Just nu i M3-nätverket
Gå till innehåll

Rekommendera Poster

I Felsäkertläge så får jag ett felmedelande;

 

"user & kernel MBR OK

error: Read Begäran kunde inte utföras pga ett fel i en 1/0-enhet"

 

Vad kan det bero på??

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

I/O-enhet står för Input/Output-enhet.

 

Gäller detta senaste i felsäkert läge mbr.exe eller Gmer?

Om det gäller mbr.exe så kolla om det har skapats en mbr.log på skrivbordet eller i C:\ och i så fall klistra in den.

 

Det andra kommandot med mbr.exe ska du strunta i, det borde inte ha kommit med i mitt inlägg.

God natt!

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Gmer var det som jag körde och fick felmeddelande:

"user & kernel MBR OK

error: Read Begäran kunde inte utföras pga ett fel i en 1/0-enhet"

 

Edit: har nu även provat mbr.exe i felsäkertläge får jag samma felsvar. Och loggen som skapas på skrivbordet är tom.

 

I normalläge funkar det,inget felmeddelande, men loggen som skapas på skrivbordet är TOM

 

Go natt

Redigerad av The OldBoy

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Gmer snabbscan gick igenom nu på morgonen i felsäkertläge...

 

GMER 1.0.15.15530 - http://www.gmer.net

Rootkit quick scan 2010-11-26 09:38:15

Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 TOSHIBA_MK4026GAX rev.PA103G

Running: 9i69fywp.exe; Driver: C:\DOCUME~1\ADMINI~1\LOKALA~1\Temp\pxtdypow.sys

 

 

---- System - GMER 1.0.15 ----

 

Code fsdfw.sys (F-Secure Internet Shield Driver/F-Secure Corporation) IoCreateDevice

 

---- Devices - GMER 1.0.15 ----

 

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

 

---- EOF - GMER 1.0.15 ----

 

När jag sedan fortsätter med detta;

 

"Om frågan inte kommer så välj fliken Rootkit/Malware, kontrollera att allt är förbockat till höger utom IAT/EAT, Show All och andra partitioner än C:\. Tryck på Scan"

 

så går datorn en stund för att sedan hänga sig

Redigerad av The OldBoy

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Prova med att avbocka även Sections och Devices i GMER.

 

Den hänger sig ändå efter ett par minuter...

:(

 

Edit: Jag körde i felsäkertläge...

Redigerad av The OldBoy

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Vi prövar med att du låter datorn starta från en CD-skiva med ett fixprogram. Ladda ner http://oldtimer.geekstogo.com/OTLPEStd.exe.

Stoppa in en tom CD-skiva.

Starta det nedladdade programmet och det kommer automatiskt att bränna OTLPE på CD-skivan.

 

Vet du hur du får datorn att starta från en CD-skiva i stället för från en hårddisk? Om inte så fråga.

 

När datorn har startat från CD-skivan visas REATOGO-X-PE skrivbord.

Dubbelklicka på ikonen OTLPE.

Om du får frågan "Do you wish to load the remote registry", välj Yes/OK.

När du får frågan "Do you wish to load remote user profile(s) for scanning", välj Yes/OK.

Se till att "Automatically Load All Remaining Users" är vald om det valet finns och klicka OK.

Programmet OTL startar.

Ändra inställningen Drivers till Non-Microsoft om det valet finns.

Tryck på Run Scan för att starta genomsökningen.

 

När skanningen är klar så kommer loggfilen OTL.txt att sparas i mappen C:\.

 

Starta om datorn från hårddisken och klistra in loggfilen OTL.txt i ditt svar

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Detta funderar jag på:

 

"Ändra inställningen Drivers till Non-Microsoft om det valet finns."

 

Finns inte men på Drivers finns, None, Use safelist, All, så jag bockar i None eller ska den vara kvar på Use safelist???

Redigerad av The OldBoy

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Nu ska vi se om denna hjälper!!!

 

OTL logfile created on: 11/26/2010 4:37:32 PM - Run

OTLPE by OldTimer - Version 3.1.43.0 Folder = X:\Programs\OTLPE

Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

 

759.00 Mb Total Physical Memory | 549.00 Mb Available Physical Memory | 72.00% Memory free

699.00 Mb Paging File | 579.00 Mb Available in Paging File | 83.00% Paging File free

Paging file location(s): C:\pagefile.sys 372 744 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program

Drive C: | 37.26 Gb Total Space | 13.33 Gb Free Space | 35.77% Space Free | Partition Type: NTFS

Drive X: | 282.52 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

 

Computer Name: REATOGO | User Name: SYSTEM

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

Using ControlSet: ControlSet001

 

========== Win32 Services (SafeList) ==========

 

SRV - File not found [Auto] -- C:\ComboFix\PEV.cfx -- (PEVSystemStart)

SRV - File not found [Auto] -- C:\mmc\program\tvpvr\gbpvrrecordingservice.exe -- (GB-PVR Recording Service)

SRV - [2010/10/13 08:36:53 | 000,064,016 | ---- | M] (F-Secure Corporation) [On_Demand] -- C:\Program\Telia\Telias sakerhetstjanster\ORSP Client\fsorsp.exe -- (FSORSPClient)

SRV - [2010/09/07 07:55:33 | 000,522,848 | ---- | M] (F-Secure Corporation) [On_Demand] -- C:\Program\Telia\Telias sakerhetstjanster\FWES\Program\fsdfwd.exe -- (FSDFWD)

SRV - [2009/08/05 10:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) [Auto] -- C:\Program\Telia\Telias sakerhetstjanster\Common\FSMA32.EXE -- (FSMA)

SRV - [2009/08/05 10:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) [Auto] -- C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)

SRV - [2008/11/27 09:17:04 | 001,712,128 | ---- | M] (Textalk AB) [Auto] -- C:\Program\ExtraFilm Designer SE\EFUploadSrv.exe -- (EFUploadSrv)

SRV - [2008/11/03 04:31:45 | 000,116,032 | ---- | M] (LogMeIn, Inc.) [Disabled] -- C:\Program\LogMeIn\x86\RaMaint.exe -- (LMIMaint)

SRV - [2008/02/28 08:31:50 | 000,063,040 | ---- | M] (LogMeIn, Inc.) [Disabled] -- C:\Program\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)

SRV - [2007/10/25 09:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)

SRV - [2007/06/27 12:04:00 | 000,279,848 | ---- | M] (Nero AG) [On_Demand] -- C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)

SRV - [2006/11/03 13:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program\Windows Defender\MsMpEng.exe -- (WinDefend)

SRV - [2002/09/20 07:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto] -- C:\Program\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)

DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tifm21.sys -- (tifm21)

DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\tiacxln.sys -- (TIACXLN)

DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)

DRV - File not found [Kernel | System] -- -- (PCIDump)

DRV - File not found [Kernel | On_Demand] -- C:\Program\D-LINK~1\PCANDIS5.SYS -- (PCANDIS5)

DRV - File not found [Kernel | System] -- -- (lbrtfdc)

DRV - File not found [Kernel | System] -- -- (i2omgmt)

DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\DRIVERS\gtipci21.sys -- (GTIPCI21)

DRV - File not found [Kernel | System] -- -- (Changer)

DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\NSDriver.sys -- (Ad-Watch Connect Filter)

DRV - [2010/09/07 07:53:09 | 000,124,072 | ---- | M] () [Kernel | On_Demand] -- C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)

DRV - [2010/09/07 07:49:01 | 000,041,624 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\system32\drivers\fsbts.sys -- (fsbts)

DRV - [2009/08/05 10:58:30 | 000,068,064 | ---- | M] (F-Secure Corporation) [Kernel | System] -- C:\Program\Telia\Telias sakerhetstjanster\HIPS\drivers\fshs.sys -- (F-Secure HIPS)

DRV - [2009/08/05 10:57:20 | 000,080,000 | ---- | M] (F-Secure Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\fsdfw.sys -- (FSFW)

DRV - [2009/08/05 10:56:14 | 000,039,776 | ---- | M] () [Kernel | Disabled] -- C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\win2k\fsfilter.sys -- (F-Secure Filter)

DRV - [2009/08/05 10:56:14 | 000,025,184 | ---- | M] () [Kernel | Disabled] -- C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\win2k\fsrec.sys -- (F-Secure Recognizer)

DRV - [2009/02/04 11:33:52 | 000,008,064 | ---- | M] (Option N.V.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\gtuhsser.sys -- (GTUHSSER)

DRV - [2009/02/04 11:33:10 | 000,063,360 | ---- | M] (Option N.V.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\gtuhsbus.sys -- (GTUHSBUS)

DRV - [2009/02/04 11:29:10 | 000,105,856 | ---- | M] (Option N.V.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\gtuhs51.sys -- (GTUHSNDISIPXP)

DRV - [2008/11/03 04:30:42 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)

DRV - [2008/11/03 04:30:41 | 000,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)

DRV - [2008/04/13 13:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB-ljuddrivrutiner (WDM)

DRV - [2008/02/28 08:31:52 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto] -- C:\Program\LogMeIn\x86\rainfo.sys -- (LMIInfo)

DRV - [2007/09/14 19:09:44 | 000,213,696 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)

DRV - [2006/10/12 17:26:56 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)

DRV - [2006/09/18 08:59:08 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\se27unic.sys -- (se27unic) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM)

DRV - [2006/09/18 08:59:02 | 000,086,560 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SE27obex.sys -- (SE27obex)

DRV - [2006/09/18 08:59:00 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\se27nd5.sys -- (se27nd5) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS)

DRV - [2006/09/18 08:58:58 | 000,088,688 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SE27mgmt.sys -- (SE27mgmt) Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM)

DRV - [2006/09/18 08:58:54 | 000,097,184 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SE27mdm.sys -- (SE27mdm)

DRV - [2006/09/18 08:58:52 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SE27mdfl.sys -- (SE27mdfl)

DRV - [2006/09/18 08:58:48 | 000,061,600 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SE27bus.sys -- (SE27bus) Sony Ericsson Device 039 Driver driver (WDM)

DRV - [2005/03/21 20:17:34 | 000,450,400 | ---- | M] (D-Link Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\A3AB.sys -- (A3AB) D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB)

DRV - [2005/03/04 08:02:20 | 001,066,278 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)

DRV - [2004/11/16 05:37:48 | 003,222,784 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel®

DRV - [2004/11/04 05:24:12 | 000,055,320 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)

DRV - [2004/08/01 18:34:58 | 000,190,336 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)

DRV - [2004/06/16 04:19:58 | 000,046,080 | ---- | M] (SMSC) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)

DRV - [2004/05/26 08:18:18 | 000,044,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)

DRV - [2004/04/14 01:36:50 | 000,007,432 | ---- | M] (Hewlett-Packard Company) [Kernel | System] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)

DRV - [2004/02/20 04:35:28 | 000,059,044 | R--- | M] (Hewlett-Packard) [Kernel | System] -- C:\WINDOWS\System32\Drivers\ClntMgmt.sys -- (ClntMgmt.sys)

DRV - [2003/11/03 19:08:10 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)

DRV - [2003/06/06 05:46:16 | 000,005,220 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)

DRV - [2002/10/22 06:58:06 | 000,040,448 | ---- | M] (Susteen Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SUSCOM.SYS -- (SUSCOM)

DRV - [2001/08/17 09:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\aliide.sys -- (AliIde)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\Administratör_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = My Web Search

IE - HKU\Administratör_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultUrl = http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZRxdm077YYSE&fl=0&ptb=v5ZfEERLRIG0y.aD.RwEIQ&url=http://edits.mywebsearch.com/toolbaredits/barsearch.jhtml&st=sb&searchfor={searchTerms}

IE - HKU\Administratör_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sparbanken-nord.se//

IE - HKU\Administratör_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

IE - HKU\LogMeInRemoteUser_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com

IE - HKU\LogMeInRemoteUser_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\LogMeInRemoteUser_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" =

 

 

 

========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "//eforum.idg.se/topic/325329-thinkpoint/"

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

 

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program\Mozilla Firefox\components [2010/11/09 09:14:00 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program\Mozilla Firefox\plugins [2010/11/09 09:14:00 | 000,000,000 | ---D | M]

 

[2010/08/05 08:15:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Mozilla\Extensions

[2010/11/25 11:54:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\968eaeph.default\extensions

[2010/08/13 11:25:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\968eaeph.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010/09/05 07:19:40 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\968eaeph.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

[2010/08/05 08:15:39 | 000,000,000 | ---D | M] -- C:\Program\Mozilla Firefox\extensions

[2010/11/09 09:13:30 | 000,001,470 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\allaannonser-sv-SE.xml

[2010/11/09 09:13:31 | 000,002,670 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\prisjakt-sv-SE.xml

[2010/11/09 09:13:31 | 000,000,948 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\tyda-sv-SE.xml

[2010/11/09 09:13:32 | 000,001,174 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\wikipedia-sv-SE.xml

[2010/11/09 09:13:32 | 000,000,951 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\yahoo-sv-SE.xml

 

O1 HOSTS File: ([2004/08/04 03:00:00 | 000,000,710 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Länkhjälp till Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (Windows Live inloggningshjälpen) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKU\Administratör_ON_C\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKU\Administratör_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O4 - HKLM..\Run: [F-Secure Manager] C:\Program\Telia\Telias sakerhetstjanster\Common\FSM32.EXE (F-Secure Corporation)

O4 - HKLM..\Run: [F-Secure TNB] C:\Program\Telia\Telias sakerhetstjanster\FSGUI\TNBUtil.exe (F-Secure Corporation)

O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP)

O4 - HKLM..\Run: [LogMeIn GUI] C:\Program\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)

O4 - HKLM..\Run: [Omnipage] C:\Program\ScanSoft\OmniPageSE\opware32.exe (ScanSoft, Inc)

O4 - HKLM..\Run: [soundMAX] C:\Program\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)

O4 - HKLM..\Run: [soundMAXPnP] C:\Program\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)

O4 - HKLM..\Run: [synTPLpr] C:\Program\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)

O4 - HKLM..\Run: [synTPStart] C:\Program\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)

O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Program\Delade filer\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)

O4 - HKU\Administratör_ON_C..\Run: [H/PC Connection Agent] C:\Program\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)

O4 - HKU\LogMeInRemoteUser_ON_C..\RunOnce: [NeroHomeFirstStart] C:\Program\Delade filer\Ahead\Lib\NMFirstStart.exe (Nero AG)

O4 - Startup: C:\Documents and Settings\Administratör\Start-meny\Program\Autostart\Telia Mobilt bredband.lnk = C:\Program\Telia\Telia_Mobilt_bredband\Telia_Mobilt_bredband.exe (Telia)

O4 - Startup: C:\Documents and Settings\Administratör\Start-meny\Program\Autostart\Voice Xpress.lnk = C:\Program\LHSP\Voice Xpress\Speechcenter\speechcenter.exe (Lernout & Hauspie Speech Products)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\Administratör_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\Administratör_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\LogMeInRemoteUser_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Google Sidewiki... - C:\Program\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)

O9 - Extra Button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Skapa mobilfavorit... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program\Telia\Telias sakerhetstjanster\FSPS\program\FSLSP.DLL (F-Secure Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program\Telia\Telias sakerhetstjanster\FSPS\program\FSLSP.DLL (F-Secure Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program\Telia\Telias sakerhetstjanster\FSPS\program\FSLSP.DLL (F-Secure Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program\Telia\Telias sakerhetstjanster\FSPS\program\FSLSP.DLL (F-Secure Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program\Telia\Telias sakerhetstjanster\FSPS\program\FSLSP.DLL (F-Secure Corporation)

O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab (Office Genuine Advantage Validation Tool)

O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.ipix.com/viewers/ipixx.cab (iPIX ActiveX Control)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc3.cab (Office Update Installation Engine)

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.fujidirekt.se/aurigma/ImageUploader5.cab (Image Uploader Control)

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab (Windows Live Safety Center Base Module)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120127310453 (WUWebControl Class)

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1259825040421 (MUWebControl Class)

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)

O16 - DPF: {8BC53B30-32E4-4ED3-BEF9-DB761DB77453} http://u3.sandisk.com/download/apps/LPInstaller.CAB (CInstallLPCtrl Object)

O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://www.pattayalivecam.com/AxisCamControl.cab (CamImage Class)

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab (MsnMessengerSetupDownloadControl Class)

O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine)

O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Java Plug-in 1.5.0_11)

O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)

O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)

O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)

O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)

O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} http://83.166.23.7/activex/AMC.cab (AxisMediaControlEmb Class)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UIHost - (C:\WINDOWS\system32\logonuiX.exe) - C:\WINDOWS\system32\logonuiX.exe (Microsoft Corporation)

O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)

O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - CLSID or File not found.

