Jump to content

Think i'am badly infected need help


Recommended Posts

Dear Expert,

i think i'am badly infected by a trojan virus and his taking control of my windows, i can't find the msconfig any more, i did online scan with esest yesterday had found virus and cleaned them, but malwarebytes doesn't detect any think, what i tried is i have created a new acount with admin rights and tried to clean with installing new anti virus Eset Nod32,worked fine for one day now it is telling scanner initialization failed.

i have used DDS and Seurity chek log are below and also Combo fix.

thank you for your help

.

DDS (Ver_2011-06-23.01) - NTFSx86

Internet Explorer: 8.0.6001.19088

Run by Anis at 21:06:47 on 2011-07-10

Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.1.1033.18.1013.269 [GMT 4:00]

.

AV: ESET NOD32 Antivirus 4.2 *Enabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}

SP: ESET NOD32 Antivirus 4.2 *Enabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\WLTRYSVC.EXE

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\bcmwltry.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\svchost.exe -k apphost

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\CISVC.EXE

C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

C:\Windows\System32\svchost.exe -k ipripsvc

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\tcpsvcs.exe

C:\Windows\System32\snmp.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k iissvcs

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\OEM02Mon.exe

C:\Program Files\DellTPad\Apoint.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\System32\wpcumi.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files\WinZip\WZQKPICK.EXE

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Program Files\DellTPad\Apntex.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\Dwm.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\OEM02Mon.exe

C:\Program Files\DellTPad\Apoint.exe

C:\Windows\System32\wpcumi.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files\WinZip\WZQKPICK.EXE

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Program Files\DellTPad\Apntex.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10t_ActiveX.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com.om/

mStart Page = about:blank

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: WinZip Courier BHO: {a8fb70fa-0fdf-4601-9dc4-bfa1b357204f} - c:\progra~1\winzip~1\wzwmcie.dll

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe

mRun: [Apoint] c:\program files\delltpad\Apoint.exe

mRun: [WPCUMI] c:\windows\system32\WpcUmi.exe

mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Nach Microsoft E&xel exportieren - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

LSP: c:\windows\system32\wpclsp.dll

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: DhcpNameServer = 188.135.0.23 188.135.0.24

TCP: Interfaces\{C7A4A52D-EF74-4EB9-9706-9EF2344FE52E} : DhcpNameServer = 188.135.0.23 188.135.0.24

Notify: igfxcui - igfxdev.dll

.

============= SERVICES / DRIVERS ===============

.

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-12-21 115008]

R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]

R2 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2010-12-21 137144]

R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2011-1-12 810144]

R2 epfwwfpr;epfwwfpr;c:\windows\system32\drivers\epfwwfpr.sys [2010-12-21 95384]

R2 iprip;RIP Listener;c:\windows\system32\svchost.exe -k ipripsvc [2008-1-21 21504]

R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2011-6-25 111616]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2011-07-10 15:30:55 -------- d-----w- c:\users\anis\appdata\local\ESET

2011-07-10 13:39:55 -------- d-----w- C:\inetpub

2011-07-10 11:16:13 -------- d-----w- c:\users\anis\appdata\local\WinZip Courier

2011-07-09 20:33:58 -------- d-sh--w- C:\$RECYCLE.BIN

2011-07-09 20:33:48 -------- d-----w- c:\users\anis\appdata\local\temp

2011-07-09 19:19:48 -------- d-----w- c:\users\anis\appdata\local\PackageAware

2011-07-09 19:19:30 172032 ----a-w- c:\windows\system32\igfxres.dll

2011-07-09 18:06:55 -------- d-----w- c:\program files\ESET

2011-07-09 17:27:17 7074640 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{1e9c75fb-659b-4e64-a6b8-ee15f30a7944}\mpengine.dll

2011-07-09 14:06:28 -------- d-----w- c:\users\anis\appdata\local\WinZip

2011-07-09 12:58:34 -------- d-----w- c:\users\anis\appdata\roaming\Malwarebytes

2011-07-09 12:45:50 -------- d-----w- c:\users\anis\appdata\roaming\AVG10

2011-07-09 12:45:20 -------- d-----w- c:\users\anis\Bluetooth Software

2011-07-08 14:26:02 -------- d-----w- c:\program files\common files\PC Tools

2011-07-08 14:26:01 -------- d-----w- c:\program files\Spyware Doctor

2011-07-08 13:34:56 -------- d-----w- c:\programdata\SecTaskMan

2011-07-08 13:33:41 -------- d-----w- c:\program files\Security Task Manager

2011-07-08 13:30:55 -------- d-----w- c:\programdata\WinZipEC

2011-07-08 13:30:48 -------- d-----w- c:\program files\WinZip Courier

2011-07-08 13:30:41 -------- d-----w- c:\windows\CD95F661A5C411AFB2CCABCD21A325B4.TMP

2011-07-04 15:04:11 -------- d--h--w- c:\programdata\Common Files

2011-07-04 14:59:30 -------- d-----w- c:\programdata\AVG10

2011-07-04 14:57:38 -------- d-----w- c:\program files\AVG

2011-07-04 14:20:37 -------- d-----w- c:\programdata\MFAData

2011-07-04 14:10:18 -------- d-----w- c:\programdata\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}

2011-07-04 13:38:15 -------- d-----w- c:\programdata\Malwarebytes

2011-07-04 09:19:41 758784 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll

2011-07-03 15:13:56 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2011-07-03 15:13:56 49472 ----a-w- c:\windows\system32\netfxperf.dll

2011-07-03 15:13:56 297808 ----a-w- c:\windows\system32\mscoree.dll

2011-07-03 15:13:56 295264 ----a-w- c:\windows\system32\PresentationHost.exe

2011-07-03 15:13:55 1130824 ----a-w- c:\windows\system32\dfshim.dll

2011-07-03 11:58:04 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys

2011-07-03 11:58:04 38480 ----a-w- c:\windows\system32\drivers\WdfLdr.sys

2011-07-03 10:02:38 369952 ----a-w- c:\windows\system32\yk60x86.dll

2011-07-03 10:02:38 320288 ----a-w- c:\windows\system32\drivers\yk60x86.sys

2011-07-03 09:54:57 91376 ----a-w- c:\windows\system32\bcmwlcoi.dll

2011-07-03 09:54:57 3555349 ----a-w- c:\windows\system32\bcmihvui.dll

2011-07-03 09:54:57 2707448 ----a-w- c:\windows\system32\drivers\BCMWL6.SYS

2011-07-03 09:54:56 3866624 ----a-w- c:\windows\system32\bcmihvsrv.dll

2011-07-03 09:52:06 19464 ----a-w- c:\windows\system32\btinstall.dll

2011-07-03 09:44:06 -------- d-----w- c:\program files\DellTPad

2011-07-03 09:43:41 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll

2011-07-03 09:43:41 114616 ----a-w- c:\windows\system32\Vxdif.dll

2011-07-03 09:43:39 255096 ----a-w- c:\windows\system32\drivers\Apfiltr.sys

2011-07-03 08:24:10 -------- d-----w- c:\programdata\Uniblue

2011-07-03 07:39:05 7680 ----a-w- c:\program files\internet explorer\iecompat.dll

2011-07-03 06:31:38 97800 ----a-w- c:\windows\system32\infocardapi.dll

2011-07-03 06:31:37 622080 ----a-w- c:\windows\system32\icardagt.exe

2011-07-03 06:31:37 37384 ----a-w- c:\windows\system32\infocardcpl.cpl

2011-07-03 06:31:37 11264 ----a-w- c:\windows\system32\icardres.dll

2011-07-03 06:31:37 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll

2011-07-03 06:31:30 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll

2011-07-03 06:20:09 158720 ----a-w- c:\windows\system32\mscorier.dll

2011-07-03 06:20:02 83968 ----a-w- c:\windows\system32\mscories.dll

2011-07-02 06:28:01 2048 ----a-w- c:\windows\system32\winrsmgr.dll

2011-07-02 06:15:34 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll

2011-07-02 06:15:31 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll

2011-07-02 06:15:01 801280 ----a-w- c:\windows\system32\NaturalLanguage6.dll

2011-06-29 23:02:10 231936 ----a-w- c:\windows\system32\msshsq.dll

2011-06-29 10:51:37 125952 ----a-w- c:\windows\system32\srvsvc.dll

2011-06-29 10:51:36 17920 ----a-w- c:\windows\system32\netevent.dll

2011-06-29 10:51:13 74752 ----a-w- c:\windows\system32\newdev.exe

2011-06-29 10:51:13 468992 ----a-w- c:\windows\system32\newdev.dll

2011-06-29 10:51:08 378368 ----a-w- c:\windows\system32\winhttp.dll

2011-06-29 10:50:57 411136 ----a-w- c:\windows\system32\drivers\http.sys

2011-06-29 10:50:56 31232 ----a-w- c:\windows\system32\httpapi.dll

2011-06-29 10:50:56 24064 ----a-w- c:\windows\system32\nshhttp.dll

2011-06-29 10:50:15 276992 ----a-w- c:\windows\system32\schannel.dll

2011-06-29 08:48:14 28672 ----a-w- c:\windows\system32\Apphlpdm.dll

2011-06-29 08:48:13 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll

2011-06-29 06:49:43 719872 ----a-w- c:\windows\system32\devil.dll

2011-06-29 06:49:43 369152 ----a-w- c:\windows\system32\avisynth.dll

2011-06-29 06:49:42 70656 ----a-w- c:\windows\system32\yv12vfw.dll

2011-06-29 06:49:42 70656 ----a-w- c:\windows\system32\i420vfw.dll

2011-06-29 06:49:41 -------- d-----w- c:\program files\AviSynth 2.5

2011-06-29 06:49:08 26416 ----a-w- c:\windows\system32\nitrolocalmon.dll

2011-06-29 06:49:08 17712 ----a-w- c:\windows\system32\nitrolocalui.dll

2011-06-29 06:38:05 -------- d-----w- c:\program files\eRightSoft

2011-06-29 06:00:11 454656 ----a-w- c:\program files\common files\system\msadc\msadce.dll

2011-06-28 19:07:14 -------- d-----w- c:\programdata\Leawo

2011-06-28 19:06:55 606208 ----a-w- c:\windows\system32\xvidcore.dll

2011-06-28 19:06:55 139264 ----a-w- c:\windows\system32\xvid.ax

2011-06-28 17:26:36 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe

2011-06-28 17:26:36 511488 ----a-w- c:\windows\system32\RMActivate.exe

2011-06-28 17:26:36 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe

2011-06-28 17:26:35 472576 ----a-w- c:\windows\system32\secproc_isv.dll

2011-06-28 17:26:35 472064 ----a-w- c:\windows\system32\secproc.dll

2011-06-28 17:26:35 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe

2011-06-28 17:26:34 329216 ----a-w- c:\windows\system32\msdrm.dll

2011-06-28 17:26:34 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll

2011-06-28 17:26:34 151040 ----a-w- c:\windows\system32\secproc_ssp.dll

2011-06-28 17:16:43 3548048 ----a-w- c:\windows\system32\ntoskrnl.exe

2011-06-28 17:16:43 1205080 ----a-w- c:\windows\system32\ntdll.dll

2011-06-28 17:16:41 3600272 ----a-w- c:\windows\system32\ntkrnlpa.exe

2011-06-28 17:15:26 1695744 ----a-w- c:\windows\system32\gameux.dll

2011-06-28 17:11:41 499200 ----a-w- c:\windows\system32\wbem\WmiPrvSD.dll

2011-06-28 17:11:40 615424 ----a-w- c:\windows\system32\wbem\fastprox.dll

2011-06-28 17:11:40 551424 ----a-w- c:\windows\system32\rpcss.dll

2011-06-28 17:11:39 247296 ----a-w- c:\windows\system32\wbem\WmiPrvSE.exe

2011-06-28 17:11:38 666624 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe

2011-06-28 17:11:38 129024 ----a-w- c:\windows\system32\wbem\WmiDcPrv.dll

2011-06-28 17:11:37 98304 ----a-w- c:\windows\system32\iasrecst.dll

2011-06-28 17:11:37 54784 ----a-w- c:\windows\system32\iasads.dll

2011-06-28 17:11:37 44032 ----a-w- c:\windows\system32\iasdatastore.dll

2011-06-28 17:11:37 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll

2011-06-28 17:11:37 183296 ----a-w- c:\windows\system32\sdohlp.dll

2011-06-28 17:11:37 17408 ----a-w- c:\windows\system32\iashost.exe

2011-06-28 17:05:46 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat

2011-06-28 17:02:10 168960 ----a-w- c:\program files\windows media player\wmplayer.exe

2011-06-28 17:02:09 8147456 ----a-w- c:\windows\system32\wmploc.DLL

2011-06-28 17:01:09 501760 ----a-w- c:\windows\system32\usp10.dll

2011-06-28 17:01:07 66048 ----a-w- c:\program files\windows mail\wabmig.exe

2011-06-28 17:01:07 515584 ----a-w- c:\program files\windows mail\wab.exe

2011-06-28 17:01:07 33280 ----a-w- c:\program files\windows mail\wabfind.dll

2011-06-28 17:00:32 292864 ----a-w- c:\windows\system32\atmfd.dll

2011-06-28 17:00:31 72704 ----a-w- c:\windows\system32\fontsub.dll

2011-06-28 17:00:31 34304 ----a-w- c:\windows\system32\atmlib.dll

2011-06-28 17:00:31 10240 ----a-w- c:\windows\system32\dciman32.dll

2011-06-28 17:00:19 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL

2011-06-28 17:00:12 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll

2011-06-28 17:00:12 57344 ----a-w- c:\program files\common files\system\msadc\msadcs.dll

2011-06-28 17:00:12 409600 ----a-w- c:\windows\system32\odbc32.dll

2011-06-28 17:00:12 253952 ----a-w- c:\program files\common files\system\ado\msadox.dll

2011-06-28 17:00:12 241664 ----a-w- c:\program files\common files\system\ado\msadomd.dll

2011-06-28 17:00:12 180224 ----a-w- c:\program files\common files\system\msadc\msadco.dll

