Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Vundo and Other Viruses Found-Need Help


  • This topic is locked This topic is locked
19 replies to this topic

#1 sblax2000

sblax2000

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:37 PM

Posted 05 February 2009 - 07:06 PM

Please help me with the viruses that have infected my computer. Unfortunately, I have tried a few processes to resolve (with mild success), which are listed below.

Programs/processes that anti-malware found:
trojan.agent, trojan.bho, trojan.vundo, spyware agent.h, backdoor.bot, heuristics.reserved.wor.exploit, fake alert, backdoor.prorat, trojan.downlaoder, hijack.folderoptions, hijack.display.

Symptoms: System restore does not seem to function, haven't figured out if its possible to boot in safe mode, internet does not work, background says pc is infected and cannot be changed, etc.

So far, I have tried the following: Disabled wireless adapter, Anti-malware (which claimed to have removed the above list) and adaware. I tried to follow the wikihow article to remove vundo, but the vundofix program did not detect anything as it may have been removed by anti-malware. Currently, the computer is much slower than it was 3 days ago (prior to virus), and the internet still doesn't work. There may be other problems as well. Also, I cannot run sfc /scannow from the start/run menu.

Thanks in advance for your help.

This is not meant to bump my thread as I just posted it, I just want to attach the latest hijackthis report as I have one available.

I await instruction. Thanks.

Merged posts. ~ OB

Attached Files


Edited by Orange Blossom, 05 February 2009 - 07:39 PM.


BC AdBot (Login to Remove)

 


#2 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 11 February 2009 - 03:42 AM

Please download Malwarebytes' Anti-Malware from HERE or HERE

Note: If you already have Malwarebytes' Anti-Malware, just run and update it.. Then do a "Perform Full Scan"

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.




NEXT


Please download RSIT by random/random and save it to your Desktop.
  • Double click on RSIT.exe to run RSIT
  • Before you click "Continue", make sure you change the List files/folders created or modified in the last 3 months
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt and info.txt in your next reply.



NEXT


Please download GMER and unzip it to your Desktop.
  • Open the program and click on the Rootkit tab.
  • Make sure all the boxes on the right of the screen are checked, EXCEPT for ‘Show All’.
  • Click on Scan.
  • When the scan has run click Copy and paste the results into a Notepad >> save it and attach in this thread.


Post me these logs in your next reply.. Post each log in separate post..

1. Malwarebytes'
2. RSIT log.txt
3. RSIT info.txt
4. Attach GMER result..

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#3 sblax2000

sblax2000
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:37 PM

Posted 17 February 2009 - 03:46 AM

Malwarebytes' Anti-Malware 1.34
Database version: 1768
Windows 5.1.2600 Service Pack 3

2/17/2009 0:40:48
mbam-log-2009-02-17 (00-40-48).txt

Scan type: Full Scan (C:\|)
Objects scanned: 158943
Time elapsed: 44 minute(s), 14 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 2
Files Infected: 21

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\system32\userinit.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: system32\userinit.exe -> Quarantined and deleted successfully.

Folders Infected:
C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009 (Rogue.Multiple) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\IObit\Advanced SystemCare 3\readme.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Qoobox\Quarantine\C\WINDOWS\system32\_hnsf983ind.dll.vir (Trojan.Fraudtool) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\18.tmp (Spyware.Passwords) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\19.tmp (Spyware.Passwords) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\1C.tmp (Spyware.Passwords) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\23.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\25.tmp (Spyware.Passwords) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\2C.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\31.tmp (Spyware.Passwords) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\32.tmp (Spyware.Passwords) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\azton.mt (Worm.Mario) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\efcAPIYQ.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hgdfeeeh4fdg.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\_jkkLBrpp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\_wvUmjHWN.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\CrucialSoft Ltd\MS AntiSpyware 2009\msas2009.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\deviceemulator.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\undname.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\2.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\3.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\4.tmp (Trojan.Agent) -> Quarantined and deleted successfully.