O24 - Desktop Components:0 (Min aktuella startsida) - About:Home

O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program\Windows Defender\MpShHook.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]

O33 - MountPoints2\{2596a4ce-b2b0-11da-bc34-806d6172696f}\Shell - "" = AutoRun

O33 - MountPoints2\{2596a4ce-b2b0-11da-bc34-806d6172696f}\Shell\AutoRun\command - "" = D:\reatogoMenu.exe -- File not found

O33 - MountPoints2\{5b856eae-4977-11db-bd8a-00904bad9b9a}\Shell - "" = AutoRun

O33 - MountPoints2\{5b856eae-4977-11db-bd8a-00904bad9b9a}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found

O33 - MountPoints2\{e144e96e-7888-11de-b628-00904bad9b9a}\Shell - "" = AutoRun

O33 - MountPoints2\{e144e96e-7888-11de-b628-00904bad9b9a}\Shell\AutoRun\command - "" = E:\autorun.exe -- File not found

O33 - MountPoints2\{e4f9e50a-dccf-11dd-800e-00904bad9b9a}\Shell - "" = AutoRun

O33 - MountPoints2\{e4f9e50a-dccf-11dd-800e-00904bad9b9a}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

========== Files/Folders - Created Within 30 Days ==========

 

[2010/11/25 10:30:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administratör\Skrivbord\tdsskiller

[2010/11/25 09:30:00 | 000,000,000 | --SD | C] -- C:\ComboFix

[2010/11/25 04:50:00 | 000,000,000 | RHSD | C] -- C:\cmdcons

[2010/11/25 04:42:32 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2010/11/25 04:42:32 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2010/11/25 04:42:32 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2010/11/25 04:42:32 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2010/11/25 04:42:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT

[2010/11/25 04:34:09 | 000,000,000 | ---D | C] -- C:\Qoobox

[2010/11/25 04:19:37 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\NetworkService\IETldCache

[2010/11/24 11:21:19 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\Administratör\Skrivbord\ATF-Cleaner.exe

[2010/11/24 10:53:31 | 000,000,000 | ---D | C] -- C:\Program\Trend Micro

[2010/11/09 09:49:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss

[2010/11/09 09:03:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administratör\Skrivbord\Katti

[2010/11/07 14:37:44 | 000,000,000 | ---D | C] -- C:\Program\Spybot - Search & Destroy

[2010/11/07 13:46:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administratör\Application Data\Malwarebytes

[2010/11/07 13:45:20 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010/11/07 13:45:07 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010/11/07 13:45:03 | 000,000,000 | ---D | C] -- C:\Program\Malwarebytes' Anti-Malware

[2010/11/06 13:35:39 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll

[2010/11/06 13:35:38 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll

[2010/11/06 13:33:24 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll

[2007/02/01 11:09:16 | 006,653,000 | ---- | C] (Nullsoft, Inc.) -- C:\Program\winamp532_full_emusic-7plus.exe

[2006/09/17 10:46:54 | 000,816,192 | ---- | C] (Google) -- C:\Program\GoogleToolbarInstaller.exe

[2006/07/27 10:20:34 | 006,206,440 | ---- | C] (Nullsoft, Inc.) -- C:\Program\winamp524_full_emusic-7plus.exe

[2006/07/10 00:08:38 | 015,298,344 | ---- | C] (Microsoft Corporation) -- C:\Program\Install_Messenger.exe

[2006/05/28 01:48:36 | 000,588,600 | ---- | C] (Microsoft Corporation) -- C:\Program\WindowsXP-KB918005-v2-x86-SVE.exe

[2005/10/08 02:16:55 | 000,516,514 | ---- | C] (MetaProducts corp.) -- C:\Program\DESETUP.EXE

[2005/06/11 14:35:08 | 000,545,280 | ---- | C] (Intel Corporation) -- C:\Program\usbready.exe

[2005/06/11 06:18:28 | 002,145,904 | ---- | C] (Microsoft Corporation) -- C:\Program\PlusLabyrinthBonus.exe

[2005/06/08 09:27:18 | 000,381,248 | ---- | C] (Microsoft Corporation) -- C:\Program\personal4.01.exe

[2005/06/03 15:07:31 | 000,135,168 | ---- | C] (Gatorhole) -- C:\Program\tp312swe.exe

[2005/06/03 14:59:16 | 005,916,976 | ---- | C] (Hewlett Packard) -- C:\Program\940-svc-xpinfu.exe

[2005/06/02 12:08:08 | 004,296,496 | ---- | C] (Logitech ) -- C:\Program\mw9791sve.exe

[2005/06/02 03:53:15 | 000,617,664 | ---- | C] (Microsoft Corporation) -- C:\Program\MSNToolbarSetup_sv.exe

[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2010/11/26 09:38:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010/11/26 09:35:27 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010/11/26 09:34:59 | 000,000,318 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job

[2010/11/26 09:28:34 | 796,315,648 | -HS- | M] () -- C:\hiberfil.sys

[2010/11/25 16:22:20 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\Administratör\Skrivbord\9i69fywp.exe

[2010/11/25 14:56:45 | 000,089,088 | ---- | M] () -- C:\Documents and Settings\Administratör\Skrivbord\mbr.exe

[2010/11/25 11:21:40 | 000,000,327 | RHS- | M] () -- C:\boot.ini

[2010/11/25 10:29:02 | 001,224,671 | ---- | M] () -- C:\Documents and Settings\Administratör\Skrivbord\tdsskiller.zip

[2010/11/25 09:58:52 | 000,000,024 | ---- | M] () -- C:\WINDOWS\LogonStudio.ini

[2010/11/25 08:44:22 | 003,915,339 | R--- | M] () -- C:\Documents and Settings\Administratör\Skrivbord\ComboFix.exe

[2010/11/24 10:53:45 | 000,002,425 | ---- | M] () -- C:\Documents and Settings\Administratör\Skrivbord\HiJackThis.lnk

[2010/11/09 19:01:22 | 000,630,272 | ---- | M] () -- C:\Documents and Settings\Administratör\Skrivbord\dds.scr

[2010/11/09 13:46:05 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2010/11/09 11:46:01 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2010/11/09 09:56:48 | 000,000,211 | ---- | M] () -- C:\Boot.bak

[2010/11/07 19:20:24 | 000,089,088 | ---- | M] () -- C:\WINDOWS\MBR.exe

[2010/11/07 18:18:04 | 000,364,032 | ---- | M] () -- C:\Documents and Settings\Administratör\Skrivbord\rkill.com

[2010/11/07 14:38:57 | 000,000,889 | ---- | M] () -- C:\Documents and Settings\Administratör\Skrivbord\Spybot - Search & Destroy.lnk

[2010/11/07 11:20:56 | 000,000,006 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\start

[2010/11/07 11:07:57 | 000,000,006 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\completescan

[2010/11/07 10:53:30 | 000,000,010 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\install

[2010/11/07 02:40:48 | 000,251,880 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010/11/06 13:57:52 | 000,460,508 | ---- | M] () -- C:\WINDOWS\System32\perfh01D.dat

[2010/11/06 13:57:52 | 000,458,384 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2010/11/06 13:57:52 | 000,091,112 | ---- | M] () -- C:\WINDOWS\System32\perfc01D.dat

[2010/11/06 13:57:52 | 000,079,246 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2010/11/06 13:49:30 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2010/11/26 09:28:34 | 796,315,648 | -HS- | C] () -- C:\hiberfil.sys

[2010/11/25 16:32:06 | 000,296,448 | ---- | C] () -- C:\Documents and Settings\Administratör\Skrivbord\9i69fywp.exe

[2010/11/25 15:00:20 | 000,089,088 | ---- | C] () -- C:\Documents and Settings\Administratör\Skrivbord\mbr.exe

[2010/11/25 10:30:02 | 001,224,671 | ---- | C] () -- C:\Documents and Settings\Administratör\Skrivbord\tdsskiller.zip

[2010/11/25 08:50:47 | 003,915,339 | R--- | C] () -- C:\Documents and Settings\Administratör\Skrivbord\ComboFix.exe

[2010/11/25 04:50:09 | 000,000,211 | ---- | C] () -- C:\Boot.bak

[2010/11/25 04:50:05 | 000,260,784 | RHS- | C] () -- C:\cmldr

[2010/11/25 04:42:32 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2010/11/25 04:42:32 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2010/11/25 04:42:32 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2010/11/25 04:42:32 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2010/11/25 04:42:32 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2010/11/24 10:53:31 | 000,002,425 | ---- | C] () -- C:\Documents and Settings\Administratör\Skrivbord\HiJackThis.lnk

[2010/11/24 10:35:27 | 000,364,032 | ---- | C] () -- C:\Documents and Settings\Administratör\Skrivbord\rkill.com

[2010/11/13 11:24:58 | 000,630,272 | ---- | C] () -- C:\Documents and Settings\Administratör\Skrivbord\dds.scr

[2010/11/07 14:38:57 | 000,000,889 | ---- | C] () -- C:\Documents and Settings\Administratör\Skrivbord\Spybot - Search & Destroy.lnk

[2010/11/07 11:20:56 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\start

[2010/11/07 11:07:57 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\completescan

[2010/11/07 10:53:30 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\install

[2009/09/16 06:09:54 | 000,041,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\fsbts.sys

[2008/11/08 03:43:45 | 000,000,022 | ---- | C] () -- C:\WINDOWS\DFCD12.ini

[2008/11/08 03:28:57 | 000,000,177 | ---- | C] () -- C:\WINDOWS\mercure.ini

[2008/09/16 07:48:55 | 000,000,142 | ---- | C] () -- C:\Documents and Settings\LogMeInRemoteUser\Lokala inställningar\Application Data\fusioncache.dat

[2008/09/07 03:53:31 | 000,077,824 | ---- | C] () -- C:\WINDOWS\portmon.dll

[2008/05/04 05:34:36 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI

[2007/10/07 10:54:08 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\Project Templates

[2007/09/28 14:36:18 | 000,000,223 | ---- | C] () -- C:\Documents and Settings\Administratör\ExecNetsh.txt

[2007/09/12 13:49:45 | 000,000,024 | ---- | C] () -- C:\WINDOWS\LogonStudio.ini

[2007/09/12 13:49:04 | 000,187,392 | ---- | C] () -- C:\WINDOWS\System32\JPGUtils.dll

[2007/05/02 13:20:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI

[2007/03/05 06:34:28 | 000,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL

[2007/01/07 11:26:55 | 000,010,752 | ---- | C] () -- C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2006/12/31 09:20:23 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\$_hpcst$.hpc

[2006/11/27 10:43:59 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI

[2006/09/18 23:53:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\RussSqr.INI

[2006/08/21 10:22:39 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2006/08/08 11:00:11 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\Administratör\default.pls

[2006/07/18 23:46:26 | 000,025,399 | ---- | C] () -- C:\WINDOWS\CSTBox.INI

[2006/02/21 12:06:40 | 000,077,312 | ---- | C] () -- C:\Program\Wikipedia Tracker.msi

[2006/01/06 07:09:38 | 000,000,078 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\FreeGames4Rest.url

[2005/10/08 03:30:43 | 000,000,100 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.INI

[2005/10/08 02:12:24 | 011,292,689 | ---- | C] () -- C:\Program\WebfilmBig.wmv

[2005/09/15 12:35:31 | 000,617,464 | ---- | C] () -- C:\Program\pcsecuritytest.zip

[2005/06/30 08:40:45 | 000,000,599 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2005/06/27 15:25:37 | 000,001,857 | ---- | C] () -- C:\WINDOWS\wincmd.ini

[2005/06/24 01:49:26 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\MP2enc.dll

[2005/06/24 01:49:25 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll

[2005/06/22 13:06:38 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI

[2005/06/22 11:38:33 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini

[2005/06/16 22:13:45 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SMWizard.INI

[2005/06/12 02:39:54 | 000,533,574 | ---- | C] () -- C:\Program\pllangs.exe

[2005/06/12 02:36:55 | 002,855,080 | ---- | C] () -- C:\Program\aawsepersonal.exe

[2005/06/11 13:39:52 | 000,000,681 | ---- | C] () -- C:\Documents and Settings\Administratör\Installer.log

[2005/06/11 13:00:58 | 000,004,643 | ---- | C] () -- C:\WINDOWS\_delis32.ini

[2005/06/11 11:53:22 | 001,128,126 | ---- | C] () -- C:\Program\win.com.zip

[2005/06/11 05:42:06 | 001,450,893 | ---- | C] () -- C:\Program\DCube150D_manual_eng.zip

[2005/06/06 01:04:21 | 000,000,501 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI

[2005/06/03 11:27:39 | 000,001,125 | ---- | C] () -- C:\WINDOWS\winamp.ini

[2005/05/28 04:44:19 | 000,000,143 | ---- | C] () -- C:\Documents and Settings\NetworkService\Lokala inställningar\Application Data\fusioncache.dat

[2005/05/15 12:24:26 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll

[2005/05/15 12:24:24 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll

[2005/05/15 12:24:24 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll

[2005/05/15 12:24:24 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll

[2005/05/15 12:24:24 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll

[2005/05/15 12:24:24 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll

[2005/02/16 12:18:15 | 000,000,195 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2005/02/16 12:10:54 | 000,015,669 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

[2005/02/16 12:00:12 | 000,000,142 | ---- | C] () -- C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\fusioncache.dat

[2004/09/08 04:05:52 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2004/09/08 03:51:14 | 000,004,465 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2004/06/01 04:39:56 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL

[2003/11/16 09:54:22 | 000,955,203 | ---- | C] () -- C:\WINDOWS\I2E.ini

[2002/05/08 06:43:25 | 000,000,188 | -H-- | C] () -- C:\WINDOWS\Mi1cnie1k1rn5n38.dll

[1999/01/27 06:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll

[1999/01/22 13:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

[1997/06/13 00:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

[1996/11/28 06:15:28 | 000,022,016 | R--- | C] () -- C:\WINDOWS\System32\docobj.dll

 

========== LOP Check ==========

 

[2009/01/06 09:53:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Canon

[2005/10/30 04:51:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Deepnet Explorer

[2009/02/07 08:47:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\ExtraFilm

[2009/10/09 12:43:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\F-Secure

[2005/05/15 15:01:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\InterVideo

[2005/05/21 01:34:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Leadertech

[2005/06/12 02:09:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\NASA

[2007/10/07 10:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Nikon

[2007/10/31 21:30:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\OfficeUpdate12

[2005/06/08 09:27:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Personal

[2005/06/06 01:04:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\ScanSoft

[2005/08/07 14:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\SYSTRAN

[2007/05/02 13:11:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Teleca

[2005/06/11 06:11:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\The Labyrinth Plus! Edition

[2006/08/22 14:22:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Windows Live Safety Center

[2008/01/28 15:15:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Windows Live Writer

[2005/11/19 12:21:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Zonora Technologies

[2010/11/26 09:34:59 | 000,000,318 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

 

========== Purity Check ==========

 

...Vart för lång meddelande...

