Antimalware Doctor Angriff nach Rkill, Mbam Scan, CCleaber immer noch vorhanden!

cosinus · 12.05.2010, 20:27

Ok. Dann würde ich gern für weitere Kontrollen frische Logs von otl.exe GMER und OSAM sehen.

Alfadas · 13.05.2010, 09:44

Die OTL Log Datei ist ziemlich gross. Welche muss ich posten? Es gibt noch eine Extra.txt Textdatei!?

Bei GMER bin ich nicht ganz sicher ob es die komplette logdatei ist.

Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 01:15:18 on 13.05.2010

OS: Windows XP Professional Service Pack 2 (Build 2600)
Default Browser: Mozilla Corporation Firefox 3.6.3

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries

[Common]
-----( %SystemRoot%\Tasks )-----
"WGASetup.job" - "Microsoft Corporation" - C:\WINDOWS\system32\KB905474\wgasetup.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"bdeadmin.cpl" - ? - C:\WINDOWS\system32\bdeadmin.cpl
"ImageDrive.cpl" - "Ahead Software AG" - C:\WINDOWS\system32\ImageDrive.cpl
"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl
"javacpl.cpl" - "Sun Microsystems, Inc." - C:\WINDOWS\system32\javacpl.cpl
"QuickTime.cpl" - "Apple Computer, Inc." - C:\WINDOWS\system32\QuickTime.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Adobe Gamma" - "Adobe Systems, Inc." - C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma.cpl
"Avira AntiVir Personal - Free Antivirus " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl
"Avira AntiVir PersonalEdition Classic " - "Avira GmbH" - C:\PROGRA~1\Avira\ANTIVI~1\avconfig.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"AEGIS Protocol (IEEE 802.1x) v3.4.9.0" (AegisP) - "Meetinghouse Data Communications" - C:\WINDOWS\System32\DRIVERS\AegisP.sys
"avgio" (avgio) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avgio.sys
"avgntflt" (avgntflt) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\avipbb.sys
"catchme" (catchme) - ? - C:\DOKUME~1\demo\LOKALE~1\Temp\catchme.sys (File not found)
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys (File not found)
"DB CIF Cam" (SQTECH905C) - "Service & Quality Technology." - C:\WINDOWS\System32\Drivers\Capt905c.sys
"fgwiqfod" (fgwiqfod) - ? - C:\DOKUME~1\demo\LOKALE~1\Temp\fgwiqfod.sys (Hidden registry entry, rootkit activity | File not found)
"hardlock" (hardlock) - "Aladdin Knowledge Systems" - C:\WINDOWS\system32\drivers\hardlock.sys
"i2omgmt" (i2omgmt) - ? - C:\WINDOWS\system32\drivers\i2omgmt.sys (File not found)
"ids00026" (ids00026) - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Anti-Virus Personal\5.0\bases\ids00026.sys (File not found)
"ids0005c" (ids0005c) - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Anti-Virus Personal\5.0\bases\ids0005c.sys (File not found)
"ids00118" (ids00118) - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Anti-Virus Personal\5.0\bases\ids00118.sys (File not found)
"ids0014f" (ids0014f) - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Anti-Virus Personal\5.0\bases\ids0014f.sys (File not found)
"ids0015d" (ids0015d) - ? - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Anti-Virus Personal\5.0\bases\ids0015d.sys (File not found)
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys (File not found)
"Logitech QuickCam Communicate" (QCMerced) - ? - C:\WINDOWS\System32\DRIVERS\LVCM.sys (File not found)
"MagicTune" (MagicTune) - ? - C:\WINDOWS\System32\drivers\MTiCtwl.sys (File found, but it contains no detailed information)
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys (File not found)
"PPdus ASPI Shell" (Afc) - "Arcsoft, Inc." - C:\WINDOWS\System32\drivers\Afc.sys
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys
"ssmdrv" (ssmdrv) - "Avira GmbH" - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys
"SYMIDSCO" (SYMIDSCO) - ? - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SymcData\IDS-DI~1\20040813.178\symidsco.sys (File not found)
"USB RNDIS Adapter" (usb_rndisx) - "Microsoft Corporation" - C:\WINDOWS\System32\DRIVERS\usb8023x.sys
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys (File not found)
"Webcam Classic" (ovt530) - "OmniVision Technologies, Inc." - C:\WINDOWS\System32\Drivers\ov530vid.sys
"WLAN-Transport" (s24trans) - "Intel Corporation" - C:\WINDOWS\System32\DRIVERS\s24trans.sys

[Explorer]
-----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{BDEADF00-C265-11d0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
-----( HKLM\Software\Classes\Protocols\Filter )-----
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{807553E5-5146-11D5-A672-00B0D022E945} "text/xml" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
{3D9F03FA-7A94-11D3-BE81-0050048385D1} "Data Page Pluggable Protocol mso-offdap Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Programme\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{D66DC78C-4F61-447F-942B-3FB6980118CF} "CInfoTipShellExt Class" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Visio11\VISSHE.DLL
{0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Programme\Windows Live\Mail\mailcomm.dll
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? - deskpan.dll (File not found)
{1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" - "Microsoft Corporation" - c:\WINDOWS\system32\mscoree.dll
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found)
{506F4668-F13E-4AA1-BB04-B43203AB3CC0} "ImageExtractorShellExt Class" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Visio11\VISSHE.DLL
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? - (File not found | COM-object registry key not found)
{BC476F4C-D9D7-4100-8D4E-E043F6DEC409} "Microsoft Browser Architecture" - ? - (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\OFFICE11\msohev.dll
{00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL
{0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\shlext.dll
{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? - (File not found | COM-object registry key not found)
{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - c:\WINDOWS\system32\dfshim.dll
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Programme\WinRAR\rarext.dll (File found, but it contains no detailed information)

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found)
<binary data> "Yahoo! Toolbar" - ? - (File not found | COM-object registry key not found)
<binary data> "{21FA44EF-376D-4D53-9B0F-8A89D3229068}" - ? - (File not found | COM-object registry key not found)
<binary data> "{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}" - ? - (File not found | COM-object registry key not found)
-----( HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks )-----
{EF99BD32-C1FB-11D2-892F-0090271D4F88} "Yahoo! Toolbar" - ? - (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{0CCA191D-13A6-4E29-B746-314DEE697D83} "Facebook Photo Uploader 5 Control" - "The Facebook" - C:\WINDOWS\Downloaded Program Files\PhotoUploader5.ocx / hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_15" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_15.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} "Java Plug-in 1.6.0_15" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_15.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_15" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\npjpi160_15.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
Microsoft XML Parser for Java "Microsoft XML Parser for Java" - ? - (File not found | COM-object registry key not found) / file://C:\WINDOWS\Java\classes\xmldso.cab
{D27CDB6E-AE6D-11CF-96B8-444553540000} "Shockwave Flash Object" - "Adobe Systems, Inc." - C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx / hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
{17492023-C23A-453E-A040-C7C580BBF700} "Windows Genuine Advantage Validation Tool" - "Microsoft Corporation" - C:\WINDOWS\system32\legitcheckcontrol.dll / hxxp://go.microsoft.com/fwlink/?linkid=39204
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} "{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" - ? - (File not found | COM-object registry key not found) / hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} "{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}" - ? - (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} "{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}" - ? - (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
{FDC847F8-DA70-4442-8072-FF883F34D14A} "{FDC847F8-DA70-4442-8072-FF883F34D14A}" - ? - (File not found | COM-object registry key not found) / hxxp://toolbar.dasoertliche-marketing.de/toolbar/normal/download/DasOertlicheToolbar.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{A93C41D8-01F8-4F8B-B14C-DE20B117E636} "HP Intelligente Auswahl" - "Hewlett-Packard Co." - C:\Programme\HP\Smart Web Printing\hpswp_extensions.dll
{E763472E-A716-4CD9-89BD-DBDA6122F741} "HP Sammelmappe" - "Hewlett-Packard Co." - C:\Programme\HP\Smart Web Printing\hpswp_extensions.dll
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Recherchieren" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
{77BF5300-1474-4EC7-9980-D32B190E9B07} "Skype" - "Skype Technologies S.A." - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "AcroIEHlprObj Class" - ? - C:\Programme\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
{D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} "GMX Browser Configuration by mquadr.at" - "mquadr.at softwareengineering und consulting gmbh" - C:\Windows\system32\ieconfig_1und1.dll
{053F9267-DC04-4294-A72C-58F732D338C0} "HP Print Clips" - "Hewlett-Packard Co." - C:\Programme\HP\Smart Web Printing\hpswp_framework.dll
{0347C33E-8762-4905-BF09-768834316C61} "HP Print Enhancer" - "Hewlett-Packard Co." - C:\Programme\HP\Smart Web Printing\hpswp_printenhancer.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jp2ssv.dll
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} "JQSIEStartDetectorImpl Class" - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} "Search Helper" - "Microsoft Corporation" - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
{22BF413B-C6D2-4d91-82A9-A0F997BA588C} "Skype add-on (mastermind)" - "Skype Technologies S.A." - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
{5C255C8A-E604-49b4-9D64-90988571CECB} "{5C255C8A-E604-49b4-9D64-90988571CECB}" - ? - (File not found | COM-object registry key not found)

[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"Acrobat Assistant.lnk" - "Adobe Systems Inc." - C:\Programme\Adobe\Acrobat 5.0\Distillr\AcroTray.exe (Shortcut exists | File exists)
"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\demo\Startmenü\Programme\Autostart\desktop.ini
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"avgnt" - "Avira GmbH" - "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
"EOUApp" - "Intel Corporation" - "C:\Programme\Intel\Wireless\Bin\EOUWiz.exe"
"IntelWireless" - "Intel Corporation" - "C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
"IntelZeroConfig" - "Intel Corporation" - "C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe"
"RemoteControl" - "Cyberlink Corp." - C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Programme\Java\jre6\bin\jusched.exe"

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Microsoft Document Imaging Writer Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\mdimon.dll
"PDF Port" - "Adobe Systems Incorporated." - C:\WINDOWS\system32\pdfports.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
".NET Runtime Optimization Service v2.0.50727_X86" (clr_optimization_v2.0.50727_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
"Adobe LM Service" (Adobe LM Service) - "Adobe Systems" - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
"ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
"Avira AntiVir Guard" (AntiVirService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\avguard.exe
"Avira AntiVir Scheduler" (AntiVirSchedulerService) - "Avira GmbH" - C:\Programme\Avira\AntiVir Desktop\sched.exe
"Intel(R) PROSet/Wireless Event Log" (EvtEng) - "Intel Corporation" - C:\Programme\Intel\Wireless\Bin\EvtEng.exe
"Intel(R) PROSet/Wireless Registry Service" (RegSrvc) - "Intel Corporation" - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
"Intel(R) PROSet/Wireless Service" (S24EventMonitor) - "Intel Corporation " - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
"Java Quick Starter" (JavaQuickStarterService) - "Sun Microsystems, Inc." - C:\Programme\Java\jre6\bin\jqs.exe
"Machine Debug Manager" (MDM) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
"RAS-Verbindungsverwaltung" (RasMan) - "Microsoft Corporation" - C:\WINDOWS\System32\rasmans.dll
"SeaPort" (SeaPort) - "Microsoft Corporation" - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
"Windows CardSpace" (idsvc) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

Gmer

GMER 1.0.15.15281 - hxxp://www.gmer.net
Rootkit scan 2010-05-13 04:31:57
Windows 5.1.2600 Service Pack 2
Running: jjyuqke8.exe; Driver: C:\DOKUME~1\demo\LOKALE~1\Temp\fgwiqfod.sys

---- System - GMER 1.0.15 ----

SSDT F7D90176 ZwCreateKey
SSDT F7D9016C ZwCreateThread
SSDT F7D9017B ZwDeleteKey
SSDT F7D90185 ZwDeleteValueKey
SSDT F7D9018A ZwLoadKey
SSDT F7D90158 ZwOpenProcess
SSDT F7D9015D ZwOpenThread
SSDT F7D90194 ZwReplaceKey
SSDT F7D9018F ZwRestoreKey
SSDT F7D90180 ZwSetValueKey
SSDT F7D90167 ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

init C:\WINDOWS\system32\drivers\o2mmb.sys entry point in "init" section [0xF6FC7320]
init C:\WINDOWS\system32\drivers\ALCXSENS.SYS entry point in "init" section [0xF6E52900]
.text C:\WINDOWS\system32\drivers\hardlock.sys section is writeable [0xF54B5400, 0x7EE2E, 0xE0000020]
.protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".p" section [0xF5552A20] C:\WINDOWS\system32\drivers\hardlock.sys entry point in ".protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".p" section [0xF5552A20]
.protectÿÿÿÿhardlockunknown last code section [0xF5552800, 0x4E48, 0xE0000020] C:\WINDOWS\system32\drivers\hardlock.sys unknown last code section [0xF5552800, 0x4E48, 0xE0000020]

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 mouclass.sys (Mausklassentreiber/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

cosinus · 13.05.2010, 15:34

Sieht gut aus. Von OTL brauch ich nur das OTL.log die extras nicht nochmal.

Alfadas · 14.05.2010, 00:07

OTL logfile created on: 12.05.2010 22:31:57 - Run 2
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Dokumente und Einstellungen\demo\Desktop
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

494,00 Mb Total Physical Memory | 133,00 Mb Available Physical Memory | 27,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): C:\pagefile.sys 744 1488 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 55,93 Gb Total Space | 29,27 Gb Free Space | 52,33% Space Free | Partition Type: NTFS
Unable to calculate disk information.
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MAXDATA-9C58E35
Current User Name: demo
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Dokumente und Einstellungen\demo\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\EOUWiz.exe (Intel Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\iFrmewrk.exe (Intel Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\Dot1XCfg.exe (Intel Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
PRC - C:\Programme\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
PRC - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
PRC - C:\Windows\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\MDM.EXE (Microsoft Corporation)
PRC - C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
PRC - C:\Programme\Adobe\Acrobat 5.0\Distillr\AcroTray.exe (Adobe Systems Inc.)

========== Modules (SafeList) ==========

MOD - C:\Dokumente und Einstellungen\demo\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\system32\SynTPFcs.dll (Synaptics, Inc.)

