Vraag & Antwoord

Beveiliging & privacy

Virus via MSN opgelopen...

16 antwoorden
  • Hallo mensen, Eergisteren heb ik via Msn een virus opgelopen, dit kwam nadat ik een link opende. Het "ben jij dat op deze foto" link. :oops: Ik heb toen Msn uninstald, en Kaspersky Anti-Virus gerund. En Spybot ook, maar dit heeft allemaal geen zin gehad. Gister heb ik diverse (online) scans gerund, waaronder: McAfee,Hitman Pro, AdAware en NOD32. Deze vonden wat spyware(o.a: Smitfraud-C.Toolbar888), dit heb ik gedeleted. Maar nu is m'n computer nog steeds sloom(100% CPU), en komen er af en toe pop-up's van o.a: Drivecleaner. Kan iemand mij in redelijk simpele taal uitleggen wat ik opgelopen heb, en vooral hoe ik er weer vanaf kom? Ik gebruik Windows 2000. Alvast bedankt, Groeten Ferry
  • Download [b:1fe0e4b31e][url=http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe]VirtumundoBegone[/url][/b:1fe0e4b31e], sla dit op op je bureaublad. Dubbelklik op [b:1fe0e4b31e]VirtumundoBeGone.exe[/b:1fe0e4b31e] en volg de aanwijzingen. Schrik niet als je een blauw scherm met een foutmelding te zien krijgt - dit is normaal. Als de fix klaar is, start je de pc opnieuw op. Plaats de inhoud van het logbestand [b:1fe0e4b31e]VBG.TXT[/b:1fe0e4b31e], dat nu op je bureaublad staat, hier in je volgende bericht. Download: [url=http://home.hetnet.nl/~stefsmeenk/RemoveVideoActiveXObject.exe][color=blue:1fe0e4b31e][b:1fe0e4b31e]RemoveVideoActiveXObject.exe[/b:1fe0e4b31e][/color:1fe0e4b31e][/url] Sla het bestand op je bureaublad op, daarna mag je het dubbelklikken. Er zal een schermpje openen, daarin zullen snel enkele regels voorbijkomen, daarna zal dit scherm vanzelf sluiten, dit is normaal. [b:1fe0e4b31e]Mogelijk[/b:1fe0e4b31e] start er ook een uninstaller van een rogue scanner op, [b:1fe0e4b31e]sluit deze niet af[/b:1fe0e4b31e] maar volg eventuele aanwijzingen en laat deze zijn werk doen. Daarna de [b:1fe0e4b31e]PC herstarten[/b:1fe0e4b31e] en nogmaals RemoveVideoActiveXObject.exe dubbelklikken. Zoek daarna even het volgende bestand op C:\[b:1fe0e4b31e]RVAXO-results.log[/b:1fe0e4b31e] Dubbelklik dit bestand, het zal als een logje openen, post de inhoud in je volgende bericht tesamen met een logje van HijackThis.
  • Dat je een MSN-virus hebt opgelopen is duidelijk. Alle scanners gaan niet diep genoeg om de besmetting op te kuisen. Hoe los je dit op : maak eerst een log van [url=www.merijn.org]HiJckThis[/url] en post dit hier op het forum. Op basis van dit log kunnen de specialisten hier je een remedie aanbieden om je problemen op te lossen. Te laat : de specialisten waren al in gang geschoten :D
  • Hey Dokter Smeenk, Bedankt voor het snelle antwoorden. De texten die ik via dat progje gekregen heb: VBG: [06/28/2007, 12:04:32] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Visser\Desktop\VirtumundoBeGone.exe" ) [06/28/2007, 12:04:40] - Detected System Information: [06/28/2007, 12:04:40] - Windows Version: 5.0.2195, Service Pack 4 [06/28/2007, 12:04:40] - Current Username: Visser (Admin) [06/28/2007, 12:04:40] - Windows is in NORMAL mode. [06/28/2007, 12:04:40] - Searching for Browser Helper Objects: [06/28/2007, 12:04:40] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class) [06/28/2007, 12:04:40] - BHO 2: {1F6581D5-AA53-4b73-A6F9-41420C6B61F1} () [06/28/2007, 12:04:40] - WARNING: BHO has no default name. Checking for Winlogon reference. [06/28/2007, 12:04:40] - Checking for HKLM\...\Winlogon\Notify\rlqwnkyw [06/28/2007, 12:04:40] - Key not found: HKLM\...\Winlogon\Notify\rlqwnkyw, continuing. [06/28/2007, 12:04:40] - BHO 3: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class) [06/28/2007, 12:04:40] - BHO 4: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper) [06/28/2007, 12:04:40] - BHO 5: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO) [06/28/2007, 12:04:40] - BHO 6: {B9BD30D4-68C7-402D-9DCD-4E590231C72F} () [06/28/2007, 12:04:40] - WARNING: BHO has no default name. Checking for Winlogon reference. [06/28/2007, 12:04:40] - Checking for HKLM\...\Winlogon\Notify\rqoom [06/28/2007, 12:04:40] - Found: HKLM\...\Winlogon\Notify\rqoom - This is probably Virtumundo. [06/28/2007, 12:04:40] - Assigning {B9BD30D4-68C7-402D-9DCD-4E590231C72F} MSEvents Object [06/28/2007, 12:04:40] - BHO list has been changed! Starting over... [06/28/2007, 12:04:40] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class) [06/28/2007, 12:04:41] - BHO 2: {1F6581D5-AA53-4b73-A6F9-41420C6B61F1} () [06/28/2007, 12:04:41] - WARNING: BHO has no default name. Checking for Winlogon reference. [06/28/2007, 12:04:41] - Checking for HKLM\...\Winlogon\Notify\rlqwnkyw [06/28/2007, 12:04:41] - Key not found: HKLM\...\Winlogon\Notify\rlqwnkyw, continuing. [06/28/2007, 12:04:41] - BHO 3: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class) [06/28/2007, 12:04:41] - BHO 4: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper) [06/28/2007, 12:04:41] - BHO 5: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO) [06/28/2007, 12:04:41] - BHO 6: {B9BD30D4-68C7-402D-9DCD-4E590231C72F} (MSEvents Object) [06/28/2007, 12:04:41] - ALERT: Found MSEvents Object! [06/28/2007, 12:04:41] - BHO 7: {DC192567-65F9-4AB6-ADB7-E13575F81726} () [06/28/2007, 12:04:41] - WARNING: BHO has no default name. Checking for Winlogon reference. [06/28/2007, 12:04:41] - Checking for HKLM\...\Winlogon\Notify\hggffef [06/28/2007, 12:04:41] - Found: HKLM\...\Winlogon\Notify\hggffef - This is probably Virtumundo. [06/28/2007, 12:04:41] - Assigning {DC192567-65F9-4AB6-ADB7-E13575F81726} MSEvents Object [06/28/2007, 12:04:41] - BHO list has been changed! Starting over... [06/28/2007, 12:04:41] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class) [06/28/2007, 12:04:41] - BHO 2: {1F6581D5-AA53-4b73-A6F9-41420C6B61F1} () [06/28/2007, 12:04:41] - WARNING: BHO has no default name. Checking for Winlogon reference. [06/28/2007, 12:04:41] - Checking for HKLM\...\Winlogon\Notify\rlqwnkyw [06/28/2007, 12:04:41] - Key not found: HKLM\...\Winlogon\Notify\rlqwnkyw, continuing. [06/28/2007, 12:04:41] - BHO 3: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class) [06/28/2007, 12:04:42] - BHO 4: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper) [06/28/2007, 12:04:42] - BHO 5: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO) [06/28/2007, 12:04:42] - BHO 6: {B9BD30D4-68C7-402D-9DCD-4E590231C72F} (MSEvents Object) [06/28/2007, 12:04:42] - ALERT: Found MSEvents Object! [06/28/2007, 12:04:42] - BHO 7: {DC192567-65F9-4AB6-ADB7-E13575F81726} (MSEvents Object) [06/28/2007, 12:04:42] - ALERT: Found MSEvents Object! [06/28/2007, 12:04:42] - Finished Searching Browser Helper Objects [06/28/2007, 12:04:42] - *** Detected MSEvents Object [06/28/2007, 12:04:42] - Trying to remove MSEvents Object... [06/28/2007, 12:04:43] - Terminating Process: IEXPLORE.EXE [06/28/2007, 12:04:44] - Terminating Process: RUNDLL32.EXE [06/28/2007, 12:04:44] - Disabling Automatic Shell Restart [06/28/2007, 12:04:44] - Terminating Process: EXPLORER.EXE [06/28/2007, 12:04:45] - Suspending the NT Session Manager System Service [06/28/2007, 12:04:45] - Terminating Windows NT Logon/Logoff Manager [06/28/2007, 12:04:45] - Re-enabling Automatic Shell Restart [06/28/2007, 12:04:45] - File to disable: C:\WINNT\system32\rqoom.dll [06/28/2007, 12:04:45] - Renaming C:\WINNT\system32\rqoom.dll -> C:\WINNT\system32\rqoom.dll.vir [06/28/2007, 12:04:45] - ! File rename was unsucessful. [06/28/2007, 12:04:45] - Attempting to Deny Access to C:\WINNT\system32\rqoom.dll [06/28/2007, 12:04:45] - *** IMPORTANT: Delete/Rename/Move on reboot (like Killbox) MAY NOT work. [06/28/2007, 12:04:45] - processed file: C:\WINNT\system32\rqoom.dll [06/28/2007, 12:04:45] - *** IMPORTANT: The file is disabled and will need to be deleted by the user. [06/28/2007, 12:04:45] - Removing HKLM\...\Browser Helper Objects\{B9BD30D4-68C7-402D-9DCD-4E590231C72F} [06/28/2007, 12:04:45] - Removing HKCR\CLSID\{B9BD30D4-68C7-402D-9DCD-4E590231C72F} [06/28/2007, 12:04:45] - Adding Kill Bit for ActiveX for GUID: {B9BD30D4-68C7-402D-9DCD-4E590231C72F} [06/28/2007, 12:04:45] - Deleting ATLEvents/MSEvents Registry entries [06/28/2007, 12:04:45] - Removing HKLM\...\Winlogon\Notify\rqoom [06/28/2007, 12:04:45] - Searching for Browser Helper Objects: [06/28/2007, 12:04:45] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class) [06/28/2007, 12:04:45] - BHO 2: {1F6581D5-AA53-4b73-A6F9-41420C6B61F1} () [06/28/2007, 12:04:45] - WARNING: BHO has no default name. Checking for Winlogon reference. [06/28/2007, 12:04:45] - Checking for HKLM\...\Winlogon\Notify\rlqwnkyw [06/28/2007, 12:04:45] - Key not found: HKLM\...\Winlogon\Notify\rlqwnkyw, continuing. [06/28/2007, 12:04:45] - BHO 3: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class) [06/28/2007, 12:04:45] - BHO 4: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper) [06/28/2007, 12:04:45] - BHO 5: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO) [06/28/2007, 12:04:45] - BHO 6: {DC192567-65F9-4AB6-ADB7-E13575F81726} (MSEvents Object) [06/28/2007, 12:04:45] - ALERT: Found MSEvents Object! [06/28/2007, 12:04:45] - Finished Searching Browser Helper Objects [06/28/2007, 12:04:46] - *** Detected MSEvents Object [06/28/2007, 12:04:46] - Trying to remove MSEvents Object... [06/28/2007, 12:04:47] - Terminating Process: IEXPLORE.EXE [06/28/2007, 12:04:47] - Terminating Process: RUNDLL32.EXE [06/28/2007, 12:04:47] - Disabling Automatic Shell Restart [06/28/2007, 12:04:47] - Terminating Process: EXPLORER.EXE [06/28/2007, 12:04:47] - Suspending the NT Session Manager System Service [06/28/2007, 12:04:47] - Terminating Windows NT Logon/Logoff Manager [06/28/2007, 12:04:47] - Re-enabling Automatic Shell Restart [06/28/2007, 12:04:47] - File to disable: C:\WINNT\system32\hggffef.dll [06/28/2007, 12:04:47] - Renaming C:\WINNT\system32\hggffef.dll -> C:\WINNT\system32\hggffef.dll.vir [06/28/2007, 12:04:47] - ! File rename was unsucessful. [06/28/2007, 12:04:47] - Attempting to Deny Access to C:\WINNT\system32\hggffef.dll [06/28/2007, 12:04:47] - *** IMPORTANT: Delete/Rename/Move on reboot (like Killbox) MAY NOT work. [06/28/2007, 12:04:47] - ERROR: The system cannot find the file specified. [06/28/2007, 12:04:47] - *** IMPORTANT: The file is disabled and will need to be deleted by the user. [06/28/2007, 12:04:47] - Removing HKLM\...\Browser Helper Objects\{DC192567-65F9-4AB6-ADB7-E13575F81726} [06/28/2007, 12:04:47] - Removing HKCR\CLSID\{DC192567-65F9-4AB6-ADB7-E13575F81726} [06/28/2007, 12:04:47] - Adding Kill Bit for ActiveX for GUID: {DC192567-65F9-4AB6-ADB7-E13575F81726} [06/28/2007, 12:04:47] - Deleting ATLEvents/MSEvents Registry entries [06/28/2007, 12:04:47] - Removing HKLM\...\Winlogon\Notify\hggffef [06/28/2007, 12:04:47] - Searching for Browser Helper Objects: [06/28/2007, 12:04:47] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (AcroIEHlprObj Class) [06/28/2007, 12:04:47] - BHO 2: {1F6581D5-AA53-4b73-A6F9-41420C6B61F1} () [06/28/2007, 12:04:47] - WARNING: BHO has no default name. Checking for Winlogon reference. [06/28/2007, 12:04:47] - Checking for HKLM\...\Winlogon\Notify\rlqwnkyw [06/28/2007, 12:04:47] - Key not found: HKLM\...\Winlogon\Notify\rlqwnkyw, continuing. [06/28/2007, 12:04:47] - BHO 3: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class) [06/28/2007, 12:04:47] - BHO 4: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper) [06/28/2007, 12:04:47] - BHO 5: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO) [06/28/2007, 12:04:47] - Finished Searching Browser Helper Objects [06/28/2007, 12:04:47] - Finishing up... [06/28/2007, 12:04:47] - A restart is needed. [06/28/2007, 12:04:58] - Attempting to Restart via STOP error (Blue Screen!) RemoveVideoActiveXObject.exe: ----------------RemoveVideoActiveXObject.exe first run------------- Files found: C:\WINNT\system32\hggffef.dll.vir C:\WINNT\system32\jpeg1x32.dll C:\WINNT\system32\jpeg2x32.dll C:\Program Files\MSN Messenger\msnmgr.exe C:\Program Files\Setup.exe C:\WINNT\system32\mooqr.bak1 C:\WINNT\system32\mooqr.bak2 Uninstallers Rogue scanners: Folders Found: --------------RemoveVideoActiveXObject.exe last run--------------- Files found: Uninstallers Rogue scanners: Folders Found: Ik hoop dat je er zo uitkomt, ik snap er in ieder geval helemaal niks meer van. Groeten Ferry
  • Download [url=http://www.isecurity.org.uk/downloads/hijackthissetup.exe]Hijackthis-setup[/url] Dubbelklik op Hijackthis-setup Hijackthis wordt nu op je PC geïnstalleerd, een snel koppeling wordt op je bureaublad geplaatst. Dubbelklik op het Icoontje van Hijackthis. Klik op "Do a systemscan and save a logfile". Er opent een Kladblok venster, selecteer de tekst in dat kladblokvenster, kopieer het en post het in je volgende bericht ;)
  • Hoppa: Logfile of HijackThis v1.99.1 Scan saved at 12:42:32, on 28-6-2007 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\system32\stisvc.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\WINNT\Explorer.EXE C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINNT\system32\internat.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Hijack This\hijackthis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {1F6581D5-AA53-4b73-A6F9-41420C6B61F1} - C:\WINNT\system32\rlqwnkyw.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe O4 - HKCU\..\Run: [internat.exe] internat.exe O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - Global Startup: Kaspersky Anti-Hacker.lnk = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll O9 - Extra 'Tools' menuitem: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by116fd.bay116.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1157653532884 O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1157746069580 O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves.nl/statics/Aurigma/ImageUploader4.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5061/mcfscan.cab O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
  • Start HijackThis nog een keer, kies voor "Do a system scan only" en plaats alleen een vinkje voor de volgende regel: [b:6aeb21363f]O2 - BHO: (no name) - {1F6581D5-AA53-4b73-A6F9-41420C6B61F1} - C:\WINNT\system32\rlqwnkyw.dll [/b:6aeb21363f] Sluit alle open vensters(behalve HijackThis), klik daarna op "Fix checked" en sluit HijackThis af. [b:6aeb21363f][color=blue:6aeb21363f]Je Java software is verouderd.[/color:6aeb21363f][/b:6aeb21363f] oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem. Doe eerst deze stappen om Java te de-installeren en de nieuwere versie te installeren:[list:6aeb21363f][*:6aeb21363f]Download [url=http://javadl.sun.com/webapps/download/AutoDL?BundleId=11193][b:6aeb21363f][color=blue:6aeb21363f]Java Runtime Environment (JRE) 6.1[/color:6aeb21363f][/b:6aeb21363f][/url] en bewaar het naar je Bureaublad. [*:6aeb21363f]Sluit alle programma's die eventueel open zijn - Zeker je web browser! [*:6aeb21363f]Ga dan naar [b:6aeb21363f]Start[/b:6aeb21363f] > [b:6aeb21363f]Configuratiescherm[/b:6aeb21363f] > [b:6aeb21363f]Software[/b:6aeb21363f] en verwijder alle oudere versies van Java uit de Softwarelijst. [*:6aeb21363f]Vink alles aan met Java Runtime Environment (JRE of J2SE) in de naam. [*:6aeb21363f]Klik dan op [b:6aeb21363f]Verwijderen[/b:6aeb21363f] of op de [b:6aeb21363f]Wijzig/Verwijder[/b:6aeb21363f] knop. [*:6aeb21363f]Herhaal dit tot alle oudere versies verdwenen zijn. [*:6aeb21363f]Na het verwijderen van alle oudere versies, [b:6aeb21363f]herstart[/b:6aeb21363f] je pc. [*:6aeb21363f]Dubbelklik vervolgens op [b:6aeb21363f]jre-6u1-windows-i586-p.exe[/b:6aeb21363f] op je Bureaublad om de nieuwste versie van Java te installeren.[/list:u:6aeb21363f] Download [url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe][b:6aeb21363f]Combofix[/b:6aeb21363f][/url] naar je Bureaublad. Dubbelklik op [b:6aeb21363f]Combofix.exe[/b:6aeb21363f] Volg de instructies, aanvaard de disclaimer door [b:6aeb21363f]1[/b:6aeb21363f] (continue) te typen. Tijdens het runnen van de fix, [b:6aeb21363f]NIET[/b:6aeb21363f] in het venster klikken, want dit zal je pc doen vasthangen. Wanneer de fix voltooid is en na herstart, zal de log [b:6aeb21363f]combofix.txt[/b:6aeb21363f] openen. [i:6aeb21363f]Plaats deze log in je volgende post.[/i:6aeb21363f] NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.
  • Okey, ik heb geen idee waar we mee bezig zijn, maar hier is het logje: "Visser" - 28-06-2007 13:20:52 - ComboFix 07-06-27.7 - Service Pack 4 NTFS ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINNT\system32\nwwtrpby.exe ((((((((((((((((((((((((( Files Created from 2007-05-28 to 2007-06-28 ))))))))))))))))))))))))))))))) 2007-06-28 13:19 49,152 --a------ C:\WINNT\nircmd.exe 2007-06-28 12:41 <DIR> d-------- C:\Program Files\Hijack This 2007-06-28 12:20 36,122 --a------ C:\WINNT\system32\RemoveVideoActiveXObject.reg 2007-06-28 12:20 <DIR> d-------- C:\WINNT\system32\RVAXO 2007-06-28 09:46 <DIR> d-------- C:\Program Files\Lavasoft 2007-06-28 09:45 128,576 --a------ C:\WINNT\system32\miauojby.dll 2007-06-28 09:42 4,672 --a------ C:\WINNT\system32\lrvfcqwo.exe 2007-06-27 23:19 <DIR> d-------- C:\DOCUME~1\Visser\APPLIC~1\AdwareAlert 2007-06-27 14:28 <DIR> d-------- C:\WINNT\McAfee.com 2007-06-27 14:11 <DIR> d-------- C:\WINNT\system32\SoftwareDistribution 2007-06-27 11:18 4,011,208 --a------ C:\Program Files\hitmanpro26.exe 2007-06-27 11:18 <DIR> d-------- C:\Program Files\Hitman Pro 2007-06-27 09:56 66,112 --a------ C:\WINNT\system32\rlqwnkyw.dll 2007-06-27 09:47 4,672 --a------ C:\WINNT\system32\nqkrpvwy.exe 2007-06-27 09:42 16,384 --a----t- C:\WINNT\system32\Perflib_Perfdata_2e0.dat 2007-06-27 00:36 <DIR> d-------- C:\Program Files\Messenger 2007-06-26 21:41 266,336 --a------ C:\WINNT\system32\rqoom.dll 2007-06-26 19:27 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Anti-Virus Personal 2007-06-26 19:22 7,417,544 --a------ C:\Program Files\INSTALL_MSN_MESSENGER_DL.EXE 2007-06-24 14:48 21,128,792 --a------ C:\Program Files\kis6-621nl.exe 2007-06-24 14:17 <DIR> d-------- C:\Program Files\Kaspersky Lab 2007-06-11 18:01 <DIR> d-------- C:\Program Files\MSN Messenger 2007-05-11 17:00 <DIR> d-------- C:\DOCUME~1\Visser\APPLIC~1\Zylom 2007-05-11 17:00 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-28 07:45:29 -------- d-----w C:\DOCUME~1\Visser\APPLIC~1\Azureus 2007-06-27 14:34:54 -------- d-----w C:\DOCUME~1\Visser\APPLIC~1\foobar2000 2007-06-25 17:47:41 -------- d-----w C:\DOCUME~1\Visser\APPLIC~1\ZoomBrowser EX 2007-06-25 17:28:20 -------- d-----w C:\Program Files\Common Files\Kaspersky Lab 2007-05-01 14:49:29 -------- d-----w C:\Program Files\Philips 2007-05-01 14:49:28 -------- d--h--w C:\Program Files\InstallShield Installation Information 2007-05-01 14:49:09 -------- d-----w C:\Program Files\Common Files\InstallShield 2007-04-25 07:52:16 147,216 ----a-w C:\WINNT\system32\SCHANNEL.DLL 2007-04-16 20:47:36 33,624 ----a-w C:\WINNT\system32\wups.dll 2007-04-16 20:45:54 1,710,936 ----a-w C:\WINNT\system32\wuaueng.dll 2007-04-16 20:45:48 549,720 ----a-w C:\WINNT\system32\wuapi.dll 2007-04-16 20:45:42 325,976 ----a-w C:\WINNT\system32\wucltui.dll 2007-04-16 20:45:28 92,504 ----a-w C:\WINNT\system32\cdm.dll 2007-04-16 20:45:20 53,080 ----a-w C:\WINNT\system32\wuauclt.exe 2007-04-16 20:45:20 43,352 ----a-w C:\WINNT\system32\wups2.dll 2007-04-16 12:44:08 54,032 ----a-w C:\WINNT\system32\mpr.dll 2007-04-07 12:38:45 17,570,898 ----a-w C:\Program Files\klcodec288f.exe 2007-04-05 07:17:39 2,854,400 ----a-w C:\WINNT\system32\msi.dll ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [16-04-01 15:39 ] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [14-03-07 03:43 ] {AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar3.dll [20-01-07 00:56 ] {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}=C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [17-06-07 10:34 ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Synchronization Manager"="mobsync.exe" [19-06-03 12:05 C:\WINNT\system32\mobsync.exe] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [02-11-04 20:24 ] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [14-03-07 03:43 ] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "internat.exe"="internat.exe" [07-12-99 13:00 