Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Virus via MSN opgelopen...

Anoniem
None
16 antwoorden
  • Hallo mensen,

    Eergisteren heb ik via Msn een virus opgelopen, dit kwam nadat ik een link opende.
    Het "ben jij dat op deze foto" link. :oops:

    Ik heb toen Msn uninstald, en Kaspersky Anti-Virus gerund.
    En Spybot ook, maar dit heeft allemaal geen zin gehad.

    Gister heb ik diverse (online) scans gerund, waaronder: McAfee,Hitman Pro, AdAware en NOD32.

    Deze vonden wat spyware(o.a: Smitfraud-C.Toolbar888), dit heb ik gedeleted.

    Maar nu is m'n computer nog steeds sloom(100% CPU), en komen er af en toe pop-up's van o.a: Drivecleaner.

    Kan iemand mij in redelijk simpele taal uitleggen wat ik opgelopen heb, en vooral hoe ik er weer vanaf kom?

    Ik gebruik Windows 2000.

    Alvast bedankt,


    Groeten Ferry
  • Download [b:1fe0e4b31e]VirtumundoBegone[/b:1fe0e4b31e], sla dit op op je bureaublad.

    Dubbelklik op [b:1fe0e4b31e]VirtumundoBeGone.exe[/b:1fe0e4b31e] en volg de aanwijzingen.
    Schrik niet als je een blauw scherm met een foutmelding te zien krijgt - dit is normaal.

    Als de fix klaar is, start je de pc opnieuw op.
    Plaats de inhoud van het logbestand [b:1fe0e4b31e]VBG.TXT[/b:1fe0e4b31e], dat nu op je bureaublad staat, hier in je volgende bericht.

    Download:
    Sla het bestand op je bureaublad op, daarna mag je het dubbelklikken.

    Er zal een schermpje openen, daarin zullen snel enkele regels voorbijkomen, daarna zal dit scherm vanzelf sluiten, dit is normaal.
    [b:1fe0e4b31e]Mogelijk[/b:1fe0e4b31e] start er ook een uninstaller van een rogue scanner op, [b:1fe0e4b31e]sluit deze niet af[/b:1fe0e4b31e] maar volg eventuele aanwijzingen en laat deze zijn werk doen.

    Daarna de [b:1fe0e4b31e]PC herstarten[/b:1fe0e4b31e] en nogmaals RemoveVideoActiveXObject.exe dubbelklikken.
    Zoek daarna even het volgende bestand op C:\[b:1fe0e4b31e]RVAXO-results.log[/b:1fe0e4b31e]
    Dubbelklik dit bestand, het zal als een logje openen, post de inhoud in je volgende bericht tesamen met een logje van HijackThis.
  • Dat je een MSN-virus hebt opgelopen is duidelijk. Alle scanners gaan niet diep genoeg om de besmetting op te kuisen. Hoe los je dit op : maak eerst een log van HiJckThis en post dit hier op het forum. Op basis van dit log kunnen de specialisten hier je een remedie aanbieden om je problemen op te lossen.

    Te laat : de specialisten waren al in gang geschoten :D
  • Hey Dokter Smeenk,

    Bedankt voor het snelle antwoorden.

    De texten die ik via dat progje gekregen heb:

    VBG:


    [06/28/2007, 12:04:32] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Visser\Desktop\VirtumundoBeGone.exe" )
    [06/28/2007, 12:04:40] - Detected System Information:
    [06/28/2007, 12:04:40] - Windows Version: 5.0.2195, Service Pack 4
    [06/28/2007, 12:04:40] - Current Username: Visser (Admin)
    [06/28/2007, 12:04:40] - Windows is in NORMAL mode.
    [06/28/2007, 12:04:40] - Searching for Browser Helper Objects:
    [06/28/2007, 12:04:40] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
    [06/28/2007, 12:04:40] - BHO 2: {1F6581D5-AA53-4b73-A6F9-41420C6B61F1} ()
    [06/28/2007, 12:04:40] - WARNING: BHO has no default name. Checking for Winlogon reference.
    [06/28/2007, 12:04:40] - Checking for HKLM\…\Winlogon\Notify\rlqwnkyw
    [06/28/2007, 12:04:40] - Key not found: HKLM\…\Winlogon\Notify\rlqwnkyw, continuing.
    [06/28/2007, 12:04:40] - BHO 3: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
    [06/28/2007, 12:04:40] - BHO 4: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
    [06/28/2007, 12:04:40] - BHO 5: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
    [06/28/2007, 12:04:40] - BHO 6: {B9BD30D4-68C7-402D-9DCD-4E590231C72F} ()
    [06/28/2007, 12:04:40] - WARNING: BHO has no default name. Checking for Winlogon reference.
    [06/28/2007, 12:04:40] - Checking for HKLM\…\Winlogon\Notify\rqoom
    [06/28/2007, 12:04:40] - Found: HKLM\…\Winlogon\Notify\rqoom - This is probably Virtumundo.
    [06/28/2007, 12:04:40] - Assigning {B9BD30D4-68C7-402D-9DCD-4E590231C72F} MSEvents Object
    [06/28/2007, 12:04:40] - BHO list has been changed! Starting over…
    [06/28/2007, 12:04:40] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
    [06/28/2007, 12:04:41] - BHO 2: {1F6581D5-AA53-4b73-A6F9-41420C6B61F1} ()
    [06/28/2007, 12:04:41] - WARNING: BHO has no default name. Checking for Winlogon reference.
    [06/28/2007, 12:04:41] - Checking for HKLM\…\Winlogon\Notify\rlqwnkyw
    [06/28/2007, 12:04:41] - Key not found: HKLM\…\Winlogon\Notify\rlqwnkyw, continuing.
    [06/28/2007, 12:04:41] - BHO 3: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
    [06/28/2007, 12:04:41] - BHO 4: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
    [06/28/2007, 12:04:41] - BHO 5: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
    [06/28/2007, 12:04:41] - BHO 6: {B9BD30D4-68C7-402D-9DCD-4E590231C72F} (MSEvents Object)
    [06/28/2007, 12:04:41] - ALERT: Found MSEvents Object!
    [06/28/2007, 12:04:41] - BHO 7: {DC192567-65F9-4AB6-ADB7-E13575F81726} ()
    [06/28/2007, 12:04:41] - WARNING: BHO has no default name. Checking for Winlogon reference.
    [06/28/2007, 12:04:41] - Checking for HKLM\…\Winlogon\Notify\hggffef
    [06/28/2007, 12:04:41] - Found: HKLM\…\Winlogon\Notify\hggffef - This is probably Virtumundo.
    [06/28/2007, 12:04:41] - Assigning {DC192567-65F9-4AB6-ADB7-E13575F81726} MSEvents Object
    [06/28/2007, 12:04:41] - BHO list has been changed! Starting over…
    [06/28/2007, 12:04:41] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
    [06/28/2007, 12:04:41] - BHO 2: {1F6581D5-AA53-4b73-A6F9-41420C6B61F1} ()
    [06/28/2007, 12:04:41] - WARNING: BHO has no default name. Checking for Winlogon reference.
    [06/28/2007, 12:04:41] - Checking for HKLM\…\Winlogon\Notify\rlqwnkyw
    [06/28/2007, 12:04:41] - Key not found: HKLM\…\Winlogon\Notify\rlqwnkyw, continuing.
    [06/28/2007, 12:04:41] - BHO 3: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
    [06/28/2007, 12:04:42] - BHO 4: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
    [06/28/2007, 12:04:42] - BHO 5: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
    [06/28/2007, 12:04:42] - BHO 6: {B9BD30D4-68C7-402D-9DCD-4E590231C72F} (MSEvents Object)
    [06/28/2007, 12:04:42] - ALERT: Found MSEvents Object!
    [06/28/2007, 12:04:42] - BHO 7: {DC192567-65F9-4AB6-ADB7-E13575F81726} (MSEvents Object)
    [06/28/2007, 12:04:42] - ALERT: Found MSEvents Object!
    [06/28/2007, 12:04:42] - Finished Searching Browser Helper Objects
    [06/28/2007, 12:04:42] - *** Detected MSEvents Object
    [06/28/2007, 12:04:42] - Trying to remove MSEvents Object…
    [06/28/2007, 12:04:43] - Terminating Process: IEXPLORE.EXE
    [06/28/2007, 12:04:44] - Terminating Process: RUNDLL32.EXE
    [06/28/2007, 12:04:44] - Disabling Automatic Shell Restart
    [06/28/2007, 12:04:44] - Terminating Process: EXPLORER.EXE
    [06/28/2007, 12:04:45] - Suspending the NT Session Manager System Service
    [06/28/2007, 12:04:45] - Terminating Windows NT Logon/Logoff Manager
    [06/28/2007, 12:04:45] - Re-enabling Automatic Shell Restart
    [06/28/2007, 12:04:45] - File to disable: C:\WINNT\system32\rqoom.dll
    [06/28/2007, 12:04:45] - Renaming C:\WINNT\system32\rqoom.dll -> C:\WINNT\system32\rqoom.dll.vir
    [06/28/2007, 12:04:45] - ! File rename was unsucessful.
    [06/28/2007, 12:04:45] - Attempting to Deny Access to C:\WINNT\system32\rqoom.dll
    [06/28/2007, 12:04:45] - *** IMPORTANT: Delete/Rename/Move on reboot (like Killbox) MAY NOT work.
    [06/28/2007, 12:04:45] - processed file: C:\WINNT\system32\rqoom.dll

