32\winbrand.dll - OkC:\WINDOWS\system32\WindowsLogon.manifest - OkC:\WINDOWS\system32\winfax.dll - OkC:\WINDOWS\system32\windowscodecsext.dll - OkC:\WINDOWS\system32\winhelp.hlp - OkC:\WINDOWS\system32\winchat.exe - OkC:\WINDOWS\system32\WinFXDocObj.exe - OkC:\WINDOWS\system32\win32k.sys - OkC:\WINDOWS\system32\winipsec.dll - OkC:\WINDOWS\system32\winhttp.dll - OkC:\WINDOWS\system32\windowscodecs.dll - OkC:\WINDOWS\system32\winhlp32.exe - OkC:\WINDOWS\system32\winmm.dll - OkC:\WINDOWS\system32\winlogon.exe - OkC:\WINDOWS\system32\winnls.dll - OkC:\WINDOWS\system32\wininet.dll - OkC:\WINDOWS\system32\winmine.exe - OkC:\WINDOWS\system32\winoldap.mod - Ok>C:\WINDOWS\system32\winrnr.dll - packed by FLY-CODEC:\WINDOWS\system32\winscard.dll - OkC:\WINDOWS\system32\winsock.dll - OkC:\WINDOWS\system32\winshfhc.dll - OkC:\WINDOWS\system32\winrnr.dll - OkC:\WINDOWS\system32\winspool.exe - OkC:\WINDOWS\system32\winmsd.exe - Ok>C:\WINDOWS\system32\winsta.dll - packed by FLY-CODEC:\WINDOWS\system32\winstrm.dll - OkC:\WINDOWS\system32\winspool.drv - OkC:\WINDOWS\system32\winver.exe - OkC:\WINDOWS\system32\winsta.dll - OkC:\WINDOWS\system32\winsrv.dll - OkC:\WINDOWS\system32\winntbbu.dll - OkC:\WINDOWS\system32\wintrust.dll - OkC:\WINDOWS\system32\wlnotify.dll - OkC:\WINDOWS\system32\wkssvc.dll - OkC:\WINDOWS\system32\wlanapi.dll - OkC:\WINDOWS\system32\wldap32.dll - OkC:\WINDOWS\system32\wmadmod.dll - OkC:\WINDOWS\system32\wmdmps.dll - OkC:\WINDOWS\system32\wmasf.dll - OkC:\WINDOWS\system32\wmerrenu.dll - OkC:\WINDOWS\system32\wmi.dll - OkC:\WINDOWS\system32\wmadmoe.dll - OkC:\WINDOWS\system32\wmimgmt.msc - OkC:\WINDOWS\system32\wmerror.dll - Ok>C:\WINDOWS\system32\wmiprop.dll - packed by FLY-CODEC:\WINDOWS\system32\wmidx.dll - OkC:\WINDOWS\system32\wmiprop.dll - OkC:\WINDOWS\system32\wmdmlog.dll - OkC:\WINDOWS\system32\wmp.ocx - OkC:\WINDOWS\system32\wmpcd.dll - OkC:\WINDOWS\system32\wmpasf.dll - OkC:\WINDOWS\system32\wmpcore.dll - OkC:\WINDOWS\system32\WMNetmgr.dll - OkC:\WINDOWS\system32\wmpdxm.dll - OkC:\WINDOWS\system32\wmpshell.dll - OkC:\WINDOWS\system32\wmphoto.dll - OkC:\WINDOWS\system32\wmpui.dll - OkC:\WINDOWS\system32\wmploc.dll - OkC:\WINDOWS\system32\wmsdmoe.dll - OkC:\WINDOWS\system32\wmsdmod.dll - OkC:\WINDOWS\system32\wmp.dll - OkC:\WINDOWS\system32\wmspdmod.dll - OkC:\WINDOWS\system32\wmspdmoe.dll - OkC:\WINDOWS\system32\wmsdmoe2.dll - OkC:\WINDOWS\system32\wmv8ds32.ax - OkC:\WINDOWS\system32\wmvdmod.dll - OkC:\WINDOWS\system32\WMVCore.dll - OkC:\WINDOWS\system32\wmstream.dll - OkC:\WINDOWS\system32\wowdeb.exe - OkC:\WINDOWS\system32\wowexec.exe - OkC:\WINDOWS\system32\wowfax.dll - OkC:\WINDOWS\system32\wow32.dll - OkC:\WINDOWS\system32\wpa.bak - OkC:\WINDOWS\system32\wowfaxui.dll - OkC:\WINDOWS\system32\wpa.dbl - OkC:\WINDOWS\system32\wmvds32.ax - OkC:\WINDOWS\system32\write.exe - OkC:\WINDOWS\system32\ws2help.dll - OkC:\WINDOWS\system32\wmvdmoe2.dll - OkC:\WINDOWS\system32\ws2_32.dll - OkC:\WINDOWS\system32\wpabaln.exe - OkC:\WINDOWS\system32\wscsvc.dll - OkC:\WINDOWS\system32\wshatm.dll - OkC:\WINDOWS\system32\wpnpinst.exe - OkC:\WINDOWS\system32\MRT.exe - containerC:\WINDOWS\system32\wscript.exe - OkC:\WINDOWS\system32\wscntfy.exe - OkC:\WINDOWS\system32\wship6.dll - OkC:\WINDOWS\system32\wshbth.dll - Ok>C:\WINDOWS\system32\wscui.cpl is ZLIB containerC:\WINDOWS\system32\wshnetbs.dll - OkC:\WINDOWS\system32\wshisn.dll - OkC:\WINDOWS\system32\wshext.dll - OkC:\WINDOWS\system32\wshrm.dll - OkC:\WINDOWS\system32\wshtcpip.dll - OkC:\WINDOWS\system32\wscui.cpl - containerC:\WINDOWS\system32\wshom.ocx - OkC:\WINDOWS\system32\wsock32.dll - OkC:\WINDOWS\system32\wshcon.dll - OkC:\WINDOWS\system32\wuapi.dll.mui - OkC:\WINDOWS\system32\wtsapi32.dll - OkC:\WINDOWS\system32\wsnmp32.dll - OkC:\WINDOWS\system32\wuaucpl.cpl.manifest - Ok>C:\WINDOWS\system32\wuaucpl.cpl - packed by FLY-CODEC:\WINDOWS\system32\wuapi.dll - OkC:\WINDOWS\system32\wuaucpl.cpl.mui - OkC:\WINDOWS\system32\wuauclt.exe - OkC:\WINDOWS\system32\wuaueng.dll.mui - OkC:\WINDOWS\system32\wuauserv.dll - OkC:\WINDOWS\system32\wuaucpl.cpl - Ok>C:\WINDOWS\system32\wuauclt1.exe is BINARYRES container>>C:\WINDOWS\system32\wuauclt1.exe\data001 is JS-HTML containerC:\WINDOWS\system32\wucltui.dll.mui - OkC:\WINDOWS\system32\wuauclt1.exe - containerC:\WINDOWS\system32\wups.dll - OkC:\WINDOWS\system32\wuaueng1.dll - OkC:\WINDOWS\system32\wups2.dll - OkC:\WINDOWS\system32\wuaueng.dll - OkC:\WINDOWS\system32\wuweb.dll - OkC:\WINDOWS\system32\wucltui.dll - OkC:\WINDOWS\system32\wstdecod.dll - OkC:\WINDOWS\system32\wzcsapi.dll - Ok>C:\WINDOWS\system32\xactsrv.dll - packed by FLY-CODEC:\WINDOWS\system32\wupdmgr.exe - OkC:\WINDOWS\system32\XAPOFX1_1.dll - OkC:\WINDOWS\system32\wzcdlg.dll - OkC:\WINDOWS\system32\xcopy.exe - OkC:\WINDOWS\system32\wzcsvc.dll - OkC:\WINDOWS\system32\xactsrv.dll - OkC:\WINDOWS\system32\xmllite.dll - OkC:\WINDOWS\system32\xenroll.dll - OkC:\WINDOWS\system32\xmlprov.dll - OkC:\WINDOWS\system32\xmlprovi.dll - OkC:\WINDOWS\system32\XAudio2_2.dll - OkC:\WINDOWS\system32\xolehlp.dll - OkC:\WINDOWS\system32\xpsp1res.dll - OkC:\WINDOWS\system32\xpsp4res.dll - OkC:\WINDOWS\system32\xpob2res.dll - Ok>C:\WINDOWS\system32\xpsp3res.dll is BINARYRES container>>C:\WINDOWS\system32\xpsp3res.dll\data001 is JS-HTML container>>C:\WINDOWS\system32\xpsp3res.dll\data002 is JS-HTML containerC:\WINDOWS\system32\1033\dwintl.dll - OkC:\WINDOWS\system32\zipfldr.dll - OkC:\WINDOWS\system32\CatRoot2\edb.chk - OkC:\WINDOWS\system32\CatRoot2\edb.log - read error>>C:\WINDOWS\system32\xpsp3res.dll\data004 is JS-HTML containerC:\WINDOWS\system32\xpsp3res.dll - containerC:\WINDOWS\system32\xpsshhdr.dll - Ok>C:\WINDOWS\system32\xpsp2res.dll is BINARYRES container>>C:\WINDOWS\system32\xpsp2res.dll\data001 is JS-HTML container>>C:\WINDOWS\system32\xpsp2res.dll\data002 is JS-HTML containerC:\WINDOWS\system32\CatRoot2\dberr.txt - OkC:\WINDOWS\system32\CatRoot2\tmp.edb - read error>>C:\WINDOWS\system32\xpsp2res.dll\data003 is JS-HTML container>>C:\WINDOWS\system32\xpsp2res.dll\data004 is JS-HTML containerC:\WINDOWS\system32\xpsp2res.dll - containerC:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\TimeStamp - OkC:\WINDOWS\system32\CatRoot2\res1.log - OkC:\WINDOWS\system32\CatRoot2\res2.log - OkC:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\TimeStamp - OkC:\WINDOWS\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\TimeStamp - OkC:\WINDOWS\system32\CatRoot2\edb0015F.log - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\HPCRDP.CAT - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\IASNT4.CAT - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\fp4.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ims.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ie8.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\1.CAT - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2296011.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2115168.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2345886.cat - OkC:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2347290.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2360937.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2378111.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2387149.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2393802.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2419632.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2440591.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2229593.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2476490.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2478960.cat - OkC:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2478971.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2483185.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2423089.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2506212.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2481109.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2508429.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2509553.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2510531-IE8.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2507938.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2485663.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2443105.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2536276-v2.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2479943.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2564958.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2566454.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2544521-IE8.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2585542.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2584146.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2598479.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2592799.