C:\WINNT\system32\internat.exe] "eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [17-06-07 10:34 ] [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce] "^SetupICWDesktop"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "internat.exe"=internat.exe HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - netsvcs WmdmPmSN Contents of the 'Scheduled Tasks' folder 2007-06-27 21:19:19 C:\WINNT\tasks\AdwareAlert Scheduled Scan.job ************************************************************************** catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-28 13:22:51 Windows 5.0.2195 Service Pack 4 NTFS scanning hidden processes ... ? [1252] scanning hidden autostart entries ... scanning hidden files ... C:\WINNT\msdfmap.ini:KAVICHS 36 bytes hidden from API C:\WINNT\muisetup.log:KAVICHS 36 bytes hidden from API C:\WINNT\muninst.exe:KAVICHS 36 bytes hidden from API C:\WINNT\NOTEPAD.EXE:KAVICHS 36 bytes hidden from API C:\WINNT\ntbtlog.txt:KAVICHS 36 bytes hidden from API C:\WINNT\ocgen.log:KAVICHS 36 bytes hidden from API C:\WINNT\ockodak.log:KAVICHS 36 bytes hidden from API C:\WINNT\ODBC.INI:KAVICHS 36 bytes hidden from API C:\WINNT\ODBCINST.INI:KAVICHS 36 bytes hidden from API C:\WINNT\OEWABLog.txt:KAVICHS 36 bytes hidden from API C:\WINNT\opuc.dll:KAVICHS 36 bytes hidden from API C:\WINNT\Prairie Wind.bmp:KAVICHS 36 bytes hidden from API C:\WINNT\Q828026.log:KAVICHS 36 bytes hidden from API C:\WINNT\regedit.exe:KAVICHS 36 bytes hidden from API C:\WINNT\REGLOCS.OLD:KAVICHS 36 bytes hidden from API C:\WINNT\Rhododendron.bmp:KAVICHS 36 bytes hidden from API C:\WINNT\River Sumida.bmp:KAVICHS 36 bytes hidden from API C:\WINNT\TASKMAN.EXE:KAVICHS 36 bytes hidden from API C:\WINNT\twain.dll:KAVICHS 36 bytes hidden from API C:\WINNT\twain_32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\twunk_16.exe:KAVICHS 36 bytes hidden from API C:\WINNT\twunk_32.exe:KAVICHS 36 bytes hidden from API C:\WINNT\uneng.exe:KAVICHS 36 bytes hidden from API C:\WINNT\uninst.exe:KAVICHS 36 bytes hidden from API C:\WINNT\UpdateRollupPack.log:KAVICHS 36 bytes hidden from API C:\WINNT\updcustom.dll.log:KAVICHS 36 bytes hidden from API C:\WINNT\updspapi.log:KAVICHS 36 bytes hidden from API C:\WINNT\upwizun.exe:KAVICHS 36 bytes hidden from API C:\WINNT\vb.ini:KAVICHS 36 bytes hidden from API C:\WINNT\vbaddin.ini:KAVICHS 36 bytes hidden from API C:\WINNT\vmmreg32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\explorer.exe:KAVICHS 100 bytes hidden from API C:\WINNT\explorer.scf:KAVICHS 36 bytes hidden from API C:\WINNT\FeatherTexture.bmp:KAVICHS 36 bytes hidden from API C:\WINNT\folder.htt:KAVICHS 36 bytes hidden from API C:\WINNT\gdiplus.dll:KAVICHS 36 bytes hidden from API C:\WINNT\Gone Fishing.bmp:KAVICHS 36 bytes hidden from API C:\WINNT\Greenstone.bmp:KAVICHS 36 bytes hidden from API C:\WINNT\hh.exe:KAVICHS 36 bytes hidden from API C:\WINNT\iis5.log:KAVICHS 36 bytes hidden from API C:\WINNT\imsins.BAK:KAVICHS 36 bytes hidden from API C:\WINNT\imsins.log:KAVICHS 36 bytes hidden from API C:\WINNT\clock.avi:KAVICHS 36 bytes hidden from API C:\WINNT\KB911280.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB920683.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB925454-IE6SP1-20061116.120000.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB933566-IE6SP1-20070417.120000.log:KAVICHS 36 bytes hidden from API C:\WINNT\welcome.exe:KAVICHS 36 bytes hidden from API C:\WINNT\Santa Fe Stucco.bmp:KAVICHS 36 bytes hidden from API C:\WINNT\SchedLgU.Txt:KAVICHS 36 bytes hidden from API C:\WINNT\setup.inf:KAVICHS 36 bytes hidden from API C:\WINNT\setup.rpt:KAVICHS 36 bytes hidden from API C:\WINNT\setupact.log:KAVICHS 36 bytes hidden from API C:\WINNT\setupapi.log:KAVICHS 100 bytes hidden from API C:\WINNT\setuplog.txt:KAVICHS 36 bytes hidden from API C:\WINNT\Shimano2.ini:KAVICHS 36 bytes hidden from API C:\WINNT\Shimano2.scr:KAVICHS 36 bytes hidden from API C:\WINNT\Soap Bubbles.bmp:KAVICHS 36 bytes hidden from API C:\WINNT\spupdsvc.log:KAVICHS 36 bytes hidden from API C:\WINNT\Sti_Trace.log:KAVICHS 36 bytes hidden from API C:\WINNT\system.ini:KAVICHS 36 bytes hidden from API C:\WINNT\IsUn0413.exe:KAVICHS 36 bytes hidden from API C:\WINNT\IsUninst.exe:KAVICHS 36 bytes hidden from API C:\WINNT\KB329115.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB833407.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB842773.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB890046.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB893756.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB893803v2.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB896358.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB896422.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB896423.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB896424.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB899587.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB899589.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB900725.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB901017.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB901214.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB904706.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB905414.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB905495-IE6SP1-20050805.184113.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB905749.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB908519.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB908531.log:KAVICHS 36 bytes hidden from API C:\WINNT\Coffee Bean.bmp:KAVICHS 36 bytes hidden from API C:\WINNT\COM+.log:KAVICHS 36 bytes hidden from API C:\WINNT\comsetup.log:KAVICHS 36 bytes hidden from API C:\WINNT\daemon.dll:KAVICHS 36 bytes hidden from API C:\WINNT\dahotfix.log:KAVICHS 36 bytes hidden from API C:\WINNT\dasetup.log:KAVICHS 36 bytes hidden from API C:\WINNT\delttsul.exe:KAVICHS 36 bytes hidden from API C:\WINNT\desktop.ini:KAVICHS 36 bytes hidden from API C:\WINNT\DirectX.log:KAVICHS 36 bytes hidden from API C:\WINNT\discover.exe:KAVICHS 36 bytes hidden from API C:\WINNT\KB911564.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB911567-OE6SP1-20060316.165634.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB912919.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB913580.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB914388.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB914389.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB917008.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB917159.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB917422.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB917537.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB917734.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB917736.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB917953.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB918118.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB918899-IE6SP1-20060725.123917.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB920213.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB920670.log:KAVICHS 36 bytes hidden from API C:\WINNT\Active Setup Log.txt:KAVICHS 36 bytes hidden from API C:\WINNT\bitssetup.log:KAVICHS 36 bytes hidden from API C:\WINNT\Blue Lace 16.bmp:KAVICHS 36 bytes hidden from API C:\WINNT\CCWIN.INI:KAVICHS 36 bytes hidden from API C:\WINNT\welcome.ini:KAVICHS 36 bytes hidden from API C:\WINNT\win.ini:KAVICHS 36 bytes hidden from API C:\WINNT\Windows Update.log:KAVICHS 36 bytes hidden from API C:\WINNT\WindowsUpdate.log:KAVICHS 36 bytes hidden from API C:\WINNT\winhelp.exe:KAVICHS 36 bytes hidden from API C:\WINNT\winhlp32.exe:KAVICHS 36 bytes hidden from API C:\WINNT\wininit.ini:KAVICHS 36 bytes hidden from API C:\WINNT\winnt.bmp:KAVICHS 36 bytes hidden from API C:\WINNT\winnt256.bmp:KAVICHS 36 bytes hidden from API C:\WINNT\winrep.exe:KAVICHS 36 bytes hidden from API C:\WINNT\wmsetup.log:KAVICHS 36 bytes hidden from API C:\WINNT\WMSysPr9.prx:KAVICHS 36 bytes hidden from API C:\WINNT\Zapotec.bmp:KAVICHS 36 bytes hidden from API C:\WINNT\_default.pif:KAVICHS 36 bytes hidden from API C:\WINNT\KB920685.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB920958.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB921398.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB921883.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB922582.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB922616.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB922760-IE6SP1-20061018.120000.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB923191.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB923414.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB923689.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB923694-OE6SP1-20061106.120000.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB923980.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB924191.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB924270.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB924667.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB925398.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB925486-IE6SP1-20060918.120000.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB925902.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB926436.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB927891.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB928090-IE6SP1-20070125.120000.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB928843.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB929969-IE6SP1-20061220.120000.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB930178.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB931768-IE6SP1-20070219.120000.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB931784.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB932168.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB935839.log:KAVICHS 36 bytes hidden from API C:\WINNT\KB935840.log:KAVICHS 36 bytes hidden from API C:\WINNT\MDAC25SP3-KB911562-x86-ENU.log:KAVICHS 36 bytes hidden from API C:\WINNT\MDAC28-KB911562-x86-ENU.log:KAVICHS 36 bytes hidden from API C:\WINNT\MDAC28-KB927779-x86-ENU.log:KAVICHS 36 bytes hidden from API C:\WINNT\mmdet.log:KAVICHS 36 bytes hidden from API C:\WINNT\ModemDet.txt:KAVICHS 36 bytes hidden from API C:\WINNT\mozver.dat:KAVICHS 36 bytes hidden from API C:\WINNT\system32\$winnt$.inf:KAVICHS 36 bytes hidden from API C:\WINNT\system32\12520437.cpx:KAVICHS 36 bytes hidden from API C:\WINNT\system32\12520850.cpx:KAVICHS 36 bytes hidden from API C:\WINNT\system32\aaaamon.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ac3acm.acm:KAVICHS 68 bytes hidden from API C:\WINNT\system32\access.cpl:KAVICHS 36 bytes hidden from API C:\WINNT\system32\acctres.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\accwiz.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\acelpdec.ax:KAVICHS 36 bytes hidden from API C:\WINNT\system32\acledit.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\aclui.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\acsetupc.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\acsmib.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\activeds.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\activeds.tlb:KAVICHS 36 bytes hidden from API C:\WINNT\system32\actmovie.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\actxprxy.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\admparse.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\adptif.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\adsldp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\adsldpc.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\adsmsext.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\adsnds.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\avifil32.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\avifile.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\avmeter.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\avtapi.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\avwav.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\basenote.cov:KAVICHS 36 bytes hidden from API C:\WINNT\system32\BASESRV.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\BASSMOD.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\batmeter.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\batt.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\bdaplgin.ax:KAVICHS 36 bytes hidden from API C:\WINNT\system32\bios1.rom:KAVICHS 36 bytes hidden from API C:\WINNT\system32\bios4.rom:KAVICHS 36 bytes hidden from API C:\WINNT\system32\bitsprx2.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\bitsprx3.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\blackbox.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\bootok.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\bootvid.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\bootvrfy.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\bopomofo.uce:KAVICHS 36 bytes hidden from API C:\WINNT\system32\br549.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\browselc.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\browser.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\BROWSEUI.DLL:KAVICHS 100 bytes hidden from API C:\WINNT\system32\browsewm.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cabinet.dll:KAVICHS 100 bytes hidden from API C:\WINNT\system32\cabview.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cacls.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\calc.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_1254.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_1255.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_1256.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_1257.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_1258.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_20127.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_20261.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_20866.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_20905.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_21866.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_28591.nls:KAVICHS 68 bytes hidden from API C:\WINNT\system32\c_28592.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_28593.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_28598.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_28605.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_437.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_500.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_775.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_850.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_860.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_863.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_865.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_874.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_932.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_936.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_949.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_950.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\d3d8.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\d3d8caps.dat:KAVICHS 36 bytes hidden from API C:\WINNT\system32\d3d8thk.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\d3d9.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\d3d9caps.dat:KAVICHS 36 bytes hidden from API C:\WINNT\system32\d3dim.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\d3dim700.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\d3dpmesh.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\d3dramp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\d3dref.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\d3drm.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\d3dx9_29.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\d3dx9_32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\d3dxof.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\DANIM.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dataclen.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\datime.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\daxctle.ocx:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dbghelp.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\dbmsadsn.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dbmsgnet.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dbmsrpcn.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dbmssocn.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dbmsspxn.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dbmsvinn.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\DBnetlib.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\DBnmpntw.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cidaemon.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ciodm.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cipher.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cisvc.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\ckcnv.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\clb.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\clbcatex.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\clbcatq.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\cleanmgr.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cliconf.chm:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cliconf.hlp:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cliconfg.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cliconfg.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cliconfg.rll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\clipbrd.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\clipsrv.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\clusapi.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\cluster.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cmcfg32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\CMD.EXE:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cmdial32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\adsnt.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\avicap32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\capesnpn.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\CDFVIEW.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cic.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cmdl32.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\comp.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cryptdll.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_1253.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_861.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dciman32.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\dfrgres.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dlcapi.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dmsynth.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dpserial.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dsprop.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\efsadu.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\faxperf.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\findstr.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\g711codc.ax:KAVICHS 36 bytes hidden from API C:\WINNT\system32\hostname.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\iasrad.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ieshwiz.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\infosoft.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ipxmontr.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\itircl.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbddv.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdsp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kstvtune.ax:KAVICHS 36 bytes hidden from API C:\WINNT\system32\logdrive.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mciavi32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dcomcnfg.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\DComExt.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ddeml.