Redigerad av The OldBoy

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Här kommer del 2:

 

 

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\wmprfSVE.prx:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\WMCSetup.log:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\WgaNotify.log:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\wallpaper.bmp:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\URLDownload.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\TASKMAN.EXE:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wupdmgr.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wuaueng1.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wuauclt1.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\write.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wpdtrace.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wpdmtpdr.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wowexec.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wmv8dmoe.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wmpns.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wmerrSVE.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wmaudsdk.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winmine.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winhlp32.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wfwnet.drv:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wdmioctl.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\w29NCPA.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\VSFLEX3.OCX:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\vga.drv:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\vga.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\VEN2232.OLB:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\vct3216.acm:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\VBAME.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\VB6STKIT.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\user.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\UNWISE.EXE:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\unicode.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\tssoft32.acm:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\tsappcmp.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\TransFrameCTL.ocx:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\timer.drv:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\telephon.cpl:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\taskman.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\tapiui.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\systray.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\system.drv:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\SynTPFcs.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\SynTPCo2.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\swprv.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\stdole32.tlb:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sound.drv:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sortkey.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sol.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sndvol32.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\SmartUI2.ocx:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\skdll.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\shell.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\services.msc:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\secpol.msc:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\SCP32.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rsvp.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rsmsink.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rend.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\redir.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\RDOCURS.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rasautou.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\pusbfd2.vxd:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\pusbfd1.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\PUBDLG.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\plusmpix.scr:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\pifmgr.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\OVUI2RC.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\OVUI2.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\OVComS.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\OVComC.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\OVCodec2.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\olethk32.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\olesvr32.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\oleaccrc.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\oembios.sig:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\oembios.dat:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\oembios.bin:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nwc.cpl:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntsdexts.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntmsevt.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\Npindeo.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\netmsg.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\netevent.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ncxpnt.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\NCTWMAFile.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\NCTAudioVisualization.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\NCTAudioTransform.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\NCTAudioRecord.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\NCTAudioPlayer.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\NCTAudioInformation.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\NCTAudioGrabber.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\NCTAudioFile.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\NCTAudioEditor.oca:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\NCTAudioEditor.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\N067UFW.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mycomput.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msxml3r.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MSSTDFMT.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mssign32.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MSRTEDIT.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msports.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msidntld.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mshearts.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msgsm32.acm:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msg723.acm:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msg711.acm:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MSCOMCTL.OCX:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mscdexnt.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msaudite.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msacm32.drv:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mprui.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mouse.drv:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MMTypesX2.OCX:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MMToolsX2.OCX:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mmsystem.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MMRegOCX.EXE:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mmdrv.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mmdriver.inf:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MMCSystemFiles.log:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mlang.dat:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MFC71KOR.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MFC71JPN.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MFC71ITA.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MFC71ESP.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MFC71ENU.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MFC71DEU.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MFC71CHT.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MFC71CHS.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mfc42loc.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mcicda.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mcd32.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mapi32.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\main.cpl:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lz32.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\LuResult.txt:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lodctr.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\langwrbk.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lame_enc.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\l_intl.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\krnl386.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\keyboard.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\keyboard.drv:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kdcom.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdus.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdsw.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\KBDAL.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kb16.com:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\Iyvu9_32.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\iuengine.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ir32_32.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\INLOADER.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\Initask.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\IniTask.Bin:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\inetcplc.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxtray.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxsrvc.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxress.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxres.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxpph.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxhk.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxexps.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxdiag.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxdgps.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxdev.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxcpl.cpl:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\id3lib.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\icfgnt5.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ialmrnt5.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ialmgicd.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ialmgdev.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ialmdnt5.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ialmdev5.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ialmdd5.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\iAlmCoIn_v3954.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\Iacenc.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hpzlnt04.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hprdvtcp.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hpqPres.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\HPMPMW.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\HPMBTPMS.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\HPDOMON.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\HPBMMON.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\HPBHEALR.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hkcmd.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\himem.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\gdi.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\freecell.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\fmifs.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\FM20SVE.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\eventvwr.msc:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\EqnClass.Dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\DSndUp.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drwtsn32.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drmstor.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\wmilib.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\w29n51.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\usbd.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\smclib.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\smcirda.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\rootmdm.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\riodrv.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\rio8drv.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\rawwan.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\raspti.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\rasirda.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\rasacd.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ptilink.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\pciide.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\parvdm.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\OVSound2.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\OVCodek2.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\OVCE.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\OVCam2.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\oprghdlr.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\nwlnkspx.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\nwlnknb.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\nwlnkfwd.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\nwlnkflt.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\null.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\nikedrv.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mouhid.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mnmdd.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mcd.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ipfltdrv.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ialmnt5.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\gmreadme.txt:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\gm.dls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ftdisk.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\fsvga.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\fs_rec.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\enum1394.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dxgthk.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dxapi.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dmload.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\cpqdap01.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\cinemst2.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\cdaudio.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\cbidf2k.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\btwusb.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\beep.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\bcm4sbxp.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\b57xp32.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\audstub.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atmuni.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atmepvc.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\aliide.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\AGRSM.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dosx.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmocx.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\LegitCheckControl.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\DHTMLEd.ocx:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dfrg.msc:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\devmgmt.msc:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dbgeng.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3dxof.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3drm.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ctype.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\country.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\control.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\system32\config\systemprofile\Start-meny\Program\Autostart\desktop.ini:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\compmgmt.msc:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\command.com:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comm.drv:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comctl32.ocx:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comcat.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\CleanUp.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\clb.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ciadmin.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\charmap.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\calc.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_950.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_949.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_932.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_28592.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_28591.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1258.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1257.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1256.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1255.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1254.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1253.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1251.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1250.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\btw_ci.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\asuninst.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ActiveSkin.ocx:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\activeds.tlb:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\acctres.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\$winnt$.inf:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\SYMEVENT.LOG:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ST6UNST.EXE:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\REGLOCS.OLD:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\POCELANG.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\POCE98.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\mozregistry.dat:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ml-cleanup.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\MedCtrOC.log:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\KB918439.log:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\KB917734.log:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\KB911564.log:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\KB902400.log:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\KB902344.log:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\KB891122.log:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\KB887472.log:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\IsUninst.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\HP Cityscape.bmp:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\biwlandrvxpver.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\basecsp.log:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\AGRSMMSG.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\TVPVR.Install.Log:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\System.Install.Log:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\Program\WindowsXP-KB918005-v2-x86-SVE.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\Program\Install_Messenger.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Administratör\Start-meny\Program\Autostart\desktop.ini:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Administratör\Mina dokument\desktop.ini:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\fusioncache.dat:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Administratör\Installer.log:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\Documents and Settings\Administratör\Application Data\desktop.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\xpsp1hfm.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\WMSysPr9.prx:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\winnt256.bmp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\winnt.bmp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\wininit.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\winhelp.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\vmmreg32.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\vbaddin.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\vb.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Vaxduk.bmp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\updspapi.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\UC.PIF:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\twunk_32.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\twunk_16.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\twain.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\tsoc.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\tabletoc.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\xenroll.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshnetbs.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshisn.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshatm.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wowfaxui.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wowfax.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wowdeb.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmvdmoe.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmv8dmod.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmpui.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmpcore.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmpcd.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmp.ocx:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmiscmgr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmiprop.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmimgmt.msc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmidx.ocx:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wisptis.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winstrm.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winspool.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winsock.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winoldap.mod:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winnls.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winmsd.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winhelp.hlp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winfax.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winchat.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\win87em.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\win.com:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wifeman.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wiavusd.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wiasf.ax:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\webhits.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\webfldrs.msi:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wdl.trm:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.sve:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.nld:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.ita:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.fra:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.esn:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.enu:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.deu:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.sve:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.nld:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.ita:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.fra:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.esn:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.enu:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.deu:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\w32topl.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\w32tm.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\W29MLRES.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vwipxspx.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vwipxspx.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vssadmin.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vss_ps.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vjoy.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Visa kanaler.scf:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vga64k.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vga256.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vfpodbc.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\verifier.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ver.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vcdex.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vbssv.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VBASV32.OLB:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VBAEND32.OLB:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VBAEN32.OLB:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VB5DB.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\v7vga.rom:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrvpa.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrvoica.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrv80a.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrv42a.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrsvpia.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrshuta.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrsdpia.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrrtosa.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrprbda.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrmlnka.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrlogon.cmd:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrlbva.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrfaxa.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrdtea.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrdpa.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrcoina.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrcntra.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ureg.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\UNWISE.INI:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\unlodctr.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Uninstall.ico:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\umdmxfrm.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ufat.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\UCS32P.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\typeperf.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\typelib.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tsshutdn.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tslabels.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tslabels.h:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tskschd.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tskill.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tsdiscon.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tsd32.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tscupgrd.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tscon.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\triedit.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tracert6.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\toolhelp.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tftp.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\termcap:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tcpsvcs.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tcpmon.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tcmsetup.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tapiperf.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tapi.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\TABCTL32.OCX:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysprtj.sep:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysprint.sep:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\syskey.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysinv.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysedit.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\syncapp.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\svcpack.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\subst.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\subrange.uce:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\streamci.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\storage.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlwoa.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlwid.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlsrv32.rll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlsodbc.chm:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\spxcoins.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sprio800.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sprio600.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sprestrt.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\spnike.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\softpub.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\SMMedia.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\slbrccsp.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\slbcsp.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sisbkup.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shiftjis.uce:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shellstyle.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\share.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shadow.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sfmapi.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sfc.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\setver.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\setupdll.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\setup.bmp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\serwvdrv.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\serialui.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\senscfg.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\secupd.sig:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\secupd.dat:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sdpblb.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scrrnsv.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scriptpw.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scredir.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scosv.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sccbase.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scardssp.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rwinsta.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\runas.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rtm.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvpperf.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvpmsg.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvpcnts.h:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvp.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsopprov.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsmui.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsm.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsfsaps.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsaci.rat:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rpcns4.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\routetab.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\routemon.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\route.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\roboex32.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rnr20.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\RICHTX32.OCX:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\reset.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\replace.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\relog.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\regwiz.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\regini.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\regedt32.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\recover.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rdpcfgex.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasser.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasrad.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasmxs.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasmontr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasdial.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasctrs.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasctrs.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasctrnm.h:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qwinsta.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Quick.ico:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qosname.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qappsrv.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pubprn.vbs:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\psnppagn.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pscript.sep:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pschdprf.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pschdprf.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pschdcnt.h:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prodspec.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prnqctl.vbs:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prnport.vbs:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prnmngr.vbs:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prnjobs.vbs:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prndrvr.vbs:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prncnfg.vbs:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\print.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prflbmsg.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pmspl.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\plustab.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\plusmpix.chm:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ping6.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfwci.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfwci.h:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfts.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfnw.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfi01D.dat:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfi009.dat:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perffilt.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perffilt.h:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfd01D.dat:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfd009.dat:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfci.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfci.h:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pentnt.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pcl.sep:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pathping.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\paqsp.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\panmap.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pagefileconfig.vbs:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\OUTLWAB.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\osuninst.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Open.ico:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\olesvr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\olecli.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ole2nls.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ole2disp.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ole2.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\oemdspif.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbc16gt.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nwscript.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nwevent.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nwcfg.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nwapi16.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nw16.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntsd.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmsoprq.msc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmsmgr.msc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntlanui2.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntlanui.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio804.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio412.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio411.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio404.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntimage.gif:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdsbcli.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos804.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos412.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos411.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos404.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\npwmsdrm.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\NovPMQueue.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\NovPMNdps.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.tha:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.sve:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.nld:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.ita:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.fra:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.esn:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.enu:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.eng:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.deu:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.dat:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.cht:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.chs:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nmevtmsg.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nlsfunc.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netware.drv:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\neth.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netapi.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\net.hlp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ncpa.cpl:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nbtstat.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\narrhook.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\myodbc3d.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\myodbc3_install.LOG:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\myodbc3.lib:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\myodbc3.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxmlr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxml4r.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxml4a.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxml2r.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Mswinsck.ocx:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvideo.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvcrt20.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvcp50.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvbvm50.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msswchx.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msswch.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSSTKPRP.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mssip32.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSRECR40.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSRDO20.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msrclr40.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msratelc.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msr2cenu.dll:KAVICHS

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Och här kommer del 3:

 