========== Win32 Services (SafeList) ==========

SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (SeaPort) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Adobe LM Service) -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (S24EventMonitor) Intel(R) -- C:\Programme\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )
SRV - (EvtEng) Intel(R) -- C:\Programme\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
SRV - (RegSrvc) Intel(R) -- C:\Programme\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (MDM) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (avgntflt) -- C:\Windows\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\Windows\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (LVUSBSta) -- C:\Windows\system32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\Windows\system32\drivers\LV302V32.SYS (Logitech Inc.)
DRV - (pepifilter) -- C:\Windows\system32\drivers\lv302af.sys (Logitech Inc.)
DRV - (hardlock) -- C:\Windows\system32\drivers\hardlock.sys (Aladdin Knowledge Systems)
DRV - (SQTECH905C) -- C:\Windows\system32\drivers\Capt905c.sys (Service & Quality Technology.)
DRV - (s24trans) -- C:\Windows\system32\drivers\s24trans.sys (Intel Corporation)
DRV - (w29n51) Intel(R) -- C:\Windows\system32\drivers\w29n51.sys (Intel® Corporation)
DRV - (ovt530) -- C:\Windows\system32\drivers\ov530vid.sys (OmniVision Technologies, Inc.)
DRV - (Afc) -- C:\Windows\system32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (MagicTune) -- C:\Windows\system32\drivers\MTiCtwl.sys ()
DRV - (w22n51) Intel(R) -- C:\Windows\system32\drivers\w22n51.sys (Intel® Corporation)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\Windows\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (ALCXSENS) -- C:\Windows\system32\drivers\ALCXSENS.SYS (Sensaura)
DRV - (NwlnkIpx) -- C:\Windows\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (NwlnkNb) -- C:\Windows\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\Windows\system32\drivers\nwlnkspx.sys (Microsoft Corporation)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (gameenum) -- C:\Windows\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (NSCIRDA) -- C:\Windows\system32\drivers\nscirda.sys (National Semiconductor Corporation)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (AgereSoftModem) -- C:\Windows\system32\drivers\AGRSM.sys (Agere Systems)
DRV - (CONAN) -- C:\Windows\system32\drivers\o2mmb.sys (O2 Micro )
DRV - (MbxStby) -- C:\Windows\system32\drivers\MbxStby.sys (O2 Micro)
DRV - (bcm4sbxp) -- C:\Windows\system32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (SynTP) -- C:\Windows\system32\drivers\SynTP.sys (Synaptics, Inc.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://de.search.yahoo.com/ [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://go.gmx.net/tab2 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = go.gmx.net/tab2
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 3B 84 5E F6 77 CA 01 [binary data]
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.05.05 13:41:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.04.05 22:35:56 | 000,000,000 | ---D | M]