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ddeshare.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ddmprxy.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ddraw.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\ddrawex.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\debug.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\desk.cpl:KAVICHS 36 bytes hidden from API C:\WINNT\system32\deskadp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\deskmon.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\deskperf.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\desktop.ini:KAVICHS 36 bytes hidden from API C:\WINNT\system32\devenum.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\devmgmt.msc:KAVICHS 36 bytes hidden from API C:\WINNT\system32\devmgr.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\dfrg.msc:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dfrgfat.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dfrgntfs.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dllhost.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dllhst3g.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dmadmin.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\dmband.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dmcompos.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dmconfig.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dmdlgs.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dmdskmgr.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dmdskres.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dmime.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dmintf.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dmloader.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dmocx.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dmremote.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dmscript.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dmserver.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dmstyle.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dpvacm.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dpvoice.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dpvsetup.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dpvvox.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dpwsock.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dpwsockx.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drmclien.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drmstor.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drmv2clt.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drwatson.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drwtsn32.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\ds16gt.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ds32gt.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dsauth.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dsctl.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dsdmo.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dsdmoprp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dsfolder.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dskquota.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dskquoui.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dsound.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\dsound.vxd:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dsound3d.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ega.cpi:KAVICHS 36 bytes hidden from API C:\WINNT\system32\els.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\emptyregdb.dat:KAVICHS 36 bytes hidden from API C:\WINNT\system32\encapi.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\EqnClass.Dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\es.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\esent.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\esentprf.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\esentprf.hxx:KAVICHS 36 bytes hidden from API C:\WINNT\system32\esentprf.ini:KAVICHS 36 bytes hidden from API C:\WINNT\system32\esentutl.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\eudcedit.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\eula.txt:KAVICHS 36 bytes hidden from API C:\WINNT\system32\EVENTLOG.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\eventvwr.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\eventvwr.msc:KAVICHS 36 bytes hidden from API C:\WINNT\system32\exe2bin.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\expand.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\expsrv.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\extenum.ldf:KAVICHS 36 bytes hidden from API C:\WINNT\system32\extrac32.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\fastopen.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\fax.cpk:KAVICHS 36 bytes hidden from API C:\WINNT\system32\faxadmin.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\faxcom.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\faxcount.h:KAVICHS 36 bytes hidden from API C:\WINNT\system32\faxcover.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\faxdrv.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\faxevent.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\faxext32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\faxmapi.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\faxocm.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\faxperf.ini:KAVICHS 36 bytes hidden from API C:\WINNT\system32\faxqueue.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\faxroute.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\faxsend.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\faxserv.msc:KAVICHS 36 bytes hidden from API C:\WINNT\system32\faxshell.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\faxsvc.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\faxt30.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\faxtiff.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\faxui.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\faxxp32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\fc.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\fde.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\fdeploy.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\feclient.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ff_vfw.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\filemgmt.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\find.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\g723codc.ax:KAVICHS 36 bytes hidden from API C:\WINNT\system32\gb2312.uce:KAVICHS 36 bytes hidden from API C:\WINNT\system32\gcdef.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\gdi.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\GDI32.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\gdiplus.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\getstart.gif:KAVICHS 36 bytes hidden from API C:\WINNT\system32\getuname.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\glmf32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\glu32.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\gpedit.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\gpedit.msc:KAVICHS 36 bytes hidden from API C:\WINNT\system32\gpkcsp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\gpkrsrc.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\gptext.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\graftabl.com:KAVICHS 36 bytes hidden from API C:\WINNT\system32\graphics.com:KAVICHS 36 bytes hidden from API C:\WINNT\system32\graphics.pro:KAVICHS 36 bytes hidden from API C:\WINNT\system32\GRPCONV.EXE:KAVICHS 36 bytes hidden from API C:\WINNT\system32\h261_32.ax:KAVICHS 36 bytes hidden from API C:\WINNT\system32\h263_32.ax:KAVICHS 36 bytes hidden from API C:\WINNT\system32\h323.tsp:KAVICHS 36 bytes hidden from API C:\WINNT\system32\h323msp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\hal.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\hardware.inf:KAVICHS 36 bytes hidden from API C:\WINNT\system32\hdwwiz.cpl:KAVICHS 36 bytes hidden from API C:\WINNT\system32\help.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\hhctrl.ocx:KAVICHS 36 bytes hidden from API C:\WINNT\system32\hhsetup.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\hid.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\himem.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\hlink.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\Homepage.inf:KAVICHS 36 bytes hidden from API C:\WINNT\system32\hotplug.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\hpmon.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\hpmon.hlp:KAVICHS 36 bytes hidden from API C:\WINNT\system32\hticons.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\htui.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\hypertrm.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\i81xdnt5.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\iac25_32.ax:KAVICHS 68 bytes hidden from API C:\WINNT\system32\ias.msc:KAVICHS 36 bytes hidden from API C:\WINNT\system32\iasacct.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\iasads.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\iashlpr.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\iasnap.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\iasperf.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\iasperf.h:KAVICHS 36 bytes hidden from API C:\WINNT\system32\iasperf.ini:KAVICHS 36 bytes hidden from API C:\WINNT\system32\iaspipe.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\iaspolcy.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ieuinit.inf:KAVICHS 36 bytes hidden from API C:\WINNT\system32\iexpress.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ifmon.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ifsutil.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\igmpagnt.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\iissuba.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ikhcore.log:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ils.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\imaadp32.acm:KAVICHS 68 bytes hidden from API C:\WINNT\system32\imagehlp.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\imagr5.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\imagx5.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ImagXpr5.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\imeshare.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\imgadmin.ocx:KAVICHS 36 bytes hidden from API C:\WINNT\system32\imgcmn.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\imgedit.ocx:KAVICHS 36 bytes hidden from API C:\WINNT\system32\imgscan.ocx:KAVICHS 36 bytes hidden from API C:\WINNT\system32\imgshl.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\imgthumb.ocx:KAVICHS 36 bytes hidden from API C:\WINNT\system32\imgutil.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\imm32.dll:KAVICHS 100 bytes hidden from API C:\WINNT\system32\indicdll.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\inetcfg.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\INETCOMM.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\inetcpl.cpl:KAVICHS 36 bytes hidden from API C:\WINNT\system32\inetcplc.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\inetmib1.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\inetpp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\INETRES.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\ipxpromn.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ipxrip.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ipxroute.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ipxrtmgr.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ipxsap.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ipxwan.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ir32_32.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\ir41_32.ax:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ir41_qc.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ir41_qcx.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ir50_32.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\ir50_qc.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ir50_qcx.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\irclass.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\irftp.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\irmon.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\irprops.cpl:KAVICHS 36 bytes hidden from API C:\WINNT\system32\isign32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdes.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdfc.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdfi.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdfo.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdfr.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdgae.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdgr.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdgr1.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdic.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdir.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdit.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdit142.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdjpn.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdla.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdmac.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdne.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdno.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdpo.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdsf.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdsg.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdsw.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbduk.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdus.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\kbdusl.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdusr.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdusx.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\kerberos.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\KERNEL32.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\key01.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\keyboard.drv:KAVICHS 68 bytes hidden from API C:\WINNT\system32\keyboard.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kmddsp.tsp:KAVICHS 36 bytes hidden from API C:\WINNT\system32\korean.uce:KAVICHS 36 bytes hidden from API C:\WINNT\system32\krnl386.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ksclockf.ax:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ksdata.ax:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ksinterf.ax:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ksolay.ax:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ksproxy.ax:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ksqmf.ax:KAVICHS 36 bytes hidden from API C:\WINNT\system32\loghours.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\login.cmd:KAVICHS 36 bytes hidden from API C:\WINNT\system32\logon.scr:KAVICHS 36 bytes hidden from API C:\WINNT\system32\lpk.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\lpq.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\lpr.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\lprhelp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\lprmonui.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\LSASRV.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\LSASS.EXE:KAVICHS 68 bytes hidden from API C:\WINNT\system32\ltdis13n.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ltefx13n.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ltfil13n.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ltimg13n.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ltkrn13n.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\lusrmgr.msc:KAVICHS 36 bytes hidden from API C:\WINNT\system32\lz32.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\lzexpand.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\l_except.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\l_intl.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mac8021x.ldf:KAVICHS 36 bytes hidden from API C:\WINNT\system32\magnify.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mag_hook.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\main.cpl:KAVICHS 36 bytes hidden from API C:\WINNT\system32\makecab.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mapi32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mapistub.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mapisvc.inf:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mbslgn32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mcastmib.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mcd32.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\mcdsrv32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mciavi.drv:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mcicda.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mciole16.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mciole32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mciqtz32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mciseq.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mciseq.drv:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mciwave.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mciwave.drv:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mdaccore.rsp:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mdhcp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mdimon.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mdminst.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mem.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mf3216.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mfc40.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\MFC40U.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mfc42.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\MFC42NLD.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mfc42u.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\mfcsubs.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mgmtapi.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mib.bin:KAVICHS 36 bytes hidden from API C:\WINNT\system32\midimap.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\migpwd.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mimefilt.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mlang.dat:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mlang.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\mll_hp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mll_mtf.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mmc.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mmcndmgr.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mmcshext.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mmdet.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mmdriver.inf:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mmdrv.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\mmefxe.ocx:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mmfutil.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mmsys.cpl:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mmsystem.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\mmtask.tsk:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mmutilse.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mnmdd.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mnmsrvc.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\mobsync.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mobsync.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\mode.com:KAVICHS 36 bytes hidden from API C:\WINNT\system32\modemui.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mpr.dll:KAVICHS 100 bytes hidden from API C:\WINNT\system32\mprapi.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\mprddm.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mprdim.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mprmsg.