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msr2c.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSPRPSV.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msobjs.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSLS2.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSINET.OCX:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSIMUSIC.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSIMRT32.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSIMRT16.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSIMRT.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msg.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msencode.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msdtcprf.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msdtcprf.h:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSDATGRD.OCX:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSADODC.OCX:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msacm.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msaatext.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mrinfo.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqprfsym.h:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqperf.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqperf.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqoa20.tlb:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqoa10.tlb:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqoa.tlb:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqgentr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqcertui.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mprmsg.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mprddm.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mpnotify.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mountvol.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\modex.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mode.com:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmutilse.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmtask.tsk:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mm32DCMP.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mll_qic.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mll_mtf.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mll_hp.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\migpwd.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mib.bin:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MFC71u.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MFC42SVE.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MFC42D.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mfc40loc.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mem.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mdwmdmsp.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MDT2FW95.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mdhcp.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciwave.drv:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciseq.drv:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciole32.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciole16.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciavi.drv:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mchgrcoi.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mcdsrv32.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mapistub.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MAPISRVR.EXE:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MAPI.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mag_hook.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lzexpand.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lusrmgr.msc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lprmonui.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lpr.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lpq.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\logoff.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\login.cmd:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\loghours.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\loadfix.com:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lnkstub.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lights.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lanman.drv:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\label.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\l_except.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\korean.uce:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\key01.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdycl.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdycc.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbduzb.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdusx.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdusr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdusl.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdur.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbduk.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdtuq.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdtuf.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdtat.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsp.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsl1.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsl.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsg.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsf.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdru1.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdru.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdro.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdpo.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdpl1.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdpl.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdno.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdne.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdmon.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdmac.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdlv1.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdlv.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdlt1.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdlt.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdla.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdkyr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdkaz.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdit142.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdit.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdir.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdic.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhu1.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhu.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhept.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhela3.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhela2.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhe319.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhe220.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhe.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdgr1.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdgr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdgkl.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdgae.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdfr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdfo.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdfi.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdfc.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdest.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdes.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbddv.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdda.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdcz2.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdcz1.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdcz.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdcr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdcan.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdca.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdbu.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdbr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdblr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdbene.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdbe.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdazel.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdaze.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kanji_2.uce:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kanji_1.uce:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jupdate-1.5.0_06-b05.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jupdate-1.5.0_04-b05.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jobexec.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jgsh400.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jgsd400.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jgmd400.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jgaw400.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jet500.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\IVIresizeW7.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\IVIresizePX.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\IVIresizeP6.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\IVIresizeM6.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\IVIresizeA6.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\IVIresize.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\irclass.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxsap.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxrtmgr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxrip.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxpromn.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxmontr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipsec6.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iprtprio.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iprop.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iologmsg.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\instcat.sql:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\InstallUtil.InstallLog:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Installer.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\InnovaDSXP.ocx:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\InkEd.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\infosoft.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\inetwh32.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\indounin.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iissuba.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxzoom.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrtrk.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrtha.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrsve.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrrus.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrptg.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrptb.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrplk.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrnor.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrnld.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrkor.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrjpn.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrita.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrhun.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrheb.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrfrc.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrfra.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrfin.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxresp.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrenu.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxreng.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrell.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrdeu.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrdan.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrcsy.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrcht.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrchs.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrarb.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrara.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhtrk.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhtha.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhsve.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhrus.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhptg.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhptb.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhplk.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhnor.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhnld.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhkor.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhjpn.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhita.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhhun.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhheb.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhfrc.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhfra.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhfin.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhesp.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhenu.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxheng.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhell.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhdeu.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhdan.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhcsy.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhcht.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhchs.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxharb.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhara.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxext.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxeud.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxdo.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxcfg.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ifsutil.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\IE.ico:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ideograf.uce:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\icmui.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iassvcs.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iassdo.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iassam.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iasrecst.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iaspolcy.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iasnap.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iashlpr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iasads.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iasacct.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ialmrem.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hticons.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hpzcon04.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hpzcoi04.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hpqactn.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hpmbtprw.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hpmbtppw.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hostname.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\homepage.inf:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hnetmon.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\HLINKPRX.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Help.ico:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\GWFSPidGen.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\graphics.pro:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\graphics.com:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\graftabl.com:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gpupdate.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gpkcsp.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gpedit.msc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\glmf32.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\getuname.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\geo.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gcdef.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gb2312.uce:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\g711codc.ax:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ftsrch.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fsutil.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fsusd.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fsmgmt.msc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\FM20.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fixmapi.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\finger.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\find.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fc.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fastopen.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\EXSEC32.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\expand.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\exe2bin.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eventvwr.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eventquery.vbs:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eventcls.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eula.txt:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esentutl.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esentprf.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esentprf.hxx:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esentprf.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esent97.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\emptyregdb.dat:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ega.cpi:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\edlin.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\edit.hlp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\edit.com:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eabhbrn8.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dvdplay.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dssec.dat:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dsound.vxd:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dsauth.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ds16gt.dLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drwatson.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\ws2ifsl.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\vdmindvd.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\tsbvcap.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\tosdvd.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\SUSCOM.SYS:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpwsock.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpserial.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpnwsock.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpnmodem.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dplay.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\doskey.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\docprop.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmview.ocx:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmintf.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmconfig.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllhst3g.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wuaueng1.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wuauclt1.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmpui.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\srgb.icm:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\smcirda.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mouhid.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\iuengine.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\drmclien.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\diskperf.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\diskmgmt.msc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\diskcopy.com:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\diskcomp.com:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dimap.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\diactfrm.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dhcpsapi.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dgsetup.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dgrpsetu.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Desktop.ico:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\deskperf.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\deskmon.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\deskadp.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\declrds.ax:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\debug.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ddeml.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DDAO36.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\d3dramp.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\d3dpmesh.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\d3dim.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\csseqchk.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\CSeedOcx.ocx:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cpqinfo.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\convert.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\console.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\CONFIG.TMP:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\compobj.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\compact.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\comp.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\commdlg.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\COMDLG32.OCX:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cnvfat.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\CNQU70.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cnetcfg.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmpbk32.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmos.ram:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmmgr32.hlp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmdlib.wsc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cliconfg.rll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cliconf.chm:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ckcnv.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cidaemon.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ciadv.msc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\chkntfs.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\chkdsk.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\chcp.com:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\certmgr.msc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cdmodem.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ccfgnt.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\capicom.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_936.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_875.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_874.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_869.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_866.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_865.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_863.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_861.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_860.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_857.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_855.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_852.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_850.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_775.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_737.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_500.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_437.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_28605.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_28603.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_28599.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_28598.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\C_28597.NLS:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\C_28595.NLS:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\C_28594.NLS:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_28593.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_21866.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_20905.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_20866.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_20261.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_20127.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_1252.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_1026.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10082.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10081.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10079.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10029.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10017.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10010.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10007.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10006.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10000.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_037.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bopomofo.uce:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bootvrfy.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bootok.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bios4.rom:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bios1.rom:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\avwav.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\avtapi.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\avmeter.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\avifile.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\avicap.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\AUTOEXEC.NT:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\autodisc.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\atrace.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\atmpvcno.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\atkctrs.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\asr_ldm.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\asinst.cfg:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\arp.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\append.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\apcups.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ansi.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\adsnds.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\adptif.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\acledit.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\acelpdec.ax:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ac3filter.cpl:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\aaaamon.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\12520850.cpx:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\12520437.cpx:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\$ncsp$.inf:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\WFWNET.DRV:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\VGA.DRV:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\VER.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\TIMER.DRV:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\TAPI.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\SYSTEM.DRV:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\stdole.tlb:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\SOUND.DRV:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\SHELL.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\setup.inf:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\OLESVR.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\OLECLI.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MSVIDEO.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MOUSE.DRV:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MMTASK.TSK:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MMSYSTEM.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MCIWAVE.DRV:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MCISEQ.DRV:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MCIAVI.DRV:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\LZEXPAND.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\KEYBOARD.DRV:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\COMMDLG.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\AVIFILE.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\AVICAP.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\SynInst.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Solfjädrar.bmp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\SMWizard.INI:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\smscfg.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\sessmgr.setup.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Rhododendron.bmp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\regopt.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\reg.prm:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\RAR.PIF:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\PlusDMESetup.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\PKZIP.PIF:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\PKUNZIP.PIF:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Ökensand.bmp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\OEWABLog.txt:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ODBCINST.INI:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ODBC.INI:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ocmsn.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ocgen.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ntdtcsetup.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\nsw.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\NOCLOSE.PIF:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\netfxocm.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\msmqinst.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\msgsocm.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\msdfmap.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\MAXLINK.INI:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\LUINSTALL.LOG:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\LHA.PIF:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB918005.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB917953.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB917159.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB916595.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB916281.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB914389.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB914388.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB913580.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB913446.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB912945.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB912919.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB912812.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB911927.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB911567.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB911562.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB911280.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB910437.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB908531.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB908519.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB905915.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB904942.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB904706.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB903235.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB901214.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB900485.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB898461.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB896688.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB896428.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB896422.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB896358.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB893803v2.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB893086.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB893066.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB891781.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB890923.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB890859.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB890175.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB890046.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB888302.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB888113.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB887797.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB887742.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB886185.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB885836.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB885835.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB885250.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB884575.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB883939.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB883667.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB873339.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB873333.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Kalejdoskop.bmp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Kaffekoppar.bmp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ipixActivex.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\iis6.BAK:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Gotlandsbris.bmp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\GatorPdpLoudInstaller.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Fjädrar.bmp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Fisketur.bmp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\FaxSetup.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\explorer.scf:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\DtcInstall.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\comsetup.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\COM+.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\cmsetacl.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\clock.avi:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\chipset.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Bubblor.bmp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ARJ.PIF:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Ärgad koppar.bmp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\AGRSMMSG(2).exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\agrsmdel.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ActiveSkin.INI:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\_default.pif:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\UNWISE.EXE:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\ticrdbus.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\syntp.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\sunjava.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\setup.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\sedinst2.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\sedinst.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Program\win.com.zip:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Program\WebfilmBig.wmv:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Program\usbready.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Program\tp312swe.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Program\PlusLabyrinthBonus.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Program\pllangs.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Program\personal4.01.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Program\pcsecuritytest.zip:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Program\mw9791sve.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Program\MSNToolbarSetup_sv.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Program\DESETUP.EXE:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Program\DCube150D_manual_eng.zip:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Program\aawsepersonal.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Program\940-svc-xpinfu.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\NTLDR:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\NTDETECT.COM:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\ioSpecial.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\INSTALL.LOG:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\HSC.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\FolderConfig.Install.Log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\extfmradio.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\NetworkService\ntuser.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\NetworkService\Lokala inställningar\Application Data\fusioncache.dat:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\LogMeInRemoteUser\Start-meny\Program\Autostart\desktop.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\LogMeInRemoteUser\ntuser.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\LogMeInRemoteUser\Mina dokument\desktop.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\LogMeInRemoteUser\Lokala inställningar\Application Data\IconCache.db:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\LogMeInRemoteUser\Lokala inställningar\Application Data\fusioncache.dat:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\LogMeInRemoteUser\Application Data\Microsoft\Internet Explorer\Quick Launch\Visa skrivbordet.scf:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\LogMeInRemoteUser\Application Data\Microsoft\Internet Explorer\Quick Launch\Starta webbläsaren Internet Explorer.lnk:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\LogMeInRemoteUser\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\LogMeInRemoteUser\Application Data\desktop.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\LocalService\ntuser.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\Administratör\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\Administratör\Application Data\FreeGames4Rest.url:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\bcmwl5.log:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\wmsetup.log:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\WindowsUpdate.log:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\wincmd.ini:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\winamp.ini:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\wiaservc.log:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\WGA.log:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\wpa.dbl:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\setupapi.log.0.old:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\setupact.log:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\SchedLgU.Txt:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\popcinfo.dat:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB900725.log:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB899591.log:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB899588.log:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB899587.log:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB896423.log:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB893756.log:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\IsUn041d.exe:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\bootstat.dat:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\_delis32.ini:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\Documents and Settings\Administratör\ntuser.ini:KAVICHS

@Alternate Data Stream - 196 bytes -> C:\WINDOWS\System32\pxwma.dll:KAVICHS

@Alternate Data Stream - 196 bytes -> C:\WINDOWS\spupdsvc.log:KAVICHS

@Alternate Data Stream - 196 bytes -> C:\WINDOWS\KB917344.log:KAVICHS

@Alternate Data Stream - 196 bytes -> C:\WINDOWS\KB900930.log:KAVICHS

@Alternate Data Stream - 196 bytes -> C:\WINDOWS\KB896727.log:KAVICHS

@Alternate Data Stream - 196 bytes -> C:\WINDOWS\KB894391.log:KAVICHS

@Alternate Data Stream - 164 bytes -> C:\Program\Analog Devices\SoundMAX\Smax4.exe:KAVICHS

@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\pxcpyi64.exe:KAVICHS

@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\MP2enc.dll:KAVICHS

@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\FNTCACHE.DAT:KAVICHS

@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\BCMWLU00.EXE:KAVICHS

@Alternate Data Stream - 132 bytes -> C:\WINDOWS\KB905749.log:KAVICHS

@Alternate Data Stream - 132 bytes -> C:\WINDOWS\KB905414.log:KAVICHS

@Alternate Data Stream - 132 bytes -> C:\WINDOWS\KB901017.log:KAVICHS

@Alternate Data Stream - 132 bytes -> C:\WINDOWS\KB899589.log:KAVICHS

@Alternate Data Stream - 132 bytes -> C:\WINDOWS\KB896424.log:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\UNINSTMMC.EXE:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wshsv.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\WMErrENU.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\WACntlPnl.cpl:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\utildll.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\traffic.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\SysFCopy.exe:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\SSubTmr6.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\riched32.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\pintool.exe:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\oleacc.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\OEMLogo.bmp:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\oeminfo.ini:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\netui2.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mscat32.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\jssv.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\IPX32d56.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ifxcardm.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\HPMystPM.DLL:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\HPMProp.bin:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\hccutils.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\FSFWrap.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\Flash.ocx:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drmclien.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\smwdm.sys:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\rdpcdd.sys:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\pfc.sys:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\EabUsb.sys:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\eabfiltr.sys:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\aeaudio.sys:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\acpiec.sys:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dmdskres.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dfrgres.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\crtdll.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ChilkatZip2.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\cards.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\bootvid.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\bcsprsrc.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\BCMWLD2K.EXE:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\basecsp.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\axaltocm.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\avicap32.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\Setup1.exe:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\KB911565.log:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\fmj_ti7h.dv3:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\Program\Wikipedia Tracker.msi:KAVICHS

< End of report >

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Det är rester kvar efter Kaspersky. Spara zip-filen ftp://ftp.kaspersky.com/utils/klstreamremover/klstreamremover.zip på datorn. Packa upp den så att programmet Kl stream remover.exe kommer i C:\ eller flytta programfilen till den mappen efter uppackningen.

 

Start - Kör

Klistra in följande kommando:

"C:\Kl stream remover.exe"  –r 

och klicka OK. Låt programmet köra ifred.

 

Där är också en massa rester efter avinstallerade drivrutiner. Öppna Anteckningar (Start - Program - Tillbehör) och kopiera in följande:

 

sc delete WDICA
sc delete tifm21
sc delete TIACXLN
sc delete PDRFRAME
sc delete PDRELI
sc delete PDFRAME
sc delete PDCOMP
sc delete PCIDump
sc delete PCANDIS5
sc delete lbrtfdc
sc delete i2omgmt
sc delete GTIPCI21
sc delete Changer
sc delete Ad-Watch Connect Filter

Välj Arkiv - Spara som. Se till att filen sparar på Skrivbordet och välja filformatet Alla filer samt slutligen skriv in filnamnet deldriv.bat innan du sparar filen.