2011-06-28 16:59:29 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll

2011-06-28 16:59:22 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE

2011-06-28 16:59:22 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE

2011-06-28 16:59:22 27136 ----a-w- c:\windows\system32\NETSTAT.EXE

2011-06-28 16:59:22 19968 ----a-w- c:\windows\system32\ARP.EXE

2011-06-28 16:59:22 17920 ----a-w- c:\windows\system32\ROUTE.EXE

2011-06-28 16:59:22 11264 ----a-w- c:\windows\system32\MRINFO.EXE

2011-06-28 16:59:22 104960 ----a-w- c:\windows\system32\netiohlp.dll

2011-06-28 16:59:22 10240 ----a-w- c:\windows\system32\finger.exe

2011-06-28 16:53:00 69632 ----a-w- c:\windows\system32\drivers\bowser.sys

2011-06-28 16:52:55 293376 ----a-w- c:\windows\system32\wlanmsm.dll

2011-06-28 16:52:54 513024 ----a-w- c:\windows\system32\wlansvc.dll

2011-06-28 16:52:54 302592 ----a-w- c:\windows\system32\wlansec.dll

2011-06-28 16:52:54 127488 ----a-w- c:\windows\system32\L2SecHC.dll

2011-06-28 16:52:12 1399296 ----a-w- c:\windows\system32\msxml6.dll

2011-06-28 16:50:59 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys

2011-06-28 16:45:57 213504 ----a-w- c:\windows\system32\msv1_0.dll

2011-06-28 16:44:57 1136640 ----a-w- c:\windows\system32\mfc42.dll

2011-06-28 16:44:56 1161728 ----a-w- c:\windows\system32\mfc42u.dll

2011-06-28 16:44:29 1616384 ----a-w- c:\program files\windows mail\msoe.dll

2011-06-28 16:44:05 81920 ----a-w- c:\windows\system32\iccvid.dll

2011-06-28 16:44:03 72192 ----a-w- c:\windows\system32\drivers\pacer.sys

2011-06-28 16:44:03 15360 ----a-w- c:\windows\system32\pacerprf.dll

2011-06-28 16:43:55 2868224 ----a-w- c:\windows\system32\mf.dll

2011-06-28 16:40:38 304640 ----a-w- c:\windows\system32\drivers\srv.sys

2011-06-28 16:40:15 86528 ----a-w- c:\windows\system32\dnsrslvr.dll

2011-06-28 16:40:15 25088 ----a-w- c:\windows\system32\dnscacheugc.exe

2011-06-28 16:40:10 67072 ----a-w- c:\windows\system32\asycfilt.dll

2011-06-28 16:40:08 71680 ----a-w- c:\windows\system32\atl.dll

2011-06-28 16:40:05 339968 ----a-w- c:\program files\windows nt\accessories\wordpad.exe

2011-06-28 16:40:05 1315840 ----a-w- c:\windows\system32\ole32.dll

2011-06-28 16:39:51 296960 ----a-w- c:\windows\system32\gdi32.dll

2011-06-28 16:39:34 126464 ----a-w- c:\windows\system32\spoolsv.exe

2011-06-28 16:39:32 562176 ----a-w- c:\windows\system32\msdtcprx.dll

2011-06-28 16:39:32 38912 ----a-w- c:\windows\system32\xolehlp.dll

2011-06-28 16:39:17 160256 ----a-w- c:\windows\system32\wkssvc.dll

2011-06-28 16:39:15 157184 ----a-w- c:\windows\system32\t2embed.dll

2011-06-28 16:39:13 273408 ----a-w- c:\windows\system32\drivers\afd.sys

2011-06-28 16:34:10 2040832 ----a-w- c:\windows\system32\win32k.sys

2011-06-28 16:33:51 269312 ----a-w- c:\windows\system32\es.dll

2011-06-28 16:33:47 1169408 ----a-w- c:\windows\system32\sdclt.exe

2011-06-28 16:33:45 303616 ----a-w- c:\windows\system32\wmpeffects.dll

2011-06-28 16:33:42 150016 ----a-w- c:\program files\movie maker\MOVIEMK.exe

2011-06-28 16:33:42 10926592 ----a-w- c:\program files\movie maker\MOVIEMK.dll

2011-06-28 16:33:31 146432 ----a-w- c:\windows\system32\drivers\srv2.sys

2011-06-28 16:33:31 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys

2011-06-28 16:33:22 714240 ----a-w- c:\windows\system32\timedate.cpl

2011-06-28 16:28:19 317952 ----a-w- c:\windows\system32\MP4SDECD.DLL

2011-06-28 16:23:39 636928 ----a-w- c:\windows\system32\localspl.dll

2011-06-28 16:23:02 563200 ----a-w- c:\windows\system32\oleaut32.dll

2011-06-28 16:22:40 954752 ----a-w- c:\windows\system32\mfc40.dll

2011-06-28 16:22:40 954288 ----a-w- c:\windows\system32\mfc40u.dll

2011-06-28 16:19:19 36352 ----a-w- c:\windows\system32\rtutils.dll

2011-06-28 16:19:15 2927104 ----a-w- c:\windows\explorer.exe

2011-06-28 16:18:59 499712 ----a-w- c:\windows\system32\kerberos.dll

2011-06-28 16:18:59 175104 ----a-w- c:\windows\system32\wdigest.dll

2011-06-28 16:18:59 1256448 ----a-w- c:\windows\system32\lsasrv.dll

2011-06-28 16:18:58 9728 ----a-w- c:\windows\system32\lsass.exe

2011-06-28 16:18:58 72704 ----a-w- c:\windows\system32\secur32.dll

2011-06-28 16:18:58 439896 ----a-w- c:\windows\system32\drivers\ksecdd.sys

2011-06-28 16:15:33 866816 ----a-w- c:\windows\system32\wmpmde.dll

2011-06-28 16:10:26 429056 ----a-w- c:\windows\system32\EncDec.dll

2011-06-28 16:10:26 323072 ----a-w- c:\windows\system32\sbe.dll

2011-06-28 16:10:25 177664 ----a-w- c:\windows\system32\mpg2splt.ax

2011-06-28 16:10:25 153088 ----a-w- c:\windows\system32\sbeio.dll

2011-06-28 16:10:17 62464 ----a-w- c:\windows\system32\l3codeca.acm

2011-06-28 16:09:49 1314816 ----a-w- c:\windows\system32\quartz.dll

2011-06-28 16:08:20 603648 ----a-w- c:\windows\system32\schedsvc.dll

2011-06-28 16:08:19 357376 ----a-w- c:\windows\system32\taskschd.dll

2011-06-28 16:08:19 345088 ----a-w- c:\windows\system32\wmicmiplugin.dll

2011-06-28 16:08:19 270336 ----a-w- c:\windows\system32\taskcomp.dll

2011-06-28 16:08:19 171520 ----a-w- c:\windows\system32\taskeng.exe

2011-06-28 16:07:58 738816 ----a-w- c:\windows\system32\inetcomm.dll

2011-06-28 16:07:54 24064 ----a-w- c:\windows\system32\amxread.dll

2011-06-28 16:07:54 13824 ----a-w- c:\windows\system32\apilogen.dll

2011-06-28 16:04:46 712704 ----a-w- c:\windows\system32\WindowsCodecs.dll

2011-06-28 16:04:46 425472 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll

2011-06-28 16:04:46 347136 ----a-w- c:\windows\system32\WindowsCodecsExt.dll

2011-06-28 16:04:36 81920 ----a-w- c:\windows\system32\consent.exe

2011-06-28 16:04:22 1257472 ----a-w- c:\windows\system32\msxml3.dll

2011-06-28 16:04:12 147456 ----a-w- c:\windows\system32\Faultrep.dll

2011-06-28 16:04:12 125952 ----a-w- c:\windows\system32\wersvc.dll

2011-06-28 16:03:53 443392 ----a-w- c:\windows\system32\win32spl.dll

2011-06-28 16:03:51 625152 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2011-06-28 16:03:51 565248 ----a-w- c:\windows\system32\emdmgmt.dll

2011-06-28 16:03:51 45056 ----a-w- c:\windows\system32\dataclen.dll

2011-06-28 16:03:51 36864 ----a-w- c:\windows\system32\cdd.dll

2011-06-28 16:03:51 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys

2011-06-28 16:03:49 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys

2011-06-28 16:03:45 2048 ----a-w- c:\windows\system32\tzres.dll

2011-06-28 16:03:23 313344 ----a-w- c:\windows\system32\wmpdxm.dll

2011-06-28 16:03:20 43520 ----a-w- c:\windows\system32\msdxm.tlb

2011-06-28 16:03:20 18432 ----a-w- c:\windows\system32\amcompat.tlb

2011-06-28 15:57:10 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys

2011-06-28 15:57:10 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

2011-06-28 15:57:10 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-06-28 15:52:01 996352 ----a-w- c:\windows\system32\WMNetMgr.dll

2011-06-28 15:52:01 94720 ----a-w- c:\windows\system32\logagent.exe

2011-06-28 15:49:57 90112 ----a-w- c:\windows\system32\wshext.dll

2011-06-28 15:49:57 155648 ----a-w- c:\windows\system32\wscript.exe

2011-06-28 15:49:57 135168 ----a-w- c:\windows\system32\wshom.ocx

2011-06-28 15:49:57 135168 ----a-w- c:\windows\system32\cscript.exe

2011-06-28 15:49:56 180224 ----a-w- c:\windows\system32\scrobj.dll

2011-06-28 15:49:56 172032 ----a-w- c:\windows\system32\scrrun.dll

2011-06-28 15:49:39 61440 ----a-w- c:\windows\system32\msasn1.dll

2011-06-28 15:49:29 1645568 ----a-w- c:\windows\system32\connect.dll

2011-06-28 15:49:26 784896 ----a-w- c:\windows\system32\rpcrt4.dll

2011-06-28 15:48:32 2067456 ----a-w- c:\windows\system32\mstscax.dll

2011-06-28 15:48:31 677888 ----a-w- c:\windows\system32\mstsc.exe

2011-06-28 15:48:08 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys

2011-06-28 15:47:34 281600 ----a-w- c:\windows\system32\raschap.dll

2011-06-28 15:47:34 244224 ----a-w- c:\windows\system32\rastls.dll

2011-06-28 15:47:27 351232 ----a-w- c:\windows\system32\WSDApi.dll

2011-06-28 15:38:34 531968 ----a-w- c:\windows\system32\comctl32.dll

2011-06-28 15:36:45 31744 ----a-w- c:\windows\system32\msvidc32.dll

2011-06-28 15:36:44 91136 ----a-w- c:\windows\system32\avifil32.dll

2011-06-28 15:36:44 82944 ----a-w- c:\windows\system32\mciavi32.dll

2011-06-28 15:36:44 65024 ----a-w- c:\windows\system32\avicap32.dll

2011-06-28 15:36:44 50176 ----a-w- c:\windows\system32\iyuv_32.dll

2011-06-28 15:36:44 22528 ----a-w- c:\windows\system32\msyuv.dll

2011-06-28 15:36:44 13312 ----a-w- c:\windows\system32\msrle32.dll

2011-06-28 15:36:44 123904 ----a-w- c:\windows\system32\msvfw32.dll

2011-06-28 15:36:44 11776 ----a-w- c:\windows\system32\tsbyuv.dll

2011-06-28 15:36:15 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL

2011-06-28 15:36:01 1418752 ----a-w- c:\program files\windows media player\setup_wm.exe

2011-06-28 15:36:00 310784 ----a-w- c:\windows\system32\unregmp2.exe

2011-06-28 15:35:59 7680 ----a-w- c:\windows\system32\spwmp.dll

2011-06-28 15:35:59 107520 ----a-w- c:\program files\windows media player\wmpshare.exe

2011-06-28 15:35:58 4096 ----a-w- c:\windows\system32\msdxm.ocx

2011-06-28 15:35:58 4096 ----a-w- c:\windows\system32\dxmasf.dll

2011-06-28 15:35:58 107520 ----a-w- c:\program files\windows media player\wmpconfig.exe

2011-06-28 14:42:48 171520 ----a-w- c:\windows\system32\wintrust.dll

2011-06-28 14:37:04 98304 ----a-w- c:\windows\system32\cabview.dll

2011-06-28 13:28:17 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll

2011-06-28 13:28:15 32656 ----a-w- c:\windows\system32\msonpmon.dll

2011-06-25 23:08:43 -------- d-----w- c:\windows\Panther

2011-06-25 23:08:29 -------- d-----w- C:\Boot

2011-06-25 23:08:05 -------- d-----w- c:\windows\system32\OEM

2011-06-25 22:20:49 7074640 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll

2011-06-25 22:20:40 222080 ------w- c:\windows\system32\MpSigStub.exe

2011-06-25 20:18:32 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-06-25 18:55:55 2421760 ----a-w- c:\windows\system32\wucltux.dll

2011-06-25 18:55:45 87552 ----a-w- c:\windows\system32\wudriver.dll

2011-06-25 18:55:35 33792 ----a-w- c:\windows\system32\wuapp.exe

2011-06-25 18:55:35 171608 ----a-w- c:\windows\system32\wuwebv.dll

2011-06-25 16:38:31 -------- d-----w- c:\program files\Firstload

2011-06-25 16:37:51 -------- d-----w- c:\program files\VideoLAN

2011-06-25 12:04:20 -------- d-----w- c:\program files\Marvell

2011-06-25 11:56:55 80176 ----a-w- c:\windows\system32\drivers\btwavdt.sys

2011-06-25 11:56:54 78128 ----a-w- c:\windows\system32\drivers\btwaudio.sys

2011-06-25 11:56:54 16560 ----a-w- c:\windows\system32\drivers\btwrchid.sys

2011-06-25 11:56:46 229376 ----a-w- c:\windows\system32\BtwRSupport.dll

2011-06-25 11:56:13 -------- d-----w- c:\windows\system32\es-MX

2011-06-25 11:56:13 -------- d-----w- c:\windows\system32\es-AR

2011-06-25 11:56:12 -------- d-----w- c:\program files\WIDCOMM

2011-06-25 11:53:01 -------- d-sh--w- c:\windows\Installer

2011-06-25 11:50:46 90112 ----a-w- c:\windows\system32\snymsico.dll

2011-06-25 11:42:59 920088 ----a-w- c:\windows\system32\igxpun.exe

2011-06-25 11:42:59 319456 ----a-w- c:\windows\system32\difxapi.dll

2011-06-25 11:42:59 -------- d-----w- c:\windows\system32\Lang

2011-06-25 11:42:00 530968 ----a-w- c:\windows\system32\igfxcfg.exe

2011-06-25 11:42:00 4608 ----a-w- c:\windows\system32\HdmiCoin.dll

2011-06-25 11:42:00 256536 ----a-w- c:\windows\system32\igfxsrvc.exe

2011-06-25 11:42:00 170520 ----a-w- c:\windows\system32\igfxzoom.exe

2011-06-25 11:42:00 170520 ----a-w- c:\windows\system32\igfxext.exe

2011-06-25 11:42:00 166424 ----a-w- c:\windows\system32\hkcmd.exe

2011-06-25 11:42:00 141848 ----a-w- c:\windows\system32\igfxtray.exe

2011-06-25 11:42:00 133656 ----a-w- c:\windows\system32\igfxpers.exe

2011-06-25 11:42:00 111616 ----a-w- c:\windows\system32\drivers\IntcHdmi.sys

.