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mprui.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mrinfo.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\MRT.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msacm.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msacm32.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\msacm32.drv:KAVICHS 68 bytes hidden from API C:\WINNT\system32\msadds32.ax:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msadp32.acm:KAVICHS 68 bytes hidden from API C:\WINNT\system32\msafd.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msapsspc.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msasn1.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\msaud32.acm:KAVICHS 68 bytes hidden from API C:\WINNT\system32\msaudite.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mscat32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mscdexnt.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msidntld.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msidpe.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\MSIEFTP.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msiexec.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\msihnd.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msimg32.dll:KAVICHS 100 bytes hidden from API C:\WINNT\system32\msimsg.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\msiregmv.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msisip.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\msjet40.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msjetoledb40.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msjint40.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msjter40.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msjtes40.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msls31.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\msltus40.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msnetobj.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msnsspc.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msobjs.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\MSOEACCT.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\MSOERT2.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\msorc32r.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msorcl32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mspaint.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mspatcha.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mspbde40.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mspmsnsv.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mspmsp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\net1.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\netapi.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\NETAPI32.DLL:KAVICHS 100 bytes hidden from API C:\WINNT\system32\netcfgx.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\NETDDE.EXE:KAVICHS 36 bytes hidden from API C:\WINNT\system32\netdet.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\netdtect.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\netevent.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\netfxperf.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\neth.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\netid.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\NETLOGON.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\netman.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\netmsg.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\netplwiz.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\netrap.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\netsh.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\netshell.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\noise.sve:KAVICHS 36 bytes hidden from API C:\WINNT\system32\notepad.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\npptools.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\npwmsdrm.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\nqkrpvwy.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\nscompat.tlb:KAVICHS 36 bytes hidden from API C:\WINNT\system32\nslookup.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\nt.fnt:KAVICHS 36 bytes hidden from API C:\WINNT\system32\nt2.fnt:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntbackup.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\NTDLL.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\ntdos.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntdos404.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntdos411.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntdos412.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntdos804.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntdsa.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntdsapi.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\ntdsatq.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntdsbcli.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntsdexts.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntshrui.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\NTVDM.EXE:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntvdmd.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\nw16.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\nwapi16.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\NWAPI32.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\nwc.cpl:KAVICHS 36 bytes hidden from API C:\WINNT\system32\nwcfg.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\nwevent.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\NWPROVAU.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\nwscript.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\NWWKS.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\oakley.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\objsel.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\occache.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\olethk32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\opengl32.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\os2.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\os2srv.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\os2ss.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\osk.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\other.inf:KAVICHS 36 bytes hidden from API C:\WINNT\system32\OUTLPERF.H:KAVICHS 36 bytes hidden from API C:\WINNT\system32\OUTLPERF.INI:KAVICHS 36 bytes hidden from API C:\WINNT\system32\packager.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\panmap.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\pathping.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\pautoenr.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\pax.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\pcl.sep:KAVICHS 36 bytes hidden from API C:\WINNT\system32\pdh.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\pentnt.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\perfc009.dat:KAVICHS 36 bytes hidden from API C:\WINNT\system32\perfci.h:KAVICHS 36 bytes hidden from API C:\WINNT\system32\perfci.ini:KAVICHS 36 bytes hidden from API C:\WINNT\system32\perfctrs.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\perfd009.dat:KAVICHS 36 bytes hidden from API C:\WINNT\system32\perfdisk.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\perffilt.h:KAVICHS 36 bytes hidden from API C:\WINNT\system32\perffilt.ini:KAVICHS 36 bytes hidden from API C:\WINNT\system32\perfh009.dat:KAVICHS 36 bytes hidden from API C:\WINNT\system32\perfi009.dat:KAVICHS 36 bytes hidden from API C:\WINNT\system32\Perflib_Perfdata_2e0.dat:KAVICHS 36 bytes hidden from API C:\WINNT\system32\perfmon.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\perfnet.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\perfos.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\perfproc.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\PerfStringBackup.INI:KAVICHS 36 bytes hidden from API C:\WINNT\system32\perfwci.h:KAVICHS 36 bytes hidden from API C:\WINNT\system32\perfwci.ini:KAVICHS 36 bytes hidden from API C:\WINNT\system32\picn20.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\pid.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\pidgen.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\pifmgr.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\ping.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\pjlmon.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\plugin.ocx:KAVICHS 36 bytes hidden from API C:\WINNT\system32\plustab.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\pmspl.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\PNGFILT.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\polagent.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\polstore.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\posix.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\powercfg.cpl:KAVICHS 36 bytes hidden from API C:\WINNT\system32\powrprof.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\prflbmsg.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\print.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\printmon.inf:KAVICHS 36 bytes hidden from API C:\WINNT\system32\printui.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\proctexe.ocx:KAVICHS 36 bytes hidden from API C:\WINNT\system32\prodspec.ini:KAVICHS 36 bytes hidden from API C:\WINNT\system32\profmap.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\progman.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\proquota.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\Prounstl.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\PROXYCFG.EXE:KAVICHS 36 bytes hidden from API C:\WINNT\system32\psapi.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\PSBASE.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\pschdprf.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\pschdprf.ini:KAVICHS 36 bytes hidden from API C:\WINNT\system32\pscript.sep:KAVICHS 36 bytes hidden from API C:\WINNT\system32\psisdecd.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\psisrndr.ax:KAVICHS 36 bytes hidden from API C:\WINNT\system32\psnppagn.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\pstorec.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\psxdll.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\psxss.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\pubprn.vbs:KAVICHS 36 bytes hidden from API C:\WINNT\system32\qasf.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\qcap.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\qcut.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\qdv.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\qdvd.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\qedit.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\qedwipes.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\qmgr.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\qmgrprxy.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\qosname.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\qt-dx331.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\quartz.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\query.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rapilib.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rasadhlp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rasadmin.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\RASAPI32.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\rasauth.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rasauto.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rasautou.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\raschap.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rasctrnm.h:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rasctrs.ini:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rasdial.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\RASDLG.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\rasgprxy.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rasgtwy.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\RASMAN.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\rasmans.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rasmontr.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rasmxs.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rasphone.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rasppp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rasrad.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rassapi.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rassauth.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\RASSCRPT.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rasser.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rastapi.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rastls.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rlqwnkyw.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rnr20.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\route.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\routeext.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\routemon.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\routetab.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rpcns4.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rpcrt4.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\rpcss.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rqoom.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rsabase.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rsaci.rat:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rsaenh.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rsfsaps.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rsh.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rshx32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rsm.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rsnotify.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rsvp.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\rsvp.ini:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rsvpcnts.h:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sendmail.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sens.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\sensapi.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\senscfg.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\serialui.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\servdeps.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\SERVICES.EXE:KAVICHS 68 bytes hidden from API C:\WINNT\system32\services.msc:KAVICHS 36 bytes hidden from API C:\WINNT\system32\shfolder.dll:KAVICHS 100 bytes hidden from API C:\WINNT\system32\shfolder.dll.tmp:KAVICHS 36 bytes hidden from API C:\WINNT\system32\shiftjis.uce:KAVICHS 36 bytes hidden from API C:\WINNT\system32\shim.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\shimgvw.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\SHLWAPI.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\shmgrate.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\shrpubw.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\shscrap.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sigtab.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sigverif.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\simpdata.tlb:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sisbkup.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\skdll.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\skeys.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\slbcsp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\slbkygen.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\slbrsrc.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sl_anet.acm:KAVICHS 68 bytes hidden from API C:\WINNT\system32\smlogcfg.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\smlogsvc.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\smss.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\sndrec32.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sndvol32.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\subst.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\svchost.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\svcpack.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\syncapp.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\synceng.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\syncui.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sysdm.cpl:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sysedit.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sysinv.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\syskey.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sysmon.ocx:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sysocmgr.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sysprint.sep:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sysprtj.sep:KAVICHS 36 bytes hidden from API C:\WINNT\system32\syssetup.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\system.drv:KAVICHS 68 bytes hidden from API C:\WINNT\system32\systray.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\t2embed.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\tapi.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\tapi3.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\tapi32.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\tapiperf.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\tapisrv.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\tapiui.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\taskman.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\taskmgr.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\tcmsetup.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\tcpmib.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\tcpmon.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\tcpmon.ini:KAVICHS 36 bytes hidden from API C:\WINNT\system32\tcpmonui.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\tdc.ocx:KAVICHS 36 bytes hidden from API C:\WINNT\system32\telephon.cpl:KAVICHS 36 bytes hidden from API C:\WINNT\system32\telnet.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\termcap:KAVICHS 36 bytes hidden from API