 

Dubbelklicka på filen deldriv.bat för att köra den så att den tar bort resterna.

 

Starta om datorn.

 

Se om ComboFix, mbr.exe och/eller Gmer fungerar bättre nu. Kolla tidigare inlägg för hur programmen ska köras, t ex vad som ska vara avstängt.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Det kommer upp ett fönster där det står att den inte hittar filen C:\Kl stream remover.exe. Kontrolera att du angav rätt namn och försök igen..

 

När jag kollar på den uppackade filen så heter den KLStreamRemover.exe ändrar jag i textsträngen i körfönstret och trycker OK så blinkar det bara till ett svart dos fönster och ingenting mer händer...

 

"Det är rester kvar efter Kaspersky. Spara zip-filen ftp://ftp.kaspersky....reamremover.zip på datorn. Packa upp den så att programmet Kl stream remover.exe kommer i C:\ eller flytta programfilen till den mappen efter uppackningen.

 

Start - Kör

Klistra in följande kommando:

 

"C:\Kl stream remover.exe" –r

 

 

och klicka OK. Låt programmet köra ifred."

Redigerad av The OldBoy

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Okej, beklagar att det var mellanrum där som inte skulle finnas.

Se om det kommer ut något felmeddelande om du i stället använder Kommandotolken (Start - Program - Kör) och där klistrar in:

 

"C:\Klstreamremover.exe" –r

 

Det kan ju tänkas att det går fort för programmet att köra också.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Hejsan igen!!!

 

Har nu provat att köra dessa program, Gmer, mbr.exe och ComboFix i normal och i felsäkertläge men det är samma som tidigare datorn hänger sig efter ett par minuter... ComboFix har en liten förändring den ser ut som att den jobbar för det där lilla strecket står och blinkar även efter en hel natt???

 

Efter att jag hade kört "C:\Klstreamremover.exe" –r och deldriv.bat så vid om start så fick jag upp ett virus meddelande om ett virus som den inte kunde ta bort... Återkommer med vilken kom på att jag inte har provat Gmer med att bocka av sections och devices...

 

Edit: Det funkade inte heller har även provat att köra en DDS-logg funkar inte heller...

Redigerad av The OldBoy

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Jag har inte F-secure så jag vet inte hur man hittar loggar/resultat från antivirusprogrammet.

 

Kör skivan med OTLPE igen på samma sätt och klistra in den nya loggen.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Här kommer den LÅNGA OTL-loggen:

 

OTL logfile created on: 11/27/2010 7:05:31 PM - Run

OTLPE by OldTimer - Version 3.1.43.0 Folder = X:\Programs\OTLPE

Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM

Internet Explorer (Version = 8.0.6001.18702)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

 

759.00 Mb Total Physical Memory | 549.00 Mb Available Physical Memory | 72.00% Memory free

699.00 Mb Paging File | 578.00 Mb Available in Paging File | 83.00% Paging File free

Paging file location(s): C:\pagefile.sys 372 744 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program

Drive C: | 37.26 Gb Total Space | 13.12 Gb Free Space | 35.21% Space Free | Partition Type: NTFS

Drive X: | 282.52 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

 

Computer Name: REATOGO | User Name: SYSTEM

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

Using ControlSet: ControlSet001

 

========== Win32 Services (SafeList) ==========

 

SRV - File not found [Auto] -- C:\ComboFix\PEV.cfx -- (PEVSystemStart)

SRV - File not found [Auto] -- C:\mmc\program\tvpvr\gbpvrrecordingservice.exe -- (GB-PVR Recording Service)

SRV - [2010/10/13 08:36:53 | 000,064,016 | ---- | M] (F-Secure Corporation) [On_Demand] -- C:\Program\Telia\Telias sakerhetstjanster\ORSP Client\fsorsp.exe -- (FSORSPClient)

SRV - [2010/09/07 07:55:33 | 000,522,848 | ---- | M] (F-Secure Corporation) [On_Demand] -- C:\Program\Telia\Telias sakerhetstjanster\FWES\Program\fsdfwd.exe -- (FSDFWD)

SRV - [2009/08/05 10:58:52 | 000,186,976 | ---- | M] (F-Secure Corporation) [Auto] -- C:\Program\Telia\Telias sakerhetstjanster\Common\FSMA32.EXE -- (FSMA)

SRV - [2009/08/05 10:56:10 | 000,215,648 | ---- | M] (F-Secure Corporation) [Auto] -- C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\fsgk32st.exe -- (F-Secure Gatekeeper Handler Starter)

SRV - [2008/11/27 09:17:04 | 001,712,128 | ---- | M] (Textalk AB) [Auto] -- C:\Program\ExtraFilm Designer SE\EFUploadSrv.exe -- (EFUploadSrv)

SRV - [2008/11/03 04:31:45 | 000,116,032 | ---- | M] (LogMeIn, Inc.) [Disabled] -- C:\Program\LogMeIn\x86\RaMaint.exe -- (LMIMaint)

SRV - [2008/02/28 08:31:50 | 000,063,040 | ---- | M] (LogMeIn, Inc.) [Disabled] -- C:\Program\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)

SRV - [2007/10/25 09:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)

SRV - [2007/06/27 12:04:00 | 000,279,848 | ---- | M] (Nero AG) [On_Demand] -- C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)

SRV - [2006/11/03 13:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program\Windows Defender\MsMpEng.exe -- (WinDefend)

SRV - [2002/09/20 07:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto] -- C:\Program\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | System] -- -- (PCIDump)

DRV - File not found [Kernel | On_Demand] -- C:\DOCUME~1\ADMINI~1\LOKALA~1\Temp\catchme.sys -- (catchme)

DRV - File not found [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\NSDriver.sys -- (Ad-Watch Connect Filter)

DRV - [2010/09/07 07:53:09 | 000,124,072 | ---- | M] () [Kernel | On_Demand] -- C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)

DRV - [2010/09/07 07:49:01 | 000,041,624 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\system32\drivers\fsbts.sys -- (fsbts)

DRV - [2009/08/05 10:58:30 | 000,068,064 | ---- | M] (F-Secure Corporation) [Kernel | System] -- C:\Program\Telia\Telias sakerhetstjanster\HIPS\drivers\fshs.sys -- (F-Secure HIPS)

DRV - [2009/08/05 10:57:20 | 000,080,000 | ---- | M] (F-Secure Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\fsdfw.sys -- (FSFW)

DRV - [2009/08/05 10:56:14 | 000,039,776 | ---- | M] () [Kernel | Disabled] -- C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\win2k\fsfilter.sys -- (F-Secure Filter)

DRV - [2009/08/05 10:56:14 | 000,025,184 | ---- | M] () [Kernel | Disabled] -- C:\Program\Telia\Telias sakerhetstjanster\Anti-Virus\win2k\fsrec.sys -- (F-Secure Recognizer)

DRV - [2009/02/04 11:33:52 | 000,008,064 | ---- | M] (Option N.V.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\gtuhsser.sys -- (GTUHSSER)

DRV - [2009/02/04 11:33:10 | 000,063,360 | ---- | M] (Option N.V.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\gtuhsbus.sys -- (GTUHSBUS)

DRV - [2009/02/04 11:29:10 | 000,105,856 | ---- | M] (Option N.V.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\gtuhs51.sys -- (GTUHSNDISIPXP)

DRV - [2008/11/03 04:30:42 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)

DRV - [2008/11/03 04:30:41 | 000,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)

DRV - [2008/04/13 13:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB-ljuddrivrutiner (WDM)

DRV - [2008/02/28 08:31:52 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto] -- C:\Program\LogMeIn\x86\rainfo.sys -- (LMIInfo)

DRV - [2007/09/14 19:09:44 | 000,213,696 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)

DRV - [2006/10/12 17:26:56 | 000,604,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)

DRV - [2006/09/18 08:59:08 | 000,090,800 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\se27unic.sys -- (se27unic) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM)

DRV - [2006/09/18 08:59:02 | 000,086,560 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SE27obex.sys -- (SE27obex)

DRV - [2006/09/18 08:59:00 | 000,018,704 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\se27nd5.sys -- (se27nd5) Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (NDIS)

DRV - [2006/09/18 08:58:58 | 000,088,688 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SE27mgmt.sys -- (SE27mgmt) Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM)

DRV - [2006/09/18 08:58:54 | 000,097,184 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SE27mdm.sys -- (SE27mdm)

DRV - [2006/09/18 08:58:52 | 000,009,360 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SE27mdfl.sys -- (SE27mdfl)

DRV - [2006/09/18 08:58:48 | 000,061,600 | R--- | M] (MCCI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SE27bus.sys -- (SE27bus) Sony Ericsson Device 039 Driver driver (WDM)

DRV - [2005/03/21 20:17:34 | 000,450,400 | ---- | M] (D-Link Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\A3AB.sys -- (A3AB) D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB)

DRV - [2005/03/04 08:02:20 | 001,066,278 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)

DRV - [2004/11/16 05:37:48 | 003,222,784 | ---- | M] (Intel® Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel®

DRV - [2004/11/04 05:24:12 | 000,055,320 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)

DRV - [2004/08/01 18:34:58 | 000,190,336 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)

DRV - [2004/06/16 04:19:58 | 000,046,080 | ---- | M] (SMSC) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)

DRV - [2004/05/26 08:18:18 | 000,044,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)

DRV - [2004/04/14 01:36:50 | 000,007,432 | ---- | M] (Hewlett-Packard Company) [Kernel | System] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)

DRV - [2004/02/20 04:35:28 | 000,059,044 | R--- | M] (Hewlett-Packard) [Kernel | System] -- C:\WINDOWS\System32\Drivers\ClntMgmt.sys -- (ClntMgmt.sys)

DRV - [2003/11/03 19:08:10 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)

DRV - [2003/06/06 05:46:16 | 000,005,220 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)

DRV - [2002/10/22 06:58:06 | 000,040,448 | ---- | M] (Susteen Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SUSCOM.SYS -- (SUSCOM)

DRV - [2001/08/17 09:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\aliide.sys -- (AliIde)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\Administratör_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = My Web Search

IE - HKU\Administratör_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultUrl = http://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZRxdm077YYSE&fl=0&ptb=v5ZfEERLRIG0y.aD.RwEIQ&url=http://edits.mywebsearch.com/toolbaredits/barsearch.jhtml&st=sb&searchfor={searchTerms}

IE - HKU\Administratör_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sparbanken-nord.se//

IE - HKU\Administratör_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

IE - HKU\LogMeInRemoteUser_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com

IE - HKU\LogMeInRemoteUser_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\LogMeInRemoteUser_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" =

 

 

 

========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "//eforum.idg.se/topic/325329-thinkpoint/"

FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0

 

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program\Mozilla Firefox\components [2010/11/09 09:14:00 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program\Mozilla Firefox\plugins [2010/11/09 09:14:00 | 000,000,000 | ---D | M]

 

[2010/08/05 08:15:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Mozilla\Extensions

[2010/11/26 12:01:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\968eaeph.default\extensions

[2010/08/13 11:25:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\968eaeph.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010/09/05 07:19:40 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Administratör\Application Data\Mozilla\Firefox\Profiles\968eaeph.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

[2010/08/05 08:15:39 | 000,000,000 | ---D | M] -- C:\Program\Mozilla Firefox\extensions

[2010/11/09 09:13:30 | 000,001,470 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\allaannonser-sv-SE.xml

[2010/11/09 09:13:31 | 000,002,670 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\prisjakt-sv-SE.xml

[2010/11/09 09:13:31 | 000,000,948 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\tyda-sv-SE.xml

[2010/11/09 09:13:32 | 000,001,174 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\wikipedia-sv-SE.xml

[2010/11/09 09:13:32 | 000,000,951 | ---- | M] () -- C:\Program\Mozilla Firefox\searchplugins\yahoo-sv-SE.xml

 

O1 HOSTS File: ([2004/08/04 03:00:00 | 000,000,710 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Länkhjälp till Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (Windows Live inloggningshjälpen) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKU\Administratör_ON_C\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKU\Administratör_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O4 - HKLM..\Run: [F-Secure Manager] C:\Program\Telia\Telias sakerhetstjanster\Common\FSM32.EXE (F-Secure Corporation)

O4 - HKLM..\Run: [F-Secure TNB] C:\Program\Telia\Telias sakerhetstjanster\FSGUI\TNBUtil.exe (F-Secure Corporation)

O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe (HP)

O4 - HKLM..\Run: [LogMeIn GUI] C:\Program\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)

O4 - HKLM..\Run: [Omnipage] C:\Program\ScanSoft\OmniPageSE\opware32.exe (ScanSoft, Inc)

O4 - HKLM..\Run: [soundMAX] C:\Program\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)

O4 - HKLM..\Run: [soundMAXPnP] C:\Program\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)

O4 - HKLM..\Run: [synTPLpr] C:\Program\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)

O4 - HKLM..\Run: [synTPStart] C:\Program\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)

O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Program\Delade filer\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation)

O4 - HKU\Administratör_ON_C..\Run: [H/PC Connection Agent] C:\Program\Microsoft ActiveSync\wcescomm.exe (Microsoft Corporation)

O4 - HKU\Administratör_ON_C..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - HKU\LogMeInRemoteUser_ON_C..\RunOnce: [NeroHomeFirstStart] C:\Program\Delade filer\Ahead\Lib\NMFirstStart.exe (Nero AG)

O4 - Startup: C:\Documents and Settings\Administratör\Start-meny\Program\Autostart\Telia Mobilt bredband.lnk = C:\Program\Telia\Telia_Mobilt_bredband\Telia_Mobilt_bredband.exe (Telia)

O4 - Startup: C:\Documents and Settings\Administratör\Start-meny\Program\Autostart\Voice Xpress.lnk = C:\Program\LHSP\Voice Xpress\Speechcenter\speechcenter.exe (Lernout & Hauspie Speech Products)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\Administratör_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\Administratör_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\LogMeInRemoteUser_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Google Sidewiki... - C:\Program\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)

O9 - Extra Button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Skapa mobilfavorit... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program\Telia\Telias sakerhetstjanster\FSPS\program\FSLSP.DLL (F-Secure Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program\Telia\Telias sakerhetstjanster\FSPS\program\FSLSP.DLL (F-Secure Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program\Telia\Telias sakerhetstjanster\FSPS\program\FSLSP.DLL (F-Secure Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program\Telia\Telias sakerhetstjanster\FSPS\program\FSLSP.DLL (F-Secure Corporation)

O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program\Telia\Telias sakerhetstjanster\FSPS\program\FSLSP.DLL (F-Secure Corporation)

O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab (Office Genuine Advantage Validation Tool)

O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} http://www.ipix.com/viewers/ipixx.cab (iPIX ActiveX Control)

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)

O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc3.cab (Office Update Installation Engine)

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.fujidirekt.se/aurigma/ImageUploader5.cab (Image Uploader Control)

O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab (Windows Live Safety Center Base Module)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120127310453 (WUWebControl Class)

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1259825040421 (MUWebControl Class)

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)

O16 - DPF: {8BC53B30-32E4-4ED3-BEF9-DB761DB77453} http://u3.sandisk.com/download/apps/LPInstaller.CAB (CInstallLPCtrl Object)

O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://www.pattayalivecam.com/AxisCamControl.cab (CamImage Class)

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab (MsnMessengerSetupDownloadControl Class)

O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine)

O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Java Plug-in 1.5.0_11)

O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)

O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)

O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)

O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)

O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} http://83.166.23.7/activex/AMC.cab (AxisMediaControlEmb Class)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UIHost - (C:\WINDOWS\system32\logonuiX.exe) - C:\WINDOWS\system32\logonuiX.exe (Microsoft Corporation)

O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)

O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - CLSID or File not found.