    [06/28/2007, 12:04:45] - *** IMPORTANT: The file is disabled and will need to be deleted by the user.
    [06/28/2007, 12:04:45] - Removing HKLM\…\Browser Helper Objects\{B9BD30D4-68C7-402D-9DCD-4E590231C72F}
    [06/28/2007, 12:04:45] - Removing HKCR\CLSID\{B9BD30D4-68C7-402D-9DCD-4E590231C72F}
    [06/28/2007, 12:04:45] - Adding Kill Bit for ActiveX for GUID: {B9BD30D4-68C7-402D-9DCD-4E590231C72F}
    [06/28/2007, 12:04:45] - Deleting ATLEvents/MSEvents Registry entries
    [06/28/2007, 12:04:45] - Removing HKLM\…\Winlogon\Notify\rqoom
    [06/28/2007, 12:04:45] - Searching for Browser Helper Objects:
    [06/28/2007, 12:04:45] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
    [06/28/2007, 12:04:45] - BHO 2: {1F6581D5-AA53-4b73-A6F9-41420C6B61F1} ()
    [06/28/2007, 12:04:45] - WARNING: BHO has no default name. Checking for Winlogon reference.
    [06/28/2007, 12:04:45] - Checking for HKLM\…\Winlogon\Notify\rlqwnkyw
    [06/28/2007, 12:04:45] - Key not found: HKLM\…\Winlogon\Notify\rlqwnkyw, continuing.
    [06/28/2007, 12:04:45] - BHO 3: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
    [06/28/2007, 12:04:45] - BHO 4: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
    [06/28/2007, 12:04:45] - BHO 5: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
    [06/28/2007, 12:04:45] - BHO 6: {DC192567-65F9-4AB6-ADB7-E13575F81726} (MSEvents Object)
    [06/28/2007, 12:04:45] - ALERT: Found MSEvents Object!
    [06/28/2007, 12:04:45] - Finished Searching Browser Helper Objects
    [06/28/2007, 12:04:46] - *** Detected MSEvents Object
    [06/28/2007, 12:04:46] - Trying to remove MSEvents Object…
    [06/28/2007, 12:04:47] - Terminating Process: IEXPLORE.EXE
    [06/28/2007, 12:04:47] - Terminating Process: RUNDLL32.EXE
    [06/28/2007, 12:04:47] - Disabling Automatic Shell Restart
    [06/28/2007, 12:04:47] - Terminating Process: EXPLORER.EXE
    [06/28/2007, 12:04:47] - Suspending the NT Session Manager System Service
    [06/28/2007, 12:04:47] - Terminating Windows NT Logon/Logoff Manager
    [06/28/2007, 12:04:47] - Re-enabling Automatic Shell Restart
    [06/28/2007, 12:04:47] - File to disable: C:\WINNT\system32\hggffef.dll
    [06/28/2007, 12:04:47] - Renaming C:\WINNT\system32\hggffef.dll -> C:\WINNT\system32\hggffef.dll.vir
    [06/28/2007, 12:04:47] - ! File rename was unsucessful.
    [06/28/2007, 12:04:47] - Attempting to Deny Access to C:\WINNT\system32\hggffef.dll
    [06/28/2007, 12:04:47] - *** IMPORTANT: Delete/Rename/Move on reboot (like Killbox) MAY NOT work.
    [06/28/2007, 12:04:47] - ERROR: The system cannot find the file specified.

    [06/28/2007, 12:04:47] - *** IMPORTANT: The file is disabled and will need to be deleted by the user.
    [06/28/2007, 12:04:47] - Removing HKLM\…\Browser Helper Objects\{DC192567-65F9-4AB6-ADB7-E13575F81726}
    [06/28/2007, 12:04:47] - Removing HKCR\CLSID\{DC192567-65F9-4AB6-ADB7-E13575F81726}
    [06/28/2007, 12:04:47] - Adding Kill Bit for ActiveX for GUID: {DC192567-65F9-4AB6-ADB7-E13575F81726}
    [06/28/2007, 12:04:47] - Deleting ATLEvents/MSEvents Registry entries
    [06/28/2007, 12:04:47] - Removing HKLM\…\Winlogon\Notify\hggffef
    [06/28/2007, 12:04:47] - Searching for Browser Helper Objects:
    [06/28/2007, 12:04:47] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class)
    [06/28/2007, 12:04:47] - BHO 2: {1F6581D5-AA53-4b73-A6F9-41420C6B61F1} ()
    [06/28/2007, 12:04:47] - WARNING: BHO has no default name. Checking for Winlogon reference.
    [06/28/2007, 12:04:47] - Checking for HKLM\…\Winlogon\Notify\rlqwnkyw
    [06/28/2007, 12:04:47] - Key not found: HKLM\…\Winlogon\Notify\rlqwnkyw, continuing.
    [06/28/2007, 12:04:47] - BHO 3: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
    [06/28/2007, 12:04:47] - BHO 4: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
    [06/28/2007, 12:04:47] - BHO 5: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
    [06/28/2007, 12:04:47] - Finished Searching Browser Helper Objects
    [06/28/2007, 12:04:47] - Finishing up…
    [06/28/2007, 12:04:47] - A restart is needed.
    [06/28/2007, 12:04:58] - Attempting to Restart via STOP error (Blue Screen!)

    RemoveVideoActiveXObject.exe:


    —————-RemoveVideoActiveXObject.exe first run————-

    Files found:

    C:\WINNT\system32\hggffef.dll.vir
    C:\WINNT\system32\jpeg1x32.dll
    C:\WINNT\system32\jpeg2x32.dll
    C:\Program Files\MSN Messenger\msnmgr.exe
    C:\Program Files\Setup.exe
    C:\WINNT\system32\mooqr.bak1
    C:\WINNT\system32\mooqr.bak2

    Uninstallers Rogue scanners:


    Folders Found:


    ————–RemoveVideoActiveXObject.exe last run—————

    Files found:


    Uninstallers Rogue scanners:


    Folders Found:


    Ik hoop dat je er zo uitkomt, ik snap er in ieder geval helemaal niks meer van.



    Groeten Ferry
  • Download Hijackthis-setup
    Dubbelklik op Hijackthis-setup Hijackthis wordt nu op je PC geïnstalleerd, een snel koppeling wordt op je bureaublad geplaatst.
    Dubbelklik op het Icoontje van Hijackthis.
    Klik op "Do a systemscan and save a logfile". Er opent een Kladblok venster, selecteer de tekst in dat kladblokvenster, kopieer het en post het in je volgende bericht ;)
  • Hoppa:


    Logfile of HijackThis v1.99.1
    Scan saved at 12:42:32, on 28-6-2007
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\spoolsv.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\regsvc.exe
    C:\WINNT\system32\MSTask.exe
    C:\WINNT\system32\stisvc.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\Explorer.EXE
    C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\WINNT\system32\internat.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Hijack This\hijackthis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: (no name) - {1F6581D5-AA53-4b73-A6F9-41420C6B61F1} - C:\WINNT\system32\rlqwnkyw.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
    O4 - HKCU\..\Run: [internat.exe] internat.exe
    O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - Global Startup: Kaspersky Anti-Hacker.lnk = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra button: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll
    O9 - Extra 'Tools' menuitem: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by116fd.bay116.hotmail.msn.com
    esources/MsnPUpld.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1157653532884
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1157746069580
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves.nl/statics/Aurigma/ImageUploader4.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5061/mcfscan.cab
    O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
  • Start HijackThis nog een keer, kies voor "Do a system scan only" en plaats alleen een vinkje voor de volgende regel:
    [b:6aeb21363f]O2 - BHO: (no name) - {1F6581D5-AA53-4b73-A6F9-41420C6B61F1} - C:\WINNT\system32\rlqwnkyw.dll [/b:6aeb21363f]
    Sluit alle open vensters(behalve HijackThis), klik daarna op "Fix checked" en sluit HijackThis af.