  • C:\WINNT\system32\termmgr.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\tftp.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\themes.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\thumbvw.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\tifflt.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\timedate.cpl:KAVICHS 36 bytes hidden from API C:\WINNT\system32\timer.drv:KAVICHS 68 bytes hidden from API C:\WINNT\system32\tlntadmn.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\tlntsess.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\tlntsvr.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\tlntsvrp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\toolhelp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\tracert.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\traffic.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\UNTFS.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\updcrl.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\ups.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\ureg.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\url.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\URLMON.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\usbmon.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\usbui.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\user.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\USER32.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\USERENV.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\userinit.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\usp10.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\utildll.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\utilman.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\v7vga.rom:KAVICHS 36 bytes hidden from API C:\WINNT\system32\VBAEN32.OLB:KAVICHS 36 bytes hidden from API C:\WINNT\system32\VBAEND32.OLB:KAVICHS 36 bytes hidden from API C:\WINNT\system32\vbajet32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\VBAME.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\VBANL32.OLB:KAVICHS 36 bytes hidden from API C:\WINNT\system32\vbisurf.ax:KAVICHS 36 bytes hidden from API C:\WINNT\system32\vbscript.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\vcdex.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\VDMDBG.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\wbcache.ita:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wbcache.nld:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wbcache.sve:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wbdbase.deu:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wbdbase.enu:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wbdbase.esn:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wbdbase.fra:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wbdbase.ita:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wbdbase.nld:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wbdbase.sve:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wdl.trm:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wdmaud.drv:KAVICHS 68 bytes hidden from API C:\WINNT\system32\webcheck.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\webfldrs.msi:KAVICHS 36 bytes hidden from API C:\WINNT\system32\webhits.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\webvw.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wextract.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wfwnet.drv:KAVICHS 68 bytes hidden from API C:\WINNT\system32\wifeman.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\win.com:KAVICHS 36 bytes hidden from API C:\WINNT\system32\WIN32K.SYS:KAVICHS 36 bytes hidden from API C:\WINNT\system32\WIN32SPL.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\win87em.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\winchat.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\winfax.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\winhelp.hlp:KAVICHS 36 bytes hidden from API C:\WINNT\system32\winhlp32.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\winhttp.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\WININET.DLL:KAVICHS 100 bytes hidden from API C:\WINNT\system32\WINLOGON.EXE:KAVICHS 68 bytes hidden from API C:\WINNT\system32\winmine.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\winmsd.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\winnls.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\winoldap.mod:KAVICHS 36 bytes hidden from API C:\WINNT\system32\winrnr.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\winscard.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\winsmon.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\winsock.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\winspool.drv:KAVICHS 68 bytes hidden from API C:\WINNT\system32\winspool.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\WINSRV.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\winsta.dll:KAVICHS 100 bytes hidden from API C:\WINNT\system32\winstrm.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\WINTRUST.DLL:KAVICHS 100 bytes hidden from API C:\WINNT\system32\winver.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\WISPTIS.EXE:KAVICHS 36 bytes hidden from API C:\WINNT\system32\WKSSVC.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\WLDAP32.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wlnotify.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\wmadmod.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wmadmoe.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wmasf.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\wmdmlog.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wmdmps.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wmerror.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\compact.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\compmgmt.msc:KAVICHS 36 bytes hidden from API C:\WINNT\system32\compobj.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\compstui.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\comrepl.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\comsnap.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\comsvcs.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\comuid.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\CONFIG.NT:KAVICHS 36 bytes hidden from API C:\WINNT\system32\CONFIG.TMP:KAVICHS 36 bytes hidden from API C:\WINNT\system32\confmsp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\conime.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\console.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\control.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\convert.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\corpol.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\country.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cpuinf32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\crtdll.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\CRYPT32.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\CRYPTDLG.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\modex.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mpnotify.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msclus.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msencode.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msidlpm.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msports.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\MSSTKPRP.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msvcrt.dll:KAVICHS 100 bytes hidden from API C:\WINNT\system32\mtxclu.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\net.hlp:KAVICHS 36 bytes hidden from API C:\WINNT\system32\netstat.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\noise.nld:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntdsbsrv.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntsd.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ocmanage.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\odpdx32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\olesvr32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\perfnw.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\pschdcnt.h:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rasctrs.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rcamsp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\riched32.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\rsvpmsg.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\adsnw.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ADVAPI32.DLL:KAVICHS 100 bytes hidden from API C:\WINNT\system32\advpack.dll:KAVICHS 100 bytes hidden from API C:\WINNT\system32\alrsvc.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\amcompat.tlb:KAVICHS 36 bytes hidden from API C:\WINNT\system32\amstream.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ansi.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\apcups.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\append.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\appmgmts.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\appmgr.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\appwiz.cpl:KAVICHS 36 bytes hidden from API C:\WINNT\system32\arp.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\asctrls.ocx:KAVICHS 36 bytes hidden from API C:\WINNT\system32\asferror.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\asfsipc.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\asycfilt.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\at.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\atkctrs.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\atl.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\atmadm.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\atmfd.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\atmlib.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\attrib.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\authz.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\AUTOCHK.EXE:KAVICHS 36 bytes hidden from API C:\WINNT\system32\autoconv.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\AUTOEXEC.NT:KAVICHS 36 bytes hidden from API C:\WINNT\system32\autofmt.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\autolfn.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\avicap.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mscms.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\MSCOMCTL.OCX:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msconf.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mscoree.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\mscorier.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mscories.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mscpxl32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msdart.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\msdart32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msdatsrc.tlb:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msdmo.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msdtc.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\msdtclog.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\msdtcprf.h:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msdtcprf.ini:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msdtcprx.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\msdtctm.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msdtcui.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\msdvbnp.ax:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msdxm.ocx:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msdxmlc.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msprivs.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\MSPRPNL.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msr2c.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msr2cenu.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msratelc.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\MSRATING.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msrclr40.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msrd2x40.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msrd3x40.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\MSRDO20.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msrecr40.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msrepl40.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msrle32.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\msscp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msscript.ocx:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mssign32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mssip32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\MSSTDFMT.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msvcrt20.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msvcrt40.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msvfw32.dll:KAVICHS 100 bytes hidden from API C:\WINNT\system32\msvidc32.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\msvidctl.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msvideo.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msw3prt.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mswdat10.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mswebdvd.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mswmdm.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mswsock.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mswstr10.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msxbde40.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msxml.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msxml3.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msxml3a.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msxml3r.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msxml4.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msxml4r.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msxmlr.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msyuv.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\ntdsetup.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntdskcc.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntdsutil.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntdsxds.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntimage.gif:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntio.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntio404.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntio411.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntio412.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntio804.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\NTKRNLPA.EXE:KAVICHS 36 bytes hidden from API C:\WINNT\system32\NTLANMAN.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\ntlanui.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntlanui2.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntlsapi.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntmarta.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\ntmsapi.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntmsdba.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\ntmsevt.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntmsmgr.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntmsmgr.msc:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntmsoprq.msc:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntmssvc.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\NTOSKRNL.EXE:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ntprint.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\odbc16gt.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ODBC32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\odbc32gt.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\odbcad32.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\odbcbcp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\odbcconf.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\odbcconf.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\odbcconf.rsp:KAVICHS 36 bytes hidden from API C:\WINNT\system32\odbccp32.cpl:KAVICHS 36 bytes hidden from API C:\WINNT\system32\odbccp32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\odbccr32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\odbccu32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\odbcint.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\odbcji32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\odbcjt32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\odbctrac.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\oddbse32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\odexl32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\odfox32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rsvpperf.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rsvpsp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rtclib.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rtcrtp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rtipxmib.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rtm.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rtutils.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\runas.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rundll32.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\runonce.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\samlib.dll:KAVICHS 100 bytes hidden from API C:\WINNT\system32\SAMSRV.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\savedump.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\scarddlg.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\scardssp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\scardsvr.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\scecli.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\scesrv.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\SCHANNEL.DLL:KAVICHS 100 bytes hidden from API C:\WINNT\system32\sclgntfy.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\SCP32.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\scripto.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\scrnsave.scr:KAVICHS 36 bytes hidden from API C:\WINNT\system32\scrobj.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\scrrun.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sdbapiu.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\sdpblb.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\secedit.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\seclogon.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\secpol.msc:KAVICHS 36 bytes hidden from API C:\WINNT\system32\secur32.dll:KAVICHS 100 bytes hidden from API C:\WINNT\system32\security.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sefilshr.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\snmpsnap.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\softpub.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\sol.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sort.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sortkey.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sorttbls.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sound.drv:KAVICHS 68 bytes hidden from API C:\WINNT\system32\sp2res.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sp3res.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sp4iis.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\spcmdcon.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\spiisupd.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\spmsg.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\spoolss.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\spoolsv.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\sprestrt.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\spupdsvc.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\spxcoins.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sqlclnt.rsp:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sqlsodbc.chm:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sqlsodbc.hlp:KAVICHS 36 bytes hidden from API C:\WINNT\system32\SQLSRV32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sqlsrv32.rll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sqlstr.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sqlunirl.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sqlwid.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sqlwoa.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\srvsvc.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\ss3dfo.scr:KAVICHS 36 bytes hidden from API C:\WINNT\system32\VEN2232.OLB:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ver.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\verclsid.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\verifier.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\verisignpub1.crl:KAVICHS 36 bytes hidden from API C:\WINNT\system32\version.dll:KAVICHS 100 bytes hidden from API C:\WINNT\system32\vfpodbc.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\vga.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\vga.drv:KAVICHS 68 bytes hidden from API C:\WINNT\system32\vga256.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\vga64k.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\View Channels.scf:KAVICHS 36 bytes hidden from API C:\WINNT\system32\vjoy.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\VSFLEX3.OCX:KAVICHS 36 bytes hidden from API C:\WINNT\system32\vwipxspx.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\vwipxspx.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\w32time.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\w32tm.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\w32topl.