==================== Find3M ====================

.

2011-05-28 06:08:58 916480 ----a-w- c:\windows\system32\wininet.dll

2011-05-28 06:04:30 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-05-28 06:04:17 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2011-05-28 06:04:03 71680 ----a-w- c:\windows\system32\iesetup.dll

2011-05-28 06:04:03 109056 ----a-w- c:\windows\system32\iesysprep.dll

2011-05-28 05:10:26 385024 ----a-w- c:\windows\system32\html.iec

2011-05-28 04:33:03 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2011-05-28 04:31:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-05-18 23:00:00 222536 ----a-r- c:\windows\tabctl32.ocx

2006-05-03 08:06:54 163328 --sha-r- c:\windows\system32\flvDX.dll

2007-02-21 09:47:16 31232 --sha-r- c:\windows\system32\msfDX.dll

2008-03-16 11:30:52 216064 --sha-r- c:\windows\system32\nbDX.dll

.

============= FINISH: 21:08:15.58 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-06-23.01)

.

Microsoft® Windows Vista™ Home Basic

Boot Device: \Device\HarddiskVolume1

Install Date: 6/26/2011 2:14:13 AM

System Uptime: 7/10/2011 8:48:27 PM (1 hours ago)

.

Motherboard: Dell Inc. | | 0WP007

Processor: Intel® Pentium® Dual CPU T2330 @ 1.60GHz | Microprocessor | 1333/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 32 GiB total, 10.783 GiB free.

D: is FIXED (NTFS) - 80 GiB total, 58.604 GiB free.

F: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP68: 7/10/2011 6:02:47 PM - Installed ESET NOD32 Antivirus

.

==== Installed Programs ======================

.

Adobe Flash Player 10 ActiveX

Adobe Reader X (10.1.0)

Dell Touchpad

Dell Wireless WLAN Card

ESET NOD32 Antivirus

ESET Online Scanner v3

Firstload

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Intel® Graphics Media Accelerator Driver

Laptop Integrated Webcam Driver (1.04.01.1011)

Marvell Miniport Driver

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Office File Validation Add-In

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ Run Time Lib Setup

QuickSet

RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01

Security Task Manager 1.8d

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

SUPER © v2011.build.48 (April 23, 2011) version v2011.build.48

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

VLC media player 1.1.5

WIDCOMM Bluetooth Software 6.0.1.3100

WinZip 15.5

WinZip Courier

.

==== Event Viewer Messages From Past Week ========

.

7/4/2011 12:41:55 PM, Error: Service Control Manager [7031] - The Kaspersky Anti-Virus Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

7/4/2011 10:27:01 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): 'SOFTWARE' was corrupted and it has been recovered. Some data might have been lost.

7/4/2011 10:26:06 AM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\SystemRoot\System32\Config\SOFTWARE' was corrupted and it has been recovered. Some data might have been lost.

7/3/2011 8:09:55 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

7/3/2011 7:02:30 PM, Error: Microsoft-Windows-Dhcp-Client [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 001D0936CC5C. The following error occurred: The wait operation timed out.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

7/3/2011 7:02:09 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 0.0.0.0 for the Network Card with network address 001D0936CC5C has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

7/3/2011 7:02:07 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 188.135.26.232 for the Network Card with network address 001D0936CC5C has been denied by the DHCP server 188.135.28.1 (The DHCP Server sent a DHCPNACK message).

7/3/2011 6:30:16 PM, Error: Service Control Manager [7031] - The Windows Defender service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

7/3/2011 6:29:55 PM, Error: Microsoft-Windows-Windows Defender [5008] - Windows Defender engine has been terminated due to an unexpected error. Failure Type: Crash Exception code: 0xc0000005 Resource: file:C:\Users\user\AppData\Local\Google\Chrome\Application\12.0.742.112\gcswf32.dll

7/3/2011 6:11:19 PM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error 2150760449 (0x80320001).

7/3/2011 6:09:14 PM, Error: Service Control Manager [7031] - The Windows Firewall service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

7/3/2011 6:09:14 PM, Error: Service Control Manager [7031] - The Diagnostic Policy Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

7/3/2011 6:09:14 PM, Error: Service Control Manager [7031] - The Base Filtering Engine service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

7/3/2011 5:03:48 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800b0100: Security Update for .NET Framework 3.5 SP1 on Windows Vista SP1 and Windows Server 2008 x86 (KB2449741).

7/3/2011 3:54:31 PM, Error: EventLog [6008] - The previous system shutdown at 3:51:32 PM on 7/3/2011 was unexpected.

7/3/2011 11:39:59 AM, Error: Service Control Manager [7031] - The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

7/3/2011 11:34:15 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 188.66.246.154 for the Network Card with network address 001D0936CC5C has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

7/3/2011 11:25:02 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 188.66.245.117 for the Network Card with network address 001D0936CC5C has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

7/3/2011 10:18:04 PM, Error: Service Control Manager [7034] - The Diagnostic System Host service terminated unexpectedly. It has done this 1 time(s).

7/3/2011 10:18:04 PM, Error: Service Control Manager [7031] - The WLAN AutoConfig service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

7/3/2011 10:18:04 PM, Error: Service Control Manager [7031] - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

7/3/2011 10:18:04 PM, Error: Service Control Manager [7031] - The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

7/3/2011 10:18:04 PM, Error: Service Control Manager [7031] - The Tablet PC Input Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

7/3/2011 10:18:04 PM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

7/3/2011 10:18:04 PM, Error: Service Control Manager [7031] - The ReadyBoost service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

7/3/2011 10:18:04 PM, Error: Service Control Manager [7031] - The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

7/3/2011 10:18:04 PM, Error: Service Control Manager [7031] - The Portable Device Enumerator Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

7/3/2011 10:18:04 PM, Error: Service Control Manager [7031] - The Network Connections service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.

7/3/2011 10:18:04 PM, Error: Service Control Manager [7031] - The Human Interface Device Access service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

7/3/2011 10:18:04 PM, Error: Service Control Manager [7031] - The Distributed Link Tracking Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

7/3/2011 10:18:04 PM, Error: Service Control Manager [7031] - The Desktop Window Manager Session Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.

7/3/2011 10:14:35 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 188.135.30.164 for the Network Card with network address 001D0936CC5C has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

7/3/2011 10:14:33 AM, Error: EventLog [6008] - The previous system shutdown at 10:13:06 AM on 7/3/2011 was unexpected.

7/3/2011 10:05:40 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 188.135.27.32 for the Network Card with network address 001D0936CC5C has been denied by the DHCP server 188.66.244.1 (The DHCP Server sent a DHCPNACK message).

7/3/2011 10:02:28 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 188.66.246.85 for the Network Card with network address 001D0936CC5C has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

7/3/2011 10:01:45 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: kl2

7/3/2011 10:01:45 AM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

7/3/2011 10:00:30 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 188.66.244.137 for the Network Card with network address 001D0936CC5C has been denied by the DHCP server 188.135.28.1 (The DHCP Server sent a DHCPNACK message).

.

==== End Of File ===========================

Results of screen317's Security Check version 0.99.7

Windows Vista Service Pack 1 (UAC is enabled)

Out of date service pack!!

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Enabled!