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2570947.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2535512.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2620712.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2544893-v2.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2624667.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2631813.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2619339.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2646524.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2618451.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2653956.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2659262.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2655992.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2661254-v2.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2691442.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2603381.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2686509.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2705219-v2.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2712808.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2719985.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2676562.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2724197.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2661637.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2749655.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2753842-v2.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2758857.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2727528.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2761465-IE8.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2779030.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2723135-v2.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2698365.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2736233.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB888111WXPSP2.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2770660.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2779562.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB892130.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB946648.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB893803v2_wxp.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB950974.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB951748.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB950762.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB952004.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB951978.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB951376-v2.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB952069.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB952954.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB954155.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB954550-v5.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB923561.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB955759.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB956572.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB926139-v2.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB956802.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB955069.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB956744.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB952287.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB958869.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB956803.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB958644.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB956844.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB960225.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB960859.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB967715.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB960803.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB961501.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB959426.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB970430.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB971029.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB969059.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB971657.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB971468.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB961118.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB968389.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB973507.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB973540.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB970238.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB971961-IE8.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB973815.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB973869.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB974318.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB972270.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB974392.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB974112.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB975025.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB975467.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB975558.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB973687.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB974571.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB975713.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB973904.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB975562.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB976662-IE8.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB975561.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB977816.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB975560.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB977914.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB978695.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB978338.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB978542.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB979309.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB978706.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB978037.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB978601.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB979402.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB979482.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB979559.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB979683.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB980232.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB981322.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB979687.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB980195.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB982132.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB980218.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB982381-IE8.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB981997.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MAPIMIG.CAT - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\msmsgs.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\msn7.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB981793.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\mstsweb.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\msxpsdrv.CAT - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB981332-IE8.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MW770.CAT - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5IIS.CAT - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5inf.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\msn9.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntprint.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem1.CAT - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem10.CAT - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem0.CAT - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem11.CAT - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB982665.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem7.CAT - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem8.CAT - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem6.CAT - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem2.CAT - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\OEMBIOS.CAT - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\SP2.CAT - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\sp3.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\startoc.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\TimeStamp - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\wmerrenu.