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wavemsp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wbcache.deu:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wbcache.enu:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wbcache.esn:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wmicore.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wmidx.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wmidx.ocx:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wmimgmt.msc:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wmnetmgr.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wmp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wmp.ocx:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wmpasf.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wmpcd.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wmpcore.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wmpdxm.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wmploc.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wmpns.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wmpshell.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wmpui.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wmsdmod.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wmsdmoe2.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wmspdmod.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wmspdmoe.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wmstream.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wmv9vcm.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\wmvcore.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ssflwbox.scr:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ssldivx.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ssmarque.scr:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ssmaze.scr:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ssmyst.scr:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sspipes.scr:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ssstars.scr:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sstext3d.scr:KAVICHS 36 bytes hidden from API C:\WINNT\system32\stclient.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\stdole2.tlb:KAVICHS 36 bytes hidden from API C:\WINNT\system32\stdole32.tlb:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sti.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\sticpl.cpl:KAVICHS 36 bytes hidden from API C:\WINNT\system32\stimon.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\stisvc.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\sti_ci.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\stobject.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\storage.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\storprop.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\streamci.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\strmdll.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\subrange.uce:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ksuser.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\ksvpintf.ax:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kswdmcap.ax:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ksxbar.ax:KAVICHS 36 bytes hidden from API C:\WINNT\system32\l3codeca.acm:KAVICHS 68 bytes hidden from API C:\WINNT\system32\l3codecx.ax:KAVICHS 36 bytes hidden from API C:\WINNT\system32\label.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\lanman.drv:KAVICHS 36 bytes hidden from API C:\WINNT\system32\laprxy.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\legacy.inf:KAVICHS 36 bytes hidden from API C:\WINNT\system32\LegitCheckControl.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\lfbmp13n.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\lfcmp13n.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\lfgif13n.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\lhacm.acm:KAVICHS 68 bytes hidden from API C:\WINNT\system32\libdivx.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\licmgr10.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\lights.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\linkinfo.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\lmhsvc.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\lmrt.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\lnkstub.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\loadfix.com:KAVICHS 36 bytes hidden from API C:\WINNT\system32\loadperf.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\locale.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\localmon.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\localsec.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\LOCALSPL.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\localui.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\locator.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\lodctr.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\logagent.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cards.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\catsrv.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\catsrvps.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\catsrvut.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ccfgnt.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cryptext.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\CRYPTNET.DLL:KAVICHS 100 bytes hidden from API C:\WINNT\system32\cryptsvc.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\CRYPTUI.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\cscdll.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\cscript.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cscui.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\CSRSRV.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\csrss.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\csseqchk.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ctl3d32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ctl3dv2.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ctype.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_037.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_10000.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_10079.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_1026.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_1250.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_1251.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\c_1252.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cmmgr32.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cmmgr32.hlp:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cmmon32.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cmnquery.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cmos.ram:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cmpbk32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cmprops.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cmstp.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cmutil.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cnbjmon.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\CNDPTPC.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\CNDPTPU.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cnetcfg.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cnvfat.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\colbact.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\comaddin.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\comcat.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\comclust.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\comctl32.dll:KAVICHS 100 bytes hidden from API C:\WINNT\system32\comdlg32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\comm.drv:KAVICHS 68 bytes hidden from API C:\WINNT\system32\command.com:KAVICHS 36 bytes hidden from API C:\WINNT\system32\commdlg.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\initpki.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\INKED.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\INSENG.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\instcat.sql:KAVICHS 36 bytes hidden from API C:\WINNT\system32\instcm.inf:KAVICHS 36 bytes hidden from API C:\WINNT\system32\internat.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\intl.cpl:KAVICHS 36 bytes hidden from API C:\WINNT\system32\iologmsg.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ipconf.tsp:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ipconfig.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\IPHLPAPI.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\ipmontr.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ipnathlp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ippromon.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\iprop.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\iprtprio.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\iprtrmgr.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ipsecmon.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ipsecsnp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ipsink.ax:KAVICHS 36 bytes hidden from API C:\WINNT\system32\odtext32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\offfilt.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\oieng400.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\oiprt400.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\oislb400.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\oissq400.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\oitwa400.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\oiui400.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ole2.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ole2disp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ole2nls.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\OLE32.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\oleacc.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\oleaccrc.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\oleaut32.dll:KAVICHS 100 bytes hidden from API C:\WINNT\system32\olecli.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\olecli32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\OLECNV32.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\OLEDLG.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\oleprn.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\olepro32.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\olesvr.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wsnmp32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wsock32.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\wstdecod.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wtsapi32.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\wuapi.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wuapi.dll.mui:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wuauclt.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wuauclt1.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wuaucpl.cpl:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wuaucpl.cpl.mui:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wuaueng.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wuaueng.dll.mui:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wuaueng1.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wuauserv.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wucltui.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wucltui.dll.mui:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wupdinfo.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wupdmgr.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wups.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wups2.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wuweb.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wzcdlg.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wzcsapi.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\iasrecst.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\iassam.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\iassdo.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\iassvcs.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\iasuserr.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\iccvid.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\icfgnt5.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\icm32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\icmp.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\icmui.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\icwdial.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\icwphbk.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ideograf.uce:KAVICHS 36 bytes hidden from API C:\WINNT\system32\idq.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ie4uinit.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\ieakeng.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ieaksie.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ieakui.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\iedkcs32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\IEPEERS.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\iernonce.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\iesetup.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\itss.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\iuctl.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\iuengine.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ivfsrc.ax:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ixsso.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\jet500.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\jobexec.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\joy.cpl:KAVICHS 36 bytes hidden from API C:\WINNT\system32\jscript.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\JSPROXY.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\jupdate-1.5.0_06-b05.log:KAVICHS 36 bytes hidden from API C:\WINNT\system32\jupdate-1.5.0_09-b03.log:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kanji_1.uce:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kanji_2.uce:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kb16.com:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbd106.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdbe.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdbene.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdbr.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdca.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdcan.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\kbdda.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dfrgsnap.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dfrgui.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dfsshlex.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dgrpsetu.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dgsetup.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\DHCPCSVC.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\dhcpmon.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dhcpsapi.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\diactfrm.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\diantz.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\digest.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dimap.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dinput.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dinput8.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\diskcomp.com:KAVICHS 36 bytes hidden from API C:\WINNT\system32\diskcopy.com:KAVICHS 36 bytes hidden from API C:\WINNT\system32\diskcopy.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\diskmgmt.msc:KAVICHS 36 bytes hidden from API C:\WINNT\system32\diskperf.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dispex.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\divx.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\sethc.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\setreg.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\setup.bmp:KAVICHS 36 bytes hidden from API C:\WINNT\system32\setup.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\setupapi.dll:KAVICHS 100 bytes hidden from API C:\WINNT\system32\setupdll.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\setupwbv.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\setver.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sfc.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\sfc.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sfcfiles.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sfmapi.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sfmatmsg.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sfmmon.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sfmwshat.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\share.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\shdoclc.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\SHDOCVW.DLL:KAVICHS 100 bytes hidden from API C:\WINNT\system32\shell.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\SHELL32.DLL:KAVICHS 132 bytes hidden from API C:\WINNT\system32\wzcsvc.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\xactsrv.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\xcopy.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\xenroll.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\xiffr3_0.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\xolehlp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\xpob2res.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\xvidcore.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\xvidvfw.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\yv12vfw.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\dmusic.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dmutil.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dmview.ocx:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dnsapi.dll:KAVICHS 100 bytes hidden from API C:\WINNT\system32\dnsrslvr.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\docprop.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\docprop2.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\doshelp.hlp:KAVICHS 36 bytes hidden from API C:\WINNT\system32\doskey.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dosx.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dpl100.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dplay.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dplaysvr.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dplayx.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dpmodemx.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dpnaddr.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dpnet.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dpnhpast.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dpnhupnp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dpnlobby.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dpnsvr.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dsquery.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dssbase.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dssec.dat:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dssec.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dssenh.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dsuiext.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dswave.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dtu100.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dvdplay.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dx7vb.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dx8vb.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dxdiag.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dxdiagn.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dxdllreg.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dxmasf.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\dxmrtp.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\DXTMSFT.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\dxtmsft3.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\DXTRANS.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\e100bmsg.