O24 - Desktop Components:0 (Min aktuella startsida) - About:Home

O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Lokala inställningar\Application Data\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program\Windows Defender\MpShHook.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]

O33 - MountPoints2\{5b856eae-4977-11db-bd8a-00904bad9b9a}\Shell - "" = AutoRun

O33 - MountPoints2\{5b856eae-4977-11db-bd8a-00904bad9b9a}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found

O33 - MountPoints2\{e144e96e-7888-11de-b628-00904bad9b9a}\Shell - "" = AutoRun

O33 - MountPoints2\{e144e96e-7888-11de-b628-00904bad9b9a}\Shell\AutoRun\command - "" = E:\autorun.exe -- File not found

O33 - MountPoints2\{e4f9e50a-dccf-11dd-800e-00904bad9b9a}\Shell - "" = AutoRun

O33 - MountPoints2\{e4f9e50a-dccf-11dd-800e-00904bad9b9a}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

========== Files/Folders - Created Within 30 Days ==========

 

[2010/11/27 02:06:13 | 000,000,000 | --SD | C] -- C:\ComboFix

[2010/11/26 13:49:12 | 000,000,000 | ---D | C] -- C:\klstreamremover

[2010/11/26 13:41:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administratör\Skrivbord\klstreamremover

[2010/11/25 10:30:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administratör\Skrivbord\tdsskiller

[2010/11/25 04:50:00 | 000,000,000 | RHSD | C] -- C:\cmdcons

[2010/11/25 04:42:32 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2010/11/25 04:42:32 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2010/11/25 04:42:32 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2010/11/25 04:42:32 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2010/11/25 04:42:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT

[2010/11/25 04:34:09 | 000,000,000 | ---D | C] -- C:\Qoobox

[2010/11/25 04:19:37 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\NetworkService\IETldCache

[2010/11/24 11:21:19 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\Administratör\Skrivbord\ATF-Cleaner.exe

[2010/11/24 10:53:31 | 000,000,000 | ---D | C] -- C:\Program\Trend Micro

[2010/11/09 09:49:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss

[2010/11/09 09:03:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administratör\Skrivbord\Katti

[2010/11/07 14:37:44 | 000,000,000 | ---D | C] -- C:\Program\Spybot - Search & Destroy

[2010/11/07 13:46:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administratör\Application Data\Malwarebytes

[2010/11/07 13:45:20 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys

[2010/11/07 13:45:07 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2010/11/07 13:45:03 | 000,000,000 | ---D | C] -- C:\Program\Malwarebytes' Anti-Malware

[2010/11/06 13:35:39 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll

[2010/11/06 13:35:38 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll

[2010/11/06 13:33:24 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll

[2007/02/01 11:09:16 | 006,653,000 | ---- | C] (Nullsoft, Inc.) -- C:\Program\winamp532_full_emusic-7plus.exe

[2006/09/17 10:46:54 | 000,816,192 | ---- | C] (Google) -- C:\Program\GoogleToolbarInstaller.exe

[2006/07/27 10:20:34 | 006,206,440 | ---- | C] (Nullsoft, Inc.) -- C:\Program\winamp524_full_emusic-7plus.exe

[2006/07/10 00:08:38 | 015,298,344 | ---- | C] (Microsoft Corporation) -- C:\Program\Install_Messenger.exe

[2006/05/28 01:48:36 | 000,588,600 | ---- | C] (Microsoft Corporation) -- C:\Program\WindowsXP-KB918005-v2-x86-SVE.exe

[2005/10/08 02:16:55 | 000,516,514 | ---- | C] (MetaProducts corp.) -- C:\Program\DESETUP.EXE

[2005/06/11 14:35:08 | 000,545,280 | ---- | C] (Intel Corporation) -- C:\Program\usbready.exe

[2005/06/11 06:18:28 | 002,145,904 | ---- | C] (Microsoft Corporation) -- C:\Program\PlusLabyrinthBonus.exe

[2005/06/08 09:27:18 | 000,381,248 | ---- | C] (Microsoft Corporation) -- C:\Program\personal4.01.exe

[2005/06/03 15:07:31 | 000,135,168 | ---- | C] (Gatorhole) -- C:\Program\tp312swe.exe

[2005/06/03 14:59:16 | 005,916,976 | ---- | C] (Hewlett Packard) -- C:\Program\940-svc-xpinfu.exe

[2005/06/02 12:08:08 | 004,296,496 | ---- | C] (Logitech ) -- C:\Program\mw9791sve.exe

[2005/06/02 03:53:15 | 000,617,664 | ---- | C] (Microsoft Corporation) -- C:\Program\MSNToolbarSetup_sv.exe

[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2010/11/27 12:48:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010/11/27 07:00:51 | 000,000,318 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job

[2010/11/27 06:44:12 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010/11/27 06:37:24 | 796,315,648 | -HS- | M] () -- C:\hiberfil.sys

[2010/11/26 13:32:34 | 000,000,278 | ---- | M] () -- C:\Documents and Settings\Administratör\Skrivbord\deldriv.bat

[2010/11/26 13:25:46 | 000,002,705 | ---- | M] () -- C:\klstreamremover.zip

[2010/11/25 16:22:20 | 000,296,448 | ---- | M] () -- C:\Documents and Settings\Administratör\Skrivbord\9i69fywp.exe

[2010/11/25 14:56:45 | 000,089,088 | ---- | M] () -- C:\Documents and Settings\Administratör\Skrivbord\mbr.exe

[2010/11/25 11:21:40 | 000,000,327 | RHS- | M] () -- C:\boot.ini

[2010/11/25 10:29:02 | 001,224,671 | ---- | M] () -- C:\Documents and Settings\Administratör\Skrivbord\tdsskiller.zip

[2010/11/25 09:58:52 | 000,000,024 | ---- | M] () -- C:\WINDOWS\LogonStudio.ini

[2010/11/25 08:44:22 | 003,915,339 | R--- | M] () -- C:\Documents and Settings\Administratör\Skrivbord\ComboFix.exe

[2010/11/24 10:53:45 | 000,002,425 | ---- | M] () -- C:\Documents and Settings\Administratör\Skrivbord\HiJackThis.lnk

[2010/11/09 19:01:22 | 000,630,272 | ---- | M] () -- C:\Documents and Settings\Administratör\Skrivbord\dds.scr

[2010/11/09 13:46:05 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2010/11/09 11:46:01 | 000,000,922 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2010/11/09 09:56:48 | 000,000,211 | ---- | M] () -- C:\Boot.bak

[2010/11/07 19:20:24 | 000,089,088 | ---- | M] () -- C:\WINDOWS\MBR.exe

[2010/11/07 18:18:04 | 000,364,032 | ---- | M] () -- C:\Documents and Settings\Administratör\Skrivbord\rkill.com

[2010/11/07 14:38:57 | 000,000,889 | ---- | M] () -- C:\Documents and Settings\Administratör\Skrivbord\Spybot - Search & Destroy.lnk

[2010/11/07 11:20:56 | 000,000,006 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\start

[2010/11/07 11:07:57 | 000,000,006 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\completescan

[2010/11/07 10:53:30 | 000,000,010 | ---- | M] () -- C:\Documents and Settings\Administratör\Application Data\install

[2010/11/07 02:40:48 | 000,251,880 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010/11/06 13:57:52 | 000,460,508 | ---- | M] () -- C:\WINDOWS\System32\perfh01D.dat

[2010/11/06 13:57:52 | 000,458,384 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2010/11/06 13:57:52 | 000,091,112 | ---- | M] () -- C:\WINDOWS\System32\perfc01D.dat

[2010/11/06 13:57:52 | 000,079,246 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2010/11/06 13:49:30 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2010/11/27 06:37:24 | 796,315,648 | -HS- | C] () -- C:\hiberfil.sys

[2010/11/26 13:32:33 | 000,000,278 | ---- | C] () -- C:\Documents and Settings\Administratör\Skrivbord\deldriv.bat

[2010/11/26 13:28:34 | 000,016,448 | ---- | C] () -- C:\KLStreamRemover.exe

[2010/11/26 13:25:44 | 000,002,705 | ---- | C] () -- C:\klstreamremover.zip

[2010/11/25 16:32:06 | 000,296,448 | ---- | C] () -- C:\Documents and Settings\Administratör\Skrivbord\9i69fywp.exe

[2010/11/25 15:00:20 | 000,089,088 | ---- | C] () -- C:\Documents and Settings\Administratör\Skrivbord\mbr.exe

[2010/11/25 10:30:02 | 001,224,671 | ---- | C] () -- C:\Documents and Settings\Administratör\Skrivbord\tdsskiller.zip

[2010/11/25 08:50:47 | 003,915,339 | R--- | C] () -- C:\Documents and Settings\Administratör\Skrivbord\ComboFix.exe

[2010/11/25 04:50:09 | 000,000,211 | ---- | C] () -- C:\Boot.bak

[2010/11/25 04:50:05 | 000,260,784 | RHS- | C] () -- C:\cmldr

[2010/11/25 04:42:32 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2010/11/25 04:42:32 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2010/11/25 04:42:32 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2010/11/25 04:42:32 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2010/11/25 04:42:32 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2010/11/24 10:53:31 | 000,002,425 | ---- | C] () -- C:\Documents and Settings\Administratör\Skrivbord\HiJackThis.lnk

[2010/11/24 10:35:27 | 000,364,032 | ---- | C] () -- C:\Documents and Settings\Administratör\Skrivbord\rkill.com

[2010/11/13 11:24:58 | 000,630,272 | ---- | C] () -- C:\Documents and Settings\Administratör\Skrivbord\dds.scr

[2010/11/07 14:38:57 | 000,000,889 | ---- | C] () -- C:\Documents and Settings\Administratör\Skrivbord\Spybot - Search & Destroy.lnk

[2010/11/07 11:20:56 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\start

[2010/11/07 11:07:57 | 000,000,006 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\completescan

[2010/11/07 10:53:30 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\install

[2009/09/16 06:09:54 | 000,041,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\fsbts.sys

[2008/11/08 03:43:45 | 000,000,022 | ---- | C] () -- C:\WINDOWS\DFCD12.ini

[2008/11/08 03:28:57 | 000,000,177 | ---- | C] () -- C:\WINDOWS\mercure.ini

[2008/09/16 07:48:55 | 000,000,142 | ---- | C] () -- C:\Documents and Settings\LogMeInRemoteUser\Lokala inställningar\Application Data\fusioncache.dat

[2008/09/07 03:53:31 | 000,077,824 | ---- | C] () -- C:\WINDOWS\portmon.dll

[2008/05/04 05:34:36 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A5W.INI

[2007/10/07 10:54:08 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\Project Templates

[2007/09/28 14:36:18 | 000,000,223 | ---- | C] () -- C:\Documents and Settings\Administratör\ExecNetsh.txt

[2007/09/12 13:49:45 | 000,000,024 | ---- | C] () -- C:\WINDOWS\LogonStudio.ini

[2007/09/12 13:49:04 | 000,187,392 | ---- | C] () -- C:\WINDOWS\System32\JPGUtils.dll

[2007/05/02 13:20:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI

[2007/03/05 06:34:28 | 000,676,224 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL

[2007/01/07 11:26:55 | 000,010,752 | ---- | C] () -- C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2006/12/31 09:20:23 | 000,002,508 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\$_hpcst$.hpc

[2006/11/27 10:43:59 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI

[2006/09/18 23:53:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\RussSqr.INI

[2006/08/21 10:22:39 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2006/08/08 11:00:11 | 000,000,144 | ---- | C] () -- C:\Documents and Settings\Administratör\default.pls

[2006/07/18 23:46:26 | 000,025,399 | ---- | C] () -- C:\WINDOWS\CSTBox.INI

[2006/02/21 12:06:40 | 000,077,312 | ---- | C] () -- C:\Program\Wikipedia Tracker.msi

[2006/01/06 07:09:38 | 000,000,078 | ---- | C] () -- C:\Documents and Settings\Administratör\Application Data\FreeGames4Rest.url

[2005/10/08 03:30:43 | 000,000,100 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.INI

[2005/10/08 02:12:24 | 011,292,689 | ---- | C] () -- C:\Program\WebfilmBig.wmv

[2005/09/15 12:35:31 | 000,617,464 | ---- | C] () -- C:\Program\pcsecuritytest.zip

[2005/06/30 08:40:45 | 000,000,599 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2005/06/27 15:25:37 | 000,001,857 | ---- | C] () -- C:\WINDOWS\wincmd.ini

[2005/06/24 01:49:26 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\MP2enc.dll

[2005/06/24 01:49:25 | 000,221,184 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll

[2005/06/22 13:06:38 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI

[2005/06/22 11:38:33 | 000,000,037 | ---- | C] () -- C:\WINDOWS\ipixActivex.ini

[2005/06/16 22:13:45 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SMWizard.INI

[2005/06/12 02:39:54 | 000,533,574 | ---- | C] () -- C:\Program\pllangs.exe

[2005/06/12 02:36:55 | 002,855,080 | ---- | C] () -- C:\Program\aawsepersonal.exe

[2005/06/11 13:39:52 | 000,000,681 | ---- | C] () -- C:\Documents and Settings\Administratör\Installer.log

[2005/06/11 13:00:58 | 000,004,643 | ---- | C] () -- C:\WINDOWS\_delis32.ini

[2005/06/11 11:53:22 | 001,128,126 | ---- | C] () -- C:\Program\win.com.zip

[2005/06/11 05:42:06 | 001,450,893 | ---- | C] () -- C:\Program\DCube150D_manual_eng.zip

[2005/06/06 01:04:21 | 000,000,501 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI

[2005/06/03 11:27:39 | 000,001,125 | ---- | C] () -- C:\WINDOWS\winamp.ini

[2005/05/28 04:44:19 | 000,000,143 | ---- | C] () -- C:\Documents and Settings\NetworkService\Lokala inställningar\Application Data\fusioncache.dat