    [b:6aeb21363f]
  • Okey, ik heb geen idee waar we mee bezig zijn, maar hier is het logje:


    "Visser" - 28-06-2007 13:20:52 - ComboFix 07-06-27.7 - Service Pack 4 NTFS


    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


    C:\WINNT\system32
    wwtrpby.exe


    ((((((((((((((((((((((((( Files Created from 2007-05-28 to 2007-06-28 )))))))))))))))))))))))))))))))


    2007-06-28 13:19 49,152 –a—— C:\WINNT
    ircmd.exe
    2007-06-28 12:41 <DIR> d——– C:\Program Files\Hijack This
    2007-06-28 12:20 36,122 –a—— C:\WINNT\system32\RemoveVideoActiveXObject.reg
    2007-06-28 12:20 <DIR> d——– C:\WINNT\system32\RVAXO
    2007-06-28 09:46 <DIR> d——– C:\Program Files\Lavasoft
    2007-06-28 09:45 128,576 –a—— C:\WINNT\system32\miauojby.dll
    2007-06-28 09:42 4,672 –a—— C:\WINNT\system32\lrvfcqwo.exe
    2007-06-27 23:19 <DIR> d——– C:\DOCUME~1\Visser\APPLIC~1\AdwareAlert
    2007-06-27 14:28 <DIR> d——– C:\WINNT\McAfee.com
    2007-06-27 14:11 <DIR> d——– C:\WINNT\system32\SoftwareDistribution
    2007-06-27 11:18 4,011,208 –a—— C:\Program Files\hitmanpro26.exe
    2007-06-27 11:18 <DIR> d——– C:\Program Files\Hitman Pro
    2007-06-27 09:56 66,112 –a—— C:\WINNT\system32\rlqwnkyw.dll
    2007-06-27 09:47 4,672 –a—— C:\WINNT\system32
    qkrpvwy.exe
    2007-06-27 09:42 16,384 –a—-t- C:\WINNT\system32\Perflib_Perfdata_2e0.dat
    2007-06-27 00:36 <DIR> d——– C:\Program Files\Messenger
    2007-06-26 21:41 266,336 –a—— C:\WINNT\system32\rqoom.dll
    2007-06-26 19:27 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Anti-Virus Personal
    2007-06-26 19:22 7,417,544 –a—— C:\Program Files\INSTALL_MSN_MESSENGER_DL.EXE
    2007-06-24 14:48 21,128,792 –a—— C:\Program Files\kis6-621nl.exe
    2007-06-24 14:17 <DIR> d——– C:\Program Files\Kaspersky Lab
    2007-06-11 18:01 <DIR> d——– C:\Program Files\MSN Messenger
    2007-05-11 17:00 <DIR> d——– C:\DOCUME~1\Visser\APPLIC~1\Zylom
    2007-05-11 17:00 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom


    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    2007-06-28 07:45:29 ——– d—–w C:\DOCUME~1\Visser\APPLIC~1\Azureus
    2007-06-27 14:34:54 ——– d—–w C:\DOCUME~1\Visser\APPLIC~1\foobar2000
    2007-06-25 17:47:41 ——– d—–w C:\DOCUME~1\Visser\APPLIC~1\ZoomBrowser EX
    2007-06-25 17:28:20 ——– d—–w C:\Program Files\Common Files\Kaspersky Lab
    2007-05-01 14:49:29 ——– d—–w C:\Program Files\Philips
    2007-05-01 14:49:28 ——– d–h–w C:\Program Files\InstallShield Installation Information
    2007-05-01 14:49:09 ——– d—–w C:\Program Files\Common Files\InstallShield
    2007-04-25 07:52:16 147,216 —-a-w C:\WINNT\system32\SCHANNEL.DLL
    2007-04-16 20:47:36 33,624 —-a-w C:\WINNT\system32\wups.dll
    2007-04-16 20:45:54 1,710,936 —-a-w C:\WINNT\system32\wuaueng.dll
    2007-04-16 20:45:48 549,720 —-a-w C:\WINNT\system32\wuapi.dll
    2007-04-16 20:45:42 325,976 —-a-w C:\WINNT\system32\wucltui.dll
    2007-04-16 20:45:28 92,504 —-a-w C:\WINNT\system32\cdm.dll
    2007-04-16 20:45:20 53,080 —-a-w C:\WINNT\system32\wuauclt.exe
    2007-04-16 20:45:20 43,352 —-a-w C:\WINNT\system32\wups2.dll
    2007-04-16 12:44:08 54,032 —-a-w C:\WINNT\system32\mpr.dll
    2007-04-07 12:38:45 17,570,898 —-a-w C:\Program Files\klcodec288f.exe
    2007-04-05 07:17:39 2,854,400 —-a-w C:\WINNT\system32\msi.dll


    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [16-04-01 15:39 ]
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [14-03-07 03:43 ]
    {AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar3.dll [20-01-07 00:56 ]
    {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}=C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [17-06-07 10:34 ]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Synchronization Manager"="mobsync.exe" [19-06-03 12:05 C:\WINNT\system32\mobsync.exe]
    "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [02-11-04 20:24 ]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [14-03-07 03:43 ]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "internat.exe"="internat.exe" [07-12-99 13:00 C:\WINNT\system32\internat.exe]
    "eMuleAutoStart"="C:\Program Files\eMule\emule.exe" []
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [17-06-07 10:34 ]

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
    "^SetupICWDesktop"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "internat.exe"=internat.exe
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - netsvcs
    WmdmPmSN


    Contents of the 'Scheduled Tasks' folder
    2007-06-27 21:19:19 C:\WINNT\tasks\AdwareAlert Scheduled Scan.job

    **************************************************************************

    catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-06-28 13:22:51
    Windows 5.0.2195 Service Pack 4 NTFS

    scanning hidden processes …

    ? [1252]