[2010.03.11 16:53:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\demo\Anwendungsdaten\Mozilla\Extensions
[2010.05.12 02:25:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\demo\Anwendungsdaten\Mozilla\Firefox\Profiles\e8ooan6e.default\extensions
[2010.03.11 17:26:57 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\demo\Anwendungsdaten\Mozilla\Firefox\Profiles\e8ooan6e.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.03.11 16:53:10 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.01.16 03:15:29 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.01.16 03:15:29 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.01.16 03:15:29 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.01.16 03:15:29 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.01.16 03:15:29 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2010.05.12 11:14:20 | 000,000,027 | ---- | M]) - C:\Windows\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programme\HP\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Programme\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programme\Skype\Phone\IEPlugin\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (GMX Browser Configuration by mquadr.at) - {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} - C:\Windows\system32\ieconfig_1und1.dll (mquadr.at softwareengineering und consulting gmbh)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [EOUApp] C:\Programme\Intel\Wireless\Bin\EOUWiz.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelWireless] C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Acrobat Assistant.lnk = C:\Programme\Adobe\Acrobat 5.0\Distillr\AcroTray.exe (Adobe Systems Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: HP Sammelmappe - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Programme\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Intelligente Auswahl - {700259D7-1666-479a-93B1-3250410481E8} - C:\Programme\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programme\Skype\Phone\IEPlugin\SkypeIEPlugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {FDC847F8-DA70-4442-8072-FF883F34D14A} hxxp://toolbar.dasoertliche-marketing.de/toolbar/normal/download/DasOertlicheToolbar.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = logimex.local
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\demo\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\demo\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.12.22 12:12:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.05.12 21:32:31 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.05.12 21:14:40 | 000,000,000 | ---D | C] -- C:\Avenger
[2010.05.12 10:49:19 | 000,000,000 | ---D | C] -- C:\cofi
[2010.05.11 23:27:49 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.05.11 23:23:53 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.05.11 23:23:53 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.05.11 23:23:53 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.05.11 23:23:53 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010.05.11 23:23:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010.05.11 23:23:05 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.05.11 23:14:40 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\demo\Recent
[2010.05.11 22:25:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010.05.11 12:39:36 | 000,086,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2010.05.11 12:39:32 | 001,689,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d9.dll
[2010.05.11 12:39:32 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthprops.cpl
[2010.05.11 12:39:32 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthci.dll
[2010.05.11 12:39:32 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2010.05.11 12:39:31 | 002,113,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiagn.dll
[2010.05.11 12:39:30 | 000,848,384 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ir41_32.ax
[2010.05.11 12:39:30 | 000,199,680 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\iac25_32.ax
[2010.05.11 12:39:30 | 000,120,320 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir41_qc.dll
[2010.05.11 12:39:30 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\firewall.cpl
[2010.05.11 12:39:30 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fwcfg.dll
[2010.05.11 12:39:29 | 000,755,200 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ir50_32.dll
[2010.05.11 12:39:29 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irprops.cpl
[2010.05.11 12:39:29 | 000,338,432 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir41_qcx.dll
[2010.05.11 12:39:29 | 000,200,192 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir50_qc.dll
[2010.05.11 12:39:29 | 000,183,808 | ---- | C] (Intel Corporation.) -- C:\WINDOWS\System32\ir50_qcx.dll
[2010.05.11 12:39:29 | 000,154,624 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ivfsrc.ax
[2010.05.11 12:39:28 | 000,438,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpob2res.dll
[2010.05.11 12:39:28 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2p.dll
[2010.05.11 12:39:28 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.cpl
[2010.05.11 12:39:27 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2010.05.11 12:39:27 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgraph.dll
[2010.05.11 12:39:27 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pnetsh.dll
[2010.05.11 12:39:27 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgasvc.dll
[2010.05.11 12:39:26 | 002,981,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp2res.dll
[2010.05.11 12:39:26 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp1res.dll
[2010.05.11 12:39:26 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sbeio.dll
[2010.05.11 12:39:26 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.exe
[2010.05.11 12:39:26 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sdhcinst.dll
[2010.05.11 12:39:26 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smbinst.exe
[2010.05.11 12:39:24 | 000,937,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winbrand.dll
[2010.05.11 12:39:24 | 000,716,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll
[2010.05.11 12:39:24 | 000,374,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll
[2010.05.11 12:39:24 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2010.05.11 12:39:23 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2010.05.11 12:39:23 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2010.05.11 12:39:23 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscui.cpl
[2010.05.11 12:39:23 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winshfhc.dll
[2010.05.11 12:39:22 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlprovi.dll
[2010.05.11 12:39:14 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpcdll.dll
[2010.05.11 12:39:14 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pidgen.dll
[2010.05.11 12:39:12 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spnpinst.exe
[2010.05.11 12:39:05 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asr_pfu.exe
[2010.05.11 12:39:05 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\asr_pfu.exe
[2010.05.11 12:39:05 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\secedit.exe
[2010.05.11 12:39:05 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\secedit.exe
[2010.05.11 12:39:05 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spiisupd.exe
[2010.05.11 12:39:05 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spiisupd.exe
[2010.05.11 12:39:05 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdukx.dll
[2010.05.11 12:39:05 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdukx.dll
[2010.05.11 12:39:05 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsprpres.dll
[2010.05.11 12:39:05 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprpres.dll
[2010.05.11 12:39:04 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msftedit.dll
[2010.05.11 12:39:04 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msftedit.dll
[2010.05.11 12:39:04 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\amdk7.sys
[2010.05.11 12:39:04 | 000,029,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ip6fw.sys
[2010.05.11 12:39:04 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2010.05.11 12:39:04 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsno.dll
[2010.05.11 12:39:04 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsmsno.dll
[2010.05.11 12:39:04 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdfi1.dll
[2010.05.11 12:39:04 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfi1.dll
[2010.05.11 12:39:03 | 000,263,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\http.sys
[2010.05.11 12:39:03 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssap.dll
[2010.05.11 12:39:03 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssap.dll
[2010.05.11 12:39:03 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdadiag.dll
[2010.05.11 12:39:03 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadiag.dll
[2010.05.11 12:39:03 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb
[2010.05.11 12:39:03 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\httpapi.dll
[2010.05.11 12:39:03 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpapi.dll
[2010.05.11 12:39:03 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hccoin.dll
[2010.05.11 12:39:03 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hccoin.dll
[2010.05.11 12:39:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt47.dll
[2010.05.11 12:39:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmlt47.dll
[2010.05.11 12:39:02 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fsquirt.exe
[2010.05.11 12:39:02 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fsquirt.exe
[2010.05.11 12:39:02 | 000,128,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2010.05.11 12:39:02 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\btpanui.dll
[2010.05.11 12:39:02 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\btpanui.dll
[2010.05.11 12:39:02 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2010.05.11 12:39:02 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2010.05.11 12:39:02 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmsetacl.dll
[2010.05.11 12:39:02 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmsetacl.dll
[2010.05.11 12:39:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinmal.dll
[2010.05.11 12:39:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmal.dll
[2010.05.11 12:39:02 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinbe1.dll
[2010.05.11 12:39:02 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinbe1.dll
[2010.05.11 12:39:01 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhttp.dll
[2010.05.11 12:39:01 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthserv.dll
[2010.05.11 12:39:01 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsfi.dll
[2010.05.11 12:39:01 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsmsfi.dll
[2010.05.11 12:39:01 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll
[2010.05.11 12:39:01 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2010.05.11 12:39:00 | 000,273,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2010.05.11 12:39:00 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msctfime.ime
[2010.05.11 12:39:00 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\strmfilt.dll
[2010.05.11 12:39:00 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmfilt.dll
[2010.05.11 12:39:00 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\blastcln.exe
[2010.05.11 12:39:00 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\blastcln.exe
[2010.05.11 12:39:00 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2010.05.11 12:39:00 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax
[2010.05.11 12:39:00 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\encapi.dll
[2010.05.11 12:39:00 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\encapi.dll
[2010.05.11 12:39:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\auditusr.exe
[2010.05.11 12:39:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\auditusr.exe
[2010.05.11 12:39:00 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdno1.dll
[2010.05.11 12:39:00 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdno1.dll
[2010.05.11 12:39:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt48.dll
[2010.05.11 12:39:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmlt48.dll
[2010.05.11 12:38:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2010.05.11 12:38:59 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinben.dll
[2010.05.11 12:38:59 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinben.dll
[2010.05.11 12:38:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmaori.dll
[2010.05.11 12:38:59 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmaori.dll
[2010.05.11 12:38:58 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntbackup.exe
[2010.05.11 12:38:58 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gpresult.exe
[2010.05.11 12:38:58 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eventtriggers.exe
[2010.05.11 12:38:58 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\driverquery.exe
[2010.05.11 12:38:58 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eventcreate.exe
[2010.05.11 12:38:57 | 000,260,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tracerpt.exe
[2010.05.11 12:38:57 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\schtasks.exe
[2010.05.11 12:38:57 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsnotify.exe
[2010.05.11 12:38:57 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\taskkill.exe
[2010.05.11 12:38:57 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tasklist.exe
[2010.05.11 12:38:57 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\openfiles.exe
[2010.05.11 12:38:57 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\systeminfo.exe
[2010.05.11 12:38:57 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntadmn.exe
[2010.05.11 12:38:57 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\proxycfg.exe
[2010.05.11 12:38:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntsvrp.dll
[2010.05.11 12:38:56 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wsecedit.dll
[2010.05.11 12:38:56 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appmgr.dll
[2010.05.11 12:38:56 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\appmgr.dll
[2010.05.11 12:38:56 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bootcfg.exe
[2010.05.11 12:38:56 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bootcfg.exe
[2010.05.11 12:38:56 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsnw.dll
[2010.05.11 12:38:56 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\adsnw.dll
[2010.05.11 12:38:56 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drvqry.exe
[2010.05.11 12:38:56 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cipher.exe
[2010.05.11 12:38:56 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cipher.exe
[2010.05.11 12:38:56 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evcreate.exe
[2010.05.11 12:38:56 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evtgprov.dll
[2010.05.11 12:38:56 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asr_fmt.exe
[2010.05.11 12:38:56 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\asr_fmt.exe
[2010.05.11 12:38:56 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2010.05.11 12:38:56 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\efsadu.dll
[2010.05.11 12:38:56 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\efsadu.dll
[2010.05.11 12:38:55 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gpedit.dll
[2010.05.11 12:38:55 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gpedit.dll
[2010.05.11 12:38:55 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gptext.dll
[2010.05.11 12:38:55 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gptext.dll
[2010.05.11 12:38:55 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gprslt.exe
[2010.05.11 12:38:55 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fde.dll
[2010.05.11 12:38:55 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fde.dll
[2010.05.11 12:38:55 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evtrig.exe
[2010.05.11 12:38:55 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fdeploy.dll
[2010.05.11 12:38:55 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fdeploy.dll
[2010.05.11 12:38:55 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logman.exe
[2010.05.11 12:38:55 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logman.exe
[2010.05.11 12:38:55 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getmac.exe
[2010.05.11 12:38:55 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getmac.exe
[2010.05.11 12:38:54 | 000,163,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwrdr.sys
[2010.05.11 12:38:54 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mqlogmgr.dll
[2010.05.11 12:38:54 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mqlogmgr.dll
[2010.05.11 12:38:54 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tlntsess.exe
[2010.05.11 12:38:54 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tlntsess.exe
[2010.05.11 12:38:54 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwwks.dll
[2010.05.11 12:38:54 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nwapi32.dll
[2010.05.11 12:38:54 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwapi32.dll
[2010.05.11 12:38:35 | 000,470,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2010.05.11 12:38:35 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclua.dll
[2010.05.11 12:38:35 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acxtrnal.dll
[2010.05.11 12:38:35 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentanm.dll
[2010.05.11 12:38:34 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentctl.dll
[2010.05.11 12:38:34 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentdpv.dll
[2010.05.11 12:38:34 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentdp2.dll
[2010.05.11 12:38:33 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentmpx.dll
[2010.05.11 12:38:33 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentsr.dll
[2010.05.11 12:38:33 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentpsh.dll
[2010.05.11 12:38:32 | 000,256,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentsvr.exe
[2010.05.11 12:38:32 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0407.dll
[2010.05.11 12:38:32 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0406.dll
[2010.05.11 12:38:32 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2010.05.11 12:38:31 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll
[2010.05.11 12:38:31 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040c.dll
[2010.05.11 12:38:31 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040b.dll
[2010.05.11 12:38:31 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0409.dll
[2010.05.11 12:38:30 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0413.dll
[2010.05.11 12:38:30 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0410.dll
[2010.05.11 12:38:30 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0416.dll
[2010.05.11 12:38:30 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2010.05.11 12:38:30 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll
[2010.05.11 12:38:30 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2010.05.11 12:38:30 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0414.dll
[2010.05.11 12:38:29 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agtintl.dll
[2010.05.11 12:38:29 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0816.dll
[2010.05.11 12:38:29 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0c0a.dll
[2010.05.11 12:38:29 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll
[2010.05.11 12:38:29 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041d.dll
[2010.05.11 12:38:29 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agtctl15.tlb
[2010.05.11 12:38:28 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\callcont.dll
[2010.05.11 12:38:28 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll
[2010.05.11 12:38:28 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2010.05.11 12:38:28 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2010.05.11 12:38:27 | 000,545,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2010.05.11 12:38:27 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll
[2010.05.11 12:38:27 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcap32.dll
[2010.05.11 12:38:26 | 000,618,605 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4autl.dll
[2010.05.11 12:38:26 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323cc.dll
[2010.05.11 12:38:25 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2010.05.11 12:38:25 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb
[2010.05.11 12:38:25 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb
[2010.05.11 12:38:25 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb
[2010.05.11 12:38:25 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb
[2010.05.11 12:38:24 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscandui.dll
[2010.05.11 12:38:24 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2010.05.11 12:38:24 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2010.05.11 12:38:24 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2010.05.11 12:38:24 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll
[2010.05.11 12:38:24 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll
[2010.05.11 12:38:22 | 003,166,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2010.05.11 12:38:21 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2010.05.11 12:38:19 | 002,532,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll
[2010.05.11 12:38:19 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst120.dll
[2010.05.11 12:38:19 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst123.dll
[2010.05.11 12:38:17 | 002,139,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010.05.11 12:38:17 | 002,019,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010.05.11 12:38:15 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll
[2010.05.11 12:38:15 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll
[2010.05.11 12:38:12 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll
[2010.05.11 12:38:12 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntrprv.dll
[2010.05.11 12:38:05 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll
[2010.05.11 12:38:05 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll
[2010.05.11 12:38:05 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll
[2010.05.11 12:38:04 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll
[2010.05.11 12:38:04 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll
[2010.05.11 12:38:04 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll
[2010.05.11 12:38:04 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll
[2010.05.11 12:38:04 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll
[2010.05.11 12:38:04 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll
[2010.05.11 12:38:04 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll
[2010.05.11 12:38:01 | 001,036,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\explorer.exe
[2010.05.11 12:38:01 | 001,036,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2010.05.11 12:38:01 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\winhlp32.exe
[2010.05.11 12:38:01 | 000,050,688 | ---- | C] (Twain-Arbeitsgruppe) -- C:\WINDOWS\twain_32.dll
[2010.05.11 12:38:00 | 000,562,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobmain.dll
[2010.05.11 12:38:00 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2010.05.11 12:38:00 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2010.05.11 12:38:00 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2010.05.11 12:38:00 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2010.05.11 12:38:00 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2010.05.11 12:37:59 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migism.dll
[2010.05.11 12:37:59 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\guitrn.dll
[2010.05.11 12:37:59 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migload.exe
[2010.05.11 12:37:59 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\log.dll
[2010.05.11 12:37:56 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\6to4svc.dll
[2010.05.11 12:37:55 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2010.05.11 12:37:55 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aclui.dll
[2010.05.11 12:37:55 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2010.05.11 12:37:55 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2010.05.11 12:37:54 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\activeds.dll
[2010.05.11 12:37:54 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\actxprxy.dll
[2010.05.11 12:37:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\actmovie.exe
[2010.05.11 12:37:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\actmovie.exe
[2010.05.11 12:37:53 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\adsldp.dll
[2010.05.11 12:37:53 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\adsldpc.dll
[2010.05.11 12:37:53 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsmsext.dll
[2010.05.11 12:37:53 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\adsmsext.dll
[2010.05.11 12:37:52 | 000,263,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsnt.dll
[2010.05.11 12:37:52 | 000,263,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\adsnt.dll
[2010.05.11 12:37:52 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ahui.exe
[2010.05.11 12:37:52 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ahui.exe
[2010.05.11 12:37:51 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\alrsvc.dll
[2010.05.11 12:37:50 | 000,285,696 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll
[2010.05.11 12:37:50 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asctrls.ocx
[2010.05.11 12:37:50 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\asctrls.ocx
[2010.05.11 12:37:50 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\asycfilt.dll
[2010.05.11 12:37:50 | 000,030,208 | ---- | C] (Adobe Systems) -- C:\WINDOWS\System32\atmlib.dll
[2010.05.11 12:37:50 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\at.exe
[2010.05.11 12:37:50 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\at.exe
[2010.05.11 12:37:50 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\attrib.exe
[2010.05.11 12:37:50 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\attrib.exe
[2010.05.11 12:37:50 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atmadm.exe
[2010.05.11 12:37:50 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atmadm.exe
[2010.05.11 12:37:49 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\autofmt.exe
[2010.05.11 12:37:49 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\autofmt.exe
[2010.05.11 12:37:49 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avifil32.dll
[2010.05.11 12:37:49 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avifil32.dll
[2010.05.11 12:37:49 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browselc.dll
[2010.05.11 12:37:49 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\basesrv.dll
[2010.05.11 12:37:49 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batmeter.dll
[2010.05.11 12:37:49 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bidispl.dll
[2010.05.11 12:37:49 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\autolfn.exe
[2010.05.11 12:37:49 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\autolfn.exe
[2010.05.11 12:37:49 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2010.05.11 12:37:48 | 001,022,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browseui.dll
[2010.05.11 12:37:48 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\capesnpn.dll
[2010.05.11 12:37:48 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\capesnpn.dll
[2010.05.11 12:37:48 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cabview.dll
[2010.05.11 12:37:48 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browsewm.dll
[2010.05.11 12:37:48 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browsewm.dll
[2010.05.11 12:37:48 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cabinet.dll
[2010.05.11 12:37:48 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camocx.dll
[2010.05.11 12:37:48 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\camocx.dll
[2010.05.11 12:37:47 | 000,625,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2010.05.11 12:37:47 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2010.05.11 12:37:47 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll
[2010.05.11 12:37:47 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2010.05.11 12:37:46 | 002,067,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdosys.dll
[2010.05.11 12:37:46 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdfview.dll
[2010.05.11 12:37:45 | 000,466,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmgr.dll
[2010.05.11 12:37:45 | 000,466,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\certmgr.dll
[2010.05.11 12:37:45 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\certcli.dll
[2010.05.11 12:37:45 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2010.05.11 12:37:45 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cic.dll
[2010.05.11 12:37:45 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cic.dll
[2010.05.11 12:37:45 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ciodm.dll
[2010.05.11 12:37:45 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ciodm.dll
[2010.05.11 12:37:45 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2010.05.11 12:37:45 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2010.05.11 12:37:45 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgmgr32.dll
[2010.05.11 12:37:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cisvc.exe
[2010.05.11 12:37:44 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmdial32.dll
[2010.05.11 12:37:44 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmdial32.dll
[2010.05.11 12:37:44 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2010.05.11 12:37:44 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cliconfg.dll
[2010.05.11 12:37:44 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cleanmgr.exe
[2010.05.11 12:37:44 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clusapi.dll
[2010.05.11 12:37:44 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmdl32.exe
[2010.05.11 12:37:44 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmdl32.exe
[2010.05.11 12:37:44 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipsrv.exe
[2010.05.11 12:37:44 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cliconfg.exe
[2010.05.11 12:37:44 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmcfg32.dll
[2010.05.11 12:37:44 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmcfg32.dll
[2010.05.11 12:37:43 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll
[2010.05.11 12:37:43 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2010.05.11 12:37:43 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmstp.exe
[2010.05.11 12:37:43 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmstp.exe
[2010.05.11 12:37:43 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2010.05.11 12:37:43 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2010.05.11 12:37:43 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cnbjmon.dll
[2010.05.11 12:37:43 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmutil.dll
[2010.05.11 12:37:43 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmutil.dll
[2010.05.11 12:37:43 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmmon32.exe
[2010.05.11 12:37:43 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmmon32.exe
[2010.05.11 12:37:43 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2010.05.11 12:37:43 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2010.05.11 12:37:42 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\compstui.dll
[2010.05.11 12:37:42 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll
[2010.05.11 12:37:42 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2010.05.11 12:37:42 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2010.05.11 12:37:41 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2010.05.11 12:37:41 | 000,540,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2010.05.11 12:37:40 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmsp.dll
[2010.05.11 12:37:40 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\confmsp.dll
[2010.05.11 12:37:40 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\credui.dll
[2010.05.11 12:37:40 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cryptdlg.dll
[2010.05.11 12:37:40 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cryptdlg.dll
[2010.05.11 12:37:40 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cryptdll.dll
[2010.05.11 12:37:40 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conime.exe
[2010.05.11 12:37:40 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\conime.exe
[2010.05.11 12:37:39 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cscript.exe
[2010.05.11 12:37:39 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cscript.exe
[2010.05.11 12:37:38 | 001,179,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d8.dll
[2010.05.11 12:37:38 | 000,825,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dim700.dll
[2010.05.11 12:37:38 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d8thk.dll
[2010.05.11 12:37:37 | 001,056,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\danim.dll
[2010.05.11 12:37:37 | 001,056,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\danim.dll
[2010.05.11 12:37:37 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\daxctle.ocx
[2010.05.11 12:37:37 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\daxctle.ocx
[2010.05.11 12:37:37 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\datime.dll
[2010.05.11 12:37:37 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\datime.dll
[2010.05.11 12:37:37 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dataclen.dll
[2010.05.11 12:37:37 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\davclnt.dll
[2010.05.11 12:37:36 | 000,640,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbghelp.dll
[2010.05.11 12:37:36 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ddraw.dll
[2010.05.11 12:37:36 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dbnetlib.dll
[2010.05.11 12:37:36 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbnetlib.dll
[2010.05.11 12:37:36 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\devenum.dll
[2010.05.11 12:37:36 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddeshare.exe
[2010.05.11 12:37:36 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ddeshare.exe
[2010.05.11 12:37:36 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbnmpntw.dll
[2010.05.11 12:37:36 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ddrawex.dll
[2010.05.11 12:37:36 | 000,025,088 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\defrag.exe
[2010.05.11 12:37:36 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dbmsrpcn.dll
[2010.05.11 12:37:36 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dciman32.dll
[2010.05.11 12:37:36 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2010.05.11 12:37:36 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2010.05.11 12:37:35 | 000,398,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhcpmon.dll
[2010.05.11 12:37:35 | 000,398,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpmon.dll
[2010.05.11 12:37:35 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\devmgr.dll
[2010.05.11 12:37:35 | 000,123,904 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgui.dll
[2010.05.11 12:37:35 | 000,113,152 | ---- | C] (Microsoft) -- C:\WINDOWS\System32\dgnet.dll
[2010.05.11 12:37:35 | 000,104,960 | ---- | C] (Microsoft Corporation und Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgntfs.exe
[2010.05.11 12:37:35 | 000,082,432 | ---- | C] (Microsoft Corporation und Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\dfrgfat.exe
[2010.05.11 12:37:35 | 000,082,432 | ---- | C] (Microsoft Corporation und Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgfat.exe
[2010.05.11 12:37:35 | 000,038,912 | ---- | C] (Microsoft Corp. und Executive Software International, Inc.) -- C:\WINDOWS\System32\dfrgsnap.dll
[2010.05.11 12:37:35 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dfsshlex.dll
[2010.05.11 12:37:34 | 001,502,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diskcopy.dll
[2010.05.11 12:37:34 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput8.dll
[2010.05.11 12:37:34 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dinput8.dll
[2010.05.11 12:37:34 | 000,163,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dinput.dll
[2010.05.11 12:37:34 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diantz.exe
[2010.05.11 12:37:34 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\diantz.exe
[2010.05.11 12:37:33 | 000,273,920 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dmdlgs.dll
[2010.05.11 12:37:33 | 000,273,920 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\dmdlgs.dll
[2010.05.11 12:37:33 | 000,225,280 | ---- | C] (Microsoft Corp., Veritas Software) -- C:\WINDOWS\System32\dllcache\dmadmin.exe
[2010.05.11 12:37:33 | 000,200,704 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dmdskmgr.dll
[2010.05.11 12:37:33 | 000,200,704 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\dmdskmgr.dll
[2010.05.11 12:37:33 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diskpart.exe
[2010.05.11 12:37:33 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\diskpart.exe
[2010.05.11 12:37:33 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmcompos.dll
[2010.05.11 12:37:33 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmcompos.dll
[2010.05.11 12:37:33 | 000,045,083 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dispex.dll
[2010.05.11 12:37:33 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmband.dll
[2010.05.11 12:37:33 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmband.dll
[2010.05.11 12:37:33 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dllhost.exe
[2010.05.11 12:37:32 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmime.dll
[2010.05.11 12:37:32 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmime.dll
[2010.05.11 12:37:32 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmstyle.dll
[2010.05.11 12:37:32 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmstyle.dll
[2010.05.11 12:37:32 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmusic.dll
[2010.05.11 12:37:32 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.dll
[2010.05.11 12:37:32 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmsynth.dll
[2010.05.11 12:37:32 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmsynth.dll
[2010.05.11 12:37:32 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmscript.dll
[2010.05.11 12:37:32 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmscript.dll
[2010.05.11 12:37:32 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dmloader.dll
[2010.05.11 12:37:32 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmloader.dll
[2010.05.11 12:37:32 | 000,015,872 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dmremote.exe
[2010.05.11 12:37:32 | 000,015,872 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\dmremote.exe
[2010.05.11 12:37:31 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnet.dll
[2010.05.11 12:37:31 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dplayx.dll
[2010.05.11 12:37:31 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsapi.dll
[2010.05.11 12:37:31 | 000,059,392 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dmutil.dll
[2010.05.11 12:37:31 | 000,059,392 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\dmutil.dll
[2010.05.11 12:37:31 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsrslvr.dll
[2010.05.11 12:37:31 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnhpast.dll
[2010.05.11 12:37:31 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhpast.dll
[2010.05.11 12:37:31 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dplaysvr.exe
[2010.05.11 12:37:31 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplaysvr.exe
[2010.05.11 12:37:31 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpmodemx.dll
[2010.05.11 12:37:31 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpmodemx.dll
[2010.05.11 12:37:31 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnaddr.dll
[2010.05.11 12:37:31 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnaddr.dll
[2010.05.11 12:37:30 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvoice.dll
[2010.05.11 12:37:30 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvoice.dll
[2010.05.11 12:37:30 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvvox.dll
[2010.05.11 12:37:30 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvvox.dll
[2010.05.11 12:37:30 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvsetup.exe
[2010.05.11 12:37:30 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvsetup.exe
[2010.05.11 12:37:30 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnhupnp.dll
[2010.05.11 12:37:30 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpvacm.dll
[2010.05.11 12:37:30 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvacm.dll
[2010.05.11 12:37:30 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnsvr.exe
[2010.05.11 12:37:30 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnsvr.exe
[2010.05.11 12:37:30 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnlobby.dll
[2010.05.11 12:37:30 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnlobby.dll
[2010.05.11 12:37:29 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsound.dll
[2010.05.11 12:37:29 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsdmo.dll
[2010.05.11 12:37:29 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmo.dll
[2010.05.11 12:37:29 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dskquoui.dll
[2010.05.11 12:37:29 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dskquota.dll
[2010.05.11 12:37:29 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsdmoprp.dll
[2010.05.11 12:37:29 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmoprp.dll
[2010.05.11 12:37:29 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dpwsockx.dll
[2010.05.11 12:37:29 | 000,057,856 | ---- | C] (Microsoft Corporation) --