[2005/05/15 12:24:26 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll

[2005/05/15 12:24:24 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll

[2005/05/15 12:24:24 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll

[2005/05/15 12:24:24 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll

[2005/05/15 12:24:24 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll

[2005/05/15 12:24:24 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll

[2005/02/16 12:18:15 | 000,000,195 | ---- | C] () -- C:\WINDOWS\wininit.ini

[2005/02/16 12:10:54 | 000,015,669 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

[2005/02/16 12:00:12 | 000,000,142 | ---- | C] () -- C:\Documents and Settings\Administratör\Lokala inställningar\Application Data\fusioncache.dat

[2004/09/08 04:05:52 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2004/09/08 03:51:14 | 000,004,465 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2004/06/01 04:39:56 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL

[2003/11/16 09:54:22 | 000,955,203 | ---- | C] () -- C:\WINDOWS\I2E.ini

[2002/05/08 06:43:25 | 000,000,188 | -H-- | C] () -- C:\WINDOWS\Mi1cnie1k1rn5n38.dll

[1999/01/27 06:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll

[1999/01/22 13:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

[1997/06/13 00:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

[1996/11/28 06:15:28 | 000,022,016 | R--- | C] () -- C:\WINDOWS\System32\docobj.dll

 

========== LOP Check ==========

 

[2009/01/06 09:53:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Canon

[2005/10/30 04:51:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Deepnet Explorer

[2009/02/07 08:47:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\ExtraFilm

[2009/10/09 12:43:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\F-Secure

[2005/05/15 15:01:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\InterVideo

[2005/05/21 01:34:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Leadertech

[2005/06/12 02:09:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\NASA

[2007/10/07 10:57:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Nikon

[2007/10/31 21:30:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\OfficeUpdate12

[2005/06/08 09:27:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Personal

[2005/06/06 01:04:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\ScanSoft

[2005/08/07 14:06:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\SYSTRAN

[2007/05/02 13:11:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Teleca

[2005/06/11 06:11:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\The Labyrinth Plus! Edition

[2006/08/22 14:22:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Windows Live Safety Center

[2008/01/28 15:15:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Windows Live Writer

[2005/11/19 12:21:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administratör\Application Data\Zonora Technologies

[2010/11/27 07:00:51 | 000,000,318 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

 

========== Purity Check ==========

 

 

 

========== Alternate Data Streams ==========

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Del 2:

 

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\wmprfSVE.prx:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\WMCSetup.log:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\WgaNotify.log:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\wallpaper.bmp:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\URLDownload.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\TASKMAN.EXE:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wupdmgr.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wuaueng1.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wuauclt1.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\write.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wpdtrace.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wpdmtpdr.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wowexec.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wmv8dmoe.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wmpns.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wmerrSVE.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wmaudsdk.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winmine.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winhlp32.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wfwnet.drv:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wdmioctl.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\w29NCPA.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\VSFLEX3.OCX:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\vga.drv:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\vga.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\VEN2232.OLB:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\vct3216.acm:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\VBAME.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\VB6STKIT.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\user.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\UNWISE.EXE:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\unicode.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\tssoft32.acm:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\tsappcmp.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\TransFrameCTL.ocx:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\timer.drv:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\telephon.cpl:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\taskman.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\tapiui.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\systray.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\system.drv:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\SynTPFcs.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\SynTPCo2.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\swprv.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\stdole32.tlb:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sound.drv:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sortkey.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sol.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sndvol32.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\SmartUI2.ocx:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\skdll.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\shell.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\services.msc:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\secpol.msc:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\SCP32.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rsvp.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rsmsink.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rend.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\redir.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\RDOCURS.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\rasautou.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\pusbfd2.vxd:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\pusbfd1.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\PUBDLG.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\plusmpix.scr:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\pifmgr.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\OVUI2RC.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\OVUI2.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\OVComS.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\OVComC.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\OVCodec2.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\olethk32.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\olesvr32.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\oleaccrc.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\oembios.sig:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\oembios.dat:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\oembios.bin:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\nwc.cpl:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntsdexts.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ntmsevt.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\Npindeo.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\netmsg.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\netevent.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ncxpnt.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\NCTWMAFile.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\NCTAudioVisualization.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\NCTAudioTransform.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\NCTAudioRecord.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\NCTAudioPlayer.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\NCTAudioInformation.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\NCTAudioGrabber.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\NCTAudioFile.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\NCTAudioEditor.oca:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\NCTAudioEditor.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\N067UFW.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mycomput.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msxml3r.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MSSTDFMT.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mssign32.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MSRTEDIT.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msports.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msidntld.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mshearts.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msgsm32.acm:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msg723.acm:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msg711.acm:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MSCOMCTL.OCX:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mscdexnt.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msaudite.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msacm32.drv:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mprui.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mouse.drv:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MMTypesX2.OCX:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MMToolsX2.OCX:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mmsystem.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MMRegOCX.EXE:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mmdrv.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mmdriver.inf:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MMCSystemFiles.log:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mlang.dat:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MFC71KOR.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MFC71JPN.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MFC71ITA.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MFC71ESP.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MFC71ENU.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MFC71DEU.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MFC71CHT.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\MFC71CHS.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mfc42loc.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mcicda.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mcd32.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mapi32.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\main.cpl:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lz32.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\LuResult.txt:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lodctr.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\langwrbk.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\lame_enc.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\l_intl.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\krnl386.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\keyboard.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\keyboard.drv:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kdcom.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdus.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdsw.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\KBDAL.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kb16.com:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\Iyvu9_32.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\iuengine.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ir32_32.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\INLOADER.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\Initask.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\IniTask.Bin:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\inetcplc.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxtray.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxsrvc.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxress.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxres.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxpph.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxhk.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxexps.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxdiag.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxdgps.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxdev.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\igfxcpl.cpl:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\id3lib.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\icfgnt5.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ialmrnt5.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ialmgicd.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ialmgdev.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ialmdnt5.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ialmdev5.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ialmdd5.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\iAlmCoIn_v3954.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\Iacenc.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hpzlnt04.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hprdvtcp.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hpqPres.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\HPMPMW.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\HPMBTPMS.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\HPDOMON.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\HPBMMON.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\HPBHEALR.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\hkcmd.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\himem.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\gdi.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\freecell.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\fmifs.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\FM20SVE.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\eventvwr.msc:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\EqnClass.Dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\DSndUp.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drwtsn32.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drmstor.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\wmilib.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\w29n51.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\usbd.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\smclib.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\smcirda.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\rootmdm.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\riodrv.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\rio8drv.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\rawwan.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\raspti.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\rasirda.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\rasacd.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ptilink.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\pciide.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\parvdm.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\OVSound2.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\OVCodek2.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\OVCE.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\OVCam2.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\oprghdlr.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\nwlnkspx.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\nwlnknb.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\nwlnkfwd.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\nwlnkflt.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\null.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\nikedrv.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mouhid.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mnmdd.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\mcd.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ipfltdrv.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ialmnt5.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\gmreadme.txt:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\gm.dls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ftdisk.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\fsvga.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\fs_rec.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\enum1394.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dxgthk.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dxapi.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dmload.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\cpqdap01.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\cinemst2.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\cdaudio.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\cbidf2k.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\btwusb.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\beep.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\bcm4sbxp.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\b57xp32.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\audstub.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atmuni.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\atmepvc.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\aliide.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\AGRSM.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dosx.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dmocx.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dllcache\LegitCheckControl.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\DHTMLEd.ocx:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dfrg.msc:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\devmgmt.msc:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\dbgeng.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3dxof.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\d3drm.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ctype.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\country.sys:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\control.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\system32\config\systemprofile\Start-meny\Program\Autostart\desktop.ini:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\compmgmt.msc:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\command.com:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comm.drv:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comctl32.ocx:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\comcat.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\CleanUp.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\clb.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ciadmin.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\charmap.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\calc.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_950.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_949.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_932.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_28592.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_28591.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1258.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1257.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1256.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1255.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1254.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1253.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1251.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1250.nls:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\btw_ci.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\asuninst.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ActiveSkin.ocx:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\activeds.tlb:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\acctres.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\$winnt$.inf:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\SYMEVENT.LOG:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ST6UNST.EXE:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\REGLOCS.OLD:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\POCELANG.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\POCE98.DLL:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\mozregistry.dat:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\ml-cleanup.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\MedCtrOC.log:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\KB918439.log:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\KB917734.log:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\KB911564.log:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\KB902400.log:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\KB902344.log:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\KB891122.log:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\KB887472.log:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\IsUninst.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\HP Cityscape.bmp:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\biwlandrvxpver.dll:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\basecsp.log:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\AGRSMMSG.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\TVPVR.Install.Log:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\System.Install.Log:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\Program\WindowsXP-KB918005-v2-x86-SVE.exe:KAVICHS

@Alternate Data Stream - 68 bytes -> C:\Program\Install_Messenger.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\xpsp1hfm.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\WMSysPr9.prx:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\winnt256.bmp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\winnt.bmp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\wininit.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\winhelp.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\vmmreg32.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\vbaddin.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\vb.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Vaxduk.bmp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\updspapi.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\UC.PIF:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\twunk_32.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\twunk_16.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\twain.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\tsoc.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\tabletoc.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\xenroll.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshnetbs.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshisn.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshatm.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wowfaxui.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wowfax.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wowdeb.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmvdmoe.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmv8dmod.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmpui.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmpcore.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmpcd.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmp.ocx:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmiscmgr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmiprop.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmimgmt.msc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wmidx.ocx:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wisptis.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winstrm.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winspool.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winsock.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winoldap.mod:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winnls.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winmsd.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winhelp.hlp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winfax.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\winchat.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\win87em.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\win.com:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wifeman.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wiavusd.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wiasf.ax:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\webhits.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\webfldrs.msi:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wdl.trm:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.sve:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.nld:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.ita:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.fra:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.esn:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.enu:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbdbase.deu:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.sve:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.nld:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.ita:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.fra:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.esn:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.enu:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wbcache.deu:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\w32topl.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\w32tm.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\W29MLRES.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vwipxspx.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vwipxspx.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vssadmin.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vss_ps.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vjoy.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Visa kanaler.scf:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vga64k.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vga256.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vfpodbc.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\verifier.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ver.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vcdex.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vbssv.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VBASV32.OLB:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VBAEND32.OLB:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VBAEN32.OLB:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VB5DB.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\v7vga.rom:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrvpa.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrvoica.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrv80a.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrv42a.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrsvpia.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrshuta.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrsdpia.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrrtosa.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrprbda.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrmlnka.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrlogon.cmd:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrlbva.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrfaxa.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrdtea.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrdpa.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrcoina.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\usrcntra.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ureg.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\UNWISE.INI:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\unlodctr.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Uninstall.ico:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\umdmxfrm.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ufat.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\UCS32P.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\typeperf.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\typelib.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tsshutdn.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tslabels.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tslabels.h:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tskschd.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tskill.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tsdiscon.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tsd32.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tscupgrd.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tscon.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\triedit.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tracert6.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\toolhelp.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tftp.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\termcap:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tcpsvcs.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tcpmon.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tcmsetup.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tapiperf.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tapi.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\TABCTL32.OCX:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysprtj.sep:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysprint.sep:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\syskey.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysinv.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sysedit.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\syncapp.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\svcpack.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\subst.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\subrange.uce:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\streamci.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\storage.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlwoa.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlwid.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlsrv32.rll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sqlsodbc.chm:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\spxcoins.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sprio800.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sprio600.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sprestrt.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\spnike.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\softpub.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\SMMedia.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\slbrccsp.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\slbcsp.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sisbkup.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shiftjis.uce:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shellstyle.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\share.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\shadow.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sfmapi.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sfc.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\setver.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\setupdll.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\setup.bmp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\serwvdrv.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\serialui.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\senscfg.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\secupd.sig:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\secupd.dat:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sdpblb.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scrrnsv.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scriptpw.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scredir.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scosv.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sccbase.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\scardssp.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rwinsta.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\runas.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rtm.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvpperf.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvpmsg.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvpcnts.h:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvp.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsopprov.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsmui.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsm.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsfsaps.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsaci.rat:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rpcns4.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\routetab.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\routemon.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\route.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\roboex32.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rnr20.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\RICHTX32.OCX:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\reset.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\replace.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\relog.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\regwiz.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\regini.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\regedt32.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\recover.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rdpcfgex.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasser.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasrad.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasmxs.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasmontr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasdial.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasctrs.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasctrs.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rasctrnm.h:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qwinsta.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Quick.ico:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qosname.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\qappsrv.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pubprn.vbs:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\psnppagn.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pscript.sep:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pschdprf.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pschdprf.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pschdcnt.h:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prodspec.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prnqctl.vbs:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prnport.vbs:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prnmngr.vbs:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prnjobs.vbs:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prndrvr.vbs:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prncnfg.vbs:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\print.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\prflbmsg.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pmspl.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\plustab.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\plusmpix.chm:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ping6.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfwci.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfwci.h:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfts.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfnw.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfi01D.dat:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfi009.dat:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perffilt.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perffilt.h:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfd01D.dat:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfd009.dat:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfci.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\perfci.h:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pentnt.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pcl.sep:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pathping.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\paqsp.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\panmap.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pagefileconfig.vbs:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\OUTLWAB.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\osuninst.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Open.ico:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\olesvr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\olecli.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ole2nls.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ole2disp.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ole2.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\oemdspif.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\odbc16gt.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nwscript.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nwevent.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nwcfg.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nwapi16.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nw16.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntsd.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmsoprq.msc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntmsmgr.msc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntlanui2.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntlanui.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio804.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio412.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio411.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio404.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntimage.gif:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdsbcli.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos804.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos412.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos411.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos404.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\npwmsdrm.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\NovPMQueue.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\NovPMNdps.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.tha:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.sve:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.nld:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.ita:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.fra:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.esn:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.enu:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.eng:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.deu:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.dat:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.cht:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\noise.chs:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nmevtmsg.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nlsfunc.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netware.drv:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\neth.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netapi.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\net.hlp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ncpa.cpl:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\nbtstat.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\narrhook.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\myodbc3d.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\myodbc3_install.LOG:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\myodbc3.lib:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\myodbc3.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxmlr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxml4r.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxml4a.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxml2r.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Mswinsck.ocx:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvideo.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvcrt20.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvcp50.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvbvm50.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msswchx.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msswch.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSSTKPRP.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mssip32.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSRECR40.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSRDO20.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msrclr40.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msratelc.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msr2cenu.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msr2c.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSPRPSV.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msobjs.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSLS2.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSINET.OCX:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSIMUSIC.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSIMRT32.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSIMRT16.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSIMRT.DLL:KAVICHS

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Och del 3:

 

 

 

 