ESET NOD32 Antivirus

ESET Online Scanner v3

WMI entry may not exist for antivirus; attempting automatic update.

```````````````````````````````

Anti-malware/Other Utilities Check:

Adobe Flash Player

ComboFix 11-07-09.02 - Anis 07/10/2011 0:23.5.2 - x86

Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.1.1033.18.1013.226 [GMT 4:00]

Running from: c:\users\Anis\Downloads\ComboFix.exe

Command switches used :: /Uninstal

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\shost.Bin

c:\shost.bin\F236B1805D42864

.

.

((((((((((((((((((((((((( Files Created from 2011-06-09 to 2011-07-09 )))))))))))))))))))))))))))))))

.

.

2011-07-09 20:30 . 2011-07-09 20:30 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-07-09 19:19 . 2008-01-02 12:33 172032 ----a-w- c:\windows\system32\igfxres.dll

2011-07-09 18:06 . 2011-07-09 18:06 -------- d-----w- c:\program files\ESET

2011-07-09 17:27 . 2011-06-20 04:57 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1E9C75FB-659B-4E64-A6B8-EE15F30A7944}\mpengine.dll

2011-07-09 12:57 . 2011-05-29 05:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-07-09 12:57 . 2011-07-09 12:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-07-09 12:57 . 2011-05-29 05:11 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-07-09 12:43 . 2011-07-09 12:45 -------- d-----w- c:\users\Anis

2011-07-08 14:26 . 2011-07-09 12:42 -------- d-----w- c:\program files\Common Files\PC Tools

2011-07-08 14:26 . 2011-07-09 12:42 -------- d-----w- c:\program files\Spyware Doctor

2011-07-08 13:34 . 2011-07-09 11:32 -------- d-----w- c:\programdata\SecTaskMan

2011-07-08 13:33 . 2011-07-08 13:34 -------- d-----w- c:\program files\Security Task Manager

2011-07-08 13:30 . 2011-07-08 13:30 -------- d-----w- c:\program files\WinZip Courier

2011-07-08 13:30 . 2011-07-08 13:30 -------- d-----w- c:\windows\CD95F661A5C411AFB2CCABCD21A325B4.TMP

2011-07-08 13:28 . 2011-07-08 13:30 -------- d-----w- c:\programdata\WinZip

2011-07-04 15:59 . 2011-07-04 15:59 -------- d-----w- C:\$AVG

2011-07-04 15:04 . 2011-07-04 15:04 -------- d--h--w- c:\programdata\Common Files

2011-07-04 14:59 . 2011-07-09 14:35 -------- d-----w- c:\programdata\AVG10

2011-07-04 14:57 . 2011-07-09 11:34 -------- d-----w- c:\program files\AVG

2011-07-04 14:20 . 2011-07-09 14:34 -------- d-----w- c:\programdata\MFAData

2011-07-04 14:10 . 2011-07-04 14:10 -------- d-----w- c:\programdata\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}

2011-07-04 13:38 . 2011-07-04 13:38 -------- d-----w- c:\programdata\Malwarebytes

2011-07-04 09:19 . 2011-04-30 06:09 758784 ----a-w- c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll

2011-07-03 15:13 . 2009-11-08 06:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2011-07-03 15:13 . 2009-11-08 06:55 49472 ----a-w- c:\windows\system32\netfxperf.dll

2011-07-03 15:13 . 2009-11-08 06:55 297808 ----a-w- c:\windows\system32\mscoree.dll

2011-07-03 15:13 . 2009-11-08 06:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe

2011-07-03 15:13 . 2009-11-08 06:55 1130824 ----a-w- c:\windows\system32\dfshim.dll

2011-07-03 11:58 . 2009-07-14 17:45 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys

2011-07-03 11:58 . 2009-07-14 17:45 38480 ----a-w- c:\windows\system32\drivers\WdfLdr.sys

2011-07-03 10:02 . 2011-07-03 10:02 369952 ----a-w- c:\windows\system32\yk60x86.dll

2011-07-03 10:02 . 2011-07-03 10:02 320288 ----a-w- c:\windows\system32\drivers\yk60x86.sys

2011-07-03 09:54 . 2011-07-03 09:54 91376 ----a-w- c:\windows\system32\bcmwlcoi.dll

2011-07-03 09:54 . 2011-07-03 09:54 3555349 ----a-w- c:\windows\system32\bcmihvui.dll

2011-07-03 09:54 . 2011-07-03 09:54 2707448 ----a-w- c:\windows\system32\drivers\BCMWL6.SYS

2011-07-03 09:54 . 2011-07-03 09:54 3866624 ----a-w- c:\windows\system32\bcmihvsrv.dll

2011-07-03 09:52 . 2011-07-03 09:52 19464 ----a-w- c:\windows\system32\btinstall.dll

2011-07-03 09:43 . 2011-07-03 09:43 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll

2011-07-03 09:43 . 2011-07-03 09:43 114616 ----a-w- c:\windows\system32\Vxdif.dll

2011-07-03 09:43 . 2011-07-03 09:43 255096 ----a-w- c:\windows\system32\drivers\Apfiltr.sys

2011-07-03 08:24 . 2011-07-03 08:24 -------- d-----w- c:\programdata\Uniblue

2011-07-03 07:39 . 2010-10-19 04:27 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll

2011-07-03 06:31 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll

2011-07-03 06:31 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll

2011-07-03 06:31 . 2008-06-20 01:14 37384 ----a-w- c:\windows\system32\infocardcpl.cpl

2011-07-03 06:31 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll

2011-07-03 06:31 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe

2011-07-03 06:31 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll

2011-07-03 06:20 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll

2011-07-03 06:20 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll

2011-07-02 06:28 . 2009-10-09 21:56 2048 ----a-w- c:\windows\system32\winrsmgr.dll

2011-07-02 06:15 . 2008-06-26 01:45 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll

2011-07-02 06:15 . 2008-06-26 01:45 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll

2011-07-02 06:15 . 2008-06-26 03:29 801280 ----a-w- c:\windows\system32\NaturalLanguage6.dll

2011-06-29 23:02 . 2010-09-20 09:25 231936 ----a-w- c:\windows\system32\msshsq.dll

2011-06-29 10:51 . 2010-09-06 16:24 125952 ----a-w- c:\windows\system32\srvsvc.dll

2011-06-29 10:51 . 2010-09-06 16:23 17920 ----a-w- c:\windows\system32\netevent.dll

2011-06-29 10:51 . 2008-09-03 03:59 468992 ----a-w- c:\windows\system32\newdev.dll

2011-06-29 10:51 . 2008-09-03 03:58 74752 ----a-w- c:\windows\system32\newdev.exe

2011-06-29 10:51 . 2009-08-24 12:16 378368 ----a-w- c:\windows\system32\winhttp.dll

2011-06-29 10:50 . 2009-11-03 19:53 411136 ----a-w- c:\windows\system32\drivers\http.sys

2011-06-29 10:50 . 2009-11-03 22:17 24064 ----a-w- c:\windows\system32\nshhttp.dll

2011-06-29 10:50 . 2009-11-03 22:15 31232 ----a-w- c:\windows\system32\httpapi.dll

2011-06-29 10:50 . 2011-04-29 14:54 276992 ----a-w- c:\windows\system32\schannel.dll

2011-06-29 08:48 . 2011-03-03 14:56 28672 ----a-w- c:\windows\system32\Apphlpdm.dll

2011-06-29 08:48 . 2011-03-03 13:01 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll

2011-06-29 06:49 . 2009-09-27 05:39 369152 ----a-w- c:\windows\system32\avisynth.dll

2011-06-29 06:49 . 2004-02-22 06:11 719872 ----a-w- c:\windows\system32\devil.dll

2011-06-29 06:49 . 2004-01-24 20:00 70656 ----a-w- c:\windows\system32\yv12vfw.dll

2011-06-29 06:49 . 2004-01-24 20:00 70656 ----a-w- c:\windows\system32\i420vfw.dll

2011-06-29 06:49 . 2011-06-29 06:49 -------- d-----w- c:\program files\AviSynth 2.5

2011-06-29 06:49 . 2011-01-14 09:35 17712 ----a-w- c:\windows\system32\nitrolocalui.dll

2011-06-29 06:49 . 2011-01-14 09:35 26416 ----a-w- c:\windows\system32\nitrolocalmon.dll

2011-06-29 06:16 . 2008-05-27 05:17 11776 ----a-w- c:\windows\system32\msshooks.dll

2011-06-29 06:01 . 2011-06-29 06:01 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help

2011-06-29 06:00 . 2008-04-30 05:36 454656 ----a-w- c:\program files\Common Files\System\msadc\msadce.dll

2011-06-28 19:07 . 2011-06-28 19:07 -------- d-----w- c:\programdata\Leawo

2011-06-28 19:06 . 2008-10-28 06:10 139264 ----a-w- c:\windows\system32\xvid.ax

2011-06-28 19:06 . 2008-10-08 05:45 606208 ----a-w- c:\windows\system32\xvidcore.dll

2011-06-28 17:26 . 2010-01-25 08:35 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe

2011-06-28 17:26 . 2010-01-25 08:34 511488 ----a-w- c:\windows\system32\RMActivate.exe

2011-06-28 17:26 . 2010-01-25 08:34 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe

2011-06-28 17:26 . 2010-01-25 12:48 472576 ----a-w- c:\windows\system32\secproc_isv.dll

2011-06-28 17:26 . 2010-01-25 12:48 472064 ----a-w- c:\windows\system32\secproc.dll

2011-06-28 17:26 . 2010-01-25 08:35 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe

2011-06-28 17:26 . 2010-01-25 12:48 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll

2011-06-28 17:26 . 2010-01-25 12:48 151040 ----a-w- c:\windows\system32\secproc_ssp.dll

2011-06-28 17:26 . 2010-01-25 12:45 329216 ----a-w- c:\windows\system32\msdrm.dll

2011-06-28 17:16 . 2010-10-15 14:08 3548048 ----a-w- c:\windows\system32\ntoskrnl.exe

2011-06-28 17:16 . 2010-10-15 13:48 1205080 ----a-w- c:\windows\system32\ntdll.dll

2011-06-28 17:16 . 2010-10-15 14:08 3600272 ----a-w- c:\windows\system32\ntkrnlpa.exe

2011-06-28 17:15 . 2008-03-08 04:21 1695744 ----a-w- c:\windows\system32\gameux.dll

2011-06-28 17:11 . 2009-03-03 04:40 499200 ----a-w- c:\windows\system32\wbem\WmiPrvSD.dll

2011-06-28 17:11 . 2009-03-03 04:39 551424 ----a-w- c:\windows\system32\rpcss.dll

2011-06-28 17:11 . 2009-03-03 04:36 615424 ----a-w- c:\windows\system32\wbem\fastprox.dll

2011-06-28 17:11 . 2009-03-03 02:16 247296 ----a-w- c:\windows\system32\wbem\WmiPrvSE.exe

2011-06-28 17:11 . 2009-03-03 04:40 129024 ----a-w- c:\windows\system32\wbem\WmiDcPrv.dll

2011-06-28 17:11 . 2009-03-03 03:04 666624 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe

2011-06-28 17:11 . 2009-03-03 04:39 183296 ----a-w- c:\windows\system32\sdohlp.dll

2011-06-28 17:11 . 2009-03-03 04:39 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll

2011-06-28 17:11 . 2009-03-03 04:37 98304 ----a-w- c:\windows\system32\iasrecst.dll

2011-06-28 17:11 . 2009-03-03 04:37 54784 ----a-w- c:\windows\system32\iasads.dll

2011-06-28 17:11 . 2009-03-03 04:37 44032 ----a-w- c:\windows\system32\iasdatastore.dll

2011-06-28 17:11 . 2009-03-03 02:38 17408 ----a-w- c:\windows\system32\iashost.exe

2011-06-28 17:05 . 2011-05-02 12:00 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat

2011-06-28 17:02 . 2010-09-10 16:35 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe

2011-06-28 17:02 . 2010-09-10 16:37 8147456 ----a-w- c:\windows\system32\wmploc.DLL

2011-06-28 17:01 . 2010-04-16 16:10 501760 ----a-w- c:\windows\system32\usp10.dll

2011-06-28 17:01 . 2010-10-12 15:48 33280 ----a-w- c:\program files\Windows Mail\wabfind.dll

2011-06-28 17:01 . 2010-10-12 13:52 66048 ----a-w- c:\program files\Windows Mail\wabmig.exe

2011-06-28 17:01 . 2010-10-12 13:52 515584 ----a-w- c:\program files\Windows Mail\wab.exe

2011-06-28 17:00 . 2011-02-16 13:24 292864 ----a-w- c:\windows\system32\atmfd.dll

2011-06-28 17:00 . 2011-02-16 15:29 34304 ----a-w- c:\windows\system32\atmlib.dll

2011-06-28 17:00 . 2010-06-16 15:12 72704 ----a-w- c:\windows\system32\fontsub.dll

2011-06-28 17:00 . 2009-06-15 15:20 10240 ----a-w- c:\windows\system32\dciman32.dll

2011-06-28 17:00 . 2008-06-19 03:31 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL

2011-06-28 17:00 . 2010-12-28 14:57 409600 ----a-w- c:\windows\system32\odbc32.dll

2011-06-28 17:00 . 2010-12-28 14:56 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll

2011-06-28 17:00 . 2010-12-28 14:56 57344 ----a-w- c:\program files\Common Files\System\msadc\msadcs.dll

2011-06-28 17:00 . 2010-12-28 14:56 253952 ----a-w- c:\program files\Common Files\System\ado\msadox.dll

2011-06-28 17:00 . 2010-12-28 14:56 241664 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll

2011-06-28 17:00 . 2010-12-28 14:56 180224 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll

2011-06-28 16:59 . 2008-10-22 03:57 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll

2011-06-28 16:59 . 2009-08-14 16:29 104960 ----a-w- c:\windows\system32\netiohlp.dll

2011-06-28 16:59 . 2009-08-14 14:16 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-05-18 23:00 . 2011-05-18 23:00 222536 ----a-r- c:\windows\tabctl32.ocx

2006-05-03 08:06 163328 --sha-r- c:\windows\System32\flvDX.dll

2007-02-21 09:47 31232 --sha-r- c:\windows\System32\msfDX.dll

2008-03-16 11:30 216064 --sha-r- c:\windows\System32\nbDX.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A8FB70FA-0FDF-4601-9DC4-BFA1B357204F}]

2011-05-18 23:00 193864 ----a-r- c:\progra~1\WINZIP~1\wzwmcie.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]

"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-21 2153472]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 141848]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 166424]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 133656]

"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-08-07 1548288]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-05-09 36864]

"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-07-03 292208]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-05-29 449584]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-3 703280]

QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-2-22 1193240]

WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2011-6-23 610120]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"mixer3"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-05-29 366640]

S3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2007-06-06 111616]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-05-29 22712]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

bthsvcs REG_MULTI_SZ BthServ

.

Contents of the 'Scheduled Tasks' folder

.

2011-07-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3024083015-3834169448-2481064255-1000Core.job

- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-25 20:24]

.

2011-07-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3024083015-3834169448-2481064255-1000UA.job

- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-25 20:24]

.

2011-07-09 c:\windows\Tasks\User_Feed_Synchronization-{34A37BBD-0B68-4E74-9D2C-5FD39DFB4806}.job

- c:\windows\system32\msfeedssync.exe [2011-07-04 04:32]

.

.

------- Supplementary Scan -------

.

mStart Page = about:blank

IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

TCP: DhcpNameServer = 188.135.0.23 188.135.0.24

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-07-10 00:30

Windows 6.0.6001 Service Pack 1 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

Completion time: 2011-07-10 00:33:45

ComboFix-quarantined-files.txt 2011-07-09 20:33

ComboFix2.txt 2011-07-09 20:15

ComboFix3.txt 2011-07-09 19:31

ComboFix4.txt 2011-07-09 19:17

ComboFix5.txt 2011-07-09 20:22

.

Pre-Run: 10,235,043,840 bytes free

Post-Run: 10,211,262,464 bytes free

.

- - End Of File - - E86ADA721B05C95887F1E748B9BF7344

looks his still controling the system

Adobe Reader X (10.1.0)

````````````````````````````````

Process Check:

objlist.exe by Laurent

``````````End of Log````````````

Any one can help here please?

Link to post
Share on other sites

Thanks for your reply, it looks like a virus is controlling my windows, there is a lots of files which i don't recongize and i can't access, i had kasperski and malwarevytes running they initially detected win32 trojan i deleted, tought is gone but since that the system is very slow, this last week i experienced blue screen 3 times, CD drive dosen't read, i tried to burn a CD with a photo file it communicate time remainig 4 days. actually the AV i'am using is microsoft essentials, when i run it always nothing, i habe also noticed my internet explorer is hijacked.

i downloaded root repeal it's showing most of the files locked to windows API i have no ideas how to proceed here is the report

ROOTREPEAL © AD, 2007-2009

==================================================

Scan Start Time: 2011/07/16 01:54

Program Version: Version 1.3.5.0

Windows Version: Windows Vista SP2

==================================================

Hidden/Locked Files

-------------------

Path: C:\System Volume Information\{1844e2de-ad71-11e0-adb9-001dd9eca94f}{3808876b-c176-4e48-b7ae-04046e6cc752}

Status: Locked to the Windows API!

Path: C:\System Volume Information\{2b657f8b-ae1c-11e0-8256-001dd9eca94f}{3808876b-c176-4e48-b7ae-04046e6cc752}

Status: Locked to the Windows API!

Path: C:\System Volume Information\{4f6c32b7-ae0f-11e0-84bf-001dd9eca94f}{3808876b-c176-4e48-b7ae-04046e6cc752}

Status: Locked to the Windows API!

Path: C:\System Volume Information\{4f6c32bb-ae0f-11e0-84bf-001dd9eca94f}{3808876b-c176-4e48-b7ae-04046e6cc752}

Status: Locked to the Windows API!

Path: C:\System Volume Information\{4f6c32bf-ae0f-11e0-84bf-001dd9eca94f}{3808876b-c176-4e48-b7ae-04046e6cc752}

Status: Locked to the Windows API!

Path: C:\System Volume Information\{4f6c32c3-ae0f-11e0-84bf-001dd9eca94f}{3808876b-c176-4e48-b7ae-04046e6cc752}

Status: Locked to the Windows API!

Path: C:\System Volume Information\{72ae8255-aedc-11e0-be6c-001dd9eca94f}{3808876b-c176-4e48-b7ae-04046e6cc752}

Status: Locked to the Windows API!

Path: C:\System Volume Information\{c300d555-ad60-11e0-b7fc-001dd9eca94f}{3808876b-c176-4e48-b7ae-04046e6cc752}

Status: Locked to the Windows API!

Path: C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}

Status: Locked to the Windows API!

Path: C:\Windows\Microsoft.NET\Framework\NETFXS~1.HKF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_4de39e0d118f2d3f.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_4db63e267dcf142c.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.21022.8_none_ecdf8c290e547f39.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_54c11df268b7c6d9.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_60a5df56e60dc5df.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_5090ab56bcba71c2.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_6b8a9829b015faa3.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_none_dc990e4797f81af1.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_f0bf52b884e4a7f2.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_f0f2581af89e6e01.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_none_db5f52fb98cb24ad.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_f480bfaef65491a5.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_ed01d9e4fb230e88.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_58843c41d2730d3f.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_none_58b19c2866332652.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_49f31fd71413cdc6.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_f0bcaee084e72e5d.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.30729.6161_none_80ba6c811e9b4aff.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_7dd1e0ebd6590e0b.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.21022.8_none_7ab8cc63a6e4c2a3.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.1_none_dcc7eae99ad0d9cf.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_517205a10f4550e3.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4bf5400abf9d60b7.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_8550c6b5d18a9128.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_f0efb442f8a0f46c.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_f47e1bd6f6571810.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_818f59bf601aa775.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.1_none_da4695fc507e16e1.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_51ca66a2bbe76806.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_ecff360cfb2594f3.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_81c25f21d3d46d84.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.42_none_45e008191e507087.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.4148_none_4973eb1d754a9dc9.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.30729.4148_none_80b7c8a91e9dd16a.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.30729.4148_none_0e9108e3b72e14d4.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.42_none_7658964504b9f3b6.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_e29d1181971ae11e.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_none_5c4003bc63e949f6.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.openmp_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0e93acbbb72b8e69.cat

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6000.16767_none_48e0ac03ef0db56a\PORTAB~1.MOF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6000.16767_none_48e0ac03ef0db56a\PORTAB~2.MOF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6000.16767_none_48e0ac03ef0db56a\PORTAB~3.MOF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wwfcorecomp.resources_31bf3856ad364e35_6.0.6000.16708_en-us_b9851a92245b1b73\TRACKI~1.SQL

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wwfcorecomp.resources_31bf3856ad364e35_6.0.6000.20864_en-us_b9c9d6ad3dacfd87\TRACKI~1.SQL

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wwfcorecomp.resources_31bf3856ad364e35_6.0.6001.18096_en-us_bb08077221cc7808\TRACKI~1.SQL

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wwfcorecomp.resources_31bf3856ad364e35_6.0.6001.22208_en-us_bbf4f6033a9f4c2e\TRACKI~1.SQL

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wwfcorecomp.resources_31bf3856ad364e35_6.0.6002.18005_en-us_bd4ece0e1eaaafd1\TRACKI~1.SQL

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_uninstallsqlstatetem_b03f5f7f11d50a3a_6.0.6000.16720_none_04c87b54ba4ac535\UNINST~1.SQL

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_uninstallsqlstatetem_b03f5f7f11d50a3a_6.0.6000.20883_none_ee0091f8d3ed0a28\UNINST~1.SQL

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_uninstallsqlstatetem_b03f5f7f11d50a3a_6.0.6001.18111_none_04a3600aba9cd1d6\UNINST~1.SQL

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_uninstallsqlstatetem_b03f5f7f11d50a3a_6.0.6001.22230_none_edd7d0a6d4424ae9\UNINST~1.SQL

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\APPCON~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\APPSET~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\CREATE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\DEBUGA~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\DEFINE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\EDITAP~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\MANAGE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\SMTPSE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\APPCON~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\APPSET~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\CREATE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\DEBUGA~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\DEFINE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\EDITAP~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\MANAGE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\SMTPSE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\APPCON~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\APPSET~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\CREATE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\DEBUGA~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\DEFINE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\EDITAP~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\MANAGE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\SMTPSE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\APPCON~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\APPSET~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\CREATE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\DEBUGA~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\DEFINE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\EDITAP~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\MANAGE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\SMTPSE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6000.16720_none_4ef4fbb8699d6b09\CREATE~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6000.16720_none_4ef4fbb8699d6b09\DEFINE~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6000.16720_none_4ef4fbb8699d6b09\MANAGE~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6000.20883_none_382d125c833faffc\CREATE~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6000.20883_none_382d125c833faffc\DEFINE~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6000.20883_none_382d125c833faffc\MANAGE~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6001.18111_none_4ecfe06e69ef77aa\CREATE~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6001.18111_none_4ecfe06e69ef77aa\DEFINE~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6001.18111_none_4ecfe06e69ef77aa\MANAGE~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_permissions_b03f5f7f11d50a3a_6.0.6000.16720_none_950a4e2fda3ee0ba\CREATE~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_permissions_b03f5f7f11d50a3a_6.0.6000.16720_none_950a4e2fda3ee0ba\MANAGE~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_permissions_b03f5f7f11d50a3a_6.0.6000.20883_none_7e4264d3f3e125ad\CREATE~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_permissions_b03f5f7f11d50a3a_6.0.6000.20883_none_7e4264d3f3e125ad\MANAGE~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_permissions_b03f5f7f11d50a3a_6.0.6001.18111_none_94e532e5da90ed5b\CREATE~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_permissions_b03f5f7f11d50a3a_6.0.6001.18111_none_94e532e5da90ed5b\MANAGE~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_permissions_b03f5f7f11d50a3a_6.0.6001.22230_none_7e19a381f436666e\CREATE~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_permissions_b03f5f7f11d50a3a_6.0.6001.22230_none_7e19a381f436666e\MANAGE~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_perm_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4cb2b120b7498755\CREATE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_perm_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4cb2b120b7498755\MANAGE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_perm_res_b03f5f7f11d50a3a_6.0.6000.20883_none_35eac7c4d0ebcc48\CREATE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_perm_res_b03f5f7f11d50a3a_6.0.6000.20883_none_35eac7c4d0ebcc48\MANAGE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_perm_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4c8d95d6b79b93f6\CREATE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_perm_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4c8d95d6b79b93f6\MANAGE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_perm_res_b03f5f7f11d50a3a_6.0.6001.22230_none_35c20672d1410d09\CREATE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_perm_res_b03f5f7f11d50a3a_6.0.6001.22230_none_35c20672d1410d09\MANAGE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6000.16720_none_7325c867d7281910\CHOOSE~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6000.16720_none_7325c867d7281910\MANAGE~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6000.16720_none_7325c867d7281910\MANAGE~2.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6000.20883_none_5c5ddf0bf0ca5e03\CHOOSE~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6000.20883_none_5c5ddf0bf0ca5e03\MANAGE~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6000.20883_none_5c5ddf0bf0ca5e03\MANAGE~2.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6001.18111_none_7300ad1dd77a25b1\CHOOSE~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6001.18111_none_7300ad1dd77a25b1\MANAGE~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6001.18111_none_7300ad1dd77a25b1\MANAGE~2.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_secur_res_b03f5f7f11d50a3a_6.0.6000.16720_none_c39efe8a3f927437\SETUPA~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_secur_res_b03f5f7f11d50a3a_6.0.6000.20883_none_acd7152e5934b92a\SETUPA~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_secur_res_b03f5f7f11d50a3a_6.0.6001.18111_none_c379e3403fe480d8\SETUPA~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_secur_res_b03f5f7f11d50a3a_6.0.6001.22230_none_acae53dc5989f9eb\SETUPA~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_users_res_b03f5f7f11d50a3a_6.0.6000.16720_none_b103fb905f6db0d9\MANAGE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_users_res_b03f5f7f11d50a3a_6.0.6000.20883_none_9a3c1234790ff5cc\MANAGE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_users_res_b03f5f7f11d50a3a_6.0.6001.18111_none_b0dee0465fbfbd7a\MANAGE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_users_res_b03f5f7f11d50a3a_6.0.6001.22230_none_9a1350e27965368d\MANAGE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_policy.1.2.microsof..op.security.azroles_31bf3856ad364e35_6.0.6000.16386_none_ea83414c2e75b887\Microsoft.Interop.Security.AzRoles.config

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_h_31bf3856ad364e35_6.0.6000.20864_none_24101549d032590a\_SERVI~1.H