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem5.CAT - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WIC.cat - OkC:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem9.CAT - OkC:\WINDOWS\system32\Com\comrereg.exe - OkC:\WINDOWS\system32\Com\comrepl.exe - OkC:\WINDOWS\system32\Com\comempty.dat - OkC:\WINDOWS\system32\Com\comexp.msc - OkC:\WINDOWS\system32\Com\mtsadmin.tlb - OkC:\WINDOWS\system32\DRVSTORE\HECI_CC47D7DB081BDADC726A35DD31A48F0D70365DD6\HECI.cat - OkC:\WINDOWS\system32\DRVSTORE\HECI_CC47D7DB081BDADC726A35DD31A48F0D70365DD6\HECI.inf - OkC:\WINDOWS\system32\DRVSTORE\SNB2009_5775E781315762F8B8430ECCC7359C226A9DEEC8\SNB2009.cat - OkC:\WINDOWS\system32\DRVSTORE\SNB2009_5775E781315762F8B8430ECCC7359C226A9DEEC8\SNB2009.inf - OkC:\WINDOWS\system32\DRVSTORE\cougcore_E839670E2B8E421D8E43C07D82FEE77BCE5DE2FA\cougcore.cat - OkC:\WINDOWS\system32\DRVSTORE\HECI_CC47D7DB081BDADC726A35DD31A48F0D70365DD6\HECIx64.sys - OkC:\WINDOWS\system32\DRVSTORE\HECI_CC47D7DB081BDADC726A35DD31A48F0D70365DD6\HECI.sys - OkC:\WINDOWS\system32\DRVSTORE\cougcore_E839670E2B8E421D8E43C07D82FEE77BCE5DE2FA\cougcore.inf - OkC:\WINDOWS\system32\Com\comadmin.dll - OkC:\WINDOWS\system32\DRVSTORE\cougsmb_A898C5300C4E969896DCF896351CD84F4892311E\cougsmb.cat - OkC:\WINDOWS\system32\DRVSTORE\cougide_A12D2FCAF5A84FB3625271087279B8008B3DE27A\cougide.cat - OkC:\WINDOWS\system32\DRVSTORE\cougusb_9A94710AD738C3628C36025DA8EFD50E545CB0AA\cougusb.cat - OkC:\WINDOWS\system32\DRVSTORE\cougide_A12D2FCAF5A84FB3625271087279B8008B3DE27A\cougide.inf - OkC:\WINDOWS\system32\DirectX\Dinput\actc094.ini - OkC:\WINDOWS\system32\DRVSTORE\cougsmb_A898C5300C4E969896DCF896351CD84F4892311E\cougsmb.inf - OkC:\WINDOWS\system32\DRVSTORE\cougusb_9A94710AD738C3628C36025DA8EFD50E545CB0AA\cougusb.inf - OkC:\WINDOWS\system32\DirectX\Dinput\glmdiggp.png - OkC:\WINDOWS\system32\DirectX\Dinput\glmda.png - OkC:\WINDOWS\system32\DirectX\Dinput\act_rs.png - OkC:\WINDOWS\system32\DirectX\Dinput\gr3001.png - OkC:\WINDOWS\system32\DirectX\Dinput\glmdiggp.ini - OkC:\WINDOWS\system32\DirectX\Dinput\gr3001.ini - OkC:\WINDOWS\system32\DirectX\Dinput\glmda.ini - OkC:\WINDOWS\system32\DirectX\Dinput\gr4001.png - OkC:\WINDOWS\system32\DirectX\Dinput\gr4001_g.png - OkC:\WINDOWS\system32\DirectX\Dinput\gr3001_g.ini - OkC:\WINDOWS\system32\DirectX\Dinput\gr4005.ini - OkC:\WINDOWS\system32\DirectX\Dinput\gr4003.png - OkC:\WINDOWS\system32\DirectX\Dinput\gr4001_g.ini - OkC:\WINDOWS\system32\DirectX\Dinput\gr4005.png - OkC:\WINDOWS\system32\DirectX\Dinput\gr4001.ini - OkC:\WINDOWS\system32\DirectX\Dinput\gr4003.ini - OkC:\WINDOWS\system32\DirectX\Dinput\ia3002_1.png - OkC:\WINDOWS\system32\DirectX\Dinput\ia3002_2.png - OkC:\WINDOWS\system32\DirectX\Dinput\hammer.ini - OkC:\WINDOWS\system32\DirectX\Dinput\lgc202.ini - OkC:\WINDOWS\system32\DirectX\Dinput\lgc202.png - OkC:\WINDOWS\system32\DirectX\Dinput\ia3002.ini - OkC:\WINDOWS\system32\DirectX\Dinput\lgc209.ini - OkC:\WINDOWS\system32\DirectX\Dinput\lgc207.png - OkC:\WINDOWS\system32\DirectX\Dinput\lgc209.png - OkC:\WINDOWS\system32\DirectX\Dinput\lgc291.ini - OkC:\WINDOWS\system32\xpssvcs.dll - OkC:\WINDOWS\system32\DirectX\Dinput\lgc291.png - OkC:\WINDOWS\system32\DirectX\Dinput\lgc20a.png - OkC:\WINDOWS\system32\DirectX\Dinput\lgc207.ini - OkC:\WINDOWS\system32\DirectX\Dinput\ms1b_03.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms1b_01.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms1b_05.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms1b_04.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms1b.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms1b_07.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms1b_06.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms1b_02.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms1b_09.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms1b_08.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms1b_10.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms26_01.png - OkC:\WINDOWS\system32\DirectX\Dinput\lgc20a.ini - OkC:\WINDOWS\system32\DirectX\Dinput\ms26_02.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms26.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms26_03.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms26_06.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms26_05.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms26_08.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms26_07.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms26_04.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms1b.ini - OkC:\WINDOWS\system32\DirectX\Dinput\ms27.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms27_3.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms27_4.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms27_5.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms27_1.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms27_2.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms26.ini - OkC:\WINDOWS\system32\DirectX\Dinput\ms27.ini - OkC:\WINDOWS\system32\DirectX\Dinput\ms28_1.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms28_3.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms28_2.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms28_4.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms28.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms28_5.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms28_6.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms28_7.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms28_8.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms34_03.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms34_02.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms34_01.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms34.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms28.ini - OkC:\WINDOWS\system32\DirectX\Dinput\ms34_04.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms34_08.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms34_07.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms34_05.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms34_06.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms3b_1.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms34.ini - OkC:\WINDOWS\system32\DirectX\Dinput\ms3b_2.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms3b_4.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms3b_a.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms3b.ini - OkC:\WINDOWS\system32\DirectX\Dinput\ms3b_3.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms3b_t.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms3b_c.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms3b.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms56_10.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms3b_m.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms56.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms56_3.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms56_2.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms56_1.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms56_6.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms56_4.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms56_5.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms56_7.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms56_8.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms56_9.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms6_1.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms6_2.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms6_10.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms6_4.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms6_3.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms6_5.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms56.ini - OkC:\WINDOWS\system32\DirectX\Dinput\ms6.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms6_8.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms6_7.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms6_6.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms6_9.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms7_1.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms7_3.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms7_2.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms7.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms7_4.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms7.ini - OkC:\WINDOWS\system32\DirectX\Dinput\ms7_5.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms7_8.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms7_6.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms7_9.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms7_7.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms6.ini - OkC:\WINDOWS\system32\DirectX\Dinput\ms8_2.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms8_3.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms8_1.