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\e100bnt5.din:KAVICHS 36 bytes hidden from API C:\WINNT\system32\edit.com:KAVICHS 36 bytes hidden from API C:\WINNT\system32\edit.hlp:KAVICHS 36 bytes hidden from API C:\WINNT\system32\edlin.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mtxdm.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mtxex.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mtxlegih.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mtxoci.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mucltui.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\muweb.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mycomput.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mydocs.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\n2k.bmp:KAVICHS 36 bytes hidden from API C:\WINNT\system32\narrator.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\narrhook.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\nbtstat.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ncpa.cpl:KAVICHS 36 bytes hidden from API C:\WINNT\system32\nddeapi.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\nddeapir.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\NDDENB32.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ndptsp.tsp:KAVICHS 36 bytes hidden from API C:\WINNT\system32\NeroCheck.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\net.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\finger.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\fixmapi.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\fltlib.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\fltmc.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\FM20.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\FM20NLD.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\fmifs.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\FNTCACHE.DAT:KAVICHS 36 bytes hidden from API C:\WINNT\system32\folder.htt:KAVICHS 36 bytes hidden from API C:\WINNT\system32\fontext.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\fontsub.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\FONTVIEW.EXE:KAVICHS 36 bytes hidden from API C:\WINNT\system32\forcedos.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\format.com:KAVICHS 36 bytes hidden from API C:\WINNT\system32\framebuf.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\freecell.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\fsmgmt.msc:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ftp.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ftsrch.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\serwvdrv.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\snmpapi.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ssbezier.scr:KAVICHS 36 bytes hidden from API C:\WINNT\system32\subroutn.inf:KAVICHS 36 bytes hidden from API C:\WINNT\system32\tcpsvcs.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\tree.com:KAVICHS 36 bytes hidden from API C:\WINNT\system32\unlodctr.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\vdmredir.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wbcache.fra:KAVICHS 36 bytes hidden from API C:\WINNT\system32\winmm.dll:KAVICHS 100 bytes hidden from API C:\WINNT\system32\wmi.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\wmvdmod.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wshtcpip.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wzcsetup.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mll_qic.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\sendcmsg.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wmvdmoe2.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\Worldscr.cnt:KAVICHS 36 bytes hidden from API C:\WINNT\system32\Worldscr.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wow32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wowdeb.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wowexec.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wowfax.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wowfaxui.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wpnpinst.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\write.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ws2help.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\ws2_32.dll:KAVICHS 100 bytes hidden from API C:\WINNT\system32\wscript.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wsecedit.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wshatm.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wshcon.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wshext.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wshirda.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wshisn.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wshnetbs.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\wshom.ocx:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rcp.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\RDOCURS.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\recover.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\redir.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\redist.rsp:KAVICHS 36 bytes hidden from API C:\WINNT\system32\regapi.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\regedt32.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\registry.inf:KAVICHS 36 bytes hidden from API C:\WINNT\system32\regsvc.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\regsvr32.exe:KAVICHS 68 bytes hidden from API C:\WINNT\system32\regwiz.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\regwizc.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\REMOTESP.TSP:KAVICHS 36 bytes hidden from API C:\WINNT\system32\rend.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\replace.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\resutils.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\rexec.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\riched20.dll:KAVICHS 100 bytes hidden from API C:\WINNT\system32\msswch.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msswchx.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mstask.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mstask.exe:KAVICHS 100 bytes hidden from API C:\WINNT\system32\mstext40.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\MSTIME.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mstinit.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\MSV1_0.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\msvbvm50.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msvbvm60.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msvcirt.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msvcp50.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\MSVCP60.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\msvcr70.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\netui0.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\netui1.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\netui2.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\netware.drv:KAVICHS 36 bytes hidden from API C:\WINNT\system32\newdev.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\NicCo32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\NicIn32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\nlhtml.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\nlsfunc.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\nmevtmsg.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\nmmkcert.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\noise.dat:KAVICHS 36 bytes hidden from API C:\WINNT\system32\noise.deu:KAVICHS 36 bytes hidden from API C:\WINNT\system32\noise.eng:KAVICHS 36 bytes hidden from API C:\WINNT\system32\noise.enu:KAVICHS 36 bytes hidden from API C:\WINNT\system32\noise.esn:KAVICHS 36 bytes hidden from API C:\WINNT\system32\noise.fra:KAVICHS 36 bytes hidden from API C:\WINNT\system32\noise.ita:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msexch40.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msexcl40.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msfaxmon.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msg711.acm:KAVICHS 68 bytes hidden from API C:\WINNT\system32\msg723.acm:KAVICHS 68 bytes hidden from API C:\WINNT\system32\MSGINA.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\msgsm32.acm:KAVICHS 68 bytes hidden from API C:\WINNT\system32\MSGSVC.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msh261.drv:KAVICHS 68 bytes hidden from API C:\WINNT\system32\msh263.drv:KAVICHS 68 bytes hidden from API C:\WINNT\system32\mshta.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\MSHTML.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\mshtml.tlb:KAVICHS 68 bytes hidden from API C:\WINNT\system32\mshtmled.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mshtmler.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msi.dll:KAVICHS 228 bytes hidden from API C:\WINNT\system32\MSIDENT.DLL:KAVICHS 36 bytes hidden from API C:\WINNT\system32\msidle.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\cdm.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cdonts.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cdosys.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cdplayer.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cdral.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cdrtc.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\certcli.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\certmgr.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\certmgr.msc:KAVICHS 36 bytes hidden from API C:\WINNT\system32\CEWMDM.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\cfgmgr32.dll:KAVICHS 132 bytes hidden from API C:\WINNT\system32\Channel Screen Saver.scr:KAVICHS 36 bytes hidden from API C:\WINNT\system32\charmap.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\chcp.com:KAVICHS 36 bytes hidden from API C:\WINNT\system32\CHKDSK.EXE:KAVICHS 36 bytes hidden from API C:\WINNT\system32\chkntfs.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ciadmin.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ciadv.msc:KAVICHS 36 bytes hidden from API C:\WINNT\system32\trkwks.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\tsbyuv.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\tsd32.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\tssoft32.acm:KAVICHS 68 bytes hidden from API C:\WINNT\system32\tunes.bmp:KAVICHS 36 bytes hidden from API C:\WINNT\system32\TwnLib20.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\txfaux.dll:KAVICHS 68 bytes hidden from API C:\WINNT\system32\txflog.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\typelib.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ufat.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\ulib.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\umandlg.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\umdmxfrm.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\UMPNPMGR.DLL:KAVICHS 68 bytes hidden from API C:\WINNT\system32\unicode.nls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\unicows.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\unimdm.tsp:KAVICHS 36 bytes hidden from API C:\WINNT\system32\unimdmat.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\uniplat.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\more.com:KAVICHS 36 bytes hidden from API C:\WINNT\system32\moricons.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mountvol.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mouse.drv:KAVICHS 68 bytes hidden from API C:\WINNT\system32\mp43dmod.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mp4sdmod.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mpeg2data.ax:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mpg2splt.ax:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mpg4dmod.dll:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mpg4ds32.ax:KAVICHS 36 bytes hidden from API C:\WINNT\system32\mplay32.exe:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\acpi.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\acpiec.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\AFD.SYS:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\asyncmac.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\atapi.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\atmarpc.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\atmlane.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\atmuni.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\audstub.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\bdasup.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\beep.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\ccdecode.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\cdaudio.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\cdfs.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\cdr4_2K.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\cdralw2k.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\cdrom.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\cinemst2.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\class2.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\classpnp.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\d347bus.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\d347prt.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\disk.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\diskdump.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\diskperf.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\dlc.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\dmboot.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\nwlnkflt.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\nwlnkfwd.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\nwlnkipx.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\nwlnknb.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\nwlnkspx.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\nwrdr.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\parallel.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\parport.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\partmgr.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\parvdm.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\pci.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\pciidex.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\pcmcia.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\portcls.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\psched.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\ptilink.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\pxhelp20.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\rasacd.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\rasirda.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\rasl2tp.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\raspptp.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\dmload.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\DMusic.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\dxapi.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\e100bnt5.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\efs.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\fastfat.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\fdc.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\fips.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\flpydisk.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\fltmgr.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\fsvga.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\fs_rec.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\ftdisk.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\gameenum.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\gm.dls:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\gmreadme.txt:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\hidclass.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\hidparse.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\hidusb.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\i8042prt.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\i81xnt5.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\ichaud.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\intelide.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\ipfltdrv.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\ipinip.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\ipnat.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\ipsec.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\irda.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\irenum.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\isapnp.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\kbdclass.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\klick.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\klif.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\klin.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\klmc.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\Klpf.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\Klpid.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\kmixer.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\ks.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\ksecdd.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\lvcam.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\lvcodek.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\lvsound.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\mf.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\mnmdd.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\modem.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\mouclass.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\mouhid.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\mountmgr.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\mpe.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\mrxsmb.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\msdv.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\msfs.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\msgpc.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\rawwan.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\rca.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\rdbss.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\redbook.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\rootmdm.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\SCSIPORT.SYS:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\serenum.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\serial.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\sfloppy.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\sfmatalk.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\slip.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\smclib.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\sonydcam.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\SRV.SYS:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\sskbfd.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\stream.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\streamip.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\streams.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\swenum.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\swmidi.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\sysaudio.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\dmio.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\irsir.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\msircomm.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\null.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\raspti.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\tape.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\tcpip.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\tdi.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\tosdvd.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\tsbvcap.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\udfs.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\uhcd.