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6000.20941_none_4979e8d10820826f\PORTAB~1.MOF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6000.20941_none_4979e8d10820826f\PORTAB~2.MOF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6000.20941_none_4979e8d10820826f\PORTAB~3.MOF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6001.18160_none_4abfe8a3ec3a94fa\PORTAB~1.MOF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6001.18160_none_4abfe8a3ec3a94fa\PORTAB~2.MOF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6001.18160_none_4abfe8a3ec3a94fa\PORTAB~3.MOF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6001.22292_none_4b2b163f056ebb45\PORTAB~1.MOF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6001.22292_none_4b2b163f056ebb45\PORTAB~2.MOF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6001.22292_none_4b2b163f056ebb45\PORTAB~3.MOF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6002.18005_none_4cec3f51e92bbb79\PORTAB~1.MOF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6002.18005_none_4cec3f51e92bbb79\PORTAB~2.MOF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-wpd-portabledeviceapi_31bf3856ad364e35_6.0.6002.18005_none_4cec3f51e92bbb79\PORTAB~3.MOF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_roles_b03f5f7f11d50a3a_6.0.6001.22230_none_5efce545badd1f03\MANAGE~2.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_roles_res_b03f5f7f11d50a3a_6.0.6000.16720_none_87d39b55197883e6\MANAGE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_roles_res_b03f5f7f11d50a3a_6.0.6000.16720_none_87d39b55197883e6\MANAGE~2.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_roles_res_b03f5f7f11d50a3a_6.0.6000.20883_none_710bb1f9331ac8d9\MANAGE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_roles_res_b03f5f7f11d50a3a_6.0.6000.20883_none_710bb1f9331ac8d9\MANAGE~2.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_roles_res_b03f5f7f11d50a3a_6.0.6001.18111_none_87ae800b19ca9087\MANAGE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_roles_res_b03f5f7f11d50a3a_6.0.6001.18111_none_87ae800b19ca9087\MANAGE~2.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_roles_res_b03f5f7f11d50a3a_6.0.6001.22230_none_70e2f0a73370099a\MANAGE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_roles_res_b03f5f7f11d50a3a_6.0.6001.22230_none_70e2f0a73370099a\MANAGE~2.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_security_b03f5f7f11d50a3a_6.0.6000.16720_none_62b207ce0c996d96\SETUPA~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_security_b03f5f7f11d50a3a_6.0.6000.20883_none_4bea1e72263bb289\SETUPA~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_security_b03f5f7f11d50a3a_6.0.6001.18111_none_628cec840ceb7a37\SETUPA~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_security_b03f5f7f11d50a3a_6.0.6001.22230_none_4bc15d202690f34a\SETUPA~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.22230_none_659fa2cdd3687d81\WEBADM~2.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.22230_none_659fa2cdd3687d81\WEBADM~3.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.22230_none_659fa2cdd3687d81\WEBADM~4.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.22230_none_659fa2cdd3687d81\WEBB00~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6000.16720_none_aee54cea18c2ca82\ASPX_F~1.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6000.16720_none_aee54cea18c2ca82\DESELE~1.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6000.16720_none_aee54cea18c2ca82\GRADIE~1.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6000.16720_none_aee54cea18c2ca82\GRADIE~2.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6000.16720_none_aee54cea18c2ca82\HEADER~1.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6000.16720_none_aee54cea18c2ca82\REQUIR~1.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6000.16720_none_aee54cea18c2ca82\SECURI~1.JPG

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6000.16720_none_aee54cea18c2ca82\SELECT~2.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6000.16720_none_aee54cea18c2ca82\SELECT~3.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6000.16720_none_aee54cea18c2ca82\UNSELE~1.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6000.16720_none_aee54cea18c2ca82\UNSELE~2.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6000.20883_none_981d638e32650f75\ASPX_F~1.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6000.20883_none_981d638e32650f75\DESELE~1.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6000.20883_none_981d638e32650f75\GRADIE~1.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6000.20883_none_981d638e32650f75\GRADIE~2.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6000.20883_none_981d638e32650f75\HEADER~1.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6000.20883_none_981d638e32650f75\REQUIR~1.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6000.20883_none_981d638e32650f75\SECURI~1.JPG

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6000.20883_none_981d638e32650f75\SELECT~2.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6000.20883_none_981d638e32650f75\SELECT~3.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6000.20883_none_981d638e32650f75\UNSELE~1.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6000.20883_none_981d638e32650f75\UNSELE~2.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6001.18111_none_aec031a01914d723\ASPX_F~1.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6001.18111_none_aec031a01914d723\DESELE~1.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6001.18111_none_aec031a01914d723\GRADIE~1.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6001.18111_none_aec031a01914d723\GRADIE~2.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6001.18111_none_aec031a01914d723\HEADER~1.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6001.18111_none_aec031a01914d723\REQUIR~1.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6001.18111_none_aec031a01914d723\SECURI~1.JPG

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6001.18111_none_aec031a01914d723\SELECT~2.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6001.18111_none_aec031a01914d723\SELECT~3.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6001.18111_none_aec031a01914d723\UNSELE~1.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6001.18111_none_aec031a01914d723\UNSELE~2.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6001.22230_none_97f4a23c32ba5036\ASPX_F~1.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6001.22230_none_97f4a23c32ba5036\DESELE~1.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6001.22230_none_97f4a23c32ba5036\GRADIE~1.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6001.22230_none_97f4a23c32ba5036\GRADIE~2.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6001.22230_none_97f4a23c32ba5036\HEADER~1.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6001.22230_none_97f4a23c32ba5036\REQUIR~1.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6001.22230_none_97f4a23c32ba5036\SECURI~1.JPG

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6001.22230_none_97f4a23c32ba5036\SELECT~2.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6001.22230_none_97f4a23c32ba5036\SELECT~3.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6001.22230_none_97f4a23c32ba5036\UNSELE~1.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_images_b03f5f7f11d50a3a_6.0.6001.22230_none_97f4a23c32ba5036\UNSELE~2.GIF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e101494a280d4e0b\NAVIGA~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e101494a280d4e0b\WEBADM~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e101494a280d4e0b\WEBADM~2.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e101494a280d4e0b\WEBADM~3.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e101494a280d4e0b\WEBADM~4.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e101494a280d4e0b\WED669~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6000.20883_none_ca395fee41af92fe\NAVIGA~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6000.20883_none_ca395fee41af92fe\WEBADM~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6000.20883_none_ca395fee41af92fe\WEBADM~2.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6000.20883_none_ca395fee41af92fe\WEBADM~3.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6000.20883_none_ca395fee41af92fe\WEBADM~4.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6000.20883_none_ca395fee41af92fe\WED669~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e0dc2e00285f5aac\NAVIGA~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e0dc2e00285f5aac\WEBADM~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e0dc2e00285f5aac\WEBADM~2.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e0dc2e00285f5aac\WEBADM~3.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e0dc2e00285f5aac\WEBADM~4.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e0dc2e00285f5aac\WED669~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6001.22230_none_ca109e9c4204d3bf\NAVIGA~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6001.22230_none_ca109e9c4204d3bf\WEBADM~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6001.22230_none_ca109e9c4204d3bf\WEBADM~2.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6001.22230_none_ca109e9c4204d3bf\WEBADM~3.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6001.22230_none_ca109e9c4204d3bf\WEBADM~4.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_locres_res_b03f5f7f11d50a3a_6.0.6001.22230_none_ca109e9c4204d3bf\WED669~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.16720_none_66f75d098c217f33\WIZARD~2.ASC

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.16720_none_66f75d098c217f33\WIZARD~3.ASC

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.16720_none_66f75d098c217f33\WIZARD~4.ASC

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.16720_none_66f75d098c217f33\WI1344~1.ASC

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.16720_none_66f75d098c217f33\WI5BF5~1.ASC

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.20883_none_502f73ada5c3c426\WIZARD~2.ASC

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.20883_none_502f73ada5c3c426\WIZARD~3.ASC

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.20883_none_502f73ada5c3c426\WIZARD~4.ASC

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.20883_none_502f73ada5c3c426\WI1344~1.ASC

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6000.20883_none_502f73ada5c3c426\WI5BF5~1.ASC

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.18111_none_66d241bf8c738bd4\WIZARD~2.ASC

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.18111_none_66d241bf8c738bd4\WIZARD~3.ASC

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.18111_none_66d241bf8c738bd4\WIZARD~4.ASC

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.18111_none_66d241bf8c738bd4\WI1344~1.ASC

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.18111_none_66d241bf8c738bd4\WI5BF5~1.ASC

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.22230_none_5006b25ba61904e7\WIZARD~2.ASC

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.22230_none_5006b25ba61904e7\WIZARD~3.ASC

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.22230_none_5006b25ba61904e7\WIZARD~4.ASC

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.22230_none_5006b25ba61904e7\WI1344~1.ASC

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_wizard_b03f5f7f11d50a3a_6.0.6001.22230_none_5006b25ba61904e7\WI5BF5~1.ASC

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e1f7e8f41a7be9de\CHOOSE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e1f7e8f41a7be9de\MANAGE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e1f7e8f41a7be9de\MANAGE~2.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.16720_none_e1f7e8f41a7be9de\PROVID~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.20883_none_cb2fff98341e2ed1\CHOOSE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.20883_none_cb2fff98341e2ed1\MANAGE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.20883_none_cb2fff98341e2ed1\MANAGE~2.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6000.20883_none_cb2fff98341e2ed1\PROVID~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e1d2cdaa1acdf67f\CHOOSE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e1d2cdaa1acdf67f\MANAGE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e1d2cdaa1acdf67f\MANAGE~2.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.18111_none_e1d2cdaa1acdf67f\PROVID~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.22230_none_cb073e4634736f92\CHOOSE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.22230_none_cb073e4634736f92\MANAGE~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.22230_none_cb073e4634736f92\MANAGE~2.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_prov_res_b03f5f7f11d50a3a_6.0.6001.22230_none_cb073e4634736f92\PROVID~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_res_res_b03f5f7f11d50a3a_6.0.6000.16720_none_fc112931b73e055f\APPCON~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_res_res_b03f5f7f11d50a3a_6.0.6000.16720_none_fc112931b73e055f\GLOBAL~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_res_res_b03f5f7f11d50a3a_6.0.6000.20883_none_e5493fd5d0e04a52\APPCON~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_res_res_b03f5f7f11d50a3a_6.0.6000.20883_none_e5493fd5d0e04a52\GLOBAL~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_res_res_b03f5f7f11d50a3a_6.0.6001.18111_none_fbec0de7b7901200\APPCON~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_res_res_b03f5f7f11d50a3a_6.0.6001.18111_none_fbec0de7b7901200\GLOBAL~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_res_res_b03f5f7f11d50a3a_6.0.6001.22230_none_e5207e83d1358b13\APPCON~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_res_res_b03f5f7f11d50a3a_6.0.6001.22230_none_e5207e83d1358b13\GLOBAL~1.RES

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_roles_b03f5f7f11d50a3a_6.0.6000.16720_none_75ed8ff3a0e5994f\MANAGE~2.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_roles_b03f5f7f11d50a3a_6.0.6000.20883_none_5f25a697ba87de42\MANAGE~2.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6000.16720_none_e000b84a44323b9f\WEBADM~2.MAS

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6000.16720_none_e000b84a44323b9f\WEBADM~3.MAS

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6000.16720_none_e000b84a44323b9f\WE5915~1.MAS

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6000.16720_none_e000b84a44323b9f\WEBE69~1.MAS

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6000.20883_none_c938ceee5dd48092\WEBADM~2.MAS

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6000.20883_none_c938ceee5dd48092\WEBADM~3.MAS

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6000.20883_none_c938ceee5dd48092\WE5915~1.MAS

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6000.20883_none_c938ceee5dd48092\WEBE69~1.MAS

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6001.18111_none_dfdb9d0044844840\WEBADM~2.MAS

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6001.18111_none_dfdb9d0044844840\WEBADM~3.MAS

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6001.18111_none_dfdb9d0044844840\WE5915~1.MAS

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6001.18111_none_dfdb9d0044844840\WEBE69~1.MAS

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6001.22230_none_c9100d9c5e29c153\WEBADM~2.MAS

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6001.22230_none_c9100d9c5e29c153\WEBADM~3.MAS

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6001.22230_none_c9100d9c5e29c153\WE5915~1.MAS

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_b03f5f7f11d50a3a_6.0.6001.22230_none_c9100d9c5e29c153\WEBE69~1.MAS

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_code_b03f5f7f11d50a3a_6.0.6000.16720_none_7cdc4e91b93964e9\APPLIC~1.CS

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_code_b03f5f7f11d50a3a_6.0.6000.20883_none_66146535d2dba9dc\APPLIC~1.CS