Alfadas · 14.05.2010, 00:15

[2010.05.11 12:37:29 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpwsockx.dll
[2010.05.11 12:37:29 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ds32gt.dll
[2010.05.11 12:37:29 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ds32gt.dll
[2010.05.11 12:37:29 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drprov.dll
[2010.05.11 12:37:28 | 001,294,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsound3d.dll
[2010.05.11 12:37:28 | 001,294,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound3d.dll
[2010.05.11 12:37:28 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\duser.dll
[2010.05.11 12:37:28 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dsprop.dll
[2010.05.11 12:37:28 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprop.dll
[2010.05.11 12:37:28 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dssenh.dll
[2010.05.11 12:37:28 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dssec.dll
[2010.05.11 12:37:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dswave.dll
[2010.05.11 12:37:28 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dswave.dll
[2010.05.11 12:37:28 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dumprep.exe
[2010.05.11 12:37:27 | 000,619,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dx7vb.dll
[2010.05.11 12:37:27 | 000,619,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx7vb.dll
[2010.05.11 12:37:27 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dwwin.exe
[2010.05.11 12:37:27 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dvdupgrd.exe
[2010.05.11 12:37:27 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dvdupgrd.exe
[2010.05.11 12:37:26 | 001,298,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiag.exe
[2010.05.11 12:37:26 | 001,298,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxdiag.exe
[2010.05.11 12:37:26 | 001,227,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dx8vb.dll
[2010.05.11 12:37:26 | 001,227,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx8vb.dll
[2010.05.11 12:37:26 | 000,500,278 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxmasf.dll
[2010.05.11 12:37:26 | 000,500,278 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2010.05.11 12:37:26 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\els.dll
[2010.05.11 12:37:25 | 001,094,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\esent.dll
[2010.05.11 12:37:25 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\es.dll
[2010.05.11 12:37:25 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eudcedit.exe
[2010.05.11 12:37:25 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\eudcedit.exe
[2010.05.11 12:37:25 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eventlog.dll
[2010.05.11 12:37:24 | 000,380,957 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\expsrv.dll
[2010.05.11 12:37:24 | 000,380,957 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\expsrv.dll
[2010.05.11 12:37:24 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\filemgmt.dll
[2010.05.11 12:37:24 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\exts.dll
[2010.05.11 12:37:24 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exts.dll
[2010.05.11 12:37:24 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fldrclnr.dll
[2010.05.11 12:37:24 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\faultrep.dll
[2010.05.11 12:37:24 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\extrac32.exe
[2010.05.11 12:37:24 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\extrac32.exe
[2010.05.11 12:37:24 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\findstr.exe
[2010.05.11 12:37:24 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\findstr.exe
[2010.05.11 12:37:24 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\feclient.dll
[2010.05.11 12:37:23 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsapi.dll
[2010.05.11 12:37:23 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2010.05.11 12:37:23 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscomex.dll
[2010.05.11 12:37:23 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2010.05.11 12:37:23 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsclnt.exe
[2010.05.11 12:37:23 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2010.05.11 12:37:23 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fontsub.dll
[2010.05.11 12:37:23 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2010.05.11 12:37:23 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscom.dll
[2010.05.11 12:37:23 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2010.05.11 12:37:23 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fontview.exe
[2010.05.11 12:37:23 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontview.exe
[2010.05.11 12:37:23 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\framebuf.dll
[2010.05.11 12:37:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\forcedos.exe
[2010.05.11 12:37:23 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\forcedos.exe
[2010.05.11 12:37:22 | 000,563,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsst.dll
[2010.05.11 12:37:22 | 000,563,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2010.05.11 12:37:22 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2010.05.11 12:37:22 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxscover.exe
[2010.05.11 12:37:22 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2010.05.11 12:37:22 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsevent.dll
[2010.05.11 12:37:22 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2010.05.11 12:37:22 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsdrv.dll
[2010.05.11 12:37:22 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2010.05.11 12:37:22 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsmon.dll
[2010.05.11 12:37:22 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2010.05.11 12:37:22 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsext32.dll
[2010.05.11 12:37:22 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2010.05.11 12:37:22 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsperf.dll
[2010.05.11 12:37:22 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2010.05.11 12:37:22 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsres.dll
[2010.05.11 12:37:22 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2010.05.11 12:37:21 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsxp32.dll
[2010.05.11 12:37:21 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2010.05.11 12:37:21 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxstiff.dll
[2010.05.11 12:37:21 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2010.05.11 12:37:21 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxst30.dll
[2010.05.11 12:37:21 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2010.05.11 12:37:21 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxswzrd.dll
[2010.05.11 12:37:21 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2010.05.11 12:37:21 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fxsui.dll
[2010.05.11 12:37:21 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2010.05.11 12:37:20 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gdi32.dll
[2010.05.11 12:37:20 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\glu32.dll
[2010.05.11 12:37:20 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\grpconv.exe
[2010.05.11 12:37:20 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\gpkrsrc.dll
[2010.05.11 12:37:20 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gpkrsrc.dll
[2010.05.11 12:37:19 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\h323.tsp
[2010.05.11 12:37:18 | 000,614,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\h323msp.dll
[2010.05.11 12:37:18 | 000,614,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323msp.dll
[2010.05.11 12:37:18 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hdwwiz.cpl
[2010.05.11 12:37:18 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hdwwiz.cpl
[2010.05.11 12:37:18 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\help.exe
[2010.05.11 12:37:18 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\help.exe
[2010.05.11 12:37:17 | 000,546,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hhctrl.ocx
[2010.05.11 12:37:17 | 000,546,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hhctrl.ocx
[2010.05.11 12:37:16 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hlink.dll
[2010.05.11 12:37:16 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hlink.dll
[2010.05.11 12:37:16 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hhsetup.dll
[2010.05.11 12:37:16 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hidphone.tsp
[2010.05.11 12:37:16 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2010.05.11 12:37:16 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hid.dll
[2010.05.11 12:37:15 | 000,348,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hnetcfg.dll
[2010.05.11 12:37:14 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hnetwiz.dll
[2010.05.11 12:37:14 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hotplug.dll
[2010.05.11 12:37:14 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\htui.dll
[2010.05.11 12:37:14 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\htui.dll
[2010.05.11 12:37:13 | 000,356,352 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2010.05.11 12:37:13 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icm32.dll
[2010.05.11 12:37:13 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iasrad.dll
[2010.05.11 12:37:13 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iasrad.dll
[2010.05.11 12:37:13 | 000,080,384 | ---- | C] (Radius Inc.) -- C:\WINDOWS\System32\iccvid.dll
[2010.05.11 12:37:13 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2010.05.11 12:37:12 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ifmon.dll
[2010.05.11 12:37:12 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\idq.dll
[2010.05.11 12:37:12 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\idq.dll
[2010.05.11 12:37:12 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iexpress.exe
[2010.05.11 12:37:12 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexpress.exe
[2010.05.11 12:37:12 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2010.05.11 12:37:12 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll
[2010.05.11 12:37:12 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2010.05.11 12:37:12 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2010.05.11 12:37:12 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2010.05.11 12:37:12 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2010.05.11 12:37:12 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\igmpagnt.dll
[2010.05.11 12:37:12 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\igmpagnt.dll
[2010.05.11 12:37:12 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icmp.dll
[2010.05.11 12:37:11 | 000,683,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2010.05.11 12:37:11 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2010.05.11 12:37:11 | 000,282,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2010.05.11 12:37:11 | 000,036,921 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\imeshare.dll
[2010.05.11 12:37:11 | 000,036,921 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imeshare.dll
[2010.05.11 12:37:11 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetmib1.dll
[2010.05.11 12:37:10 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipmontr.dll
[2010.05.11 12:37:10 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\initpki.dll
[2010.05.11 12:37:10 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\initpki.dll
[2010.05.11 12:37:10 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\intl.cpl
[2010.05.11 12:37:10 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\intl.cpl
[2010.05.11 12:37:10 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\input.dll
[2010.05.11 12:37:10 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\input.dll
[2010.05.11 12:37:10 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iphlpapi.dll
[2010.05.11 12:37:10 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iphlpapi.dll
[2010.05.11 12:37:10 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetpp.dll
[2010.05.11 12:37:10 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipconfig.exe
[2010.05.11 12:37:10 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipconfig.exe
[2010.05.11 12:37:10 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2010.05.11 12:37:10 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipconf.tsp
[2010.05.11 12:37:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetppui.dll
[2010.05.11 12:37:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetppui.dll
[2010.05.11 12:37:09 | 000,361,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsecsnp.dll
[2010.05.11 12:37:09 | 000,361,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsecsnp.dll
[2010.05.11 12:37:09 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ippromon.dll
[2010.05.11 12:37:09 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\iprtrmgr.dll
[2010.05.11 12:37:09 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprtrmgr.dll
[2010.05.11 12:37:08 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsmsnap.dll
[2010.05.11 12:37:08 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsmsnap.dll
[2010.05.11 12:37:08 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irftp.exe
[2010.05.11 12:37:08 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irftp.exe
[2010.05.11 12:37:08 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2010.05.11 12:37:08 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2010.05.11 12:37:08 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipv6mon.dll
[2010.05.11 12:37:08 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipv6.exe
[2010.05.11 12:37:08 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipv6.exe
[2010.05.11 12:37:08 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipxroute.exe
[2010.05.11 12:37:08 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipxroute.exe
[2010.05.11 12:37:08 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipxwan.dll
[2010.05.11 12:37:08 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2010.05.11 12:37:08 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2010.05.11 12:37:07 | 000,163,840 | ---- | C] (America Online) -- C:\WINDOWS\System32\jgdw400.dll
[2010.05.11 12:37:07 | 000,163,840 | ---- | C] (America Online) -- C:\WINDOWS\System32\dllcache\jgdw400.dll
[2010.05.11 12:37:07 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\itircl.dll
[2010.05.11 12:37:07 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ixsso.dll
[2010.05.11 12:37:07 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ixsso.dll
[2010.05.11 12:37:07 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iyuv_32.dll
[2010.05.11 12:37:07 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2010.05.11 12:37:07 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\isrdbg32.dll
[2010.05.11 12:37:07 | 000,027,648 | ---- | C] (Johnson-Grace Company) -- C:\WINDOWS\System32\jgpl400.dll
[2010.05.11 12:37:07 | 000,027,648 | ---- | C] (Johnson-Grace Company) -- C:\WINDOWS\System32\dllcache\jgpl400.dll
[2010.05.11 12:37:06 | 000,298,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kerberos.dll
[2010.05.11 12:37:06 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\keymgr.dll
[2010.05.11 12:37:06 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\keymgr.dll
[2010.05.11 12:37:06 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2010.05.11 12:37:06 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2010.05.11 12:37:06 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\joy.cpl
[2010.05.11 12:37:06 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\joy.cpl
[2010.05.11 12:37:06 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2010.05.11 12:37:06 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2010.05.11 12:37:06 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kmddsp.tsp
[2010.05.11 12:37:06 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kd1394.dll
[2010.05.11 12:37:06 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kd1394.dll
[2010.05.11 12:37:06 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnec.dll
[2010.05.11 12:37:06 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec.dll
[2010.05.11 12:37:05 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licdll.dll
[2010.05.11 12:37:05 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmrt.dll
[2010.05.11 12:37:05 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2010.05.11 12:37:05 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2010.05.11 12:37:05 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2010.05.11 12:37:05 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2010.05.11 12:37:05 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2010.05.11 12:37:05 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2010.05.11 12:37:05 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2010.05.11 12:37:04 | 000,515,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logonui.exe
[2010.05.11 12:37:04 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\localsec.dll
[2010.05.11 12:37:04 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\localsec.dll
[2010.05.11 12:37:04 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logon.scr
[2010.05.11 12:37:04 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\loadperf.dll
[2010.05.11 12:37:04 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpk.dll
[2010.05.11 12:37:04 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\localui.dll
[2010.05.11 12:37:04 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\localui.dll
[2010.05.11 12:37:04 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lprhelp.dll
[2010.05.11 12:37:04 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprhelp.dll
[2010.05.11 12:37:03 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdminst.dll
[2010.05.11 12:37:03 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciavi32.dll
[2010.05.11 12:37:03 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciavi32.dll
[2010.05.11 12:37:03 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\makecab.exe
[2010.05.11 12:37:03 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\makecab.exe
[2010.05.11 12:37:03 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\magnify.exe
[2010.05.11 12:37:03 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\magnify.exe
[2010.05.11 12:37:03 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mf3216.dll
[2010.05.11 12:37:03 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mf3216.dll
[2010.05.11 12:37:03 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciqtz32.dll
[2010.05.11 12:37:03 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciqtz32.dll
[2010.05.11 12:37:03 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciwave.dll
[2010.05.11 12:37:03 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciwave.dll
[2010.05.11 12:37:03 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mciseq.dll
[2010.05.11 12:37:03 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciseq.dll
[2010.05.11 12:37:03 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mcastmib.dll
[2010.05.11 12:37:03 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mcastmib.dll
[2010.05.11 12:37:02 | 001,028,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc42.dll
[2010.05.11 12:37:02 | 000,927,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc40u.dll
[2010.05.11 12:37:02 | 000,927,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2010.05.11 12:37:02 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\miglibnt.dll
[2010.05.11 12:37:02 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miglibnt.dll
[2010.05.11 12:37:02 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfcsubs.dll
[2010.05.11 12:37:01 | 000,815,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmc.exe
[2010.05.11 12:37:01 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mlang.dll
[2010.05.11 12:37:01 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcbase.dll
[2010.05.11 12:37:01 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mimefilt.dll
[2010.05.11 12:37:01 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mimefilt.dll
[2010.05.11 12:37:00 | 001,197,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcndmgr.dll
[2010.05.11 12:37:00 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2010.05.11 12:37:00 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll
[2010.05.11 12:36:59 | 000,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mpg4ds32.ax
[2010.05.11 12:36:59 | 000,262,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4ds32.ax
[2010.05.11 12:36:59 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\moricons.dll
[2010.05.11 12:36:59 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\modemui.dll
[2010.05.11 12:36:59 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2010.05.11 12:36:59 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll
[2010.05.11 12:36:59 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmsrvc.exe
[2010.05.11 12:36:59 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\more.com
[2010.05.11 12:36:58 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msadds32.ax
[2010.05.11 12:36:58 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds32.ax
[2010.05.11 12:36:58 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2010.05.11 12:36:58 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mprapi.dll
[2010.05.11 12:36:58 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msacm32.dll
[2010.05.11 12:36:58 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mprdim.dll
[2010.05.11 12:36:58 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msafd.dll
[2010.05.11 12:36:58 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msafd.dll
[2010.05.11 12:36:57 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msctf.dll
[2010.05.11 12:36:57 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdart.dll
[2010.05.11 12:36:57 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscms.dll
[2010.05.11 12:36:57 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscms.dll
[2010.05.11 12:36:57 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2010.05.11 12:36:57 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msctfp.dll
[2010.05.11 12:36:57 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msctfp.dll
[2010.05.11 12:36:57 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msasn1.dll
[2010.05.11 12:36:57 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscpxl32.dll
[2010.05.11 12:36:57 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscpxl32.dll
[2010.05.11 12:36:57 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mscpx32r.dll
[2010.05.11 12:36:57 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscpx32r.dll
[2010.05.11 12:36:56 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2010.05.11 12:36:56 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2010.05.11 12:36:56 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2010.05.11 12:36:56 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2010.05.11 12:36:56 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2010.05.11 12:36:56 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2010.05.11 12:36:56 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2010.05.11 12:36:56 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2010.05.11 12:36:56 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdatsrc.tlb