  • C:\WINNT\system32\drivers\update.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\usbcamd.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\usbd.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\usbhub.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\usbintel.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\usbscan.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\USBSTOR.SYS:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\vdmindvd.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\vga.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\videoprt.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\wanarp.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\wdmaud.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\wmilib.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\ws2ifsl.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\wstcodec.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\mskssrv.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\mspclock.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\MSPQM.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\mstee.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\mup.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\nabtsfec.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\nbf.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\ndis.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\ndisip.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\ndistapi.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\ndisuio.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\ndiswan.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\ndproxy.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\netbios.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\netbt.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\netdtect.sys:KAVICHS 68 bytes hidden from API C:\WINNT\system32\drivers\nmnt.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\npfs.sys:KAVICHS 36 bytes hidden from API C:\WINNT\system32\drivers\ntfs.sys:KAVICHS 36 bytes hidden from API scan completed successfully hidden files: 2000 ************************************************************************** Completion time: 28-06-2007 13:23:53 C:\ComboFix-quarantined-files.txt ... 28-06-07 13:23 --- E O F ---
  • Open Kladblok, kopiëer en plak het volgende (vetgedrukte, blauwe tekst) in een leeg venster: [list:f60cfdbba3][b:f60cfdbba3][color=blue:f60cfdbba3]File:: C:\WINDOWS\system32\RemoveVideoActiveXObject.reg C:\WINNT\system32\miauojby.dll C:\WINNT\system32\lrvfcqwo.exe C:\WINNT\system32\rlqwnkyw.dll C:\WINNT\system32\nqkrpvwy.exe C:\WINNT\system32\rqoom.dll Folder:: C:\WINDOWS\system32\RVAXO[/color:f60cfdbba3][/b:f60cfdbba3][/list:u:f60cfdbba3]Sla dit op op je Bureaublad als [b:f60cfdbba3]ComboFix-Do.txt[/b:f60cfdbba3]. Sleep [b:f60cfdbba3]ComboFix-Do.txt[/b:f60cfdbba3] in [b:f60cfdbba3]ComboFix.exe[/b:f60cfdbba3] zoals getoond in onderstaand voorbeeld : [img:f60cfdbba3]http://img.photobucket.com/albums/v666/sUBs/Combo-Do.gif[/img:f60cfdbba3] Dit zal [b:f60cfdbba3]ComboFix[/b:f60cfdbba3] doen herstarten. Start opnieuw op als daarom gevraagd wordt, en post de inhoud van de [b:f60cfdbba3]Combofix.txt[/b:f60cfdbba3] in je volgende antwoord. Laat dat onderste gedeelte nu maar weg ;)
  • Tot en met "scanning hidden files" heb ik gekopieerd, hopend dat je hier genoeg aan hebt: "Visser" - 28-06-2007 14:25:14 - ComboFix 07-06-27.7 - Service Pack 4 NTFS Command switches used :: C:\Documents and Settings\Visser\Desktop\ComboFix-Do.txt..txt ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINNT\system32\lrvfcqwo.exe C:\WINNT\system32\miauojby.dll C:\WINNT\system32\nqkrpvwy.exe C:\WINNT\system32\rlqwnkyw.dll C:\WINNT\system32\rqoom.dll ((((((((((((((((((((((((( Files Created from 2007-05-28 to 2007-06-28 ))))))))))))))))))))))))))))))) 2007-06-28 13:19 49,152 --a------ C:\WINNT\nircmd.exe 2007-06-28 12:41 <DIR> d-------- C:\Program Files\Hijack This 2007-06-28 12:20 36,122 --a------ C:\WINNT\system32\RemoveVideoActiveXObject.reg 2007-06-28 12:20 <DIR> d-------- C:\WINNT\system32\RVAXO 2007-06-28 09:46 <DIR> d-------- C:\Program Files\Lavasoft 2007-06-27 23:19 <DIR> d-------- C:\DOCUME~1\Visser\APPLIC~1\AdwareAlert 2007-06-27 14:28 <DIR> d-------- C:\WINNT\McAfee.com 2007-06-27 14:11 <DIR> d-------- C:\WINNT\system32\SoftwareDistribution 2007-06-27 11:18 4,011,208 --a------ C:\Program Files\hitmanpro26.exe 2007-06-27 11:18 <DIR> d-------- C:\Program Files\Hitman Pro 2007-06-27 00:36 <DIR> d-------- C:\Program Files\Messenger 2007-06-26 19:27 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Anti-Virus Personal 2007-06-26 19:22 7,417,544 --a------ C:\Program Files\INSTALL_MSN_MESSENGER_DL.EXE 2007-06-24 14:48 21,128,792 --a------ C:\Program Files\kis6-621nl.exe 2007-06-24 14:17 <DIR> d-------- C:\Program Files\Kaspersky Lab 2007-06-11 18:01 <DIR> d-------- C:\Program Files\MSN Messenger (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-06-28 07:45:29 -------- d-----w C:\DOCUME~1\Visser\APPLIC~1\Azureus 2007-06-27 14:34:54 -------- d-----w C:\DOCUME~1\Visser\APPLIC~1\foobar2000 2007-06-25 17:47:41 -------- d-----w C:\DOCUME~1\Visser\APPLIC~1\ZoomBrowser EX 2007-06-25 17:28:20 -------- d-----w C:\Program Files\Common Files\Kaspersky Lab 2007-05-11 15:00:24 -------- d-----w C:\DOCUME~1\Visser\APPLIC~1\Zylom 2007-05-01 14:49:29 -------- d-----w C:\Program Files\Philips 2007-05-01 14:49:28 -------- d--h--w C:\Program Files\InstallShield Installation Information 2007-05-01 14:49:09 -------- d-----w C:\Program Files\Common Files\InstallShield 2007-04-25 07:52:16 147,216 ----a-w C:\WINNT\system32\SCHANNEL.DLL 2007-04-16 20:47:36 33,624 ----a-w C:\WINNT\system32\wups.dll 2007-04-16 20:45:54 1,710,936 ----a-w C:\WINNT\system32\wuaueng.dll 2007-04-16 20:45:48 549,720 ----a-w C:\WINNT\system32\wuapi.dll 2007-04-16 20:45:42 325,976 ----a-w C:\WINNT\system32\wucltui.dll 2007-04-16 20:45:28 92,504 ----a-w C:\WINNT\system32\cdm.dll 2007-04-16 20:45:20 53,080 ----a-w C:\WINNT\system32\wuauclt.exe 2007-04-16 20:45:20 43,352 ----a-w C:\WINNT\system32\wups2.dll 2007-04-16 12:44:08 54,032 ----a-w C:\WINNT\system32\mpr.dll 2007-04-07 12:38:45 17,570,898 ----a-w C:\Program Files\klcodec288f.exe 2007-04-05 07:17:39 2,854,400 ----a-w C:\WINNT\system32\msi.dll ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [01-04-16 15:39 ] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [07-03-14 03:43 ] {AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar3.dll [07-01-20 00:56 ] {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}=C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [07-06-17 10:34 ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Synchronization Manager"="mobsync.exe" [03-06-19 12:05 C:\WINNT\system32\mobsync.exe] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [04-11-02 20:24 ] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [07-03-14 03:43 ] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "internat.exe"="internat.exe" [99-12-07 13:00 C:\WINNT\system32\internat.exe] "eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [07-06-17 10:34 ] [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce] "^SetupICWDesktop"=C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "internat.exe"=internat.exe HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - netsvcs WmdmPmSN Contents of the 'Scheduled Tasks' folder 2007-06-27 21:19:19 C:\WINNT\tasks\AdwareAlert Scheduled Scan.job ************************************************************************** catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-06-28 14:29:17 Windows 5.0.2195 Service Pack 4 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ...
  • Verwijder deze map: C:\[b:e652efc480]Qoobox[/b:e652efc480]\ Maak dan je prullenbak leeg. Ondervind je nog problemen?
  • [quote:0f5c33af12="smeenk"]Verwijder deze map: C:\[b:0f5c33af12]Qoobox[/b:0f5c33af12]\ Maak dan je prullenbak leeg. Ondervind je nog problemen?[/quote:0f5c33af12] Hij lijkt wel weer de oude, inderdaad :D Harstikke bedankt, zonder je hulp was ik er never nooit niet uitgekomen. Die RemoveVideoActiveXObject, Combofix en VirtumundoBeGone bestanden en files, wat moet/kan ik daarmee doen? Nogmaals: Bedankt, Groeten Ferry
  • Graag gedaan hoor :) Die programma's en bijbehorende logfiles mag je allemaal verwijderen ;)
  • [quote:f23009c14d="smeenk"]Graag gedaan hoor :) Die programma's en bijbehorende logfiles mag je allemaal verwijderen ;)[/quote:f23009c14d] Okey, komt goed. Thanks, Groeten Ferry

Beantwoord deze vraag

Weet jij het antwoord op deze vraag? Registreer of meld je aan met je account

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.