    scanning hidden autostart entries …

    scanning hidden files …

    C:\WINNT\msdfmap.ini:KAVICHS 36 bytes hidden from API
    C:\WINNT\muisetup.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\muninst.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\NOTEPAD.EXE:KAVICHS 36 bytes hidden from API
    C:\WINNT
    tbtlog.txt:KAVICHS 36 bytes hidden from API
    C:\WINNT\ocgen.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\ockodak.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\ODBC.INI:KAVICHS 36 bytes hidden from API
    C:\WINNT\ODBCINST.INI:KAVICHS 36 bytes hidden from API
    C:\WINNT\OEWABLog.txt:KAVICHS 36 bytes hidden from API
    C:\WINNT\opuc.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\Prairie Wind.bmp:KAVICHS 36 bytes hidden from API
    C:\WINNT\Q828026.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\regedit.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\REGLOCS.OLD:KAVICHS 36 bytes hidden from API
    C:\WINNT\Rhododendron.bmp:KAVICHS 36 bytes hidden from API
    C:\WINNT\River Sumida.bmp:KAVICHS 36 bytes hidden from API
    C:\WINNT\TASKMAN.EXE:KAVICHS 36 bytes hidden from API
    C:\WINNT\twain.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\twain_32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\twunk_16.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\twunk_32.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\uneng.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\uninst.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\UpdateRollupPack.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\updcustom.dll.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\updspapi.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\upwizun.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\vb.ini:KAVICHS 36 bytes hidden from API
    C:\WINNT\vbaddin.ini:KAVICHS 36 bytes hidden from API
    C:\WINNT\vmmreg32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\explorer.exe:KAVICHS 100 bytes hidden from API
    C:\WINNT\explorer.scf:KAVICHS 36 bytes hidden from API
    C:\WINNT\FeatherTexture.bmp:KAVICHS 36 bytes hidden from API
    C:\WINNT\folder.htt:KAVICHS 36 bytes hidden from API
    C:\WINNT\gdiplus.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\Gone Fishing.bmp:KAVICHS 36 bytes hidden from API
    C:\WINNT\Greenstone.bmp:KAVICHS 36 bytes hidden from API
    C:\WINNT\hh.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\iis5.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\imsins.BAK:KAVICHS 36 bytes hidden from API
    C:\WINNT\imsins.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\clock.avi:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB911280.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB920683.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB925454-IE6SP1-20061116.120000.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB933566-IE6SP1-20070417.120000.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\welcome.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\Santa Fe Stucco.bmp:KAVICHS 36 bytes hidden from API
    C:\WINNT\SchedLgU.Txt:KAVICHS 36 bytes hidden from API
    C:\WINNT\setup.inf:KAVICHS 36 bytes hidden from API
    C:\WINNT\setup.rpt:KAVICHS 36 bytes hidden from API
    C:\WINNT\setupact.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\setupapi.log:KAVICHS 100 bytes hidden from API
    C:\WINNT\setuplog.txt:KAVICHS 36 bytes hidden from API
    C:\WINNT\Shimano2.ini:KAVICHS 36 bytes hidden from API
    C:\WINNT\Shimano2.scr:KAVICHS 36 bytes hidden from API
    C:\WINNT\Soap Bubbles.bmp:KAVICHS 36 bytes hidden from API
    C:\WINNT\spupdsvc.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\Sti_Trace.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\system.ini:KAVICHS 36 bytes hidden from API
    C:\WINNT\IsUn0413.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\IsUninst.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB329115.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB833407.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB842773.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB890046.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB893756.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB893803v2.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB896358.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB896422.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB896423.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB896424.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB899587.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB899589.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB900725.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB901017.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB901214.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB904706.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB905414.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB905495-IE6SP1-20050805.184113.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB905749.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB908519.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB908531.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\Coffee Bean.bmp:KAVICHS 36 bytes hidden from API
    C:\WINNT\COM+.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\comsetup.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\daemon.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\dahotfix.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\dasetup.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\delttsul.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\desktop.ini:KAVICHS 36 bytes hidden from API
    C:\WINNT\DirectX.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\discover.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB911564.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB911567-OE6SP1-20060316.165634.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB912919.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB913580.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB914388.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB914389.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB917008.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB917159.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB917422.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB917537.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB917734.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB917736.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB917953.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB918118.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB918899-IE6SP1-20060725.123917.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB920213.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB920670.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\Active Setup Log.txt:KAVICHS 36 bytes hidden from API
    C:\WINNT\bitssetup.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\Blue Lace 16.bmp:KAVICHS 36 bytes hidden from API
    C:\WINNT\CCWIN.INI:KAVICHS 36 bytes hidden from API
    C:\WINNT\welcome.ini:KAVICHS 36 bytes hidden from API
    C:\WINNT\win.ini:KAVICHS 36 bytes hidden from API
    C:\WINNT\Windows Update.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\WindowsUpdate.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\winhelp.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\winhlp32.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\wininit.ini:KAVICHS 36 bytes hidden from API
    C:\WINNT\winnt.bmp:KAVICHS 36 bytes hidden from API
    C:\WINNT\winnt256.bmp:KAVICHS 36 bytes hidden from API
    C:\WINNT\winrep.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\wmsetup.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\WMSysPr9.prx:KAVICHS 36 bytes hidden from API
    C:\WINNT\Zapotec.bmp:KAVICHS 36 bytes hidden from API
    C:\WINNT\_default.pif:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB920685.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB920958.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB921398.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB921883.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB922582.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB922616.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB922760-IE6SP1-20061018.120000.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB923191.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB923414.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB923689.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB923694-OE6SP1-20061106.120000.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB923980.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB924191.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB924270.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB924667.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB925398.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB925486-IE6SP1-20060918.120000.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB925902.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB926436.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB927891.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB928090-IE6SP1-20070125.120000.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB928843.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB929969-IE6SP1-20061220.120000.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB930178.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB931768-IE6SP1-20070219.120000.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB931784.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB932168.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB935839.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\KB935840.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\MDAC25SP3-KB911562-x86-ENU.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\MDAC28-KB911562-x86-ENU.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\MDAC28-KB927779-x86-ENU.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\mmdet.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\ModemDet.txt:KAVICHS 36 bytes hidden from API
    C:\WINNT\mozver.dat:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\$winnt$.inf:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\12520437.cpx:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\12520850.cpx:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\aaaamon.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ac3acm.acm:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\access.cpl:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\acctres.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\accwiz.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\acelpdec.ax:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\acledit.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\aclui.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\acsetupc.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\acsmib.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\activeds.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\activeds.tlb:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\actmovie.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\actxprxy.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\admparse.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\adptif.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\adsldp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\adsldpc.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\adsmsext.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\adsnds.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\avifil32.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\avifile.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\avmeter.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\avtapi.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\avwav.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\basenote.cov:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\BASESRV.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\BASSMOD.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\batmeter.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\batt.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\bdaplgin.ax:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\bios1.rom:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\bios4.rom:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\bitsprx2.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\bitsprx3.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\blackbox.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\bootok.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\bootvid.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\bootvrfy.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\bopomofo.uce:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\br549.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\browselc.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\browser.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\BROWSEUI.DLL:KAVICHS 100 bytes hidden from API
    C:\WINNT\system32\browsewm.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cabinet.dll:KAVICHS 100 bytes hidden from API
    C:\WINNT\system32\cabview.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cacls.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\calc.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_1254.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_1255.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_1256.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_1257.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_1258.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_20127.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_20261.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_20866.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_20905.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_21866.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_28591.nls:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\c_28592.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_28593.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_28598.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_28605.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_437.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_500.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_775.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_850.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_860.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_863.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_865.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_874.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_932.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_936.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_949.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_950.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\d3d8.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\d3d8caps.dat:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\d3d8thk.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\d3d9.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\d3d9caps.dat:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\d3dim.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\d3dim700.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\d3dpmesh.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\d3dramp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\d3dref.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\d3drm.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\d3dx9_29.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\d3dx9_32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\d3dxof.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\DANIM.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dataclen.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\datime.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\daxctle.ocx:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dbghelp.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\dbmsadsn.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dbmsgnet.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dbmsrpcn.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dbmssocn.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dbmsspxn.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dbmsvinn.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\DBnetlib.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\DBnmpntw.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cidaemon.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ciodm.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cipher.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cisvc.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\ckcnv.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\clb.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\clbcatex.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\clbcatq.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\cleanmgr.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cliconf.chm:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cliconf.hlp:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cliconfg.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cliconfg.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cliconfg.rll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\clipbrd.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\clipsrv.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\clusapi.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\cluster.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cmcfg32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\CMD.EXE:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cmdial32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\adsnt.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\avicap32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\capesnpn.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\CDFVIEW.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cic.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cmdl32.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\comp.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cryptdll.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_1253.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_861.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dciman32.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\dfrgres.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dlcapi.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dmsynth.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dpserial.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dsprop.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\efsadu.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\faxperf.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\findstr.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\g711codc.ax:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\hostname.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\iasrad.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ieshwiz.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\infosoft.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ipxmontr.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\itircl.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbddv.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdsp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kstvtune.ax:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\logdrive.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mciavi32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dcomcnfg.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\DComExt.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ddeml.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ddeshare.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ddmprxy.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ddraw.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\ddrawex.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\debug.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\desk.cpl:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\deskadp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\deskmon.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\deskperf.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\desktop.ini:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\devenum.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\devmgmt.msc:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\devmgr.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\dfrg.msc:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dfrgfat.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dfrgntfs.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dllhost.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dllhst3g.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dmadmin.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\dmband.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dmcompos.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dmconfig.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dmdlgs.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dmdskmgr.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dmdskres.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dmime.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dmintf.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dmloader.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dmocx.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dmremote.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dmscript.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dmserver.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dmstyle.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dpvacm.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dpvoice.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dpvsetup.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dpvvox.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dpwsock.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dpwsockx.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drmclien.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drmstor.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drmv2clt.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drwatson.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drwtsn32.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\ds16gt.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ds32gt.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dsauth.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dsctl.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dsdmo.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dsdmoprp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dsfolder.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dskquota.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dskquoui.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dsound.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\dsound.vxd:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dsound3d.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ega.cpi:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\els.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\emptyregdb.dat:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\encapi.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\EqnClass.Dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\es.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\esent.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\esentprf.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\esentprf.hxx:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\esentprf.ini:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\esentutl.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\eudcedit.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\eula.txt:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\EVENTLOG.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\eventvwr.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\eventvwr.msc:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\exe2bin.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\expand.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\expsrv.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\extenum.ldf:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\extrac32.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\fastopen.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\fax.cpk:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\faxadmin.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\faxcom.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\faxcount.h:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\faxcover.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\faxdrv.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\faxevent.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\faxext32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\faxmapi.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\faxocm.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\faxperf.ini:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\faxqueue.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\faxroute.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\faxsend.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\faxserv.msc:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\faxshell.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\faxsvc.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\faxt30.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\faxtiff.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\faxui.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\faxxp32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\fc.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\fde.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\fdeploy.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\feclient.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ff_vfw.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\filemgmt.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\find.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\g723codc.ax:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\gb2312.uce:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\gcdef.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\gdi.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\GDI32.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\gdiplus.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\getstart.gif:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\getuname.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\glmf32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\glu32.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\gpedit.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\gpedit.msc:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\gpkcsp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\gpkrsrc.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\gptext.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\graftabl.com:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\graphics.com:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\graphics.pro:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\GRPCONV.EXE:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\h261_32.ax:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\h263_32.ax:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\h323.tsp:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\h323msp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\hal.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\hardware.inf:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\hdwwiz.cpl:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\help.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\hhctrl.ocx:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\hhsetup.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\hid.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\himem.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\hlink.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\Homepage.inf:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\hotplug.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\hpmon.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\hpmon.hlp:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\hticons.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\htui.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\hypertrm.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\i81xdnt5.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\iac25_32.ax:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\ias.msc:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\iasacct.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\iasads.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\iashlpr.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\iasnap.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\iasperf.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\iasperf.h:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\iasperf.ini:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\iaspipe.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\iaspolcy.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ieuinit.inf:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\iexpress.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ifmon.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ifsutil.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\igmpagnt.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\iissuba.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ikhcore.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ils.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\imaadp32.acm:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\imagehlp.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\imagr5.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\imagx5.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ImagXpr5.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\imeshare.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\imgadmin.ocx:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\imgcmn.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\imgedit.ocx:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\imgscan.ocx:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\imgshl.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\imgthumb.ocx:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\imgutil.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\imm32.dll:KAVICHS 100 bytes hidden from API