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_code_b03f5f7f11d50a3a_6.0.6001.18111_none_7cb73347b98b718a\APPLIC~1.CS

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_code_b03f5f7f11d50a3a_6.0.6001.22230_none_65eba3e3d330ea9d\APPLIC~1.CS

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.16720_none_7c904d7bb970f7cd\WEBADM~2.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.16720_none_7c904d7bb970f7cd\WEBADM~3.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.16720_none_7c904d7bb970f7cd\WEBADM~4.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.16720_none_7c904d7bb970f7cd\WEBB00~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.20883_none_65c8641fd3133cc0\WEBADM~2.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.20883_none_65c8641fd3133cc0\WEBADM~3.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.20883_none_65c8641fd3133cc0\WEBADM~4.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6000.20883_none_65c8641fd3133cc0\WEBB00~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6001.22230_none_3804510a8394f0bd\CREATE~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6001.22230_none_3804510a8394f0bd\DEFINE~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6001.22230_none_3804510a8394f0bd\MANAGE~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.18111_none_7c6b3231b9c3046e\WEBADM~2.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.18111_none_7c6b3231b9c3046e\WEBADM~3.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.18111_none_7c6b3231b9c3046e\WEBADM~4.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_help_b03f5f7f11d50a3a_6.0.6001.18111_none_7c6b3231b9c3046e\WEBB00~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6001.22230_none_5c351db9f11f9ec4\CHOOSE~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6001.22230_none_5c351db9f11f9ec4\MANAGE~1.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6001.22230_none_5c351db9f11f9ec4\MANAGE~2.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_roles_b03f5f7f11d50a3a_6.0.6001.18111_none_75c874a9a137a5f0\MANAGE~2.ASP

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-redist_config_files_b03f5f7f11d50a3a_6.0.6000.16720_none_7b4eba45cecd6936\IEEXEC~1.CON

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-redist_config_files_b03f5f7f11d50a3a_6.0.6000.20883_none_6486d0e9e86fae29\IEEXEC~1.CON

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-redist_config_files_b03f5f7f11d50a3a_6.0.6001.18111_none_7b299efbcf1f75d7\IEEXEC~1.CON

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-redist_config_files_b03f5f7f11d50a3a_6.0.6001.22230_none_645e0f97e8c4eeea\IEEXEC~1.CON

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_uninstallpersistsql_b03f5f7f11d50a3a_6.0.6000.16720_none_de8fef9cea4fec76\UNINST~1.SQL

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_uninstallpersistsql_b03f5f7f11d50a3a_6.0.6000.20883_none_c7c8064103f23169\UNINST~1.SQL

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_uninstallpersistsql_b03f5f7f11d50a3a_6.0.6001.18111_none_de6ad452eaa1f917\UNINST~1.SQL

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_uninstallpersistsql_b03f5f7f11d50a3a_6.0.6001.22230_none_c79f44ef0447722a\UNINST~1.SQL

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_h_31bf3856ad364e35_6.0.6001.18096_none_254e460eb451d38b\_SERVI~1.H

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_h_31bf3856ad364e35_6.0.6001.22208_none_263b349fcd24a7b1\_SERVI~1.H

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-netfxsbs12_hkf_31bf3856ad364e35_6.0.6000.16720_none_0bca521ee450d037\NETFXS~1.HKF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-netfxsbs12_hkf_31bf3856ad364e35_6.0.6000.20883_none_0c16103ffd9c63ac\NETFXS~1.HKF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-netfxsbs12_hkf_31bf3856ad364e35_6.0.6001.18111_none_0dbc60fae16e5e8e\NETFXS~1.HKF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-netfxsbs12_hkf_31bf3856ad364e35_6.0.6001.22230_none_0e2f5da3fa9d1ce3\NETFXS~1.HKF

Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_wcf-m_svc_mod_end_perf_h_31bf3856ad364e35_6.0.6000.16708_none_23cb592eb6e076f6\_SERVI~1.H

Status: Locked to the Windows API!

Path: c:\users\anis\appdata\local\temp\~dfe1a7.tmp

Status: Allocation size mismatch (API: 1114112, Raw: 16384)

Path: C:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.0.6000.16386__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.config

Status: Locked to the Windows API!

Path: C:\Users\user\AppData\Local\Apps\2.0\7PNTZEL6.V9G\TZM9PMAV.L97\manifests\clickonce_bootstrap.exe.cdf-ms

Status: Locked to the Windows API!

Path: C:\Users\user\AppData\Local\Apps\2.0\7PNTZEL6.V9G\TZM9PMAV.L97\manifests\clickonce_bootstrap.exe.manifest

Status: Locked to the Windows API!

Path: D:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}

Status: Locked to the Windows API!

Path: D:\System Volume Information\{65eee552-aa2d-11e0-9cb6-001dd9eca94f}{3808876b-c176-4e48-b7ae-04046e6cc752}

Status: Locked to the Windows API!

Path: D:\System Volume Information\{65eee5a2-aa2d-11e0-9cb6-001dd9eca94f}{3808876b-c176-4e48-b7ae-04046e6cc752}

Status: Locked to the Windows API!

Path: D:\System Volume Information\{65eee5af-aa2d-11e0-9cb6-001dd9eca94f}{3808876b-c176-4e48-b7ae-04046e6cc752}

Status: Locked to the Windows API!

Path: D:\System Volume Information\{a65bf9f6-aa4d-11e0-b2fc-001dd9eca94f}{3808876b-c176-4e48-b7ae-04046e6cc752}

Status: Locked to the Windows API!

Link to post
Share on other sites

OOTREPEAL © AD, 2007-2009

==================================================

Scan Start Time: 2011/07/16 01:57

Program Version: Version 1.3.5.0

Windows Version: Windows Vista SP2

==================================================

Drivers

-------------------

Name: 1394BUS.SYS

Image Path: C:\Windows\system32\DRIVERS\1394BUS.SYS

Address: 0x8B6B0000 Size: 57344 File Visible: - Signed: Yes

Status: -

Name: 2BD4.tmp

Image Path: C:\Windows\system32\2BD4.tmp

Address: 0x82F16000 Size: 6144 File Visible: No Signed: No

Status: -

Name: acpi.sys

Image Path: C:\Windows\system32\drivers\acpi.sys

Address: 0x8068E000 Size: 286720 File Visible: - Signed: Yes

Status: -

Name: ACPI_HAL

Image Path: \Driver\ACPI_HAL

Address: 0x83615000 Size: 3907584 File Visible: - Signed: Yes

Status: -

Name: afd.sys

Image Path: C:\Windows\system32\drivers\afd.sys

Address: 0x91158000 Size: 294912 File Visible: - Signed: Yes

Status: -

Name: Apfiltr.sys

Image Path: C:\Windows\system32\DRIVERS\Apfiltr.sys

Address: 0x8B762000 Size: 274432 File Visible: - Signed: Yes

Status: -

Name: atapi.sys

Image Path: C:\Windows\system32\drivers\atapi.sys

Address: 0x807A6000 Size: 32768 File Visible: - Signed: Yes

Status: -

Name: ataport.SYS

Image Path: C:\Windows\system32\drivers\ataport.SYS

Address: 0x807AE000 Size: 122880 File Visible: - Signed: Yes

Status: -

Name: BATTC.SYS

Image Path: C:\Windows\system32\DRIVERS\BATTC.SYS

Address: 0x8071E000 Size: 40960 File Visible: - Signed: Yes

Status: -

Name: bcmwl6.sys

Image Path: C:\Windows\system32\DRIVERS\bcmwl6.sys

Address: 0x8B407000 Size: 2723840 File Visible: - Signed: Yes

Status: -

Name: Beep.SYS

Image Path: C:\Windows\System32\Drivers\Beep.SYS

Address: 0x91096000 Size: 28672 File Visible: - Signed: Yes

Status: -

Name: BOOTVID.dll

Image Path: C:\Windows\system32\BOOTVID.dll

Address: 0x80490000 Size: 32768 File Visible: - Signed: Yes

Status: -

Name: bowser.sys

Image Path: C:\Windows\system32\DRIVERS\bowser.sys

Address: 0x8208A000 Size: 102400 File Visible: - Signed: Yes

Status: -

Name: BthEnum.sys

Image Path: C:\Windows\system32\DRIVERS\BthEnum.sys

Address: 0x8CB5C000 Size: 40960 File Visible: - Signed: Yes

Status: -

Name: bthpan.sys

Image Path: C:\Windows\system32\DRIVERS\bthpan.sys

Address: 0x8CB66000 Size: 106496 File Visible: - Signed: Yes

Status: -

Name: bthport.sys

Image Path: C:\Windows\System32\Drivers\bthport.sys

Address: 0x8CA82000 Size: 524288 File Visible: - Signed: Yes

Status: -

Name: BTHUSB.sys

Image Path: C:\Windows\System32\Drivers\BTHUSB.sys

Address: 0x8CA75000 Size: 53248 File Visible: - Signed: Yes

Status: -

Name: btwaudio.sys

Image Path: C:\Windows\system32\drivers\btwaudio.sys

Address: 0x91008000 Size: 503808 File Visible: - Signed: Yes

Status: -

Name: btwavdt.sys

Image Path: C:\Windows\system32\drivers\btwavdt.sys

Address: 0x8CB80000 Size: 417792 File Visible: - Signed: Yes

Status: -

Name: btwrchid.sys

Image Path: C:\Windows\system32\DRIVERS\btwrchid.sys

Address: 0x91083000 Size: 9600 File Visible: - Signed: Yes

Status: -

Name: cdd.dll

Image Path: C:\Windows\System32\cdd.dll

Address: 0x9A930000 Size: 57344 File Visible: - Signed: Yes

Status: -

Name: cdfs.sys

Image Path: C:\Windows\system32\DRIVERS\cdfs.sys

Address: 0x91C68000 Size: 90112 File Visible: - Signed: Yes

Status: -

Name: cdrom.sys

Image Path: C:\Windows\system32\DRIVERS\cdrom.sys

Address: 0x8B7BB000 Size: 98304 File Visible: - Signed: Yes

Status: -

Name: CI.dll

Image Path: C:\Windows\system32\CI.dll

Address: 0x804D9000 Size: 917504 File Visible: - Signed: Yes

Status: -

Name: CLASSPNP.SYS

Image Path: C:\Windows\system32\drivers\CLASSPNP.SYS

Address: 0x879A5000 Size: 135168 File Visible: - Signed: Yes

Status: -

Name: CLFS.SYS

Image Path: C:\Windows\system32\CLFS.SYS

Address: 0x80498000 Size: 266240 File Visible: - Signed: Yes

Status: -

Name: CmBatt.sys

Image Path: C:\Windows\system32\DRIVERS\CmBatt.sys

Address: 0x8B7D3000 Size: 14208 File Visible: - Signed: Yes

Status: -

Name: compbatt.sys

Image Path: C:\Windows\system32\DRIVERS\compbatt.sys

Address: 0x8071B000 Size: 10496 File Visible: - Signed: Yes

Status: -

Name: crashdmp.sys

Image Path: C:\Windows\System32\Drivers\crashdmp.sys

Address: 0x91C7E000 Size: 53248 File Visible: - Signed: Yes

Status: -

Name: crcdisk.sys

Image Path: C:\Windows\system32\drivers\crcdisk.sys

Address: 0x879C6000 Size: 36864 File Visible: - Signed: Yes

Status: -

Name: dfsc.sys

Image Path: C:\Windows\System32\Drivers\dfsc.sys

Address: 0x91C51000 Size: 94208 File Visible: - Signed: Yes

Status: -

Name: disk.sys

Image Path: C:\Windows\system32\drivers\disk.sys

Address: 0x87994000 Size: 69632 File Visible: - Signed: Yes

Status: -

Name: drmk.sys

Image Path: C:\Windows\system32\drivers\drmk.sys

Address: 0x8C769000 Size: 151552 File Visible: - Signed: Yes

Status: -

Name: dump_dumpata.sys

Image Path: C:\Windows\System32\Drivers\dump_dumpata.sys

Address: 0x91C8B000 Size: 45056 File Visible: No Signed: No

Status: -

Name: dump_msahci.sys

Image Path: C:\Windows\System32\Drivers\dump_msahci.sys

Address: 0x91C96000 Size: 40960 File Visible: No Signed: No

Status: -

Name: Dxapi.sys

Image Path: C:\Windows\System32\drivers\Dxapi.sys

Address: 0x91CA0000 Size: 40960 File Visible: - Signed: Yes

Status: -

Name: dxgkrnl.sys

Image Path: C:\Windows\System32\drivers\dxgkrnl.sys

Address: 0x8C05B000 Size: 655360 File Visible: - Signed: Yes

Status: -

Name: ecache.sys

Image Path: C:\Windows\System32\drivers\ecache.sys

Address: 0x8796D000 Size: 159744 File Visible: - Signed: Yes

Status: -

Name: fileinfo.sys

Image Path: C:\Windows\system32\drivers\fileinfo.sys

Address: 0x807D6000 Size: 65536 File Visible: - Signed: Yes

Status: -

Name: fltmgr.sys

Image Path: C:\Windows\system32\drivers\fltmgr.sys

Address: 0x805B9000 Size: 204800 File Visible: - Signed: Yes

Status: -

Name: Fs_Rec.SYS

Image Path: C:\Windows\System32\Drivers\Fs_Rec.SYS

Address: 0x91086000 Size: 36864 File Visible: - Signed: Yes

Status: -

Name: fwpkclnt.sys

Image Path: C:\Windows\System32\drivers\fwpkclnt.sys

Address: 0x876F8000 Size: 110592 File Visible: - Signed: Yes

Status: -

Name: hal.dll

Image Path: C:\Windows\system32\hal.dll

Address: 0x839CF000 Size: 208896 File Visible: - Signed: Yes

Status: -

Name: HDAudBus.sys

Image Path: C:\Windows\system32\DRIVERS\HDAudBus.sys

Address: 0x8C15F000 Size: 577536 File Visible: - Signed: Yes

Status: -

Name: HdAudio.sys

Image Path: C:\Windows\system32\drivers\HdAudio.sys

Address: 0x8C78E000 Size: 258048 File Visible: - Signed: Yes

Status: -

Name: HIDCLASS.SYS

Image Path: C:\Windows\system32\DRIVERS\HIDCLASS.SYS

Address: 0x8CB0B000 Size: 65536 File Visible: - Signed: Yes

Status: -

Name: HIDPARSE.SYS

Image Path: C:\Windows\system32\DRIVERS\HIDPARSE.SYS

Address: 0x8CB1B000 Size: 28672 File Visible: - Signed: Yes

Status: -

Name: hidusb.sys

Image Path: C:\Windows\system32\DRIVERS\hidusb.sys

Address: 0x8CB02000 Size: 36864 File Visible: - Signed: Yes

Status: -

Name: HTTP.sys

Image Path: C:\Windows\system32\drivers\HTTP.sys

Address: 0x82000000 Size: 446464 File Visible: - Signed: Yes

Status: -

Name: i8042prt.sys

Image Path: C:\Windows\system32\DRIVERS\i8042prt.sys

Address: 0x8B74F000 Size: 77824 File Visible: - Signed: Yes

Status: -

Name: igdkmd32.sys

Image Path: C:\Windows\system32\DRIVERS\igdkmd32.sys

Address: 0x8BA0E000 Size: 6606848 File Visible: - Signed: Yes

Status: -

Name: IntcHdmi.sys

Image Path: C:\Windows\system32\drivers\IntcHdmi.sys

Address: 0x8C9C7000 Size: 135168 File Visible: - Signed: Yes

Status: -

Name: intelide.sys

Image Path: C:\Windows\system32\drivers\intelide.sys

Address: 0x80781000 Size: 28672 File Visible: - Signed: Yes

Status: -

Name: intelppm.sys

Image Path: C:\Windows\system32\DRIVERS\intelppm.sys

Address: 0x87713000 Size: 61440 File Visible: - Signed: Yes

Status: -

Name: kbdclass.sys

Image Path: C:\Windows\system32\DRIVERS\kbdclass.sys

Address: 0x8B7B0000 Size: 45056 File Visible: - Signed: Yes

Status: -

Name: kbdhid.sys

Image Path: C:\Windows\system32\DRIVERS\kbdhid.sys

Address: 0x8CB22000 Size: 36864 File Visible: - Signed: Yes

Status: -

Name: kdcom.dll

Image Path: C:\Windows\system32\kdcom.dll

Address: 0x80408000 Size: 28672 File Visible: - Signed: Yes

Status: -

Name: ks.sys

Image Path: C:\Windows\system32\DRIVERS\ks.sys

Address: 0x8C679000 Size: 172032 File Visible: - Signed: Yes

Status: -

Name: ksecdd.sys

Image Path: C:\Windows\System32\Drivers\ksecdd.sys

Address: 0x87405000 Size: 462848 File Visible: - Signed: Yes

Status: -

Name: lltdio.sys

Image Path: C:\Windows\system32\DRIVERS\lltdio.sys

Address: 0x91CD4000 Size: 65536 File Visible: - Signed: Yes

Status: -

Name: luafv.sys

Image Path: C:\Windows\system32\drivers\luafv.sys

Address: 0x91CB9000 Size: 110592 File Visible: - Signed: Yes

Status: -

Name: mcupdate_GenuineIntel.dll

Image Path: C:\Windows\system32\mcupdate_GenuineIntel.dll

Address: 0x8040F000 Size: 458752 File Visible: - Signed: Yes

Status: -

Name: modem.sys

Image Path: C:\Windows\system32\drivers\modem.sys

Address: 0x8C9BA000 Size: 53248 File Visible: - Signed: Yes

Status: -

Name: monitor.sys

Image Path: C:\Windows\system32\DRIVERS\monitor.sys

Address: 0x91CAA000 Size: 61440 File Visible: - Signed: Yes

Status: -

Name: mouclass.sys

Image Path: C:\Windows\system32\DRIVERS\mouclass.sys

Address: 0x8B7A5000 Size: 45056 File Visible: - Signed: Yes