[2010.05.11 12:36:56 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatsrc.tlb
[2010.05.11 12:36:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2010.05.11 12:36:55 | 001,002,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msgina.dll
[2010.05.11 12:36:55 | 000,847,898 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdxm.ocx
[2010.05.11 12:36:55 | 000,004,126 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdxmlc.dll
[2010.05.11 12:36:55 | 000,004,126 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2010.05.11 12:36:54 | 002,854,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msi.dll
[2010.05.11 12:36:53 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msihnd.dll
[2010.05.11 12:36:53 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msieftp.dll
[2010.05.11 12:36:53 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msident.dll
[2010.05.11 12:36:53 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msidle.dll
[2010.05.11 12:36:52 | 000,884,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msimsg.dll
[2010.05.11 12:36:50 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msimtf.dll
[2010.05.11 12:36:50 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mslbui.dll
[2010.05.11 12:36:50 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msisip.dll
[2010.05.11 12:36:49 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2010.05.11 12:36:49 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll
[2010.05.11 12:36:49 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2010.05.11 12:36:49 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msorc32r.dll
[2010.05.11 12:36:49 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msorc32r.dll
[2010.05.11 12:36:48 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2010.05.11 12:36:48 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2010.05.11 12:36:48 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msorcl32.dll
[2010.05.11 12:36:48 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msorcl32.dll
[2010.05.11 12:36:48 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msprivs.dll
[2010.05.11 12:36:48 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspatcha.dll
[2010.05.11 12:36:47 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msscds32.ax
[2010.05.11 12:36:47 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscds32.ax
[2010.05.11 12:36:47 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrle32.dll
[2010.05.11 12:36:46 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstlsapi.dll
[2010.05.11 12:36:46 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msscript.ocx
[2010.05.11 12:36:46 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscript.ocx
[2010.05.11 12:36:46 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2010.05.11 12:36:46 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2010.05.11 12:36:45 | 001,386,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvbvm60.dll
[2010.05.11 12:36:45 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msutb.dll
[2010.05.11 12:36:45 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcirt.dll
[2010.05.11 12:36:44 | 001,432,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidctl.dll
[2010.05.11 12:36:44 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp60.dll
[2010.05.11 12:36:44 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvfw32.dll
[2010.05.11 12:36:44 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcrt40.dll
[2010.05.11 12:36:43 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml.dll
[2010.05.11 12:36:43 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswsock.dll
[2010.05.11 12:36:43 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mswebdvd.dll
[2010.05.11 12:36:43 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll
[2010.05.11 12:36:43 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msw3prt.dll
[2010.05.11 12:36:43 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msw3prt.dll
[2010.05.11 12:36:42 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml2.dll
[2010.05.11 12:36:42 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msyuv.dll
[2010.05.11 12:36:41 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2010.05.11 12:36:41 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2010.05.11 12:36:41 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxclu.dll
[2010.05.11 12:36:41 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxclu.dll
[2010.05.11 12:36:41 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2010.05.11 12:36:41 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2010.05.11 12:36:41 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2010.05.11 12:36:40 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\narrator.exe
[2010.05.11 12:36:40 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\narrator.exe
[2010.05.11 12:36:40 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ncobjapi.dll
[2010.05.11 12:36:40 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nddeapi.dll
[2010.05.11 12:36:39 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\net1.exe
[2010.05.11 12:36:39 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ndptsp.tsp
[2010.05.11 12:36:39 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\net.exe
[2010.05.11 12:36:39 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nddenb32.dll
[2010.05.11 12:36:39 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nddeapir.exe
[2010.05.11 12:36:38 | 000,633,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netcfgx.dll
[2010.05.11 12:36:38 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2010.05.11 12:36:37 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netlogon.dll
[2010.05.11 12:36:37 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netid.dll
[2010.05.11 12:36:35 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.exe
[2010.05.11 12:36:35 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netsh.exe
[2010.05.11 12:36:35 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netrap.dll
[2010.05.11 12:36:34 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netui1.dll
[2010.05.11 12:36:34 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netui0.dll
[2010.05.11 12:36:34 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netstat.exe
[2010.05.11 12:36:33 | 000,251,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\newdev.dll
[2010.05.11 12:36:33 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nlhtml.dll
[2010.05.11 12:36:33 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\npptools.dll
[2010.05.11 12:36:33 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntlanman.dll
[2010.05.11 12:36:33 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntmsapi.dll
[2010.05.11 12:36:33 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2010.05.11 12:36:32 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntmsmgr.dll
[2010.05.11 12:36:32 | 000,260,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nusrmgr.cpl
[2010.05.11 12:36:32 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntmsdba.dll
[2010.05.11 12:36:32 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntvdmd.dll
[2010.05.11 12:36:31 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\objsel.dll
[2010.05.11 12:36:31 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\oakley.dll
[2010.05.11 12:36:31 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oakley.dll
[2010.05.11 12:36:30 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbc32.dll
[2010.05.11 12:36:30 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcconf.dll
[2010.05.11 12:36:30 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbccp32.dll
[2010.05.11 12:36:30 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcconf.exe
[2010.05.11 12:36:30 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ocmanage.dll
[2010.05.11 12:36:30 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbccp32.cpl
[2010.05.11 12:36:30 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcad32.exe
[2010.05.11 12:36:30 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcbcp.dll
[2010.05.11 12:36:30 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbc32gt.dll
[2010.05.11 12:36:29 | 000,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcjt32.dll
[2010.05.11 12:36:29 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbctrac.dll
[2010.05.11 12:36:29 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcint.dll
[2010.05.11 12:36:29 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbccu32.dll
[2010.05.11 12:36:29 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbccr32.dll
[2010.05.11 12:36:29 | 000,057,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcji32.dll
[2010.05.11 12:36:29 | 000,020,511 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odtext32.dll
[2010.05.11 12:36:29 | 000,020,511 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\oddbse32.dll
[2010.05.11 12:36:29 | 000,020,510 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odpdx32.dll
[2010.05.11 12:36:29 | 000,020,510 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odfox32.dll
[2010.05.11 12:36:29 | 000,020,510 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odexl32.dll
[2010.05.11 12:36:29 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\odbcp32r.dll
[2010.05.11 12:36:28 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\oledlg.dll
[2010.05.11 12:36:28 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledlg.dll
[2010.05.11 12:36:28 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\offfilt.dll
[2010.05.11 12:36:28 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\oleprn.dll
[2010.05.11 12:36:28 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\olecli32.dll
[2010.05.11 12:36:27 | 000,713,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\opengl32.dll
[2010.05.11 12:36:27 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\osk.exe
[2010.05.11 12:36:27 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\osk.exe
[2010.05.11 12:36:27 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\osuninst.dll
[2010.05.11 12:36:27 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pautoenr.dll
[2010.05.11 12:36:27 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\packager.exe
[2010.05.11 12:36:26 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pdh.dll
[2010.05.11 12:36:26 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pid.dll
[2010.05.11 12:36:26 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfproc.dll
[2010.05.11 12:36:26 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfdisk.dll
[2010.05.11 12:36:26 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfos.dll
[2010.05.11 12:36:26 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ping.exe
[2010.05.11 12:36:26 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfnet.dll
[2010.05.11 12:36:26 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfmon.exe
[2010.05.11 12:36:26 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pjlmon.dll
[2010.05.11 12:36:25 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.cpl
[2010.05.11 12:36:25 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\progman.exe
[2010.05.11 12:36:25 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\polstore.dll
[2010.05.11 12:36:25 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\psbase.dll
[2010.05.11 12:36:25 | 000,081,920 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\proctexe.ocx
[2010.05.11 12:36:25 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\proquota.exe
[2010.05.11 12:36:25 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pstorec.dll
[2010.05.11 12:36:25 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\profmap.dll
[2010.05.11 12:36:25 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\powrprof.dll
[2010.05.11 12:36:24 | 000,563,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qedit.dll
[2010.05.11 12:36:24 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qdvd.dll
[2010.05.11 12:36:24 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qdv.dll
[2010.05.11 12:36:24 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcap.dll
[2010.05.11 12:36:24 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\pstorsvc.dll
[2010.05.11 12:36:23 | 001,296,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\quartz.dll
[2010.05.11 12:36:23 | 001,296,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quartz.dll
[2010.05.11 12:36:23 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2010.05.11 12:36:23 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2010.05.11 12:36:22 | 001,441,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\query.dll
[2010.05.11 12:36:22 | 001,441,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.dll
[2010.05.11 12:36:22 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2010.05.11 12:36:21 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasppp.dll
[2010.05.11 12:36:21 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasmans.dll
[2010.05.11 12:36:21 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rastls.dll
[2010.05.11 12:36:21 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rastls.dll
[2010.05.11 12:36:21 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\raschap.dll
[2010.05.11 12:36:21 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\raschap.dll
[2010.05.11 12:36:21 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasphone.exe
[2010.05.11 12:36:21 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rassapi.dll
[2010.05.11 12:36:21 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasadhlp.dll
[2010.05.11 12:36:21 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasadhlp.dll
[2010.05.11 12:36:20 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2010.05.11 12:36:20 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rcbdyctl.dll
[2010.05.11 12:36:20 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2010.05.11 12:36:20 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2010.05.11 12:36:20 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2010.05.11 12:36:20 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rcimlby.exe
[2010.05.11 12:36:20 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rcp.exe
[2010.05.11 12:36:20 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2010.05.11 12:36:20 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2010.05.11 12:36:19 | 000,399,872 | ---- | C] (Microsoft) -- C:\WINDOWS\System32\regwizc.dll
[2010.05.11 12:36:19 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\remotesp.tsp
[2010.05.11 12:36:19 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\resutils.dll
[2010.05.11 12:36:19 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reg.exe
[2010.05.11 12:36:19 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regapi.dll
[2010.05.11 12:36:19 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rexec.exe
[2010.05.11 12:36:19 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regsvr32.exe
[2010.05.11 12:36:18 | 000,583,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll
[2010.05.11 12:36:18 | 000,433,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\riched20.dll
[2010.05.11 12:36:18 | 000,433,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\riched20.dll
[2010.05.11 12:36:18 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsaenh.dll
[2010.05.11 12:36:17 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rtcshare.exe
[2010.05.11 12:36:17 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2010.05.11 12:36:17 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rtutils.dll
[2010.05.11 12:36:17 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2010.05.11 12:36:17 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rtipxmib.dll
[2010.05.11 12:36:17 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2010.05.11 12:36:17 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsmps.dll
[2010.05.11 12:36:17 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rsh.exe
[2010.05.11 12:36:17 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\runonce.exe
[2010.05.11 12:36:16 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scesrv.dll
[2010.05.11 12:36:16 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scecli.dll
[2010.05.11 12:36:16 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sccsccp.dll
[2010.05.11 12:36:16 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scarddlg.dll
[2010.05.11 12:36:16 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scrnsave.scr
[2010.05.11 12:36:15 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\scrobj.dll
[2010.05.11 12:36:15 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sdbinst.exe
[2010.05.11 12:36:15 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2010.05.11 12:36:15 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\secur32.dll
[2010.05.11 12:36:15 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sethc.exe
[2010.05.11 12:36:15 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sendcmsg.dll
[2010.05.11 12:36:15 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sensapi.dll
[2010.05.11 12:36:15 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\security.dll
[2010.05.11 12:36:14 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sfcfiles.dll
[2010.05.11 12:36:14 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sfc_os.dll
[2010.05.11 12:36:14 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setup.exe
[2010.05.11 12:36:14 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sfc.dll
[2010.05.11 12:36:13 | 000,572,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shdoclc.dll
[2010.05.11 12:36:12 | 001,497,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll
[2010.05.11 12:36:09 | 008,501,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll
[2010.05.11 12:36:09 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shgina.dll
[2010.05.11 12:36:09 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shfolder.dll
[2010.05.11 12:36:08 | 000,474,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shlwapi.dll
[2010.05.11 12:36:08 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shsvcs.dll
[2010.05.11 12:36:08 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shrpubw.exe
[2010.05.11 12:36:08 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sigverif.exe
[2010.05.11 12:36:08 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shmgrate.exe
[2010.05.11 12:36:08 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shutdown.exe
[2010.05.11 12:36:08 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sigtab.dll
[2010.05.11 12:36:07 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smlogcfg.dll
[2010.05.11 12:36:07 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2010.05.11 12:36:07 | 000,098,304 | ---- | C] (Schlumberger Technology Corporation) -- C:\WINDOWS\System32\slbiop.dll
[2010.05.11 12:36:07 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\sl_anet.acm
[2010.05.11 12:36:07 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\skeys.exe
[2010.05.11 12:36:07 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\snmpapi.dll
[2010.05.11 12:36:07 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\simpdata.tlb
[2010.05.11 12:36:06 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2010.05.11 12:36:06 | 000,442,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sqlsrv32.dll
[2010.05.11 12:36:06 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\snmpsnap.dll
[2010.05.11 12:36:06 | 000,180,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sqlunirl.dll
[2010.05.11 12:36:06 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spoolss.dll
[2010.05.11 12:36:06 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sort.exe
[2010.05.11 12:36:05 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ss3dfo.scr
[2010.05.11 12:36:05 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2010.05.11 12:36:05 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssbezier.scr
[2010.05.11 12:36:04 | 000,393,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssflwbox.scr
[2010.05.11 12:36:04 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssdpapi.dll
[2010.05.11 12:36:04 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmarque.scr
[2010.05.11 12:36:03 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sspipes.scr
[2010.05.11 12:36:03 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmypics.scr
[2010.05.11 12:36:03 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssmyst.scr
[2010.05.11 12:36:03 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ssstars.scr
[2010.05.11 12:36:02 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sstext3d.scr
[2010.05.11 12:36:02 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2010.05.11 12:36:01 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sti_ci.dll
[2010.05.11 12:36:01 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sti.dll
[2010.05.11 12:36:01 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stdole2.tlb
[2010.05.11 12:36:00 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2010.05.11 12:36:00 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stimon.exe
[2010.05.11 12:35:59 | 000,715,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sxs.dll
[2010.05.11 12:35:59 | 000,715,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sxs.dll
[2010.05.11 12:35:59 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\synceng.dll
[2010.05.11 12:35:58 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sysmon.ocx
[2010.05.11 12:35:58 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sysocmgr.exe
[2010.05.11 12:35:57 | 000,860,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tapi3.dll
[2010.05.11 12:35:57 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tapi32.dll
[2010.05.11 12:35:57 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\t2embed.dll
[2010.05.11 12:35:57 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2010.05.11 12:35:56 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\termmgr.dll
[2010.05.11 12:35:56 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\telnet.exe
[2010.05.11 12:35:56 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\telnet.exe
[2010.05.11 12:35:56 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tcpmon.dll
[2010.05.11 12:35:56 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tcpmib.dll
[2010.05.11 12:35:55 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tourstart.exe
[2010.05.11 12:35:55 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2010.05.11 12:35:55 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\timedate.cpl
[2010.05.11 12:35:55 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tracert.exe
[2010.05.11 12:35:55 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tree.com
[2010.05.11 12:35:54 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unimdm.tsp
[2010.05.11 12:35:54 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\upnp.dll
[2010.05.11 12:35:54 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\txflog.dll
[2010.05.11 12:35:54 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\unimdmat.dll
[2010.05.11 12:35:54 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\umandlg.dll
[2010.05.11 12:35:54 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umandlg.dll
[2010.05.11 12:35:54 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\udhisapi.dll
[2010.05.11 12:35:54 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\uniplat.dll
[2010.05.11 12:35:54 | 000,012,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsddd.dll
[2010.05.11 12:35:53 | 000,579,072 | ---- | C] (Microsoft Corporation) --