    C:\WINNT\system32\indicdll.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\inetcfg.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\INETCOMM.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\inetcpl.cpl:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\inetcplc.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\inetmib1.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\inetpp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\INETRES.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\ipxpromn.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ipxrip.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ipxroute.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ipxrtmgr.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ipxsap.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ipxwan.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ir32_32.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\ir41_32.ax:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ir41_qc.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ir41_qcx.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ir50_32.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\ir50_qc.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ir50_qcx.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\irclass.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\irftp.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\irmon.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\irprops.cpl:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\isign32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdes.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdfc.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdfi.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdfo.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdfr.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdgae.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdgr.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdgr1.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdic.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdir.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdit.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdit142.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdjpn.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdla.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdmac.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdne.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdno.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdpo.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdsf.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdsg.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdsw.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbduk.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdus.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\kbdusl.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdusr.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdusx.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\kerberos.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\KERNEL32.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\key01.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\keyboard.drv:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\keyboard.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kmddsp.tsp:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\korean.uce:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\krnl386.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ksclockf.ax:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ksdata.ax:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ksinterf.ax:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ksolay.ax:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ksproxy.ax:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ksqmf.ax:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\loghours.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\login.cmd:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\logon.scr:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\lpk.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\lpq.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\lpr.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\lprhelp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\lprmonui.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\LSASRV.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\LSASS.EXE:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\ltdis13n.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ltefx13n.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ltfil13n.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ltimg13n.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ltkrn13n.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\lusrmgr.msc:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\lz32.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\lzexpand.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\l_except.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\l_intl.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mac8021x.ldf:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\magnify.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mag_hook.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\main.cpl:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\makecab.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mapi32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mapistub.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mapisvc.inf:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mbslgn32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mcastmib.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mcd32.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\mcdsrv32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mciavi.drv:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mcicda.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mciole16.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mciole32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mciqtz32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mciseq.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mciseq.drv:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mciwave.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mciwave.drv:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mdaccore.rsp:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mdhcp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mdimon.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mdminst.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mem.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mf3216.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mfc40.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\MFC40U.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mfc42.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\MFC42NLD.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mfc42u.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\mfcsubs.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mgmtapi.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mib.bin:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\midimap.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\migpwd.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mimefilt.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mlang.dat:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mlang.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\mll_hp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mll_mtf.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mmc.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mmcndmgr.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mmcshext.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mmdet.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mmdriver.inf:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mmdrv.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\mmefxe.ocx:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mmfutil.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mmsys.cpl:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mmsystem.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\mmtask.tsk:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mmutilse.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mnmdd.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mnmsrvc.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\mobsync.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mobsync.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\mode.com:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\modemui.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mpr.dll:KAVICHS 100 bytes hidden from API
    C:\WINNT\system32\mprapi.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\mprddm.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mprdim.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mprmsg.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mprui.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mrinfo.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\MRT.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msacm.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msacm32.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\msacm32.drv:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\msadds32.ax:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msadp32.acm:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\msafd.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msapsspc.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msasn1.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\msaud32.acm:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\msaudite.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mscat32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mscdexnt.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msidntld.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msidpe.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\MSIEFTP.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msiexec.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\msihnd.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msimg32.dll:KAVICHS 100 bytes hidden from API
    C:\WINNT\system32\msimsg.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\msiregmv.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msisip.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\msjet40.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msjetoledb40.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msjint40.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msjter40.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msjtes40.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msls31.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\msltus40.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msnetobj.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msnsspc.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msobjs.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\MSOEACCT.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\MSOERT2.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\msorc32r.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msorcl32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mspaint.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mspatcha.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mspbde40.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mspmsnsv.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mspmsp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    et1.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    etapi.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\NETAPI32.DLL:KAVICHS 100 bytes hidden from API
    C:\WINNT\system32
    etcfgx.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\NETDDE.EXE:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    etdet.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    etdtect.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    etevent.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    etfxperf.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    eth.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    etid.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\NETLOGON.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32
    etman.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    etmsg.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    etplwiz.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    etrap.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32
    etsh.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    etshell.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32
    oise.sve:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    otepad.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    pptools.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    pwmsdrm.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    qkrpvwy.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    scompat.tlb:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    slookup.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    t.fnt:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    t2.fnt:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tbackup.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\NTDLL.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32
    tdos.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tdos404.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tdos411.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tdos412.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tdos804.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tdsa.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tdsapi.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32
    tdsatq.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tdsbcli.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tsdexts.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tshrui.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\NTVDM.EXE:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tvdmd.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    w16.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    wapi16.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\NWAPI32.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    wc.cpl:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    wcfg.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    wevent.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\NWPROVAU.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32
    wscript.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\NWWKS.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\oakley.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\objsel.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\occache.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\olethk32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\opengl32.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\os2.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\os2srv.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\os2ss.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\osk.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\other.inf:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\OUTLPERF.H:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\OUTLPERF.INI:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\packager.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\panmap.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\pathping.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\pautoenr.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\pax.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\pcl.sep:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\pdh.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\pentnt.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\perfc009.dat:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\perfci.h:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\perfci.ini:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\perfctrs.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\perfd009.dat:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\perfdisk.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\perffilt.h:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\perffilt.ini:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\perfh009.dat:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\perfi009.dat:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\Perflib_Perfdata_2e0.dat:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\perfmon.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\perfnet.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\perfos.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\perfproc.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\PerfStringBackup.INI:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\perfwci.h:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\perfwci.ini:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\picn20.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\pid.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\pidgen.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\pifmgr.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\ping.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\pjlmon.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\plugin.ocx:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\plustab.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\pmspl.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\PNGFILT.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\polagent.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\polstore.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\posix.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\powercfg.cpl:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\powrprof.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\prflbmsg.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\print.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\printmon.inf:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\printui.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\proctexe.ocx:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\prodspec.ini:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\profmap.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\progman.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\proquota.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\Prounstl.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\PROXYCFG.EXE:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\psapi.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\PSBASE.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\pschdprf.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\pschdprf.ini:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\pscript.sep:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\psisdecd.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\psisrndr.ax:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\psnppagn.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\pstorec.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\psxdll.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\psxss.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\pubprn.vbs:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\qasf.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\qcap.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\qcut.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\qdv.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\qdvd.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\qedit.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\qedwipes.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\qmgr.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\qmgrprxy.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\qosname.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\qt-dx331.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\quartz.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\query.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rapilib.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rasadhlp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rasadmin.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\RASAPI32.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\rasauth.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rasauto.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rasautou.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\raschap.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rasctrnm.h:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rasctrs.ini:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rasdial.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\RASDLG.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\rasgprxy.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rasgtwy.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\RASMAN.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\rasmans.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rasmontr.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rasmxs.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rasphone.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rasppp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rasrad.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rassapi.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rassauth.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\RASSCRPT.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rasser.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rastapi.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rastls.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rlqwnkyw.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rnr20.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\route.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\routeext.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\routemon.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\routetab.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rpcns4.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rpcrt4.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\rpcss.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rqoom.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rsabase.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rsaci.rat:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rsaenh.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rsfsaps.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rsh.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rshx32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rsm.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rsnotify.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rsvp.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\rsvp.ini:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rsvpcnts.h:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sendmail.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sens.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\sensapi.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\senscfg.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\serialui.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\servdeps.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\SERVICES.EXE:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\services.msc:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\shfolder.dll:KAVICHS 100 bytes hidden from API
    C:\WINNT\system32\shfolder.dll.tmp:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\shiftjis.uce:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\shim.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\shimgvw.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\SHLWAPI.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\shmgrate.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\shrpubw.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\shscrap.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sigtab.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sigverif.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\simpdata.tlb:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sisbkup.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\skdll.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\skeys.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\slbcsp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\slbkygen.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\slbrsrc.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sl_anet.acm:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\smlogcfg.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\smlogsvc.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\smss.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\sndrec32.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sndvol32.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\subst.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\svchost.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\svcpack.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\syncapp.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\synceng.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\syncui.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sysdm.cpl:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sysedit.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sysinv.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\syskey.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sysmon.ocx:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sysocmgr.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sysprint.sep:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sysprtj.sep:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\syssetup.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\system.drv:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\systray.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\t2embed.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\tapi.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\tapi3.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\tapi32.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\tapiperf.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\tapisrv.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\tapiui.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\taskman.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\taskmgr.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\tcmsetup.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\tcpmib.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\tcpmon.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\tcpmon.ini:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\tcpmonui.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\tdc.ocx:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\telephon.cpl:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\telnet.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\termcap:KAVICHS 36 bytes hidden from API















