Status: -

Name: mouhid.sys

Image Path: C:\Windows\system32\DRIVERS\mouhid.sys

Address: 0x8CB2B000 Size: 32768 File Visible: - Signed: Yes

Status: -

Name: mountmgr.sys

Image Path: C:\Windows\System32\drivers\mountmgr.sys

Address: 0x80796000 Size: 65536 File Visible: - Signed: Yes

Status: -

Name: MpFilter.sys

Image Path: C:\Windows\system32\DRIVERS\MpFilter.sys

Address: 0x8CA49000 Size: 157696 File Visible: - Signed: Yes

Status: -

Name: MpKsl488432f8.sys

Image Path: C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FC46A3F8-A519-4884-B44E-BD8FE30D50C3}\MpKsl488432f8.sys

Address: 0x82F10000 Size: 22784 File Visible: - Signed: Yes

Status: -

Name: MpNWMon.sys

Image Path: C:\Windows\system32\DRIVERS\MpNWMon.sys

Address: 0x821C0000 Size: 37376 File Visible: - Signed: Yes

Status: -

Name: mpsdrv.sys

Image Path: C:\Windows\System32\drivers\mpsdrv.sys

Address: 0x820A3000 Size: 86016 File Visible: - Signed: Yes

Status: -

Name: mrxdav.sys

Image Path: C:\Windows\system32\drivers\mrxdav.sys

Address: 0x820B8000 Size: 135168 File Visible: - Signed: Yes

Status: -

Name: mrxsmb.sys

Image Path: C:\Windows\system32\DRIVERS\mrxsmb.sys

Address: 0x820D9000 Size: 126976 File Visible: - Signed: Yes

Status: -

Name: mrxsmb10.sys

Image Path: C:\Windows\system32\DRIVERS\mrxsmb10.sys

Address: 0x820F8000 Size: 233472 File Visible: - Signed: Yes

Status: -

Name: mrxsmb20.sys

Image Path: C:\Windows\system32\DRIVERS\mrxsmb20.sys

Address: 0x82131000 Size: 98304 File Visible: - Signed: Yes

Status: -

Name: msahci.sys

Image Path: C:\Windows\system32\drivers\msahci.sys

Address: 0x807CC000 Size: 40960 File Visible: - Signed: Yes

Status: -

Name: Msfs.SYS

Image Path: C:\Windows\System32\Drivers\Msfs.SYS

Address: 0x910DA000 Size: 45056 File Visible: - Signed: Yes

Status: -

Name: msisadrv.sys

Image Path: C:\Windows\system32\drivers\msisadrv.sys

Address: 0x806DD000 Size: 32768 File Visible: - Signed: Yes

Status: -

Name: msiscsi.sys

Image Path: C:\Windows\system32\DRIVERS\msiscsi.sys

Address: 0x87772000 Size: 192512 File Visible: - Signed: Yes

Status: -

Name: msrpc.sys

Image Path: C:\Windows\system32\drivers\msrpc.sys

Address: 0x87581000 Size: 176128 File Visible: - Signed: Yes

Status: -

Name: mssmbios.sys

Image Path: C:\Windows\system32\DRIVERS\mssmbios.sys

Address: 0x8C6A3000 Size: 40960 File Visible: - Signed: Yes

Status: -

Name: mup.sys

Image Path: C:\Windows\System32\Drivers\mup.sys

Address: 0x8795E000 Size: 61440 File Visible: - Signed: Yes

Status: -

Name: ndis.sys

Image Path: C:\Windows\system32\drivers\ndis.sys

Address: 0x87476000 Size: 1093632 File Visible: - Signed: Yes

Status: -

Name: ndistapi.sys

Image Path: C:\Windows\system32\DRIVERS\ndistapi.sys

Address: 0x8B7EB000 Size: 45056 File Visible: - Signed: Yes

Status: -

Name: ndisuio.sys

Image Path: C:\Windows\system32\DRIVERS\ndisuio.sys

Address: 0x91D0E000 Size: 40960 File Visible: - Signed: Yes

Status: -

Name: ndiswan.sys

Image Path: C:\Windows\system32\DRIVERS\ndiswan.sys

Address: 0x8C60C000 Size: 143360 File Visible: - Signed: Yes

Status: -

Name: NDProxy.SYS

Image Path: C:\Windows\System32\Drivers\NDProxy.SYS

Address: 0x8C6EF000 Size: 69632 File Visible: - Signed: Yes

Status: -

Name: netbios.sys

Image Path: C:\Windows\system32\DRIVERS\netbios.sys

Address: 0x911BF000 Size: 57344 File Visible: - Signed: Yes

Status: -

Name: netbt.sys

Image Path: C:\Windows\System32\DRIVERS\netbt.sys

Address: 0x91126000 Size: 204800 File Visible: - Signed: Yes

Status: -

Name: NETIO.SYS

Image Path: C:\Windows\system32\drivers\NETIO.SYS

Address: 0x875AC000 Size: 241664 File Visible: - Signed: Yes

Status: -

Name: npf.sys

Image Path: C:\Windows\system32\drivers\npf.sys

Address: 0x821E2000 Size: 61440 File Visible: - Signed: Yes

Status: -

Name: Npfs.SYS

Image Path: C:\Windows\System32\Drivers\Npfs.SYS

Address: 0x910E5000 Size: 57344 File Visible: - Signed: Yes

Status: -

Name: nsiproxy.sys

Image Path: C:\Windows\system32\drivers\nsiproxy.sys

Address: 0x91C47000 Size: 40960 File Visible: - Signed: Yes

Status: -

Name: Ntfs.sys

Image Path: C:\Windows\System32\Drivers\Ntfs.sys

Address: 0x8780D000 Size: 1114112 File Visible: - Signed: Yes

Status: -

Name: ntkrnlpa.exe

Image Path: C:\Windows\system32\ntkrnlpa.exe

Address: 0x83615000 Size: 3907584 File Visible: - Signed: Yes

Status: -

Name: Null.SYS

Image Path: C:\Windows\System32\Drivers\Null.SYS

Address: 0x9108F000 Size: 28672 File Visible: - Signed: Yes

Status: -

Name: nwifi.sys

Image Path: C:\Windows\system32\DRIVERS\nwifi.sys

Address: 0x91CE4000 Size: 172032 File Visible: - Signed: Yes

Status: -

Name: OEM02Dev.sys

Image Path: C:\Windows\system32\DRIVERS\OEM02Dev.sys

Address: 0x8CA0D000 Size: 235648 File Visible: - Signed: Yes

Status: -

Name: OEM02Vfx.sys

Image Path: C:\Windows\system32\DRIVERS\OEM02Vfx.sys

Address: 0x8CA47000 Size: 7424 File Visible: - Signed: Yes

Status: -

Name: ohci1394.sys

Image Path: C:\Windows\system32\DRIVERS\ohci1394.sys

Address: 0x8B6A0000 Size: 62208 File Visible: - Signed: Yes

Status: -

Name: pacer.sys

Image Path: C:\Windows\system32\DRIVERS\pacer.sys

Address: 0x911A9000 Size: 90112 File Visible: - Signed: Yes

Status: -

Name: partmgr.sys

Image Path: C:\Windows\System32\drivers\partmgr.sys

Address: 0x8070C000 Size: 61440 File Visible: - Signed: Yes

Status: -

Name: pci.sys

Image Path: C:\Windows\system32\drivers\pci.sys

Address: 0x806E5000 Size: 159744 File Visible: - Signed: Yes

Status: -

Name: PCIIDEX.SYS

Image Path: C:\Windows\system32\drivers\PCIIDEX.SYS

Address: 0x80788000 Size: 57344 File Visible: - Signed: Yes

Status: -

Name: peauth.sys

Image Path: C:\Windows\system32\drivers\peauth.sys

Address: 0x82E0D000 Size: 909312 File Visible: - Signed: Yes

Status: -

Name: PnpManager

Image Path: \Driver\PnpManager

Address: 0x83615000 Size: 3907584 File Visible: - Signed: Yes

Status: -

Name: portcls.sys

Image Path: C:\Windows\system32\drivers\portcls.sys

Address: 0x8C73C000 Size: 184320 File Visible: - Signed: Yes

Status: -

Name: PSHED.dll

Image Path: C:\Windows\system32\PSHED.dll

Address: 0x8047F000 Size: 69632 File Visible: - Signed: Yes

Status: -

Name: rasacd.sys

Image Path: C:\Windows\System32\DRIVERS\rasacd.sys

Address: 0x910F3000 Size: 36864 File Visible: - Signed: Yes

Status: -

Name: rasl2tp.sys

Image Path: C:\Windows\system32\DRIVERS\rasl2tp.sys

Address: 0x877E2000 Size: 94208 File Visible: - Signed: Yes

Status: -

Name: raspppoe.sys

Image Path: C:\Windows\system32\DRIVERS\raspppoe.sys

Address: 0x8C62F000 Size: 61440 File Visible: - Signed: Yes

Status: -

Name: raspptp.sys

Image Path: C:\Windows\system32\DRIVERS\raspptp.sys

Address: 0x8C63E000 Size: 81920 File Visible: - Signed: Yes

Status: -

Name: rassstp.sys

Image Path: C:\Windows\system32\DRIVERS\rassstp.sys

Address: 0x8C652000 Size: 86016 File Visible: - Signed: Yes

Status: -

Name: RAW

Image Path: \FileSystem\RAW

Address: 0x83615000 Size: 3907584 File Visible: - Signed: Yes

Status: -

Name: rdbss.sys

Image Path: C:\Windows\system32\DRIVERS\rdbss.sys

Address: 0x91C0B000 Size: 245760 File Visible: - Signed: Yes

Status: -

Name: RDPCDD.sys

Image Path: C:\Windows\System32\DRIVERS\RDPCDD.sys

Address: 0x910CA000 Size: 32768 File Visible: - Signed: Yes

Status: -

Name: rdpencdd.sys

Image Path: C:\Windows\system32\drivers\rdpencdd.sys

Address: 0x910D2000 Size: 32768 File Visible: - Signed: Yes

Status: -

Name: rfcomm.sys

Image Path: C:\Windows\system32\DRIVERS\rfcomm.sys

Address: 0x8CB33000 Size: 167936 File Visible: - Signed: Yes

Status: -

Name: rimmptsk.sys

Image Path: C:\Windows\system32\DRIVERS\rimmptsk.sys

Address: 0x8B6D8000 Size: 69632 File Visible: - Signed: Yes

Status: -

Name: rimsptsk.sys

Image Path: C:\Windows\system32\DRIVERS\rimsptsk.sys

Address: 0x8B6E9000 Size: 81920 File Visible: - Signed: Yes

Status: -

Name: rixdptsk.sys

Image Path: C:\Windows\system32\DRIVERS\rixdptsk.sys

Address: 0x8B6FD000 Size: 335872 File Visible: - Signed: Yes

Status: -

Name: rootrepeal.sys

Image Path: C:\Windows\system32\drivers\rootrepeal.sys

Address: 0x82F2E000 Size: 49152 File Visible: No Signed: No

Status: -

Name: rspndr.sys

Image Path: C:\Windows\system32\DRIVERS\rspndr.sys

Address: 0x91DC8000 Size: 77824 File Visible: - Signed: Yes

Status: -

Name: sdbus.sys

Image Path: C:\Windows\system32\DRIVERS\sdbus.sys

Address: 0x8B6BE000 Size: 106496 File Visible: - Signed: Yes

Status: -

Name: secdrv.SYS

Image Path: C:\Windows\System32\Drivers\secdrv.SYS

Address: 0x82EEB000 Size: 40960 File Visible: - Signed: Yes

Status: -

Name: smb.sys

Image Path: C:\Windows\system32\DRIVERS\smb.sys

Address: 0x91112000 Size: 81920 File Visible: - Signed: Yes

Status: -

Name: spldr.sys

Image Path: C:\Windows\System32\Drivers\spldr.sys

Address: 0x87956000 Size: 32768 File Visible: - Signed: Yes

Status: -

Name: spsys.sys

Image Path: C:\Windows\system32\drivers\spsys.sys

Address: 0x91D18000 Size: 720896 File Visible: - Signed: Yes

Status: -

Name: srv.sys

Image Path: C:\Windows\System32\DRIVERS\srv.sys

Address: 0x82171000 Size: 323584 File Visible: - Signed: Yes

Status: -

Name: srv2.sys

Image Path: C:\Windows\System32\DRIVERS\srv2.sys

Address: 0x82149000 Size: 163840 File Visible: - Signed: Yes

Status: -

Name: srvnet.sys

Image Path: C:\Windows\System32\DRIVERS\srvnet.sys

Address: 0x8206D000 Size: 118784 File Visible: - Signed: Yes

Status: -

Name: storport.sys

Image Path: C:\Windows\system32\DRIVERS\storport.sys

Address: 0x877A1000 Size: 266240 File Visible: - Signed: Yes

Status: -

Name: swenum.sys

Image Path: C:\Windows\system32\DRIVERS\swenum.sys

Address: 0x8C677000 Size: 4992 File Visible: - Signed: Yes

Status: -

Name: tcpip.sys

Image Path: C:\Windows\System32\drivers\tcpip.sys

Address: 0x8760B000 Size: 970752 File Visible: - Signed: Yes

Status: -

Name: tcpipreg.sys

Image Path: C:\Windows\System32\drivers\tcpipreg.sys

Address: 0x82EF5000 Size: 49152 File Visible: - Signed: Yes

Status: -

Name: TDI.SYS

Image Path: C:\Windows\system32\DRIVERS\TDI.SYS

Address: 0x8B7E0000 Size: 45056 File Visible: - Signed: Yes

Status: -

Name: tdx.sys

Image Path: C:\Windows\system32\DRIVERS\tdx.sys

Address: 0x910FC000 Size: 90112 File Visible: - Signed: Yes

Status: -

Name: termdd.sys

Image Path: C:\Windows\system32\DRIVERS\termdd.sys

Address: 0x8C667000 Size: 65536 File Visible: - Signed: Yes

Status: -

Name: TSDDD.dll

Image Path: C:\Windows\System32\TSDDD.dll

Address: 0x9A8F0000 Size: 36864 File Visible: - Signed: Yes

Status: -

Name: tunmp.sys

Image Path: C:\Windows\system32\DRIVERS\tunmp.sys

Address: 0x87800000 Size: 36864 File Visible: - Signed: Yes

Status: -

Name: tunnel.sys

Image Path: C:\Windows\system32\DRIVERS\tunnel.sys

Address: 0x879F1000 Size: 45056 File Visible: - Signed: Yes

Status: -

Name: umbus.sys

Image Path: C:\Windows\system32\DRIVERS\umbus.sys

Address: 0x8C6AD000 Size: 53248 File Visible: - Signed: Yes

Status: -

Name: usbccgp.sys

Image Path: C:\Windows\system32\DRIVERS\usbccgp.sys

Address: 0x8C9E8000 Size: 94208 File Visible: - Signed: Yes

Status: -

Name: USBD.SYS

Image Path: C:\Windows\system32\DRIVERS\USBD.SYS

Address: 0x8C800000 Size: 8192 File Visible: - Signed: Yes

Status: -

Name: usbehci.sys

Image Path: C:\Windows\system32\DRIVERS\usbehci.sys

Address: 0x8C150000 Size: 61440 File Visible: - Signed: Yes

Status: -

Name: usbhub.sys

Image Path: C:\Windows\system32\DRIVERS\usbhub.sys

Address: 0x8C6BA000 Size: 217088 File Visible: - Signed: Yes

Status: -

Name: USBPORT.SYS

Image Path: C:\Windows\system32\DRIVERS\USBPORT.SYS

Address: 0x8C112000 Size: 253952 File Visible: - Signed: Yes

Status: -

Name: usbuhci.sys

Image Path: C:\Windows\system32\DRIVERS\usbuhci.sys

Address: 0x8C107000 Size: 45056 File Visible: - Signed: Yes

Status: -

Name: vga.sys

Image Path: C:\Windows\System32\drivers\vga.sys

Address: 0x9109D000 Size: 49152 File Visible: - Signed: Yes

Status: -

Name: VIDEOPRT.SYS

Image Path: C:\Windows\System32\drivers\VIDEOPRT.SYS

Address: 0x910A9000 Size: 135168 File Visible: - Signed: Yes

Status: -

Name: volmgr.sys

Image Path: C:\Windows\system32\drivers\volmgr.sys

Address: 0x80728000 Size: 61440 File Visible: - Signed: Yes

Status: -

Name: volmgrx.sys

Image Path: C:\Windows\System32\drivers\volmgrx.sys

Address: 0x80737000 Size: 303104 File Visible: - Signed: Yes

Status: -

Name: volsnap.sys

Image Path: C:\Windows\system32\drivers\volsnap.sys

Address: 0x8791D000 Size: 233472 File Visible: - Signed: Yes

Status: -

Name: VSTAZL3.SYS

Image Path: C:\Windows\system32\DRIVERS\VSTAZL3.SYS

Address: 0x8C700000 Size: 245760 File Visible: - Signed: Yes

Status: -

Name: VSTCNXT3.SYS

Image Path: C:\Windows\system32\DRIVERS\VSTCNXT3.SYS

Address: 0x8C907000 Size: 733184 File Visible: - Signed: Yes

Status: -

Name: VSTDPV3.SYS

Image Path: C:\Windows\system32\DRIVERS\VSTDPV3.SYS

Address: 0x8C803000 Size: 1064960 File Visible: - Signed: Yes

Status: -

Name: wanarp.sys

Image Path: C:\Windows\system32\DRIVERS\wanarp.sys

Address: 0x911CD000 Size: 77824 File Visible: - Signed: Yes

Status: -

Name: watchdog.sys

Image Path: C:\Windows\System32\drivers\watchdog.sys

Address: 0x8C0FB000 Size: 49152 File Visible: - Signed: Yes

Status: -

Name: Wdf01000.sys

Image Path: C:\Windows\system32\drivers\Wdf01000.sys

Address: 0x8060F000 Size: 462848 File Visible: - Signed: Yes

Status: -

Name: WDFLDR.SYS

Image Path: C:\Windows\system32\drivers\WDFLDR.SYS

Address: 0x80680000 Size: 57344 File Visible: - Signed: Yes

Status: -

Name: Win32k

Image Path: \Driver\Win32k

Address: 0x9A6D0000 Size: 2113536 File Visible: - Signed: Yes

Status: -

Name: win32k.sys

Image Path: C:\Windows\System32\win32k.sys

Address: 0x9A6D0000 Size: 2113536 File Visible: - Signed: Yes

Status: -

Name: wmiacpi.sys

Image Path: C:\Windows\system32\DRIVERS\wmiacpi.sys

Address: 0x8B7D7000 Size: 36864 File Visible: - Signed: Yes

Status: -

Name: WMILIB.SYS

Image Path: C:\Windows\system32\drivers\WMILIB.SYS

Address: 0x806D4000 Size: 36864 File Visible: - Signed: Yes

Status: -

Name: WMIxWDM

Image Path: \Driver\WMIxWDM

Address: 0x83615000 Size: 3907584 File Visible: - Signed: Yes

Status: -

Name: ws2ifsl.sys

Image Path: C:\Windows\system32\drivers\ws2ifsl.sys

Address: 0x911A0000 Size: 36864 File Visible: - Signed: Yes

Status: -

Name: yk60x86.sys

Image Path: C:\Windows\system32\DRIVERS\yk60x86.sys

Address: 0x87722000 Size: 327680 File Visible: - Signed: Yes

Status: -

thanks a lot for your assistance :rolleyes:

Link to post
Share on other sites

Thanx for your reply, but before doing what you suggest,is ist normal, that a lots of svchost.exe are running in task manager,there is lots of settings.ini and desktop.ini, duplication of the file Appdata, could you please explain me more how this happen.

kind regards

Anis

Link to post
Share on other sites

  • 3 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.