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msg.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msencode.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msdtcprf.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msdtcprf.h:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSDATGRD.OCX:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSADODC.OCX:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msacm.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msaatext.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mrinfo.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqprfsym.h:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqperf.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqperf.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqoa20.tlb:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqoa10.tlb:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqoa.tlb:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqgentr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mqcertui.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mprmsg.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mprddm.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mpnotify.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mountvol.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\modex.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mode.com:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmutilse.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmtask.tsk:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mm32DCMP.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mll_qic.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mll_mtf.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mll_hp.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\migpwd.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mib.bin:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MFC71u.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MFC42SVE.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MFC42D.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mfc40loc.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mem.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mdwmdmsp.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MDT2FW95.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mdhcp.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciwave.drv:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciseq.drv:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciole32.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciole16.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mciavi.drv:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mchgrcoi.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mcdsrv32.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mapistub.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MAPISRVR.EXE:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MAPI.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mag_hook.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lzexpand.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lusrmgr.msc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lprmonui.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lpr.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lpq.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\logoff.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\login.cmd:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\loghours.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\loadfix.com:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lnkstub.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lights.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lanman.drv:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\label.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\l_except.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\korean.uce:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\key01.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdycl.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdycc.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbduzb.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdusx.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdusr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdusl.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdur.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbduk.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdtuq.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdtuf.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdtat.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsp.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsl1.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsl.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsg.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdsf.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdru1.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdru.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdro.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdpo.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdpl1.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdpl.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdno.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdne.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdmon.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdmac.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdlv1.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdlv.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdlt1.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdlt.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdla.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdkyr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdkaz.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdit142.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdit.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdir.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdic.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhu1.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhu.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhept.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhela3.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhela2.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhe319.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhe220.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdhe.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdgr1.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdgr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdgkl.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdgae.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdfr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdfo.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdfi.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdfc.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdest.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdes.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbddv.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdda.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdcz2.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdcz1.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdcz.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdcr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdcan.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdca.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdbu.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdbr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdblr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdbene.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdbe.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdazel.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdaze.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kanji_2.uce:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kanji_1.uce:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jupdate-1.5.0_06-b05.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jupdate-1.5.0_04-b05.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jobexec.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jgsh400.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jgsd400.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jgmd400.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jgaw400.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jet500.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\IVIresizeW7.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\IVIresizePX.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\IVIresizeP6.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\IVIresizeM6.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\IVIresizeA6.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\IVIresize.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\irclass.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxsap.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxrtmgr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxrip.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxpromn.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipxmontr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ipsec6.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iprtprio.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iprop.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iologmsg.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\instcat.sql:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\InstallUtil.InstallLog:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Installer.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\InnovaDSXP.ocx:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\InkEd.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\infosoft.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\inetwh32.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\indounin.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iissuba.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxzoom.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrtrk.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrtha.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrsve.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrrus.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrptg.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrptb.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrplk.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrnor.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrnld.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrkor.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrjpn.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrita.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrhun.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrheb.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrfrc.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrfra.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrfin.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxresp.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrenu.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxreng.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrell.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrdeu.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrdan.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrcsy.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrcht.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrchs.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrarb.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxrara.lrc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhtrk.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhtha.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhsve.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhrus.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhptg.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhptb.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhplk.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhnor.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhnld.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhkor.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhjpn.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhita.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhhun.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhheb.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhfrc.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhfra.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhfin.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhesp.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhenu.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxheng.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhell.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhdeu.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhdan.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhcsy.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhcht.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhchs.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxharb.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxhara.lhp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxext.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxeud.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxdo.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\igfxcfg.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ifsutil.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\IE.ico:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ideograf.uce:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\icmui.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iassvcs.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iassdo.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iassam.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iasrecst.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iaspolcy.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iasnap.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iashlpr.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iasads.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\iasacct.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ialmrem.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hticons.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hpzcon04.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hpzcoi04.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hpqactn.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hpmbtprw.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hpmbtppw.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hostname.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\homepage.inf:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hnetmon.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\HLINKPRX.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Help.ico:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\GWFSPidGen.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\graphics.pro:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\graphics.com:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\graftabl.com:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gpupdate.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gpkcsp.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gpedit.msc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\glmf32.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\getuname.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\geo.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gcdef.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gb2312.uce:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\g711codc.ax:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ftsrch.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fsutil.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fsusd.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fsmgmt.msc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\FM20.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fixmapi.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\finger.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\find.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fc.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fastopen.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\EXSEC32.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\expand.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\exe2bin.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eventvwr.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eventquery.vbs:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eventcls.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eula.txt:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esentutl.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esentprf.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esentprf.hxx:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esentprf.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\esent97.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\emptyregdb.dat:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ega.cpi:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\edlin.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\edit.hlp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\edit.com:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\eabhbrn8.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dvdplay.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dssec.dat:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dsound.vxd:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dsauth.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ds16gt.dLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drwatson.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\ws2ifsl.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\vdmindvd.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\tsbvcap.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\tosdvd.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\SUSCOM.SYS:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpwsock.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpserial.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpnwsock.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpnmodem.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dplay.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\doskey.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\docprop.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmview.ocx:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmintf.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmconfig.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllhst3g.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wuaueng1.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wuauclt1.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\wmpui.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\srgb.icm:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\smcirda.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\mouhid.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\iuengine.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dllcache\drmclien.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\diskperf.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\diskmgmt.msc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\diskcopy.com:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\diskcomp.com:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dimap.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\diactfrm.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dhcpsapi.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dgsetup.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dgrpsetu.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Desktop.ico:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\deskperf.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\deskmon.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\deskadp.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\declrds.ax:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\debug.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ddeml.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\DDAO36.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\d3dramp.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\d3dpmesh.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\d3dim.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\csseqchk.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\CSeedOcx.ocx:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cpqinfo.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\convert.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\console.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\CONFIG.TMP:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\compobj.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\compact.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\comp.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\commdlg.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\COMDLG32.OCX:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cnvfat.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\CNQU70.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cnetcfg.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmpbk32.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmos.ram:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmmgr32.hlp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cmdlib.wsc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cliconfg.rll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cliconf.chm:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ckcnv.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cidaemon.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ciadv.msc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\chkntfs.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\chkdsk.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\chcp.com:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\certmgr.msc:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\cdmodem.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ccfgnt.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\capicom.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_936.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_875.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_874.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_869.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_866.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_865.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_863.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_861.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_860.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_857.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_855.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_852.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_850.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_775.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_737.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_500.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_437.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_28605.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_28603.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_28599.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_28598.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\C_28597.NLS:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\C_28595.NLS:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\C_28594.NLS:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_28593.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_21866.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_20905.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_20866.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_20261.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_20127.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_1252.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_1026.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10082.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10081.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10079.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10029.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10017.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10010.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10007.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10006.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_10000.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_037.nls:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bopomofo.uce:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bootvrfy.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bootok.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bios4.rom:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bios1.rom:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\avwav.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\avtapi.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\avmeter.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\avifile.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\avicap.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\AUTOEXEC.NT:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\autodisc.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\atrace.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\atmpvcno.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\atkctrs.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\asr_ldm.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\asinst.cfg:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\arp.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\append.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\apcups.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ansi.sys:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\adsnds.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\adptif.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\acledit.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\acelpdec.ax:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ac3filter.cpl:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\aaaamon.dll:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\12520850.cpx:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\12520437.cpx:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\$ncsp$.inf:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\WFWNET.DRV:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\VGA.DRV:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\VER.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\TIMER.DRV:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\TAPI.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\SYSTEM.DRV:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\stdole.tlb:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\SOUND.DRV:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\SHELL.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\setup.inf:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\OLESVR.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\OLECLI.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MSVIDEO.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MOUSE.DRV:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MMTASK.TSK:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MMSYSTEM.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MCIWAVE.DRV:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MCISEQ.DRV:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MCIAVI.DRV:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\LZEXPAND.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\KEYBOARD.DRV:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\COMMDLG.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\AVIFILE.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\AVICAP.DLL:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\SynInst.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Solfjädrar.bmp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\SMWizard.INI:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\smscfg.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\sessmgr.setup.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Rhododendron.bmp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\regopt.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\reg.prm:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\RAR.PIF:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\PlusDMESetup.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\PKZIP.PIF:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\PKUNZIP.PIF:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Ökensand.bmp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\OEWABLog.txt:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ODBCINST.INI:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ODBC.INI:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ocmsn.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ocgen.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ntdtcsetup.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\nsw.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\NOCLOSE.PIF:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\netfxocm.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\msmqinst.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\msgsocm.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\msdfmap.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\MAXLINK.INI:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\LUINSTALL.LOG:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\LHA.PIF:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB918005.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB917953.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB917159.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB916595.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB916281.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB914389.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB914388.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB913580.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB913446.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB912945.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB912919.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB912812.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB911927.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB911567.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB911562.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB911280.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB910437.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB908531.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB908519.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB905915.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB904942.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB904706.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB903235.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB901214.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB900485.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB898461.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB896688.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB896428.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB896422.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB896358.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB893803v2.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB893086.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB893066.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB891781.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB890923.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB890859.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB890175.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB890046.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB888302.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB888113.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB887797.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB887742.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB886185.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB885836.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB885835.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB885250.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB884575.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB883939.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB883667.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB873339.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\KB873333.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Kalejdoskop.bmp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Kaffekoppar.bmp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ipixActivex.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\iis6.BAK:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Gotlandsbris.bmp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\GatorPdpLoudInstaller.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Fjädrar.bmp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Fisketur.bmp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\FaxSetup.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\explorer.scf:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\DtcInstall.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\comsetup.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\COM+.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\cmsetacl.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\clock.avi:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\chipset.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Bubblor.bmp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ARJ.PIF:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\Ärgad koppar.bmp:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\AGRSMMSG(2).exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\agrsmdel.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ActiveSkin.INI:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\WINDOWS\_default.pif:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\UNWISE.EXE:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\ticrdbus.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\syntp.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\sunjava.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\setup.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\sedinst2.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\sedinst.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Program\win.com.zip:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Program\WebfilmBig.wmv:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Program\usbready.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Program\tp312swe.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Program\PlusLabyrinthBonus.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Program\pllangs.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Program\personal4.01.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Program\pcsecuritytest.zip:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Program\mw9791sve.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Program\MSNToolbarSetup_sv.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Program\DESETUP.EXE:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Program\DCube150D_manual_eng.zip:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Program\aawsepersonal.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Program\940-svc-xpinfu.exe:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\NTLDR:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\NTDETECT.COM:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\ioSpecial.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\INSTALL.LOG:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\HSC.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\FolderConfig.Install.Log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\extfmradio.log:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\NetworkService\ntuser.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\NetworkService\Lokala inställningar\Application Data\fusioncache.dat:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\LogMeInRemoteUser\Start-meny\Program\Autostart\desktop.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\LogMeInRemoteUser\ntuser.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\LogMeInRemoteUser\Mina dokument\desktop.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\LogMeInRemoteUser\Lokala inställningar\Application Data\IconCache.db:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\LogMeInRemoteUser\Lokala inställningar\Application Data\fusioncache.dat:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\LogMeInRemoteUser\Application Data\Microsoft\Internet Explorer\Quick Launch\Visa skrivbordet.scf:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\LogMeInRemoteUser\Application Data\Microsoft\Internet Explorer\Quick Launch\Starta webbläsaren Internet Explorer.lnk:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\LogMeInRemoteUser\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\LogMeInRemoteUser\Application Data\desktop.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\Documents and Settings\LocalService\ntuser.ini:KAVICHS

@Alternate Data Stream - 36 bytes -> C:\bcmwl5.log:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\wmsetup.log:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\WindowsUpdate.log:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\wincmd.ini:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\winamp.ini:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\wiaservc.log:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\WGA.log:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\System32\wpa.dbl:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\setupapi.log.0.old:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\setupact.log:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\SchedLgU.Txt:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\popcinfo.dat:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB900725.log:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB899591.log:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB899588.log:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB899587.log:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB896423.log:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\KB893756.log:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\IsUn041d.exe:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\bootstat.dat:KAVICHS

@Alternate Data Stream - 228 bytes -> C:\WINDOWS\_delis32.ini:KAVICHS

@Alternate Data Stream - 196 bytes -> C:\WINDOWS\System32\pxwma.dll:KAVICHS

@Alternate Data Stream - 196 bytes -> C:\WINDOWS\spupdsvc.log:KAVICHS

@Alternate Data Stream - 196 bytes -> C:\WINDOWS\KB917344.log:KAVICHS

@Alternate Data Stream - 196 bytes -> C:\WINDOWS\KB900930.log:KAVICHS

@Alternate Data Stream - 196 bytes -> C:\WINDOWS\KB896727.log:KAVICHS

@Alternate Data Stream - 196 bytes -> C:\WINDOWS\KB894391.log:KAVICHS

@Alternate Data Stream - 164 bytes -> C:\Program\Analog Devices\SoundMAX\Smax4.exe:KAVICHS

@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\pxcpyi64.exe:KAVICHS

@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\MP2enc.dll:KAVICHS

@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\FNTCACHE.DAT:KAVICHS

@Alternate Data Stream - 132 bytes -> C:\WINDOWS\System32\BCMWLU00.EXE:KAVICHS

@Alternate Data Stream - 132 bytes -> C:\WINDOWS\KB905749.log:KAVICHS

@Alternate Data Stream - 132 bytes -> C:\WINDOWS\KB905414.log:KAVICHS

@Alternate Data Stream - 132 bytes -> C:\WINDOWS\KB901017.log:KAVICHS

@Alternate Data Stream - 132 bytes -> C:\WINDOWS\KB899589.log:KAVICHS

@Alternate Data Stream - 132 bytes -> C:\WINDOWS\KB896424.log:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\UNINSTMMC.EXE:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\wshsv.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\WMErrENU.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\WACntlPnl.cpl:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\utildll.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\traffic.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\SysFCopy.exe:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\SSubTmr6.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\riched32.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\pintool.exe:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\oleacc.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\OEMLogo.bmp:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\oeminfo.ini:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\netui2.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mscat32.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\jssv.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\IPX32d56.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ifxcardm.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\HPMystPM.DLL:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\HPMProp.bin:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\hccutils.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\FSFWrap.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\Flash.ocx:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drmclien.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\smwdm.sys:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\rdpcdd.sys:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\pfc.sys:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\EabUsb.sys:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\eabfiltr.sys:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\aeaudio.sys:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\drivers\acpiec.sys:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dmdskres.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\dfrgres.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\crtdll.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\ChilkatZip2.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\cards.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\bootvid.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\bcsprsrc.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\BCMWLD2K.EXE:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\basecsp.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\axaltocm.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\avicap32.dll:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\Setup1.exe:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\KB911565.log:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\WINDOWS\fmj_ti7h.dv3:KAVICHS

@Alternate Data Stream - 100 bytes -> C:\Program\Wikipedia Tracker.msi:KAVICHS

< End of report >

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Skapa ett konto eller logga in för att kommentera

Du måste vara medlem för att kunna kommentera

Skapa ett konto

Skapa ett nytt konto på vårt forum. Det är lätt!

Registrera ett nytt konto

Logga in

Redan medlem? Logga in här.

Logga in nu



×
×
  • Skapa nytt...