  • C:\WINNT\system32\termmgr.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\tftp.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\themes.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\thumbvw.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\tifflt.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\timedate.cpl:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\timer.drv:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\tlntadmn.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\tlntsess.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\tlntsvr.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\tlntsvrp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\toolhelp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\tracert.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\traffic.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\UNTFS.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\updcrl.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\ups.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\ureg.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\url.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\URLMON.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\usbmon.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\usbui.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\user.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\USER32.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\USERENV.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\userinit.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\usp10.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\utildll.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\utilman.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\v7vga.rom:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\VBAEN32.OLB:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\VBAEND32.OLB:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\vbajet32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\VBAME.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\VBANL32.OLB:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\vbisurf.ax:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\vbscript.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\vcdex.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\VDMDBG.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\wbcache.ita:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wbcache.nld:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wbcache.sve:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wbdbase.deu:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wbdbase.enu:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wbdbase.esn:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wbdbase.fra:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wbdbase.ita:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wbdbase.nld:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wbdbase.sve:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wdl.trm:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wdmaud.drv:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\webcheck.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\webfldrs.msi:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\webhits.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\webvw.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wextract.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wfwnet.drv:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\wifeman.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\win.com:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\WIN32K.SYS:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\WIN32SPL.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\win87em.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\winchat.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\winfax.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\winhelp.hlp:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\winhlp32.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\winhttp.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\WININET.DLL:KAVICHS 100 bytes hidden from API
    C:\WINNT\system32\WINLOGON.EXE:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\winmine.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\winmsd.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\winnls.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\winoldap.mod:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\winrnr.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\winscard.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\winsmon.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\winsock.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\winspool.drv:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\winspool.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\WINSRV.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\winsta.dll:KAVICHS 100 bytes hidden from API
    C:\WINNT\system32\winstrm.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\WINTRUST.DLL:KAVICHS 100 bytes hidden from API
    C:\WINNT\system32\winver.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\WISPTIS.EXE:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\WKSSVC.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\WLDAP32.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wlnotify.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\wmadmod.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wmadmoe.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wmasf.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\wmdmlog.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wmdmps.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wmerror.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\compact.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\compmgmt.msc:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\compobj.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\compstui.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\comrepl.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\comsnap.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\comsvcs.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\comuid.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\CONFIG.NT:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\CONFIG.TMP:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\confmsp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\conime.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\console.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\control.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\convert.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\corpol.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\country.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cpuinf32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\crtdll.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\CRYPT32.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\CRYPTDLG.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\modex.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mpnotify.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msclus.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msencode.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msidlpm.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msports.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\MSSTKPRP.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msvcrt.dll:KAVICHS 100 bytes hidden from API
    C:\WINNT\system32\mtxclu.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32
    et.hlp:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    etstat.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    oise.nld:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tdsbsrv.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tsd.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ocmanage.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\odpdx32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\olesvr32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\perfnw.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\pschdcnt.h:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rasctrs.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rcamsp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\riched32.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\rsvpmsg.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\adsnw.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ADVAPI32.DLL:KAVICHS 100 bytes hidden from API
    C:\WINNT\system32\advpack.dll:KAVICHS 100 bytes hidden from API
    C:\WINNT\system32\alrsvc.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\amcompat.tlb:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\amstream.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ansi.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\apcups.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\append.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\appmgmts.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\appmgr.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\appwiz.cpl:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\arp.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\asctrls.ocx:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\asferror.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\asfsipc.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\asycfilt.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\at.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\atkctrs.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\atl.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\atmadm.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\atmfd.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\atmlib.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\attrib.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\authz.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\AUTOCHK.EXE:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\autoconv.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\AUTOEXEC.NT:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\autofmt.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\autolfn.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\avicap.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mscms.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\MSCOMCTL.OCX:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msconf.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mscoree.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\mscorier.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mscories.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mscpxl32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msdart.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\msdart32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msdatsrc.tlb:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msdmo.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msdtc.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\msdtclog.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\msdtcprf.h:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msdtcprf.ini:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msdtcprx.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\msdtctm.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msdtcui.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\msdvbnp.ax:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msdxm.ocx:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msdxmlc.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msprivs.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\MSPRPNL.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msr2c.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msr2cenu.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msratelc.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\MSRATING.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msrclr40.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msrd2x40.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msrd3x40.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\MSRDO20.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msrecr40.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msrepl40.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msrle32.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\msscp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msscript.ocx:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mssign32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mssip32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\MSSTDFMT.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msvcrt20.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msvcrt40.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msvfw32.dll:KAVICHS 100 bytes hidden from API
    C:\WINNT\system32\msvidc32.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\msvidctl.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msvideo.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msw3prt.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mswdat10.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mswebdvd.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mswmdm.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mswsock.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mswstr10.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msxbde40.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msxml.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msxml3.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msxml3a.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msxml3r.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msxml4.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msxml4r.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msxmlr.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msyuv.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32
    tdsetup.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tdskcc.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tdsutil.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tdsxds.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    timage.gif:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tio.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tio404.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tio411.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tio412.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tio804.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\NTKRNLPA.EXE:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\NTLANMAN.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32
    tlanui.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tlanui2.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tlsapi.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tmarta.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32
    tmsapi.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tmsdba.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32
    tmsevt.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tmsmgr.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tmsmgr.msc:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tmsoprq.msc:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tmssvc.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\NTOSKRNL.EXE:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    tprint.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\odbc16gt.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ODBC32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\odbc32gt.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\odbcad32.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\odbcbcp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\odbcconf.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\odbcconf.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\odbcconf.rsp:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\odbccp32.cpl:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\odbccp32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\odbccr32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\odbccu32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\odbcint.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\odbcji32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\odbcjt32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\odbctrac.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\oddbse32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\odexl32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\odfox32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rsvpperf.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rsvpsp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rtclib.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rtcrtp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rtipxmib.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rtm.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rtutils.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\runas.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rundll32.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\runonce.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\samlib.dll:KAVICHS 100 bytes hidden from API
    C:\WINNT\system32\SAMSRV.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\savedump.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\scarddlg.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\scardssp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\scardsvr.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\scecli.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\scesrv.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\SCHANNEL.DLL:KAVICHS 100 bytes hidden from API
    C:\WINNT\system32\sclgntfy.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\SCP32.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\scripto.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\scrnsave.scr:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\scrobj.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\scrrun.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sdbapiu.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\sdpblb.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\secedit.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\seclogon.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\secpol.msc:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\secur32.dll:KAVICHS 100 bytes hidden from API
    C:\WINNT\system32\security.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sefilshr.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\snmpsnap.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\softpub.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\sol.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sort.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sortkey.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sorttbls.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sound.drv:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\sp2res.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sp3res.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sp4iis.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\spcmdcon.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\spiisupd.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\spmsg.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\spoolss.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\spoolsv.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\sprestrt.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\spupdsvc.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\spxcoins.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sqlclnt.rsp:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sqlsodbc.chm:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sqlsodbc.hlp:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\SQLSRV32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sqlsrv32.rll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sqlstr.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sqlunirl.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sqlwid.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sqlwoa.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\srvsvc.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\ss3dfo.scr:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\VEN2232.OLB:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ver.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\verclsid.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\verifier.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\verisignpub1.crl:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\version.dll:KAVICHS 100 bytes hidden from API
    C:\WINNT\system32\vfpodbc.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\vga.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\vga.drv:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\vga256.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\vga64k.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\View Channels.scf:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\vjoy.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\VSFLEX3.OCX:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\vwipxspx.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\vwipxspx.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\w32time.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\w32tm.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\w32topl.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wavemsp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wbcache.deu:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wbcache.enu:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wbcache.esn:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wmicore.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wmidx.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wmidx.ocx:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wmimgmt.msc:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wmnetmgr.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wmp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wmp.ocx:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wmpasf.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wmpcd.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wmpcore.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wmpdxm.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wmploc.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wmpns.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wmpshell.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wmpui.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wmsdmod.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wmsdmoe2.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wmspdmod.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wmspdmoe.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wmstream.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wmv9vcm.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\wmvcore.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ssflwbox.scr:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ssldivx.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ssmarque.scr:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ssmaze.scr:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ssmyst.scr:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sspipes.scr:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ssstars.scr:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sstext3d.scr:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\stclient.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\stdole2.tlb:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\stdole32.tlb:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sti.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\sticpl.cpl:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\stimon.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\stisvc.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\sti_ci.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\stobject.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\storage.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\storprop.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\streamci.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\strmdll.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\subrange.uce:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ksuser.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\ksvpintf.ax:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kswdmcap.ax:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ksxbar.ax:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\l3codeca.acm:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\l3codecx.ax:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\label.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\lanman.drv:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\laprxy.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\legacy.inf:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\LegitCheckControl.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\lfbmp13n.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\lfcmp13n.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\lfgif13n.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\lhacm.acm:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\libdivx.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\licmgr10.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\lights.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\linkinfo.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\lmhsvc.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\lmrt.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\lnkstub.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\loadfix.com:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\loadperf.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\locale.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\localmon.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\localsec.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\LOCALSPL.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\localui.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\locator.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\lodctr.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\logagent.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cards.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\catsrv.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\catsrvps.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\catsrvut.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ccfgnt.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cryptext.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\CRYPTNET.DLL:KAVICHS 100 bytes hidden from API
    C:\WINNT\system32\cryptsvc.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\CRYPTUI.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\cscdll.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\cscript.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cscui.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\CSRSRV.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\csrss.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\csseqchk.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ctl3d32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ctl3dv2.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ctype.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_037.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_10000.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_10079.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_1026.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_1250.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_1251.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\c_1252.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cmmgr32.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cmmgr32.hlp:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cmmon32.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cmnquery.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cmos.ram:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cmpbk32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cmprops.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cmstp.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cmutil.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cnbjmon.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\CNDPTPC.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\CNDPTPU.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cnetcfg.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cnvfat.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\colbact.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\comaddin.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\comcat.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\comclust.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\comctl32.dll:KAVICHS 100 bytes hidden from API
    C:\WINNT\system32\comdlg32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\comm.drv:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\command.com:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\commdlg.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\initpki.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\INKED.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\INSENG.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\instcat.sql:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\instcm.inf:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\internat.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\intl.cpl:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\iologmsg.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ipconf.tsp:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ipconfig.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\IPHLPAPI.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\ipmontr.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ipnathlp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ippromon.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\iprop.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\iprtprio.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\iprtrmgr.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ipsecmon.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ipsecsnp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ipsink.ax:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\odtext32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\offfilt.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\oieng400.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\oiprt400.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\oislb400.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\oissq400.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\oitwa400.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\oiui400.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ole2.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ole2disp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ole2nls.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\OLE32.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\oleacc.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\oleaccrc.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\oleaut32.dll:KAVICHS 100 bytes hidden from API