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms8_10.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms8.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms8_4.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms8_7.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms8_5.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms8_6.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms7_g.ini - OkC:\WINDOWS\system32\DirectX\Dinput\ms8_8.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms8_9.png - OkC:\WINDOWS\system32\DirectX\Dinput\mse_1.png - OkC:\WINDOWS\system32\DirectX\Dinput\mse.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms8.ini - OkC:\WINDOWS\system32\DirectX\Dinput\mse_2.png - OkC:\WINDOWS\system32\DirectX\Dinput\mse_10.png - OkC:\WINDOWS\system32\DirectX\Dinput\mse_3.png - OkC:\WINDOWS\system32\DirectX\Dinput\mse_4.png - OkC:\WINDOWS\system32\DirectX\Dinput\mse.ini - OkC:\WINDOWS\system32\DirectX\Dinput\mse_7.png - OkC:\WINDOWS\system32\DirectX\Dinput\mse_5.png - OkC:\WINDOWS\system32\DirectX\Dinput\mse_6.png - OkC:\WINDOWS\system32\DirectX\Dinput\ms8_g.ini - OkC:\WINDOWS\system32\DirectX\Dinput\mse_8.png - OkC:\WINDOWS\system32\DirectX\Dinput\msf1f_1.png - OkC:\WINDOWS\system32\DirectX\Dinput\msf1f.png - OkC:\WINDOWS\system32\DirectX\Dinput\mse_9.png - OkC:\WINDOWS\system32\DirectX\Dinput\msf1f_2.png - OkC:\WINDOWS\system32\DirectX\Dinput\msf1f_4.png - OkC:\WINDOWS\system32\DirectX\Dinput\msf1f_3.png - OkC:\WINDOWS\system32\DirectX\Dinput\msf1f_5.png - OkC:\WINDOWS\system32\DirectX\Dinput\msf1f_7.png - OkC:\WINDOWS\system32\DirectX\Dinput\msf1f_10.png - OkC:\WINDOWS\system32\DirectX\Dinput\msf1f_8.png - OkC:\WINDOWS\system32\DirectX\Dinput\msf1f_6.png - OkC:\WINDOWS\system32\DirectX\Dinput\msf1f_9.png - OkC:\WINDOWS\system32\DirectX\Dinput\msprw_1.png - OkC:\WINDOWS\system32\DirectX\Dinput\msprw_2.png - OkC:\WINDOWS\system32\DirectX\Dinput\msprw.ini - OkC:\WINDOWS\system32\DirectX\Dinput\msprw_3.png - OkC:\WINDOWS\system32\DirectX\Dinput\msf1f.ini - OkC:\WINDOWS\system32\DirectX\Dinput\mse_g.ini - OkC:\WINDOWS\system32\DirectX\Dinput\msprw_4.png - OkC:\WINDOWS\system32\DirectX\Dinput\msprw_5.png - OkC:\WINDOWS\system32\DirectX\Dinput\msprw_6.png - OkC:\WINDOWS\system32\DirectX\Dinput\msprw.png - OkC:\WINDOWS\system32\DirectX\Dinput\msprw_7.png - OkC:\WINDOWS\system32\DirectX\Dinput\msprw_8.png - OkC:\WINDOWS\system32\DirectX\Dinput\SV-262e1.png - OkC:\WINDOWS\system32\DirectX\Dinput\SV-262e3.png - OkC:\WINDOWS\system32\DirectX\Dinput\sv2511.png - OkC:\WINDOWS\system32\DirectX\Dinput\sv2512.png - OkC:\WINDOWS\system32\DirectX\Dinput\SV-262e4.png - OkC:\WINDOWS\system32\Macromed\Flash\FlashInstall.log - OkC:\WINDOWS\system32\Macromed\Flash\flashplayer.xpt - OkC:\WINDOWS\system32\DirectX\Dinput\raiderpd.ini - OkC:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe - OkC:\WINDOWS\system32\Macromed\Flash\activex.vch - OkC:\WINDOWS\system32\Macromed\Flash\KB923789.inf - OkC:\WINDOWS\system32\Macromed\Flash\mms.cfg - OkC:\WINDOWS\system32\Macromed\Flash\genuinst.exe - OkC:\WINDOWS\system32\Macromed\Flash\plugin.vch - OkC:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\80dbdd53-18cb-4d6d-abac-e5b3faf8c417 - OkC:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\Preferred - OkC:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.dll - OkC:\WINDOWS\system32\MsDtc\Trace\dtctrace.log - OkC:\WINDOWS\system32\MsDtc\MSDTC.LOG - OkC:\WINDOWS\system32\MsDtc\Trace\msdtcvtr.bat - OkC:\WINDOWS\system32\MsDtc\Trace\msdtctr.mof - OkC:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_0409_v1\spcustom.dll.ref - OkC:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_0409_v1\spmsg.dll.ref - OkC:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_0409_v1\spupdsvc.exe.ref - OkC:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe - OkC:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_0409_v1\spuninst.exe.ref - OkC:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_5_502_135_Plugin.exe - Ok>C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll is BINARYRES container>C:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_0409_v1\updspapi.dll.ref - packed by BINARYRES>>C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll\data001 - packed by BINARYRES>>>C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll\data001 is WISE container>>C:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_0409_v1\updspapi.dll.ref - packed by MS COMPRESS>>C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll\data002 is ZLIB containerC:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll - containerC:\WINDOWS\system32\RTCOM\RTLCPAPI.dll - OkC:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_0409_v1\updspapi.dll.ref - OkC:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\machine.inf - OkC:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\machine.inf - OkC:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\machine.PNF - OkC:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\machine.PNF - OkC:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\pci.sys - OkC:\WINDOWS\system32\RTCOM\RTCOMDLL.dll - OkC:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\machine.inf - OkC:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\machine.PNF - OkC:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\machine.inf - OkC:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\machine.PNF - OkC:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\pci.sys - OkC:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_0409_v1\update.exe.ref - OkC:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\pci.sys - OkC:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\machine.inf - OkC:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\pci.sys - OkC:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\machine.inf - OkC:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\machine.PNF - OkC:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\pci.sys - OkC:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\mshdc.inf - OkC:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\machine.inf - OkC:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\machine.PNF - OkC:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\isapnp.sys - OkC:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\mshdc.PNF - OkC:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\mshdc.inf - OkC:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\pciidex.sys - OkC:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\pciide.sys - OkC:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\machine.PNF - OkC:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys - OkC:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\mshdc.PNF - OkC:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\pciide.sys - OkC:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\pciidex.sys - OkC:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\usbport.inf - OkC:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\usbport.PNF - OkC:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\hccoin.dll - OkC:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\usbehci.sys - OkC:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys - OkC:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\usbport.inf - OkC:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\usbport.PNF - OkC:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\usbhub.sys - OkC:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\hccoin.dll - OkC:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\usbehci.sys - OkC:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\usbhub.sys - OkC:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\usbui.dll - OkC:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\cougME.cat - OkC:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\cougme.PNF - OkC:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\cougme.inf - OkC:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\cpu.inf - OkC:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\usbport.sys - OkC:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\cpu.PNF - OkC:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\usbui.dll - OkC:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\cpu.inf - OkC:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\cpu.PNF - OkC:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\cpu.inf - OkC:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386\intelppm.sys - OkC:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\cpu.PNF - OkC:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\usbport.sys - OkC:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386\intelppm.sys - OkC:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\cpu.inf - OkC:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\cpu.PNF - OkC:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\hdaudbus.inf - OkC:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\hdaudbus.PNF - OkC:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\i386\intelppm.sys - OkC:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\i386\intelppm.sys - OkC:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\machine.inf - OkC:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\hdaudbus.inf - OkC:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\hdaudbus.PNF - OkC:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\machine.PNF - OkC:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\license.txt - OkC:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nv4_disp.inf - OkC:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nv4_disp.PNF - OkC:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\hdaudbus.sys - OkC:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\hdaudbus.sys - OkC:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\dbInstaller.exe - OkC:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvapi.dll - OkC:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nv4_mini.sys - OkC:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nv4_disp.dll - OkC:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvdata.bin - OkC:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvcuvenc.dll - OkC:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvdrsdb.bin - OkC:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvcuda.dll - OkC:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvinfo.pb - OkC:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvdispco32.dll - OkC:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvgenco32.dll - OkC:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\OpenCL.dll - OkC:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\nvhda.inf - Ok>C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvcuvid.dll - packed by FLY-CODEC:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\nvhda.PNF - OkC:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\nvhda32.sys - Ok>C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\nvhdap32.dll - packed by PESTUBC:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\nvgenco32.dll - OkC:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\i386\drmk.sys - OkC:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\nvhdap32.dll - OkC:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\i386\ks.sys - OkC:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\i386\ksuser.dll - OkC:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\i386\ksproxy.ax - OkC:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\i386\stream.sys - OkC:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\i386\portcls.sys - Ok>C:\WINDOWS\system32\Macromed\Flash\Flash32_11_5_502_135.ocx is BINARYRES container>>C:\WINDOWS\system32\Macromed\Flash\Flash32_11_5_502_135.ocx\data001 - packed by BINARYRES>>>C:\WINDOWS\system32\Macromed\Flash\Flash32_11_5_502_135.ocx\data001 is WISE containerC:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\i386\wdmaud.drv - Ok>>C:\WINDOWS\system32\Macromed\Flash\Flash32_11_5_502_135.ocx\data002 is ZLIB containerC:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvcompiler.dll - OkC:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\nvhda.inf - OkC:\WINDOWS\system32\Macromed\Flash\Flash32_11_5_502_135.ocx - containerC:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\nvhda.PNF - OkC:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\i386\drmk.sys - OkC:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\nvhda32.sys - OkC:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\i386\ks.sys - OkC:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\i386\ksuser.dll - OkC:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\i386\ksproxy.ax - OkC:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\i386\portcls.sys - OkC:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\i386\stream.sys - OkC:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\i386\wdmaud.drv - OkC:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\nvhda.inf - OkC:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\nvhda.PNF - OkC:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\nvgenco32.dll - OkC:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\nvhda32.sys - OkC:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvcuvid.dll - Ok>C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\nvhdap32.dll - packed by PESTUBC:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\i386\drmk.sys - OkC:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\i386\ks.sys - OkC:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\i386\ksuser.dll - OkC:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\i386\ksproxy.ax - OkC:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\i386\stream.sys - OkC:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\i386\wdmaud.drv - OkC:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\i386\portcls.sys - OkC:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\nvhda.inf - OkC:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\nvhda.PNF - Ok>C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\nvhdap32.dll - packed by PESTUBC:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\nvgenco32.dll - OkC:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\nvhda32.sys - OkC:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\drmk.sys - Ok>C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\nvhdap32.dll - packed by PESTUBC:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\nvhdap32.dll - OkC:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\nvgenco32.dll - OkC:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\ks.sys - OkC:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\ksuser.dll - OkC:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\ksproxy.ax - OkC:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\stream.sys - OkC:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\nvhdap32.dll - OkC:\WINDOWS\system32\Restore\MachineGuid.txt - OkC:\WINDOWS\system32\Restore\filelist.xml - OkC:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\portcls.sys - OkC:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\wdmaud.drv - OkC:\WINDOWS\system32\Restore\srframe.mmf - OkC:\WINDOWS\system32\Restore\srdiag.exe - OkC:\WINDOWS\system32\Setup\fp40ext.dll - OkC:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\nvhdap32.dll - OkC:\WINDOWS\system32\Setup\fsconins.dll - Ok>C:\WINDOWS\system32\Restore\rstrui.exe is BINARYRES container>>C:\WINDOWS\system32\Restore\rstrui.exe\data001 is JS-HTML container>>C:\WINDOWS\system32\Restore\rstrui.exe\data002 is JS-HTML container>>C:\WINDOWS\system32\Restore\rstrui.exe\data003 is JS-HTML container>>C:\WINDOWS\system32\Restore\rstrui.exe\data005 is JS-HTML containerC:\WINDOWS\system32\Setup\imsinsnt.dll - OkC:\WINDOWS\system32\Setup\fxsocm.dll - Ok>>C:\WINDOWS\system32\Restore\rstrui.exe\data006 is JS-HTML container>C:\WINDOWS\system32\Setup\koc.dll - packed by FLY-CODEC:\WINDOWS\system32\Setup\comsetup.dll - Ok>>C:\WINDOWS\system32\Restore\rstrui.exe\data009 is JS-HTML container>>C:\WINDOWS\system32\Restore\rstrui.exe\data010 is JS-HTML containerC:\WINDOWS\system32\Setup\koc.dll - Ok>>C:\WINDOWS\system32\Restore\rstrui.exe\data011 is JS-HTML containerC:\WINDOWS\system32\Restore\rstrui.exe - containerC:\WINDOWS\system32\Setup\msgrocm.dll - OkC:\WINDOWS\system32\Setup\msdtcstp.dll - OkC:\WINDOWS\system32\Setup\ocgen.dll - OkC:\WINDOWS\system32\Setup\ntoc.dll - OkC:\WINDOWS\system32\Setup\netoc.dll - OkC:\WINDOWS\system32\Setup\iis.dll - OkC:\WINDOWS\system32\Setup\ocmsn.dll - OkC:\WINDOWS\system32\Setup\zoneoc.dll - OkC:\WINDOWS\system32\Setup\startoc.dll - OkC:\WINDOWS\system32\Setup\setupqry.dll - OkC:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll - OkC:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.6.7600.256\wups2.dll - OkC:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.6.7600.256\wups.dll - OkC:\WINDOWS\system32\XPSViewer\en-US\XPSViewer.exe.mui - OkC:\WINDOWS\system32\XPSViewer\XPSViewerManifest.xml - Ok>C:\WINDOWS\system32\cache\0025579d476751f2.fb is JS-HTML containerC:\WINDOWS\system32\Setup\tsoc.dll - OkC:\WINDOWS\system32\cache\0025579d476751f2.fb - containerC:\WINDOWS\system32\cache\287204568329e189.fb - OkC:\WINDOWS\system32\cache\272512937d9e61a4.fb - OkC:\WINDOWS\system32\cache\31a0997e9a5b5eb3.fb - OkC:\WINDOWS\system32\cache\28bc8f716fd76a47.fb - OkC:\WINDOWS\system32\cache\3917078cb68ec657.fb - OkC:\WINDOWS\system32\cache\32c84fe32bb74d60.fb - OkC:\WINDOWS\system32\cache\590ba23ce359fd0c.fb - OkC:\WINDOWS\system32\cache\610289e025a3ee9a.fb - OkC:\WINDOWS\system32\cache\6c59ac5e7e7a3ad0.fb - OkC:\WINDOWS\system32\cache\6d03dad1035885d3.fb - OkC:\WINDOWS\system32\cache\651c5d3cdbfb8bd1.fb - OkC:\WINDOWS\system32\cache\ad10a52aff5e038d.fb - OkC:\WINDOWS\system32\cache\c1fa887b03019701.fb - OkC:\WINDOWS\system32\cache\c4d28dca2e7648be.fb - OkC:\WINDOWS\system32\cache\a8556537add6dfc5.fb - OkC:\WINDOWS\system32\cache\d2e94710a5708128.fb - OkC:\WINDOWS\system32\cache\d79b9dfe81484ec4.fb - OkC:\WINDOWS\system32\cache\d201ef9910cd39de.fb - OkC:\WINDOWS\system32\XPSViewer\XPSViewer.exe - OkC:\WINDOWS\system32\config\default - read errorC:\WINDOWS\system32\config\default.LOG - read errorC:\WINDOWS\system32\config\AppEvent.Evt - OkC:\WINDOWS\system32\config\default.sav - OkC:\WINDOWS\system32\config\Doctor Web.evt - OkC:\WINDOWS\system32\config\SAM - read errorC:\WINDOWS\system32\config\SAM.LOG - read errorC:\WINDOWS\system32\cache\f998975c9cc711ee.fb - OkC:\WINDOWS\system32\config\SECURITY - read errorC:\WINDOWS\system32\config\SECURITY.LOG - read errorC:\WINDOWS\system32\config\software - read errorC:\WINDOWS\system32\config\software.LOG - read errorC:\WINDOWS\system32\config\Internet.evt - OkC:\WINDOWS\system32\config\SecEvent.Evt - OkC:\WINDOWS\system32\config\system - read errorC:\WINDOWS\system32\config\system.LOG - read errorC:\WINDOWS\system32\config\software.sav - OkC:\WINDOWS\system32\config\system.sav - OkC:\WINDOWS\system32\config\TempKey.LOG - OkC:\WINDOWS\system32\config\userdiff.LOG - OkC:\WINDOWS\system32\config\SysEvent.Evt - OkC:\WINDOWS\system32\config\WindowsPowerShell.evt - OkC:\WINDOWS\system32\config\userdiff - OkC:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini - OkC:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\2BF68F4714092295550497DD56F57004 - OkC:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5 - OkC:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\62B5AF9BE9ADC1085C3C56EC07A82BF6 - OkC:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\74BFD122C0875EC75DBE5C6DB4C59019 - OkC:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wuapi.dll\7.4.7600.226\wuapi.dll - OkC:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\12236C41CDDF9E40BA5606CDF086B821 - OkC:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\8DFDF057024880D7A081AFBF6D26B92F - OkC:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\E04822AD18D472EA5B582E6E6F8C6B9A - OkC:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\7B2238AACCEDC3F1FFE8E7EB5F575EC9 - OkC:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\12236C41CDDF9E40BA5606CDF086B821 - Ok>C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015 is CAB archiveC:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015 - OkC:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\2BF68F4714092295550497DD56F57004 - OkC:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015 - archiveC:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5 - OkC:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\74BFD122C0875EC75DBE5C6DB4C59019 - OkC:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\62B5AF9BE9ADC1085C3C56EC07A82BF6 - OkC:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\7B2238AACCEDC3F1FFE8E7EB5F575EC9 - OkC:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\8DFDF057024880D7A081AFBF6D26B92F - OkC:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015 - OkC:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\E04822AD18D472EA5B582E6E6F8C6B9A - OkC:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\brndlog.bak - OkC:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\brndlog.txt - OkC:\WINDOWS\system32\config\systemprofile\Cookies\index.dat - OkC:\WINDOWS\system32\config\systemprofile\IETldCache\index.dat - OkC:\WINDOWS\system32\config\systemprofile\Local Settings\desktop.ini - OkC:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.DTD - OkC:\WINDOWS\system32\config\systemprofile\Local Settings\History\desktop.ini - OkC:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\desktop.ini - OkC:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat - OkC:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012012123020121231\index.dat - OkC:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\chrome_installer.log - OkC:\WINDOWS\system32\bits\qmgr.dll - OkC:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\desktop.ini - OkC:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini - OkC:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - OkC:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\G1MFG5MJ\desktop.ini - OkC:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.XML - OkC:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GPQVOLUV\desktop.ini - OkC:\WINDOWS\system32\config\systemprofile\SendTo\Compressed (zipped) Folder.ZFSendToTarget - OkC:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\SDQBS523\desktop.ini - OkC:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\S1ERC9YR\desktop.ini - OkC:\WINDOWS\system32\config\systemprofile\SendTo\Desktop (create shortcut).DeskLink - OkC:\WINDOWS\system32\config\systemprofile\SendTo\Mail Recipient.MAPIMail - OkC:\WINDOWS\system32\config\systemprofile\Start Menu\desktop.ini - OkC:\WINDOWS\system32\config\systemprofile\SendTo\desktop.ini - OkC:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\desktop.ini - OkC:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012012122920121230\index.dat - OkC:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\desktop.ini - OkC:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Windows Media Player.lnk - OkC:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Program Compatibility Wizard.lnk - OkC:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Remote Assistance.lnk - OkC:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Command Prompt.lnk - OkC:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Notepad.lnk - OkC:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\desktop.ini - OkC:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Windows Explorer.lnk - OkC:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_59R.wmdb - OkC:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Synchronize.lnk - OkC:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Tour Windows XP.lnk - OkC:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\Magnifier.lnk - OkC:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Entertainment\desktop.ini - OkC:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini - OkC:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk - OkC:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk - OkC:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Entertainment\Windows Media Player.lnk - OkC:\WINDOWS\system32\config\systemprofile\Templates\amipro.sam - OkC:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\Utility Manager.lnk - OkC:\WINDOWS\system32\config\systemprofile\Templates\excel.xls - OkC:\WINDOWS\system32\config\systemprofile\Templates\presenta.shw - OkC:\WINDOWS\system32\config\systemprofile\Templates\sndrec.wav - OkC:\WINDOWS\system32\config\systemprofile\Templates\winword.doc - OkC:\WINDOWS\system32\config\systemprofile\Templates\quattro.wb2 - OkC:\WINDOWS\system32\config\systemprofile\Templates\excel4.xls - OkC:\WINDOWS\system32\config\systemprofile\Templates\lotus.wk4 - OkC:\WINDOWS\system32\config\systemprofile\Templates\winword2.doc - OkC:\WINDOWS\system32\config\systemprofile\Templates\powerpnt.ppt - OkC:\WINDOWS\system32\config\systemprofile\Templates\wordpfct.wpg - OkC:\WINDOWS\system32\config\systemprofile\Templates\wordpfct.wpd - OkC:\WINDOWS\system32\dllcache\12520850.cpx - OkC:\WINDOWS\system32\dllcache\1394vdbg.sys - OkC:\WINDOWS\system32\dllcache\12520437.cpx - OkC:\WINDOWS\system32\dllcache\1394bus.sys - OkC:\WINDOWS\system32\dllcache\4mmdat.sys - OkC:\WINDOWS\system32\dllcache\61883.sys - OkC:\WINDOWS\system32\dllcache\8514a.dll - OkC:\WINDOWS\system32\dllcache\6to4svc.dll - OkC:\WINDOWS\system32\dllcache\3dfxvsm.sys - OkC:\WINDOWS\system32\dllcache\aaaamon.dll - OkC:\WINDOWS\system32\dllcache\a3d.dll - OkC:\WINDOWS\system32\dllcache\abp480n5.sys - OkC:\WINDOWS\system32\dllcache\aaclient.dll - OkC:\WINDOWS\system32\dllcache\3dfxvs.dll - OkC:\WINDOWS\system32\dllcache\ac97ali.sys - OkC:\WINDOWS\system32\dllcache\ac97intc.sys - OkC:\WINDOWS\system32\dllcache\ac97via.sys - OkC:\WINDOWS\system32\dllcache\a3dapi.dll - OkC:\WINDOWS\system32\dllcache\acctres.dll - OkC:\WINDOWS\system32\dllcache\ac97sis.sys - OkC:\WINDOWS\system32\dllcache\3cwmcru.sys - OkC:\WINDOWS\system32\dllcache\access.cpl - OkC:\WINDOWS\system32\dllcache\acerscad.dll - OkC:\WINDOWS\system32\dllcache\accwiz.exe - OkC:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvoglnt.dll - OkC:\WINDOWS\system32\dllcache\acledit.dll - OkC:\WINDOWS\system32\dllcache\acpiec.sys - OkC:\WINDOWS\system32\dllcache\aclua.dll - OkC:\WINDOWS\system32\dllcache\acpi.sys - OkC:\WINDOWS\system32\dllcache\aclui.dll - OkC:\WINDOWS\system32\dllcache\actmovie.exe - OkC:\WINDOWS\system32\dllcache\activeds.tlb - OkC:\WINDOWS\system32\dllcache\activeds.dll - OkC:\WINDOWS\system32\dllcache\actxprxy.dll - OkC:\WINDOWS\system32\dllcache\adicvls.sys - OkC:\WINDOWS\system32\dllcache\adm8511.sys - OkC:\WINDOWS\system32\dllcache\aclayers.dll - OkC:\WINDOWS\system32\dllcache\acxtrnal.dll - OkC:\WINDOWS\system32\dllcache\acspecfc.dll - OkC:\WINDOWS\system32\dllcache\admin.dll - OkC:\WINDOWS\system32\dllcache\admin.exe - OkC:\WINDOWS\system32\dllcache\admjoy.sys - Ok>C:\WINDOWS\system32\dllcache\admparse.dll - packed by FLY-CODEC:\WINDOWS\system32\dllcache\adptif.dll - OkC:\WINDOWS\system32\dllcache\adm8820.sys - OkC:\WINDOWS\system32\dllcache\adm8810.sys - OkC:\WINDOWS\system32\dllcache\adptsf50.sys - OkC:\WINDOWS\system32\dllcache\admparse.dll - OkC:\WINDOWS\system32\dllcache\adpu160m.sys - OkC:\WINDOWS\system32\dllcache\adm8830.sys - OkC:\WINDOWS\system32\dllcache\adsmsext.dll - OkC:\WINDOWS\system32\dllcache\adv01nt5.dll - OkC:\WINDOWS\system32\dllcache\adv02nt5.dll - OkC:\WINDOWS\system32\dllcache\adsldpc.dll - OkC:\WINDOWS\system32\dllcache\adv07nt5.dll - OkC:\WINDOWS\system32\dllcache\adv05nt5.dll - OkC:\WINDOWS\system32\dllcache\adsldp.dll - OkC:\WINDOWS\system32\dllcache\adv09nt5.dll - OkC:\WINDOWS\system32\dllcache\adv11nt5.dll - OkC:\WINDOWS\system32\dllcache\adv08nt5.dll - OkC:\WINDOWS\system32\dllcache\adsnt.dll - OkC:\WINDOWS\system32\dllcache\aec.sys - OkC:\WINDOWS\system32\dllcache\advpack.dll - OkC:\WINDOWS\system32\dllcache\agcgauge.ax - OkC:\WINDOWS\system32\dllcache\acgenral.dll - OkC:\WINDOWS\system32\dllcache\afd.sys - OkC:\WINDOWS\system32\dllcache\agentanm.dll - OkC:\WINDOWS\system32\dllcache\agentdp2.dll - OkC:\WINDOWS\system32\dllcache\agentpsh.dll - OkC:\WINDOWS\system32\dllcache\agentmpx.dll - OkC:\WINDOWS\system32\dllcache\agentdpv.dll - OkC:\WINDOWS\system32\dllcache\agentctl.dll - OkC:\WINDOWS\system32\dllcache\advapi32.dll - OkC:\WINDOWS\system32\dllcache\agentsr.dll - OkC:\WINDOWS\system32\dllcache\agp440.sys - OkC:\WINDOWS\system32\dllcache\agpcpq.sys - OkC:\WINDOWS\system32\dllcache\agt0401.dll - OkC:\WINDOWS\system32\dllcache\agt0404.dll - OkC:\WINDOWS\system32\dllcache\agt0405.dll - OkC:\WINDOWS\system32\dllcache\agt0406.dll - OkC:\WINDOWS\system32\dllcache\agt0407.dll - OkC:\WINDOWS\system32\dllcache\agt0408.dll - OkC:\WINDOWS\system32\dllcache\agt0409.dll - OkC:\WINDOWS\system32\dllcache\agt040b.dll - OkC:\WINDOWS\system32\dllcache\agt040d.dll - OkC:\WINDOWS\system32\dllcache\agt040e.dll - OkC:\WINDOWS\system32\dllcache\agt0411.dll - OkC:\WINDOWS\system32\dllcache\agt0410.dll - OkC:\WINDOWS\system32\dllcache\agt040c.dll - OkC:\WINDOWS\system32\dllcache\agt0412.dll - OkC:\WINDOWS\system32\dllcache\agt0413.dll - OkC:\WINDOWS\system32\dllcache\agt0419.dll - OkC:\WINDOWS\system32\dllcache\agt0415.dll - OkC:\WINDOWS\system32\dllcache\agt0416.dll - OkC:\WINDOWS\system32\dllcache\agt0414.dll - OkC:\WINDOWS\system32\dllcache\agt041f.dll - OkC:\WINDOWS\system32\dllcache\agentsvr.exe - OkC:\WINDOWS\system32\dllcache\agt041d.dll - OkC:\WINDOWS\system32\dllcache\agt0816.dll - OkC:\WINDOWS\system32\dllcache\agt0c0a.dll - OkC:\WINDOWS\system32\dllcache\agtctl15.tlb - OkC:\WINDOWS\system32\dllcache\agt0804.dll - OkC:\WINDOWS\system32\dllcache\aha154x.sys - OkC:\WINDOWS\system32\dllcache\agtintl.dll - OkC:\WINDOWS\system32\dllcache\aic78u2.sys - OkC:\WINDOWS\system32\dllcache\aliide.sys - OkC:\WINDOWS\system32\dllcache\ali5261.sys - OkC:\WINDOWS\system32\dllcache\alifir.sys - OkC:\WINDOWS\system32\dllcache\aic78xx.sys - OkC:\WINDOWS\system32\dllcache\alrsvc.dll - OkC:\WINDOWS\system32\dllcache\amb8002.sys - OkC:\WINDOWS\system32\dllcache\alim1541.sys - OkC:\WINDOWS\system32\dllcache\alg.exe - OkC:\WINDOWS\system32\dllcache\amdagp.sys - OkC:\WINDOWS\system32\dllcache\ahui.exe - OkC:\WINDOWS\system32\dllcache\amsint.sys - OkC:\WINDOWS\system32\dllcache\amdk7.sys - OkC:\WINDOWS\system32\dllcache\amdk6.sys - OkC:\WINDOWS\system32\dllcache\an983.sys - OkC:\WINDOWS\system32\dllcache\ansi.sys - OkC:\WINDOWS\system32\dllcache\apmbatt.sys - OkC:\WINDOWS\system32\dllcache\append.exe - OkC:\WINDOWS\system32\dllcache\amstream.dll - Ok>C:\WINDOWS\system32\dllcache\apps.chm is CHM containerC:\WINDOWS\system32\dllcache\apph_sp.sdb - OkC:\WINDOWS\system32\dllcache\apphelp.sdb - OkC:\WINDOWS\system32\dllcache\apcups.dll - OkC:\WINDOWS\system32\dllcache\apphelp.dll - OkC:\WINDOWS\system32\dllcache\archvapp.inf - OkC:\WINDOWS\system32\dllcache\arp.exe - OkC:\WINDOWS\system32\dllcache\arp1394.sys - OkC:\WINDOWS\system32\dllcache\asc.sys - OkC:\WINDOWS\system32\dllcache\asc3350p.sys - OkC:\WINDOWS\system32\dllcache\asferror.dll - OkC:\WINDOWS\system32\dllcache\asc3550.sys - OkC:\WINDOWS\system32\dllcache\aspndis3.sys - OkC:\WINDOWS\system32\dllcache\asycfilt.dll - OkC:\WINDOWS\system32\dllcache\asctrls.ocx - OkC:\WINDOWS\system32\dllcache\asyncmac.sys - OkC:\WINDOWS\system32\dllcache\aqueue.dll - OkC:\WINDOWS\system32\dllcache\at.exe - OkC:\WINDOWS\system32\dllcache\atapi.sys - OkC:\WINDOWS\system32\dllcache\ati1mdxx.sys - OkC:\WINDOWS\system32\dllcache\ati1btxx.sys - OkC:\WINDOWS\system32\dllcache\ati.dll - OkC:\WINDOWS\system32\dllcache\ati.sys - Ok>C:\WINDOWS\system32\dllcache\appwiz.cpl is BINARYRES container>>C:\WINDOWS\system32\dllcache\appwiz.cpl\data001 is JS-HTML containerC:\WINDOWS\system32\dllcache\ati1pdxx.sys - OkC:\WINDOWS\system32\dllcache\ati1snxx.sys - OkC:\WINDOWS\system32\dllcache\ati1raxx.sys - Ok>>C:\WINDOWS\system32\dllcache\appwiz.cpl\data003 is JS-HTML containerC:\WINDOWS\system32\dllcache\ati1rvxx.sys - Ok>>C:\WINDOWS\system32\dllcache\appwiz.cpl\data004 is JS-HTML containerC:\WINDOWS\system32\dllcache\ati1ttxx.sys - Ok>>C:\WINDOWS\system32\dllcache\appwiz.cpl\data006 is JS-HTML container>>C:\WINDOWS\system32\dllcache\appwiz.cpl\data008 is JS-HTML containerC:\WINDOWS\system32\dllcache\ati1xsxx.sys - OkC:\WINDOWS\system32\dllcache\ati1xbxx.sys - OkC:\WINDOWS\system32\dllcache\ati1tuxx.sys - Ok>>C:\WINDOWS\system32\dllcache\appwiz.cpl\data009 is JS-HTML container>>C:\WINDOWS\system32\dllcache\appwiz.cpl\data011 is JS-HTML container>>C:\WINDOWS\system32\dllcache\appwiz.cpl\data012 is JS-HTML container>>C:\WINDOWS\system32\dllcache\appwiz.cpl\data014 is JS-HTML containerC:\WINDOWS\system32\dllcache\ati2cqag.dll - Ok>>C:\WINDOWS\system32\dllcache\appwiz.cpl\data015 is JS-HTML container>>C:\WINDOWS\system32\dllcache\appwiz.cpl\data016 is JS-HTML containerC:\WINDOWS\system32\dllcache\appwiz.cpl - containerC:\WINDOWS\system32\dllcache\ati2dvag.dll - OkC:\WINDOWS\system32\dllcache\ati2dvaa.dll - OkC:\WINDOWS\system32\dllcache\atibt829.sys - OkC:\WINDOWS\system32\dllcache\ati2mtaa.sys - OkC:\WINDOWS\system32\dllcache\atidrae.dll - OkC:\WINDOWS\system32\dllcache\atidrab.dll - OkC:\WINDOWS\system32\dllcache\atidvai.dll - OkC:\WINDOWS\system32\dllcache\ati2mtag.sys - OkC:\WINDOWS\system32\dllcache\ati3d1ag.dll - OkC:\WINDOWS\system32\dllcache\atimpae.sys - OkC:\WINDOWS\system32\dllcache\atinbtxx.sys - OkC:\WINDOWS\system32\dllcache\atimpab.sys - OkC:\WINDOWS\system32\dllcache\atievxx.exe - OkC:\WINDOWS\system32\dllcache\atimtai.sys - OkC:\WINDOWS\system32\dllcache\atinmdxx.sys - OkC:\WINDOWS\system32\dllcache\atinpdxx.sys - OkC:\WINDOWS\system32\dllcache\atinraxx.sys - OkC:\WINDOWS\system32\dllcache\atinttxx.sys - OkC:\WINDOWS\system32\dllcache\atinsnxx.sys - OkC:\WINDOWS\system32\dllcache\atintuxx.sys - OkC:\WINDOWS\system32\dllcache\atinrvxx.sys - OkC:\WINDOWS\system32\dllcache\atinxbxx.sys - OkC:\WINDOWS\system32\dllcache\atipcxxx.sys - OkC:\WINDOWS\system32\dllcache\atiraged.dll - OkC:\WINDOWS\system32\dllcache\atinxsxx.sys - OkC:\WINDOWS\system32\dllcache\ati3duag.dll - OkC:\WINDOWS\system32\dllcache\atirtsnd.sys - OkC:\WINDOWS\system32\dllcache\atirtcap.sys - OkC:\WINDOWS\system32\dllcache\atiragem.sys - OkC:\WINDOWS\system32\dllcache\atitunep.sys - OkC:\WINDOWS\system32\dllcache\atitvsnd.sys - OkC:\WINDOWS\system32\dllcache\ativmvxx.ax - OkC:\WINDOWS\system32\dllcache\ativmdcd.sys - OkC:\WINDOWS\system32\dllcache\ativdaxx.ax - OkC:\WINDOWS\system32\dllcache\ativttxx.sys - OkC:\WINDOWS\system32\dllcache\ativtmxx.dll - OkC:\WINDOWS\system32\dllcache\atixbar.sys - OkC:\WINDOWS\system32\dllcache\ativxbar.sys - OkC:\WINDOWS\system32\dllcache\atkctrs.dll - OkC:\WINDOWS\system32\dllcache\atmadm.exe - OkC:\WINDOWS\system32\dllcache\atl.dll - OkC:\WINDOWS\system32\dllcache\atmepvc.sys - OkC:\WINDOWS\system32\dllcache\atmarpc.sys - OkC:\WINDOWS\system32\dllcache\atmlane.sys - OkC:\WINDOWS\system32\dllcache\atmpvcno.dll - OkC:\WINDOWS\system32\dllcache\atmlib.dll - OkC:\WINDOWS\system32\dllcache\atrace.dll - OkC:\WINDOWS\system32\dllcache\attrib.exe - OkC:\WINDOWS\system32\dllcache\atmfd.dll - OkC:\WINDOWS\system32\dllcache\atv01nt5.dll - OkC:\WINDOWS\system32\dllcache\ativvaxx.dll - OkC:\WINDOWS\system32\dllcache\atv02nt5.dll - OkC:\WINDOWS\system32\dllcache\atv04nt5.dll - OkC:\WINDOWS\system32\dllcache\atv06nt5.dll - OkC:\WINDOWS\system32\dllcache\atv10nt5.dll - OkC:\WINDOWS\system32\dllcache\auditusr.exe - OkC:\WINDOWS\system32\dllcache\atmuni.sys - OkC:\WINDOWS\system32\dllcache\audstub.sys - OkC:\WINDOWS\system32\dllcache\author.dll - OkC:\WINDOWS\system32\dllcache\audiosrv.dll - OkC:\WINDOWS\system32\dllcache\author.exe - OkC:\WINDOWS\system32\dllcache\authz.dll - OkC:\WINDOWS\system32\dllcache\autodisc.dll - Ok>C:\WINDOWS\system32\dllcache\autolfn.exe - packed by FLY-CODEC:\WINDOWS\system32\dllcache\avc.sys - OkC:\WINDOWS\system32\dllcache\avcaudio.sys - OkC:\WINDOWS\system32\dllcache\avcstrm.sys - OkC:\WINDOWS\system32\dllcache\autofmt.exe - OkC:\WINDOWS\system32\dllcache\avicap.dll - OkC:\WINDOWS\system32\dllcache\autochk.exe - OkC:\WINDOWS\system32\dllcache\avifile.dll - OkC:\WINDOWS\system32\dllcache\autoconv.exe - OkC:\WINDOWS\system32\dllcache\avifil32.dll - OkC:\WINDOWS\system32\dllcache\avicap32.dll - OkC:\WINDOWS\system32\dllcache\avmeter.dll - OkC:\WINDOWS\system32\dllcache\avmwan.sys - OkC:\WINDOWS\system32\dllcache\avmcoxp.dll - OkC:\WINDOWS\system32\dllcache\avwav.dll - OkC:\WINDOWS\system32\dllcache\avmenum.dll - OkC:\WINDOWS\system32\dllcache\aztw2320.sys - OkC:\WINDOWS\system32\dllcache\azroles.dll - OkC:\WINDOWS\system32\dllcache\avtapi.dll - OkC:\WINDOWS\system32\dllcache\b57xp32.sys - OkC:\WINDOWS\system32\dllcache\b1cbase.sys - OkC:\WINDOWS\system32\dllcache\banshee.sys - OkC:\WINDOWS\system32\dllcache\basesrv.dll - OkC:\WINDOWS\system32\dllcache\battc.sys - OkC:\WINDOWS\system32\dllcache\batt.dll - OkC:\WINDOWS\system32\dllcache\autolfn.exe - OkC:\WINDOWS\system32\dllcache\banshee.dll - OkC:\WINDOWS\system32\dllcache\batmeter.dll - OkC:\WINDOWS\system32\dllcache\bckg.dll - OkC:\WINDOWS\system32\dllcache\bcm42u.sys - OkC:\WINDOWS\system32\dllcache\bcm42xx5.sys - OkC:\WINDOWS\system32\dllcache\bcm4e5.sys - OkC:\WINDOWS\system32\dllcache\bckgzm.exe - OkC:\WINDOWS\system32\dllcache\bdasup.sys - OkC:\WINDOWS\system32\dllcache\beep.sys - OkC:\WINDOWS\system32\dllcache\bdaplgin.ax - OkC:\WINDOWS\system32\dllcache\big5.nls - OkC:\WINDOWS\system32\dllcache\apps.chm - containerC:\WINDOWS\system32\dllcache\bidispl.dll - OkC:\WINDOWS\system32\dllcache\bitsprx4.dll - OkC:\WINDOWS\system32\dllcache\bitsprx3.dll - OkC:\WINDOWS\system32\dllcache\bitsprx2.dll - OkC:\WINDOWS\system32\dllcache\bktrh.gif - OkC:\WINDOWS\system32\dllcache\binlsvc.dll - OkC:\WINDOWS\system32\dllcache\blastcln.exe - OkC:\WINDOWS\system32\dllcache\blue_ss.dll - OkC:\WINDOWS\system32\dllcache\bootok.exe - OkC:\WINDOWS\system32\dllcache\bootvid.dll - OkC:\WINDOWS\system32\dllcache\bnts.dll - OkC:\WINDOWS\system32\dllcache\bootvrfy.exe - OkC:\WINDOWS\system32\dllcache\blackbox.dll - OkC:\WINDOWS\system32\dllcache\bopomofo.nls - OkC:\WINDOWS\system32\dllcache\brbidiif.dll - OkC:\WINDOWS\system32\dllcache\brcoinst.dll - OkC:\WINDOWS\system32\dllcache\brfilt.sys - OkC:\WINDOWS\system32\dllcache\brevif.dll - OkC:\WINDOWS\system32\dllcache\brfiltup.sys - OkC:\WINDOWS\system32\dllcache\brfiltlo.sys - OkC:\WINDOWS\system32\dllcache\brmfbidi.dll - OkC:\WINDOWS\system32\dllcache\bridge.sys - OkC:\WINDOWS\system32\dllcache\brmflpt.dll - OkC:\WINDOWS\system32\dllcache\brmfcwia.dll - Ok>C:\WINDOWS\system32\dllcache\browselc.dll is BINARYRES containerC:\WINDOWS\system32\dllcache\brmfusb.dll - Ok>>C:\WINDOWS\system32\dllcache\browselc.dll\data004 is JS-HTML container>>C:\WINDOWS\system32\dllcache\browselc.dll\data008 is JS-HTML container>>C:\WINDOWS\system32\dllcache\browselc.dll\data012 is JS-HTML container>>C:\WINDOWS\system32\dllcache\browselc.dll\data013 is ZLIB containerC:\WINDOWS\system32\dllcache\browselc.dll - container>C:\WINDOWS\system32\dllcache\bcmdm.sys - packed by FLY-CODEC:\WINDOWS\system32\dllcache\browser.dll - OkC:\WINDOWS\system32\dllcache\brmfrsmg.exe - OkC:\WINDOWS\system32\dllcache\brparimg.sys - OkC:\WINDOWS\system32\dllcache\browsewm.dll - OkC:\WINDOWS\system32\dllcache\brpinfo.dll - OkC:\WINDOWS\system32\dllcache\brparwdm.sys - OkC:\WINDOWS\system32\dllcache\brscnrsm.dll - OkC:\WINDOWS\system32\dllcache\bckgres.dll - Ok>C:\WINDOWS\system32\dllcache\brserif.dll - packed by FLY-CODEC:\WINDOWS\system32\dllcache\brusbmdm.sys - OkC:\WINDOWS\system32\dllcache\brserwdm.sys - OkC:\WINDOWS\system32\dllcache\brusbscn.sys - OkC:\WINDOWS\system32\dllcache\brserif.dll - OkC:\WINDOWS\system32\dllcache\brzwlan.sys - OkC:\WINDOWS\system32\dllcache\bthci.dll - OkC:\WINDOWS\system32\dllcache\bthenum.sys - OkC:\WINDOWS\system32\dllcache\bthmodem.sys - OkC:\WINDOWS\system32\dllcache\bthprint.sys - OkC:\WINDOWS\system32\dllcache\bthpan.sys - OkC:\WINDOWS\system32\dllcache\bthserv.dll - OkC:\WINDOWS\system32\dllcache\bthusb.sys - OkC:\WINDOWS\system32\dllcache\bthprops.cpl - OkC:\WINDOWS\system32\dllcache\bcmdm.sys - OkC:\WINDOWS\system32\dllcache\bulltlp3.sys - OkC:\WINDOWS\system32\dllcache\bthport.sys - OkC:\WINDOWS\system32\dllcache\browseui.dll - OkC:\WINDOWS\system32\dllcache\cabinet.dll - OkC:\WINDOWS\system32\dllcache\cacls.exe - OkC:\WINDOWS\system32\dllcache\cabview.dll - OkC:\WINDOWS\system32\dllcache\btpanui.dll - OkC:\WINDOWS\system32\dllcache\camexo20.ax - OkC:\WINDOWS\system32\dllcache\camdro21.sys - OkC:\WINDOWS\system32\dllcache\camdrv21.sys - OkC:\WINDOWS\system32\dllcache\camdrv30.sys - OkC:\WINDOWS\system32\dllcache\calc.exe - OkC:\WINDOWS\system32\dllcache\camexo20.dll - OkC:\WINDOWS\system32\dllcache\callcont.dll - OkC:\WINDOWS\system32\dllcache\camext30.ax - OkC:\WINDOWS\system32\dllcache\camext30.dll - OkC:\WINDOWS\system32\dllcache\camocx.dll - OkC:\WINDOWS\system32\dllcache\camext20.ax - OkC:\WINDOWS\system32\dllcache\cap7146.sys - OkC:\WINDOWS\system32\dllcache\camext20.dll - OkC:\WINDOWS\system32\dllcache\cb102.sys - OkC:\WINDOWS\system32\dllcache\catsrvps.dll - OkC:\WINDOWS\system32\dllcache\capesnpn.dll - Ok>C:\WINDOWS\system32\dllcache\cb32.exe - packed by FLY-CODEC:\WINDOWS\system32\dllcache\cb325.sys - OkC:\WINDOWS\system32\dllcache\cb32.exe - OkC:\WINDOWS\system32\dllcache\cben5.sys - OkC:\WINDOWS\system32\dllcache\cbidf2k.sys - OkC:\WINDOWS\system32\dllcache\catsrv.dll - OkC:\WINDOWS\system32\dllcache\ccdecode.sys - OkC:\WINDOWS\system32\dllcache\cd20xrnt.sys - OkC:\WINDOWS\system32\dllcache\cdaudio.sys - OkC:\WINDOWS\system32\dllcache\cards.dll - OkC:\WINDOWS\system32\dllcache\ccfgnt.dll - OkC:\WINDOWS\system32\dllcache\cdfs.sys - Ok>C:\WINDOWS\system32\dllcache\cdmodem.dll - packed by FLY-CODE>C:\WINDOWS\system32\dllcache\cdm.dll - packed by FLY-CODEC:\WINDOWS\system32\dllcache\cdmodem.dll - Ok>C:\WINDOWS\system32\dllcache\cdfview.dll is BINARYRES container>>C:\WINDOWS\system32\dllcache\cdfview.dll\data001 is JS-HTML containerC:\WINDOWS\system32\dllcache\cdrom.sys - OkC:\WINDOWS\system32\dllcache\catsrvut.dll - OkC:\WINDOWS\system32\dllcache\ce2n5.sys - Ok>>C:\WINDOWS\system32\dllcache\cdfview.dll\data002 is JS-HTML containerC:\WINDOWS\system32\dllcache\ce3n5.sys - OkC:\WINDOWS\system32\dllcache\cdm.dll - OkC:\WINDOWS\system32\dllcache\cem33n5.sys - OkC:\WINDOWS\system32\dllcache\cem28n5.sys - OkC:\WINDOWS\system32\dllcache\cdfview.dll - containerC:\WINDOWS\system32\dllcache\cem56n5.sys - OkC:\WINDOWS\system32\dllcache\cbmdmkxx.sys - OkC:\WINDOWS\system32\dllcache\cfgbkend.dll - OkC:\WINDOWS\system32\dllcache\certcli.dll - OkC:\WINDOWS\system32\dllcache\cfgmgr32.dll - OkC:\WINDOWS\system32\dllcache\ch7xxnt5.dll - Ok>C:\WINDOWS\system32\dllcache\change.exe - packed by FLY-CODEC:\WINDOWS\system32\dllcache\cewmdm.dll - OkC:\WINDOWS\system32\dllcache\chajei.ime - OkC:\WINDOWS\system32\dllcache\changer.sys - OkC:\WINDOWS\system32\dllcache\change.exe - OkC:\WINDOWS\system32\dllcache\chglogon.exe - OkC:\WINDOWS\system32\dllcache\chgport.exe - OkC:\WINDOWS\system32\dllcache\cfgwiz.exe - OkC:\WINDOWS\system32\dllcache\chgusr.exe - OkC:\WINDOWS\system32\dllcache\chkntfs.exe - OkC:\WINDOWS\system32\dllcache\certmgr.dll - OkC:\WINDOWS\system32\dllcache\charmap.exe - OkC:\WINDOWS\system32\dllcache\chkdsk.exe - OkC:\WINDOWS\system32\dllcache\chkr.dll - OkC:\WINDOWS\system32\dllcache\chtmbx.dll - OkC:\WINDOWS\system32\dllcache\chkrzm.exe - OkC:\WINDOWS\system32\dllcache\chtskf.dll - Ok>C:\WINDOWS\system32\dllcache\chtskdic.dll - packed by FLY-CODEC:\WINDOWS\system32\dllcache\chkrres.dll - OkC:\WINDOWS\system32\dllcache\chtskdic.dll - OkC:\WINDOWS\system32\dllcache\chtbrkr.dll - OkC:\WINDOWS\system32\dllcache\ciadmin.dll - OkC:\WINDOWS\system32\dllcache\cidaemon.exe - OkC:\WINDOWS\system32\dllcache\cic.dll - OkC:\WINDOWS\system32\dllcache\cinemclc.sys - OkC:\WINDOWS\system32\dllcache\cinemst2.sys - Ok>C:\WINDOWS\system32\dllcache\chsbrkr.dll - packed by FLY-CODE>C:\WINDOWS\system32\dllcache\cdosys.dll is BINARYRES container Link to post Share on other sites
Recommended Posts