Alfadas · 14.05.2010, 00:19

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lz32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\LuResult.txt:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\LTCLR13n.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lsass.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lpk.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\logonui.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\logon.scr:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lodctr.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\locator.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\localsec.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\loadperf.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lmrt.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lmhsvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\licwmi.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\licdll.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lfwmf13n.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lftga13n.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lfras13n.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lfpsd13n.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\Lfpng13n.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lfpdf13n.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\Lfpct13n.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lfimg13n.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lfeps13n.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\l3codecp.acm:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\l_intl.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\krnl386.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\korean.uce:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kmddsp.tsp:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\keyboard.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\keyboard.drv:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kdcom.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdus.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdgr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kb16.com:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kanji_2.uce:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kanji_1.uce:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\jview.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\jit.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\jgpl400.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\jgdw400.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\jdbgmgr.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\javasup.vxd:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\javaprxy.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\javaee.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\iuengine.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\itss.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\itircl.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\irprops.cpl:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\irmon.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ir50_32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ir41_qcx.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ir41_qc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ir41_32.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ir32_32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ipxwan.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ipsink.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ipsecsvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\iprop.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ipnathlp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ipconfig.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ipconf.tsp:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\inetres.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\inetpp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\inetmib1.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\inetcfg.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\Indeo4.qtx:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\imapi.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ImagXR7.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ImagXpr7.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ImagX7.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\imaadp32.acm:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxtray.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxsrvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxress.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxres.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxpph.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxhk.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxext.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxexps.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxeud.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxdo.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxdiag.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxdgps.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxdev.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxcpl.cpl:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxcfg.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\IE7Eula.rtf:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ideograf.uce:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\icmui.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\icm32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\icfgnt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\iccvid.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ialmrnt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ialmgicd.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ialmgdev.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ialmdnt5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ialmdev5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ialmdd5.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\iac25_32.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hypertrm.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hotplug.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hnetwiz.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hnetcfg.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hlvdd.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hkcmd.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\himem.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hidphone.tsp:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hid.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hhsetup.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hhctrl.ocx:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hdwwiz.cpl:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hal.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\h323.tsp:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\grpconv.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\geo.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\gdiplus.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\gdi.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\gb2312.uce:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\fxstiff.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\fxst30.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\fxssvc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\fxsst.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\fxssend.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\fxsroute.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\fxsres.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\fxsmon.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\fxsext32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\fxscover.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\fxsclntR.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ftsrch.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\fsusd.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\freecell.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\FLXGDDE.DLL:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\fltmc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\fltlib.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\fldrclnr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\firewall.cpl:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\filemgmt.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\feclient.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\exts.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\extrac32.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\expsrv.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\eventlog.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ersvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\els.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ega.cpi:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dxmasf.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dxdiagn.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dwwin.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dumprep.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dsuiext.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dssenh.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dsquery.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dskquota.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drwtsn32.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drprov.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drmv2clt.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drmclien.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\wstcodec.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\wmilib.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\w29n51.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\w22n51.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\volsnap.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\videoprt.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\usbuhci.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\usbstor.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\usbport.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\usbhub.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\usbehci.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\usbd.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\tdtcp.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\tdpipe.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\tdi.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\sysaudio.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\SynTP.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\system32\DRIVERS\symc8xx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\system32\DRIVERS\sym_u3.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\swmidi.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\swenum.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\SONYPVU1.SYS:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\serenum.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\s24trans.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\rdpdr.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\raspptp.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\pciidex.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\parvdm.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\partmgr.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\oprghdlr.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\o2mmb.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\nwrdr.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\nwlnkspx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\nwlnknb.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\nwlnkipx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mup.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mssmbios.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mspqm.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mspclock.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mskssrv.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\msgpc.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mountmgr.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mouhid.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mnmdd.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\MbxStby.sys:KAVICHS