    C:\WINNT\system32\olecli.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\olecli32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\OLECNV32.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\OLEDLG.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\oleprn.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\olepro32.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\olesvr.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wsnmp32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wsock32.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\wstdecod.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wtsapi32.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\wuapi.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wuapi.dll.mui:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wuauclt.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wuauclt1.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wuaucpl.cpl:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wuaucpl.cpl.mui:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wuaueng.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wuaueng.dll.mui:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wuaueng1.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wuauserv.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wucltui.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wucltui.dll.mui:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wupdinfo.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wupdmgr.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wups.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wups2.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wuweb.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wzcdlg.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wzcsapi.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\iasrecst.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\iassam.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\iassdo.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\iassvcs.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\iasuserr.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\iccvid.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\icfgnt5.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\icm32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\icmp.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\icmui.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\icwdial.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\icwphbk.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ideograf.uce:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\idq.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ie4uinit.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\ieakeng.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ieaksie.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ieakui.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\iedkcs32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\IEPEERS.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\iernonce.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\iesetup.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\itss.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\iuctl.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\iuengine.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ivfsrc.ax:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ixsso.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\jet500.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\jobexec.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\joy.cpl:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\jscript.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\JSPROXY.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\jupdate-1.5.0_06-b05.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\jupdate-1.5.0_09-b03.log:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kanji_1.uce:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kanji_2.uce:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kb16.com:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbd106.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdbe.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdbene.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdbr.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdca.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdcan.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\kbdda.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dfrgsnap.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dfrgui.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dfsshlex.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dgrpsetu.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dgsetup.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\DHCPCSVC.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\dhcpmon.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dhcpsapi.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\diactfrm.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\diantz.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\digest.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dimap.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dinput.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dinput8.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\diskcomp.com:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\diskcopy.com:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\diskcopy.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\diskmgmt.msc:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\diskperf.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dispex.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\divx.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\sethc.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\setreg.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\setup.bmp:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\setup.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\setupapi.dll:KAVICHS 100 bytes hidden from API
    C:\WINNT\system32\setupdll.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\setupwbv.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\setver.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sfc.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\sfc.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sfcfiles.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sfmapi.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sfmatmsg.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sfmmon.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sfmwshat.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\share.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\shdoclc.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\SHDOCVW.DLL:KAVICHS 100 bytes hidden from API
    C:\WINNT\system32\shell.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\SHELL32.DLL:KAVICHS 132 bytes hidden from API
    C:\WINNT\system32\wzcsvc.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\xactsrv.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\xcopy.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\xenroll.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\xiffr3_0.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\xolehlp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\xpob2res.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\xvidcore.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\xvidvfw.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\yv12vfw.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\dmusic.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dmutil.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dmview.ocx:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dnsapi.dll:KAVICHS 100 bytes hidden from API
    C:\WINNT\system32\dnsrslvr.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\docprop.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\docprop2.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\doshelp.hlp:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\doskey.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dosx.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dpl100.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dplay.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dplaysvr.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dplayx.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dpmodemx.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dpnaddr.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dpnet.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dpnhpast.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dpnhupnp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dpnlobby.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dpnsvr.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dsquery.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dssbase.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dssec.dat:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dssec.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dssenh.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dsuiext.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dswave.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dtu100.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dvdplay.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dx7vb.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dx8vb.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dxdiag.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dxdiagn.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dxdllreg.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dxmasf.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\dxmrtp.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\DXTMSFT.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\dxtmsft3.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\DXTRANS.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\e100bmsg.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\e100bnt5.din:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\edit.com:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\edit.hlp:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\edlin.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mtxdm.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mtxex.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mtxlegih.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mtxoci.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mucltui.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\muweb.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mycomput.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mydocs.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    2k.bmp:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    arrator.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    arrhook.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    btstat.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    cpa.cpl:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    ddeapi.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32
    ddeapir.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\NDDENB32.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    dptsp.tsp:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\NeroCheck.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32
    et.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\finger.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\fixmapi.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\fltlib.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\fltmc.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\FM20.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\FM20NLD.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\fmifs.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\FNTCACHE.DAT:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\folder.htt:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\fontext.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\fontsub.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\FONTVIEW.EXE:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\forcedos.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\format.com:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\framebuf.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\freecell.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\fsmgmt.msc:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ftp.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ftsrch.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\serwvdrv.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\snmpapi.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ssbezier.scr:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\subroutn.inf:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\tcpsvcs.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\tree.com:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\unlodctr.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\vdmredir.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wbcache.fra:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\winmm.dll:KAVICHS 100 bytes hidden from API
    C:\WINNT\system32\wmi.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\wmvdmod.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wshtcpip.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wzcsetup.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mll_qic.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\sendcmsg.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wmvdmoe2.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\Worldscr.cnt:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\Worldscr.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wow32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wowdeb.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wowexec.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wowfax.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wowfaxui.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wpnpinst.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\write.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ws2help.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\ws2_32.dll:KAVICHS 100 bytes hidden from API
    C:\WINNT\system32\wscript.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wsecedit.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wshatm.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wshcon.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wshext.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wshirda.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wshisn.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wshnetbs.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\wshom.ocx:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rcp.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\RDOCURS.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\recover.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\redir.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\redist.rsp:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\regapi.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\regedt32.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\registry.inf:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\regsvc.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\regsvr32.exe:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\regwiz.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\regwizc.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\REMOTESP.TSP:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\rend.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\replace.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\resutils.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\rexec.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\riched20.dll:KAVICHS 100 bytes hidden from API
    C:\WINNT\system32\msswch.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msswchx.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mstask.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mstask.exe:KAVICHS 100 bytes hidden from API
    C:\WINNT\system32\mstext40.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\MSTIME.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mstinit.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\MSV1_0.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\msvbvm50.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msvbvm60.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msvcirt.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msvcp50.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\MSVCP60.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\msvcr70.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    etui0.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32
    etui1.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32
    etui2.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32
    etware.drv:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    ewdev.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\NicCo32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\NicIn32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    lhtml.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    lsfunc.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    mevtmsg.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    mmkcert.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    oise.dat:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    oise.deu:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    oise.eng:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    oise.enu:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    oise.esn:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    oise.fra:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32
    oise.ita:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msexch40.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msexcl40.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msfaxmon.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msg711.acm:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\msg723.acm:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\MSGINA.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\msgsm32.acm:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\MSGSVC.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msh261.drv:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\msh263.drv:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\mshta.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\MSHTML.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\mshtml.tlb:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\mshtmled.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mshtmler.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msi.dll:KAVICHS 228 bytes hidden from API
    C:\WINNT\system32\MSIDENT.DLL:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\msidle.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\cdm.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cdonts.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cdosys.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cdplayer.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cdral.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cdrtc.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\certcli.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\certmgr.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\certmgr.msc:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\CEWMDM.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\cfgmgr32.dll:KAVICHS 132 bytes hidden from API
    C:\WINNT\system32\Channel Screen Saver.scr:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\charmap.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\chcp.com:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\CHKDSK.EXE:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\chkntfs.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ciadmin.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ciadv.msc:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\trkwks.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\tsbyuv.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\tsd32.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\tssoft32.acm:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\tunes.bmp:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\TwnLib20.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\txfaux.dll:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\txflog.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\typelib.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ufat.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\ulib.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\umandlg.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\umdmxfrm.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\UMPNPMGR.DLL:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\unicode.nls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\unicows.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\unimdm.tsp:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\unimdmat.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\uniplat.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\more.com:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\moricons.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mountvol.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mouse.drv:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\mp43dmod.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mp4sdmod.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mpeg2data.ax:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mpg2splt.ax:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mpg4dmod.dll:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mpg4ds32.ax:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\mplay32.exe:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\acpi.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\acpiec.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\AFD.SYS:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\asyncmac.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\atapi.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\atmarpc.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\atmlane.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\atmuni.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\audstub.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\bdasup.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\beep.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\ccdecode.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\cdaudio.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\cdfs.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\cdr4_2K.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\cdralw2k.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\cdrom.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\cinemst2.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\class2.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\classpnp.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\d347bus.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\d347prt.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\disk.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\diskdump.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\diskperf.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\dlc.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\dmboot.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers
    wlnkflt.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers
    wlnkfwd.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers
    wlnkipx.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers
    wlnknb.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers
    wlnkspx.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers
    wrdr.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\parallel.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\parport.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\partmgr.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\parvdm.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\pci.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\pciidex.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\pcmcia.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\portcls.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\psched.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\ptilink.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\pxhelp20.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\rasacd.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\rasirda.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\rasl2tp.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\raspptp.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\dmload.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\DMusic.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\dxapi.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\e100bnt5.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\efs.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\fastfat.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\fdc.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\fips.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\flpydisk.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\fltmgr.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\fsvga.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\fs_rec.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\ftdisk.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\gameenum.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\gm.dls:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\gmreadme.txt:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\hidclass.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\hidparse.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\hidusb.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\i8042prt.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\i81xnt5.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\ichaud.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\intelide.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\ipfltdrv.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\ipinip.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\ipnat.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\ipsec.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\irda.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\irenum.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\isapnp.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\kbdclass.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\klick.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\klif.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\klin.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\klmc.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\Klpf.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\Klpid.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\kmixer.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\ks.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\ksecdd.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\lvcam.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\lvcodek.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\lvsound.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\mf.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\mnmdd.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\modem.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\mouclass.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\mouhid.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\mountmgr.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\mpe.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\mrxsmb.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\msdv.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\msfs.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\msgpc.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\rawwan.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\rca.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\rdbss.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\redbook.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\rootmdm.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\SCSIPORT.SYS:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\serenum.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\serial.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\sfloppy.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\sfmatalk.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\slip.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\smclib.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\sonydcam.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\SRV.SYS:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\sskbfd.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\stream.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\streamip.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\streams.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\swenum.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\swmidi.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\sysaudio.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\dmio.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\irsir.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\msircomm.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers
    ull.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\raspti.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\tape.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\tcpip.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\tdi.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\tosdvd.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\tsbvcap.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\udfs.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\uhcd.


























