Alfadas · 14.05.2010, 00:22

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\irda.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ipfltdrv.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ialmnt5.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\hidparse.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\hidclass.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\hardlock.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\gameenum.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\fs_rec.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\etc\hosts.ics:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dxgthk.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dxg.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dxapi.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\drmkaud.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dmusic.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dmboot.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\cmbatt.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\classpnp.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\Capt905c.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\bcm4sbxp.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\battc.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\audstub.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ALCXWDM.SYS:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ALCXSENS.SYS:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\system32\DRIVERS\aic78xx.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\system32\DRIVERS\aic78u2.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\AGRSM.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\AegisP.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\system32\DRIVERS\adpu160m.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\1394bus.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpnhupnp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpnet.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dplayx.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dpcdll.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dosx.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmutil.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmserver.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmocx.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmdskres.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmdskmgr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmadmin.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllhost.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\wstcodec.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\wiaservc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\usbstor.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\upnphost.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\sorttbls.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\pciidex.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\oledlg.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\nwwks.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\nwrdr.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\nwapi32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\mspqm.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\mspclock.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\msobmain.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\mskssrv.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\msjro.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\msftedit.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\msdtc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\msdaps.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\msctfp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\msadox.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\msadomd.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\msado15.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\mnmsrvc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\mfc42u.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\mfc40u.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\mf3216.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\mciseq.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\mciqtz32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\mciavi32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\lpk.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\logonui.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\locator.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\localsec.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\locale.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\lmrt.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\jgpl400.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\jgdw400.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\ipsink.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\ipconfig.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\inetcfg.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\hhctrl.ocx:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\hdwwiz.cpl:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\gameenum.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\fxstiff.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\fxst30.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\fxssvc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\fxsst.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\fxsres.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\fxsmon.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\fxsext32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\fxscover.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\fltmgr.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\fltmc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\fltlib.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\exts.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\extrac32.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\expsrv.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\dxmasf.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\dumprep.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\dmutil.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\dmdskmgr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\dmboot.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\dmadmin.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\dllhost.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\datime.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\danim.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\clipsrv.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\cisvc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\ciodm.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\cdfview.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\browsewm.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\atapi.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\apphelp.sdb:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\apph_sp.sdb:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\agentsvr.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\agentdpv.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\agentdp2.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\adsnt.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dispex.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dinput.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dfrgsnap.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\devmgr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\devmgmt.msc:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\devenum.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\deskmon.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\deskadp.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\defrag.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ddrawex.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dbgeng.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\davclnt.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\datime.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\danim.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3drm.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3dim700.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3dim.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3d9.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3d8thk.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3d8.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ctype.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ctfmon.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\csrss.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cscui.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cryptsvc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cryptext.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cryptdll.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\crtdll.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\credui.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\country.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\control.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\CONFIG.NT:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comuid.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comsvcs.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comrepl.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\compmgmt.msc:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\compatui.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\commdlg.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\command.com:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comm.drv:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comdlg32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comcat.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cnbjmon.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cmd.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\clspack.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\clipsrv.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\clbcatq.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\clbcatex.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\clb.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cisvc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ciodm.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\charmap.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\certcli.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cdosys.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\cdfview.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\catsrvut.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\catsrv.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_950.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_949.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_936.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_932.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_874.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_28605.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_28599.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_28592.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_28591.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1258.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1257.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1256.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1255.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1254.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1253.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1251.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1250.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\bthprops.cpl:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\bthci.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\browsewm.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\browser.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\browselc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\bopomofo.uce:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\basesrv.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\AUTOEXEC.NT:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\autochk.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\audiosrv.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\atmfd.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\asycfilt.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\appwiz.cpl:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\amcompat.tlb:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ALSNDMGR.CPL:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\alg.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\adsnt.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\adsldpc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\adptif.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\actxprxy.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\activeds.tlb:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\acctres.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System\winspool.drv:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System\crlds3d.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\regedit.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\notepad.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\hh.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\demo000.acl:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\demo.acl:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\AGRSMMSG.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\_default.pif:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Programme\Intel\Wireless\Bin\EOUWiz.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Dokumente und Einstellungen\demo\Startmenü\Programme\Autostart\desktop.ini:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Dokumente und Einstellungen\demo\RefEdit.exd:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Dokumente und Einstellungen\demo\Installer.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Dokumente und Einstellungen\demo\Eigene Dateien\Alte Excel-Dokumente.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Dokumente und Einstellungen\demo\Anwendungsdaten\desktop.ini:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Dokumente und Einstellungen\All Users\Dokumente\desktop.ini:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Dokumente und Einstellungen\All Users\Desktop\Allplan 2004.lnk:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\desktop.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WLAN_Generic_SW_2200BG_2915ABG_3945ABG_V10.1.0.3_TIC_107948.zip:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Zapotek.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\WORDPAD.INI:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\WMSysPr9.prx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\winnt256.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\winnt.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\winhelp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\vmmreg32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\vbaddin.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\vb.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\unvise32qt.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Thumbs.db:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\TASKMAN.EXE:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\zonedon.reg:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\zonedoff.reg:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\xmlprov.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\xenroll.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\xcopy.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\xactsrv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wstrenderer.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wstdecod.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshrm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshom.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshnetbs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wship6.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshcon.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshbth.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshatm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wsecedit.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wscui.cpl:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wscntfy.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\write.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wpnpinst.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wpdtrace.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wpdsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wpdmtpus.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wpdmtpdr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wpdmtp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wpdconns.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wpabaln.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wowfaxui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wowfax.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wowdeb.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmvds32.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmvdmod.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\WMVADVE.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmv8ds32.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\WMSUI32.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmstream.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\WMSPDMOE.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmsdmoe2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmsdmoe.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmsdmod.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmpsrcwp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmpencen.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmpcore.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmpcd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmpasf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmp.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmiscmgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmiprop.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmimgmt.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmidx.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmerrDEU.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmdrmnet.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmdrmdev.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wjview.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winver.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winstrm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\WINSSPI.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winspool.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winsock.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winshfhc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winntbbu.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winnls.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winmsd.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winhlp32.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winhelp.hlp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winfax.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winchat.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winbrand.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\win.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wifeman.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wiavideo.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wiasf.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wiascr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wiadss.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wextract.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\webvw.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\webhits.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\webfldrs.msi:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wdl.trm:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wdfapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.sve:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.nld:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.ita:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.fra:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.esn:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.enu:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.deu:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.sve:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.nld:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.ita:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.fra:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.esn:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.enu:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.deu:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wavemsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\W95FIBER.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\w32topl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\w32tm.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\w22NCPA.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\W22MLRes.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vssadmin.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vss_ps.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VSFLEX3.OCX:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vjoy.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vga64k.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vga256.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vfpodbc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VFP6RUN.EXE:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\verifier.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\verifier.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ver.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VEN2232.OLB:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vdmredir.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vcdex.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vbisurf.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VBAME.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VBAEND32.OLB:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VBAEN32.OLB:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VBADE32.OLB:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VADE232.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\v7vga.rom:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\uwdf.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrvpa.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrvoica.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrv80a.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrv42a.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrsvpia.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrshuta.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrsdpia.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrrtosa.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrprbda.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrmlnka.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrlogon.cmd:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrlbva.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrfaxa.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrdtea.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrdpa.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrcoina.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrcntra.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usbui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\USASCII.TRN:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ureg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\upnpui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\upnpcont.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\UNWISE.INI:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\UNWISE.EXE:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\untfs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\unlodctr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\umdmxfrm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ufat.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\udhisapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\typeperf.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\typelib.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\TwnLib4.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\TwnLib20.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tsshutdn.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tslabels.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tslabels.h:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tskill.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tsdiscon.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tsddd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tsd32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tscupgrd.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tscon.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tscfgwmi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tree.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tracert6.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tracert.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tracerpt.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tlntsvrp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tlntadmn.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tftp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\termmgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\termcap:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\telephon.cpl:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tcpsvcs.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tcpmonui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tcpmon.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tcmsetup.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\taskman.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tasklist.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\taskkill.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tapiperf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tapi3.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\systray.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\systeminfo.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\SYSTEM1X.MDW:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\system.mdw:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysprtj.sep:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysprint.sep:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysocmgr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysmon.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\syskey.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysinv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysedit.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\SynTPCoI.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\syncui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\SynCtrl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\synceng.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\syncapp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\swprv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\SWEDISH.TRN:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\svcpack.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\subst.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\storage.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\stimon.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\stclient.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sstext3d.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ssstars.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sspipes.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ssmyst.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ssmypics.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ssmarque.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ssflwbox.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ssbezier.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ss3dfo.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlwoa.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlwid.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlunirl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlsrv32.rll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlsrv32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlsodbc.chm:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\spxcoins.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sprio800.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sprio600.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sprestrt.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\spnpinst.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\spnike.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sort.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\snmpsnap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\SMSUnins.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\smbinst.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\slbcsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\skeys.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\skdll.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sisbkup.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\simpdata.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sigverif.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shutdown.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shscrap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shrpubw.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\share.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shadow.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sfmapi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sfc.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\setver.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\setupdll.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\setup.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\setup.bmp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\serwvdrv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\services.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\servdeps.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\serialui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\senscfg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sendmail.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sendcmsg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\SELFREG.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\secupd.sig:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\secupd.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\secpol.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sdpblb.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sdbinst.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scrrun.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scrrnde.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scrobj.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scrnsave.scr:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scriptpw.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scredir.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\SCP32.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scode.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sclgntfy.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\schtasks.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sccbase.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scardssp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\SCANPST.HLP:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sbeio.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sbe.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\savedump.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\safrslv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\safrdm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\safrcdlg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\s24NCfg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rwinsta.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\runas.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rtm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\RTLCPL.EXE:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\RTLCPAPI.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rtipxmib.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rtcshare.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvpsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvpperf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvpmsg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvpcnts.h:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvp.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsopprov.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsnotify.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsmui.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsmsink.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsmps.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsm.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsh.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsfsaps.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsaci.rat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rpcns4.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\routetab.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\routemon.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\route.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rnr20.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rexec.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\results.txt:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\reset.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\replace.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rend.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\relog.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\regwizc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\regwiz.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\regini.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\regedt32.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\REFEDIT.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\recover.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rdsaddin.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rdpwsx.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rdpsnd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rdpdd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rdpclip.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rdpcfgex.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\RDOCURS.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rdchost.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rcp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasser.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasrad.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasphone.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasmxs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasmontr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasdial.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasctrs.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasctrs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasctrnm.h:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasautou.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasauto.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\racpldlg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qwinsta.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\QuickTime.qtp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\QuickTime.cpl:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qtplugin.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qprocess.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qosname.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qedwipes.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qdv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qappsrv.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pubprn.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\PUBDLG.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\psnppagn.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pscript.sep:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pschdprf.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pschdprf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pschdcnt.h:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\proxycfg.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\proquota.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prodspec.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\proctexe.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prnqctl.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prnport.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prnmngr.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prnjobs.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prndrvr.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prncnfg.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\print.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prflbmsg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\powercfg.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\polstore.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pmspl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\plustab.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ping6.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pidgen.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pid.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\PICSTORE.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\picn20.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\photowiz.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfwci.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfwci.h:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfts.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfos.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfnw.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfnet.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfmon.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfi009.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfi007.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perffilt.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perffilt.h:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfdisk.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfd009.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfd007.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfctrs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfci.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfci.h:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pentnt.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pcl.sep:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pathping.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\paqsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\panmap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pagefileconfig.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\p2psvc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\p2pnetsh.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\p2pgraph.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\p2pgasvc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\p2p.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\OUTLCOMM.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\osuninst.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\osuninst.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\openfiles.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\olesvr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\oleprn.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\OLEMSG32.REG:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\OLEMSG32.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\OLEMSG.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\olecli.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ole2nls.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ole2disp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ole2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\offfilt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\oemdspif.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odtext32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odpdx32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odfox32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odexl32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\oddbse32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbctrac.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ODBCSTF.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbcp32r.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ODBCKEY.INF:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ODBCJTNW.HLP:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ODBCJTNW.CNT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ODBCJET.HLP:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ODBCJET.CNT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ODBCINST.HLP:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ODBCINST.CNT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbccu32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbccr32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbccp32.cpl:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbcconf.rsp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbcconf.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbcconf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbcad32.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbc32gt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbc16gt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\objsel.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nwscript.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nwevent.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nwcfg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntsd.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntprint.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmssvc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmsoprq.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmsmgr.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmsevt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmsdba.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntlanui2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntlanui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio804.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio412.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio411.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio404.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntimage.gif:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdsbcli.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos804.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos412.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos411.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos404.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntbackup.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nslookup.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\NSERROR.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\NSCMPS.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\npptools.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\NORWEG.TRN:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.tha:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.sve:KAVICHS

Alfadas · 14.05.2010, 00:25

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.sve:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.nld:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.ita:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.fra:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.esn:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.enu:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.eng:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.deu:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.cht:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.chs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nmmkcert.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nmevtmsg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nlsfunc.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nlhtml.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netstat.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netsh.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netsetup.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\neth.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netfxperf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\net1.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\net.hlp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\net.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\NeroCheck.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nddenb32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nddeapir.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ncxpnt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nbtstat.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\narrhook.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mtxlegih.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mtxex.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mtxdm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxmlr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxml2r.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxml.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSXBSE35.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msw3prt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvideo.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvidctl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvcp50.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvbvm50.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mstinit.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSTEXT35.reg:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mstext35.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msswchx.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msswch.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSSTKPRP.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSSTDFMT.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mssip32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mssetup.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msscript.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msscds32.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSRTEDIT.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msrpfs35.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msrecr40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSRDO20.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msrclr40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msratelc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msr2cenu.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msr2c.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSPST32.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mspdox35.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSOTHUNK.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msorcl32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msorc32r.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msodeGER.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msobjs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msnsspc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msltus35.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mslbui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msjt4jlt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msjdbc10.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSIMUSIC.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSIMRT32.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSIMRT16.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSIMRT.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msieftp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msgsvc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msg.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSFS32.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSForms.TWD:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msexcl35.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msencode.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msdxmlc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msdtcprf.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msdtcprf.h:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msdatsrc.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mscpxl32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mscpx32r.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msconf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSCALDEU.TLB:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSCAL.OCX:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSCAL.HLP:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSCAL.DEP:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSCAL.CNT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msaudite.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msapsspc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msafd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msadds32.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msacm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msaatext.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mrinfo.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqprfsym.h:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqperf.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqperf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqoa20.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqoa10.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqoa.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqgentr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqcertui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mprmsg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mprdim.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mprddm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mplay32.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mpg4ds32.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MPG4DMOD.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mpeg2data.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MP4SDMOD.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MP43DMOD.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mountvol.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\more.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\modex.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mode.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mnmdd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmutilse.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmtask.tsk:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmfutil.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmdriver.inf:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mll_qic.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mll_mtf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mll_hp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mlang.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ML3XEC16.EXE:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Misc2.srg:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\misc.srg:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mimefilt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\migpwd.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\miglibnt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mib.bin:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MFCANS32.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MFC71u.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MFC71KOR.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MFC71JPN.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MFC71ITA.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MFC71ESP.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MFC71ENU.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MFC71DEU.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MFC71CHT.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MFC71CHS.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MFC42DEU.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mfc40.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mem.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mdwmdmsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mdhcp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciwave.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciwave.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciseq.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciole32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciole16.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciavi.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mchgrcoi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mcdsrv32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mcastmib.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\maxdiag.cmd:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MAPISRVR.EXE:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MAPISP32.EXE:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mapi32x.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\makecab.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mag_hook.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lzexpand.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lusrmgr.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lprmonui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lprhelp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lpr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lpq.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\logoff.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\login.cmd:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\loghours.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\localui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\loadfix.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lnkstub.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lights.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\LAPRXY.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lanman.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\langwrbk.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\label.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\l_except.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\keymgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\KEYEX32.EXE:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\key01.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kd1394.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdycl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdycc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbduzb.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdusx.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdusr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdusl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdur.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbduk.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdtuq.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdtuf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdtat.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsw.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsl1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdru1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdru.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdro.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdpo.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdpl1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdpl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdno.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdnec.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdne.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdmon.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdmac.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdlv1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdlv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdlt1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdlt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdla.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdkyr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdkaz.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdit142.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdit.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdir.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdic.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhu1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhu.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhept.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhela3.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhela2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhe319.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhe220.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhe.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdgr1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdgkl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdgae.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdfr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdfo.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdfi.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdfc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdest.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdes.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbddv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdda.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdcz2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdcz1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdcz.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdcr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdcan.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdca.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdbu.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdbr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdblr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdbene.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdbe.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdazel.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdaze.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\KBDAL.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jupdate-1.5.0_07-b03.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\joy.cpl:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jobexec.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jgsh400.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jgsd400.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jgmd400.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jgaw400.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\JETSQL35.HLP:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\JETSQL35.CNT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\JETERR35.HLP:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\JETERR35.CNT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\JETDEF35.HLP:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\JETCOMP.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jet500.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Jet35sp3.doc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\javart.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\javacypt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ixsso.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ivfsrc.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\isrdbg32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ISO88591.TRN:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\isign32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\irftp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\irclass.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ir50_qcx.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ir50_qc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxsap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxrtmgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxroute.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxrip.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxpromn.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxmontr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipv6mon.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipv6.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipsmsnap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipsecsnp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipsec6.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iprtrmgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iprtprio.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ippromon.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipmontr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iologmsg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\intl.cpl:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\instcat.sql:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Installer.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\input.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\initpki.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\infosoft.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\inetppui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\inetcplc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\INETAB32.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\imeshare.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ImagXRA7.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ImagXpr5.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\imagx5.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\imagr5.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ImageDrive.cpl:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ils.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iissuba.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igmpagnt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxzoom.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrtrk.lrc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrtha.lrc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrsve.lrc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrrus.lrc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrptg.lrc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrptb.lrc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrplk.lrc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrnor.lrc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrnld.lrc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrkor.lrc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrjpn.lrc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrita.lrc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrhun.lrc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrheb.lrc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrfrc.lrc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrfra.lrc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrfin.lrc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxresp.lrc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrenu.lrc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxreng.lrc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrell.lrc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrdeu.lrc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrdan.lrc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrcsy.lrc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrcht.lrc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrchs.lrc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrarb.lrc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrara.lrc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhtrk.lhp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhtha.lhp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhsve.lhp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhrus.lhp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhptg.lhp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhptb.lhp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhplk.lhp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhnor.lhp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhnld.lhp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhkor.lhp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhjpn.lhp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhita.lhp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhhun.lhp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhheb.lhp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhfrc.lhp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhfra.lhp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhfin.lhp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhesp.lhp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhenu.lhp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxheng.lhp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhell.lhp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhdeu.lhp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhdan.lhp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhcsy.lhp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhcht.lhp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhchs.lhp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxharb.lhp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhara.lhp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ifsutil.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ifmon.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iexpress.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\idq.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\icwphbk.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\icwdial.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iassvcs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iassdo.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iassam.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iasrecst.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iasrad.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iaspolcy.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iasnap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iashlpr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iasads.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iasacct.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ialmrem.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iAlmCoIn_v3889.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\htui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hticons.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hostname.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\homepage.inf:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hnetmon.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hlp95en.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\HLINKPRX.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hlink.srg:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hlduinst.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\HLDRV.LOG:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hinstd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\help.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\h323msp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\GWFSPidGen.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\graphics.pro:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\graphics.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\graftabl.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gpupdate.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gpresult.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gpkrsrc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gpkcsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gpedit.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\glmf32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gcdef.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\GAPI32.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\g711codc.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fxsxp32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fxswzrd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fxsui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fxsperf.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fxsperf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fxsdrv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fxscount.h:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fxscomex.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fxscom.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fxsclnt.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fxscfgwz.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fwcfg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ftp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fsutil.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fsmgmt.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\framebuf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\FOXUSER.FPT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\FOXUSER.DBF:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\format.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\forcedos.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fontview.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fontext.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fmifs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fixmapi.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\finger.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\findstr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\find.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fc.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fastopen.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\expand.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\exe2bin.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eventvwr.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eventvwr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eventtriggers.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eventquery.vbs:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eventcreate.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eventcls.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eula.txt:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eudcedit.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ETEXCH32.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esentutl.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esentprf.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esentprf.hxx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esentprf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esent97.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\EqnClass.Dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\EMSUIX32.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\EMSUI32.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\EMSMDB32.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\EMSABP32.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\emptyregdb.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\edlin.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\edit.hlp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\edit.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dxdiag.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dx8vb.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dx7vb.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dx3j.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dvdupgrd.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dvdplay.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dswave.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dssec.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dssec.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dsprop.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dsound3d.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dsound.vxd:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dskquoui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dsdmoprp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dsdmo.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dsauth.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ds32gt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ds16gt.dLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drwatson.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DRVSSRVR.HLP:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drmstor.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\ws2ifsl.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\wpdusb.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\vdmindvd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\usbintel.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\usbcamd2.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\usbcamd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\tunmp.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\tsbvcap.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\tosdvd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\tape.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\sonydcam.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\smclib.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\sffp_sd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\sffdisk.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\sdbus.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\scsiport.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\rootmdm.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\riodrv.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\rio8drv.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\rawwan.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\processr.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\p3.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\nmnt.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\nikedrv.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\mf.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\mcd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\imagesrv.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\imagedrv.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\gmreadme.txt:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\gm.dls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\fsvga.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\etc\services:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\etc\protocol:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\etc\networks:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\etc\lmhosts.sam:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\etc\hosts.msn:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\enum1394.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\diskdump.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\crusoe.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\cpqdap01.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\cinemst2.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\cbidf2k.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\Camd905c.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\bridge.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\atmuni.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\atmlane.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\atmepvc.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\amdk6.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\driverquery.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpwsockx.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpwsock.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpvvox.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpvsetup.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpvoice.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpvacm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpserial.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpnwsock.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpnsvr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpnmodem.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpnlobby.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpnhpast.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpnaddr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpmodemx.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dplaysvr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dplay.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\doskey.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\docprop2.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\docprop.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DOCOBJ.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmview.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmusic.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmsynth.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmstyle.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmscript.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmremote.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmloader.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmintf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmime.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmdlgs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmconfig.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmcompos.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmband.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllhst3g.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wuaueng1.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wuauclt1.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmvdmod.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmsdmod.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmpui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmpshell.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmploc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmplayer.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmpcore.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmpcd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmpasf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmp.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmerror.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmdmps.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmdmlog.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\WMADMOE.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\WMADMOD.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\WgaTray.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\WgaLogon.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wabimp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wab32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\unregmp2.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\sonypvu1.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\setup_wm.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\qasf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\odbcconf.rsp:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mswmdm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msw3prt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msvidctl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mstinit.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msscript.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msscp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msscds32.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mspmsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msorcl32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msorc32r.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msoobe.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msobweb.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msobshel.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msobdl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msobcomm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mslbui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msieftp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msgsvc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msdxmlc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msdfmap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msdaurl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msdatt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msdatsrc.tlb:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msdasc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msdaremr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msdarem.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msdaprst.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msdaprsr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msdaosp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msdaorar.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msdaora.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msdaer.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msdaenum.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msdadc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mscpxl32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mscpx32r.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msafd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msaddsr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msadds32.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msadds.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msadcs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msadcor.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msadcfr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\msadcf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mpvis.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mprdim.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mpg4ds32.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mouhid.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mnmdd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mmfutil.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mimefilt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\migload.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\miglibnt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\migism.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mf.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mciwave.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mcastmib.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\makecab.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\lprhelp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\log.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\localui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\krnlprov.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\keymgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kd1394.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\kbdnec.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\joy.cpl:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ixsso.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\isrdbg32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\isign32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\irftp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ipxroute.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ipv6.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ipsmsnap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ipsecsnp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\iprtrmgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\intl.cpl:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\input.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\initpki.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\inetppui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\imeshare.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ils.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\igmpagnt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\iexpress.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\idq.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\icwphbk.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\icwdial.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\iasrad.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\htui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\help.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\h323msp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\guitrn.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\gpkrsrc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\fxsxp32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\fxswzrd.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\fxsui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\fxsroute.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\fxsperf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\fxsdrv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\fxscomex.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\fxscom.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\fxsclnt.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ftp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\forcedos.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\fontview.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\findstr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\evntrprv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\eudcedit.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dxdiag.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dx8vb.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dx7vb.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dvdupgrd.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dswave.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dssec.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dsprop.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dsound3d.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dskquoui.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dsdmoprp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dsdmo.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ds32gt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dpwsockx.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dpvvox.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dpvsetup.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dpvoice.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dpvacm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dpnsvr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dpnlobby.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dpnhpast.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dpnaddr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dpmodemx.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dplaysvr.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dmusic.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dmsynth.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dmstyle.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dmscript.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dmremote.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dmloader.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dmime.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dmdlgs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dmcompos.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dmband.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\diskpart.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\diskdump.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\diskcopy.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\directdb.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dinput8.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\diantz.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dhcpmon.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dfsshlex.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dfrgfat.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\ddeshare.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dcomcnfg.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\dbnetlib.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\daxctle.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\cscript.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\cryptdlg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\crusoe.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\conime.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\confmsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\comsnap.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\comaddin.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\cmutil.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\cmstp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\cmprops.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\cmmon32.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\cmdl32.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\cmdial32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\cmcfg32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\cic.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\cfgbkend.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\cewmdm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\certmgr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\catsrvps.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\capesnpn.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\camocx.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\cacls.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\bridge.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\autolfn.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\autofmt.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\autoconv.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\attrib.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\atmlane.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\atmadm.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\at.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\asctrls.ocx:KAVICHS

Alfadas · 14.05.2010, 00:28

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\drivers\WudfRd.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\drivers\wdmaud.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\drivers\update.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\drivers\streamip.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\drivers\splitter.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\drivers\slip.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\drivers\ntfs.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\drivers\ndisip.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\drivers\nabtsfec.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\drivers\mstee.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\drivers\kmixer.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\drivers\kbdhid.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\drivers\ccdecode.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\drivers\aec.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\winsrv.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\wdmaud.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\user32.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\update.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\sxs.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\streamip.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\splitter.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\slip.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\shsvcs.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\shdocvw.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\rdbss.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\rasmans.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\rasadhlp.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\nwprovau.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\ntfs.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\ndisip.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\nabtsfec.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\mstee.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\kmixer.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\kbdhid.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\iphlpapi.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\iedw.exe:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\hidserv.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\explorer.exe:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\dhcpcsvc.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\comctl32.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\ccdecode.sys:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dllcache\browseui.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\dhcpcsvc.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\comctl32.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\browseui.dll:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\SchedLgU.Txt:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\NeroDigital.ini:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\hpbafd.ini:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\WINDOWS\bootstat.dat:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\Programme\Windows Media Player\WMPNetwk.exe:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\Dokumente und Einstellungen\demo\ntuser.ini:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\Dokumente und Einstellungen\demo\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini:KAVICHS
@Alternate Data Stream - 228 bytes -> C:\Dokumente und Einstellungen\demo\Eigene Dateien\desktop.ini:KAVICHS
@Alternate Data Stream - 196 bytes -> C:\WINDOWS\wiaservc.log:KAVICHS
@Alternate Data Stream - 196 bytes -> C:\WINDOWS\System32\wtsapi32.dll:KAVICHS
@Alternate Data Stream - 196 bytes -> C:\WINDOWS\System32\shfolder.dll:KAVICHS
@Alternate Data Stream - 164 bytes -> C:\WINDOWS\System32\rundll32.exe:KAVICHS
@Alternate Data Stream - 164 bytes -> C:\WINDOWS\System32\riched32.dll:KAVICHS
@Alternate Data Stream - 164 bytes -> C:\WINDOWS\System32\FNTCACHE.DAT:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\srclient.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\setupapi.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\riched20.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\regapi.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\powrprof.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\OemInfo.ini:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\msvcrt20.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\msimtf.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\msimg32.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\ltkrn13n.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\ltimg13n.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\ltefx13n.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\ltdlg13n.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\LTDIS13n.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\drivers\udfs.sys:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\drivers\modem.sys:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\drivers\fastfat.sys:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\drivers\cdfs.sys:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\dllcache\riched20.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\clusapi.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\cfgmgr32.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\cabinet.dll:KAVICHS
@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\apphelp.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\twain_32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wzcsvc.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wsock32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wshde.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ws2help.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ws2_32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wow32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wmi.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\WMADMOD.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wlnotify.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wldap32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\winsta.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\winscard.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\winmm.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\WgaTray.exe:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\WgaLogon.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\w29mlres.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\version.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\vdmdbg.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\uxtheme.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\utildll.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\usp10.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\userenv.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\traffic.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\tapi32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\syssetup.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ssdpapi.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\shimeng.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\shellstyle.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\sensapi.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\security.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\scesrv.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\scecli.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\scardsvr.exe:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\samsrv.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\samlib.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\resutils.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\rcbdyctl.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\rasdlg.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\rasapi32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\QuickTimeCheck.ocx:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\profmap.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\printui.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\pautoenr.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\opengl32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\olethk32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\oleacc.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\odbc32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ocmanage.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ntlanman.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ntdsapi.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\newdev.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\netui2.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\netui1.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\netui0.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\netshell.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\netrap.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\nddeapi.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ncobjapi.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msvfw32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msvcrt40.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msvcrt.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msvcr71.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msvcp71.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msvcp60.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msvcirt.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msutb.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mssign32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msoert2.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msoeacct.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msimsg.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msihnd.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msiexec.exe:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msgina.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mscat32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\msacm32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mprapi.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mpr.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mmsys.cpl:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mmcbase.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mlang.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mfcsubs.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mfc42u.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mapi32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ltfil13n.DLL:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\linkinfo.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\lftif13n.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\lfpcx13n.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\lfpcd13n.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\lflmb13n.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\lfjbg13n.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\lffpx13n.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\lffax13n.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\LFCMP13n.DLL:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\lfbmp13n.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\LegitCheckControl.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\jsde.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\imm32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\imagehlp.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\icmp.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\icaapi.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\hlink.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\hccutils.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\glu32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\getuname.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\fxsevent.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\fxsapi.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\faultrep.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\esent.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\duser.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dsound.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\wanarp.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\system32\DRIVERS\viaide.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\sfloppy.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\rdpwd.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\raspti.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\raspppoe.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\rasl2tp.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\rasirda.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\ptilink.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\psched.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\parport.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\nwlnkfwd.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\nwlnkflt.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\null.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\nscirda.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\npfs.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\nic1394.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\ndproxy.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\ndiswan.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\ndisuio.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\ndistapi.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\ndis.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\msfs.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\irenum.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\ipnat.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\ipinip.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\system32\DRIVERS\intelide.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\hidusb.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\flpydisk.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\fips.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\fdc.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\cdaudio.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\beep.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\atmarpc.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\asyncmac.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\arp1394.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dllcache\viaide.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dllcache\msoeacct.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dllcache\ipinip.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dllcache\intelide.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dllcache\hlink.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dllcache\hidusb.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dllcache\fxsevent.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dllcache\fxsapi.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dllcache\flpydisk.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dllcache\fdc.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dllcache\colbact.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dllcache\atmarpc.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dllcache\asyncmac.sys:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dfrgres.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dfrgntfs.exe:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\desk.cpl:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ddraw.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dciman32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dbghelp.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\cscdll.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\cryptui.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\cryptnet.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\crypt32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\cr2c70de.dll:KAVICHS

Alfadas · 14.05.2010, 00:30

Zitat:

Zitat von cosinus

Sieht gut aus. Von OTL brauch ich nur das OTL.log die extras nicht nochmal.

Die Log Datei hat ziemlichhh viele Zeichen. Ich bin mir nicht sicher ob das so gedacht war. :-S

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\comres.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\compstui.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\colbact.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\cards.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\bootvid.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\blackbox.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\batt.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\batmeter.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\avicap32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\authz.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\audiodev.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\atmlib.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\activeds.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\aclui.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\Dokumente und Einstellungen\demo\Desktop\Allmenu 2004.lnk:KAVICHS
< End of report >

cosinus · 14.05.2010, 10:13

Auch das ist aus meiner Sicht ok.
Prüf jetzt mal unbedingt die Updates wenn wieder alles ok ist. Dir fehlen min. die wichtigen Updates für Windows: SP3 + IE8!!

Microsoftupdate

Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.

Windows Vista/7: Anleitung Windows-Update

PDF-Reader aktualisieren
Dein Adobe Reader ist nicht aktuell, was ein großes Sicherheitsrisiko darstellt. Du solltest daher besser die alte Version über Systemsteuerung => Software deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst.

Ich empfehle einen alternativen PDF-Reader wie SumatraPDF oder Foxit PDF Reader, beide sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers, hier der direkte Downloadlink => http://filepony.de/?q=Flash+Player

Java-Update
Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.

Alfadas · 18.05.2010, 10:50

Vielen Dank für die Hilfe und Tipps. Diese Seite war mir eine grosse Hilfe.

Viele Grüsse.

12.05.2010, 20:27	#16
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Antimalware Doctor Angriff nach Rkill, Mbam Scan, CCleaber immer noch vorhanden! Ok. Dann würde ich gern für weitere Kontrollen frische Logs von otl.exe GMER und OSAM sehen. __________________ Logfiles bitte immer in CODE-Tags posten

13.05.2010, 15:34	#18
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Antimalware Doctor Angriff nach Rkill, Mbam Scan, CCleaber immer noch vorhanden! Sieht gut aus. Von OTL brauch ich nur das OTL.log die extras nicht nochmal. __________________ __________________

Antimalware Doctor Angriff nach Rkill, Mbam Scan, CCleaber immer noch vorhanden!

Plagegeister aller Art und deren Bekämpfung: Antimalware Doctor Angriff nach Rkill, Mbam Scan, CCleaber immer noch vorhanden!