  • C:\WINNT\system32\drivers\update.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\usbcamd.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\usbd.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\usbhub.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\usbintel.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\usbscan.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\USBSTOR.SYS:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\vdmindvd.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\vga.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\videoprt.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\wanarp.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\wdmaud.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\wmilib.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers\ws2ifsl.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\wstcodec.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\mskssrv.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\mspclock.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\MSPQM.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\mstee.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers\mup.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers
    abtsfec.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers
    bf.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers
    dis.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers
    disip.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers
    distapi.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers
    disuio.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers
    diswan.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers
    dproxy.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers
    etbios.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers
    etbt.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers
    etdtect.sys:KAVICHS 68 bytes hidden from API
    C:\WINNT\system32\drivers
    mnt.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers
    pfs.sys:KAVICHS 36 bytes hidden from API
    C:\WINNT\system32\drivers
    tfs.sys:KAVICHS 36 bytes hidden from API

    scan completed successfully
    hidden files: 2000

    **************************************************************************

    Completion time: 28-06-2007 13:23:53
    C:\ComboFix-quarantined-files.txt … 28-06-07 13:23

    — E O F —













  • Open Kladblok, kopiëer en plak het volgende (vetgedrukte, blauwe tekst) in een leeg venster: [list:f60cfdbba3][b:f60cfdbba3]
  • Tot en met "scanning hidden files" heb ik gekopieerd, hopend dat je hier genoeg aan hebt:


    "Visser" - 28-06-2007 14:25:14 - ComboFix 07-06-27.7 - Service Pack 4 NTFS
    Command switches used :: C:\Documents and Settings\Visser\Desktop\ComboFix-Do.txt..txt


    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


    C:\WINNT\system32\lrvfcqwo.exe
    C:\WINNT\system32\miauojby.dll
    C:\WINNT\system32
    qkrpvwy.exe
    C:\WINNT\system32\rlqwnkyw.dll
    C:\WINNT\system32\rqoom.dll


    ((((((((((((((((((((((((( Files Created from 2007-05-28 to 2007-06-28 )))))))))))))))))))))))))))))))


    2007-06-28 13:19 49,152 –a—— C:\WINNT
    ircmd.exe
    2007-06-28 12:41 <DIR> d——– C:\Program Files\Hijack This
    2007-06-28 12:20 36,122 –a—— C:\WINNT\system32\RemoveVideoActiveXObject.reg
    2007-06-28 12:20 <DIR> d——– C:\WINNT\system32\RVAXO
    2007-06-28 09:46 <DIR> d——– C:\Program Files\Lavasoft
    2007-06-27 23:19 <DIR> d——– C:\DOCUME~1\Visser\APPLIC~1\AdwareAlert
    2007-06-27 14:28 <DIR> d——– C:\WINNT\McAfee.com
    2007-06-27 14:11 <DIR> d——– C:\WINNT\system32\SoftwareDistribution
    2007-06-27 11:18 4,011,208 –a—— C:\Program Files\hitmanpro26.exe
    2007-06-27 11:18 <DIR> d——– C:\Program Files\Hitman Pro
    2007-06-27 00:36 <DIR> d——– C:\Program Files\Messenger
    2007-06-26 19:27 <DIR> d——– C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Anti-Virus Personal
    2007-06-26 19:22 7,417,544 –a—— C:\Program Files\INSTALL_MSN_MESSENGER_DL.EXE
    2007-06-24 14:48 21,128,792 –a—— C:\Program Files\kis6-621nl.exe
    2007-06-24 14:17 <DIR> d——– C:\Program Files\Kaspersky Lab
    2007-06-11 18:01 <DIR> d——– C:\Program Files\MSN Messenger


    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    2007-06-28 07:45:29 ——– d—–w C:\DOCUME~1\Visser\APPLIC~1\Azureus
    2007-06-27 14:34:54 ——– d—–w C:\DOCUME~1\Visser\APPLIC~1\foobar2000
    2007-06-25 17:47:41 ——– d—–w C:\DOCUME~1\Visser\APPLIC~1\ZoomBrowser EX
    2007-06-25 17:28:20 ——– d—–w C:\Program Files\Common Files\Kaspersky Lab
    2007-05-11 15:00:24 ——– d—–w C:\DOCUME~1\Visser\APPLIC~1\Zylom
    2007-05-01 14:49:29 ——– d—–w C:\Program Files\Philips
    2007-05-01 14:49:28 ——– d–h–w C:\Program Files\InstallShield Installation Information
    2007-05-01 14:49:09 ——– d—–w C:\Program Files\Common Files\InstallShield
    2007-04-25 07:52:16 147,216 —-a-w C:\WINNT\system32\SCHANNEL.DLL
    2007-04-16 20:47:36 33,624 —-a-w C:\WINNT\system32\wups.dll
    2007-04-16 20:45:54 1,710,936 —-a-w C:\WINNT\system32\wuaueng.dll
    2007-04-16 20:45:48 549,720 —-a-w C:\WINNT\system32\wuapi.dll
    2007-04-16 20:45:42 325,976 —-a-w C:\WINNT\system32\wucltui.dll
    2007-04-16 20:45:28 92,504 —-a-w C:\WINNT\system32\cdm.dll
    2007-04-16 20:45:20 53,080 —-a-w C:\WINNT\system32\wuauclt.exe
    2007-04-16 20:45:20 43,352 —-a-w C:\WINNT\system32\wups2.dll
    2007-04-16 12:44:08 54,032 —-a-w C:\WINNT\system32\mpr.dll
    2007-04-07 12:38:45 17,570,898 —-a-w C:\Program Files\klcodec288f.exe
    2007-04-05 07:17:39 2,854,400 —-a-w C:\WINNT\system32\msi.dll


    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


    *Note* empty entries & legit default entries are not shown

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [01-04-16 15:39 ]
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [07-03-14 03:43 ]
    {AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar3.dll [07-01-20 00:56 ]
    {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}=C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [07-06-17 10:34 ]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Synchronization Manager"="mobsync.exe" [03-06-19 12:05 C:\WINNT\system32\mobsync.exe]
    "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [04-11-02 20:24 ]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [07-03-14 03:43 ]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "internat.exe"="internat.exe" [99-12-07 13:00 C:\WINNT\system32\internat.exe]
    "eMuleAutoStart"="C:\Program Files\eMule\emule.exe" []
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [07-06-17 10:34 ]

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
    "^SetupICWDesktop"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "internat.exe"=internat.exe
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - netsvcs
    WmdmPmSN


    Contents of the 'Scheduled Tasks' folder
    2007-06-27 21:19:19 C:\WINNT\tasks\AdwareAlert Scheduled Scan.job

    **************************************************************************

    catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-06-28 14:29:17
    Windows 5.0.2195 Service Pack 4 NTFS

    scanning hidden processes …

    scanning hidden autostart entries …

    scanning hidden files …

  • Verwijder deze map:
    C:\[b:e652efc480]Qoobox[/b:e652efc480]\

    Maak dan je prullenbak leeg.

    Ondervind je nog problemen?
  • [quote:0f5c33af12="smeenk"]Verwijder deze map:
    C:\[b:0f5c33af12]Qoobox[/b:0f5c33af12]\

    Maak dan je prullenbak leeg.

    Ondervind je nog problemen?[/quote:0f5c33af12]

    Hij lijkt wel weer de oude, inderdaad :D

    Harstikke bedankt, zonder je hulp was ik er never nooit niet uitgekomen.

    Die RemoveVideoActiveXObject, Combofix en VirtumundoBeGone bestanden en files, wat moet/kan ik daarmee doen?


    Nogmaals: Bedankt,


    Groeten Ferry
  • Graag gedaan hoor :)

    Die programma's en bijbehorende logfiles mag je allemaal verwijderen ;)
  • [quote:f23009c14d="smeenk"]Graag gedaan hoor :)

    Die programma's en bijbehorende logfiles mag je allemaal verwijderen ;)[/quote:f23009c14d]

    Okey, komt goed.

    Thanks,


    Groeten Ferry

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.