#4 sblax2000

sblax2000
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:37 PM

Posted 17 February 2009 - 03:49 AM

Logfile of random's system information tool 1.05 (written by random/random)
Run by Ashleigh Day at 2009-02-17 00:48:11
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 25 GB (65%) free of 38 GB
Total RAM: 511 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:48:23 AM, on 2/17/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\System32\00THotkey.exe
C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE
C:\Program Files\TOSHIBA\TME3\TMEEJME.EXE
C:\Program Files\TOSHIBA\TME3\TMESBS32.EXE
C:\Program Files\TOSHIBA\DualPointUtility\TEDTray.exe
C:\WINDOWS\system32\TFNF5.exe
C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\TPWRTRAY.EXE
C:\toshiba\ivp\ism\pinger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe
C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Ashleigh Day\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Ashleigh Day.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [TMESRV.EXE] C:\Program Files\TOSHIBA\TME3\TMESRV31.EXE /Logon
O4 - HKLM\..\Run: [TMERzCtl.EXE] C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE /Service
O4 - HKLM\..\Run: [TMEEJME.EXE] C:\Program Files\TOSHIBA\TME3\TMEEJME.EXE
O4 - HKLM\..\Run: [TMESBS.EXE] C:\Program Files\TOSHIBA\TME3\TMESBS32.EXE /Client
O4 - HKLM\..\Run: [DpUtil] C:\Program Files\TOSHIBA\DualPointUtility\TEDTray.exe
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [TosHKCW.exe] "C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe"
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe /Type 25
O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Policies\Explorer\Run: [services] C:\WINDOWS\services.exe
O4 - HKUS\S-1-5-18\..\Run: [bnafzdcj.exe] C:\WINDOWS\bnafzdcj.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [lfzjeioa.exe] C:\WINDOWS\lfzjeioa.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [xlpjeapl.exe] C:\WINDOWS\xlpjeapl.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [bnafzdcj.exe] C:\WINDOWS\bnafzdcj.exe (User 'Default user')
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200305...meInstaller.exe
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.4.3.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - http://upload.facebook.com/controls/Facebo...toUploader2.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DVD-RAM_Service - Matsubleepa Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Tmesbs32 (Tmesbs) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe
O23 - Service: Tmesrv3 (Tmesrv) - TOSHIBA - C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 8045 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\At2.job
C:\WINDOWS\tasks\At3.job
C:\WINDOWS\tasks\At4.job
C:\WINDOWS\tasks\At5.job
C:\WINDOWS\tasks\At6.job
C:\WINDOWS\tasks\At7.job
C:\WINDOWS\tasks\At8.job
C:\WINDOWS\tasks\htptngft.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{62999427-33FC-4baf-9C9C-BCE6BD127F08} - DAP Bar - C:\Program Files\DAP\DAPIEBar.dll [2003-10-19 405504]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll [2003-05-15 147456]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-12-18 817936]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar4.dll [2007-01-19 2403392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=NvQTwk []
"nwiz"=nwiz.exe /installquiet []
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2002-12-25 180224]
"00THotkey"=C:\WINDOWS\System32\00THotkey.exe [2003-01-17 274432]
"000StTHK"=C:\WINDOWS\system32\000StTHK.exe [2001-06-23 45056]
"TMESRV.EXE"=C:\Program Files\TOSHIBA\TME3\TMESRV31.EXE [2003-01-21 143360]
"TMERzCtl.EXE"=C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE [2003-01-21 90112]
"TMEEJME.EXE"=C:\Program Files\TOSHIBA\TME3\TMEEJME.EXE [2003-01-21 86016]
"TMESBS.EXE"=C:\Program Files\TOSHIBA\TME3\TMESBS32.EXE [2002-11-29 106496]
"DpUtil"=C:\Program Files\TOSHIBA\DualPointUtility\TEDTray.exe [2003-01-07 196608]
"TFNF5"=C:\WINDOWS\system32\TFNF5.exe [2001-08-03 94208]
"TosHKCW.exe"=C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe [2002-09-09 69632]
"ezShieldProtector for Px"=C:\WINDOWS\System32\ezSP_Px.exe [2002-08-20 61440]
"TFncKy"=TFncKy.exe /Type 25 []
"Tpwrtray"=C:\WINDOWS\system32\TPWRTRAY.EXE [2002-12-10 258048]
"Pinger"=c:\toshiba\ivp\ism\pinger.exe [2002-10-17 180224]
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2006-09-28 77824]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-02-11 399504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 32768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"services"=C:\WINDOWS\services.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]
C:\Program Files\AIM\aim.exe -cnetwait.odl []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
C:\Program Files\Common Files\Symantec Shared\ccApp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccRegVfy]
C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cogad]
C:\Documents and Settings\Ashleigh Day\Application Data\cogad\cogad.exe 61A847B5BBF7281337983D466188719AB689201522886B092CBD44BD8689220221DD3257 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-13 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\delmsbb]
C:\WINDOWS\delmsbb.exe [2003-01-07 345088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeviceDiscovery]
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-05-21 249917]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DIGServices]
C:\Program Files\ESPNRunTime\DIGServices.exe [2005-05-19 119296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DIGStream]
C:\Program Files\DIGStream\digstream.exe [2005-05-18 303104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]
C:\Program Files\Winamp Remote\bin\OrbTray.exe [2008-01-07 516096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-09-06 434176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe [2003-10-31 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe [2005-11-10 57455]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\svhost]
nettbyll.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2005-11-29 200749]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViewMgr]
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe [2004-11-10 111816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk]
C:\PROGRA~1\Adobe\ACROBA~2.0\Distillr\acrotray.exe [2003-05-15 237673]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [1999-11-04 131072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Billminder.lnk]
C:\PROGRA~1\Quicken\billmind.exe [2009-01-09 25888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~3\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Program Neighborhood Agent.lnk]
C:\WINDOWS\Installer\{E89956F9-5B89-470E-818D-BD46102D0A01}\Icon80951CEC.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk]
C:\PROGRA~1\Quicken\bagent.exe [2009-01-09 87328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Startup.lnk]
[]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\thegboxt.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\thegboxt.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=FFFFFFFF
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Kazaa Lite K++\KazaaLite.kpp"="C:\Program Files\Kazaa Lite K++\KazaaLite.kpp:*:Enabled:KazaaLite"
"C:\Program Files\Trillian\trillian.exe"="C:\Program Files\Trillian\trillian.exe:*:Enabled:Trillian"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Macromedia\Dreamweaver MX\Dreamweaver.exe"="C:\Program Files\Macromedia\Dreamweaver MX\Dreamweaver.exe:*:Enabled:Dreamweaver MX"
"C:\Program Files\Starcraft\StarCraft.exe"="C:\Program Files\Starcraft\StarCraft.exe:*:Enabled:Starcraft"
"C:\Program Files\Warcraft III\War3.exe"="C:\Program Files\Warcraft III\War3.exe:*:Enabled:Warcraft III"
"C:\Program Files\Warcraft III\Frozen Throne.exe"="C:\Program Files\Warcraft III\Frozen Throne.exe:*:Enabled:Warcraft III - The Frozen Throne"
"C:\Program Files\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"\??\C:\WINDOWS\system32\winlogon.exe"="\??\C:\WINDOWS\system32\winlogon.exe:*:enabled:@shell32.dll,-1"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{004ee300-4fb0-11da-b290-00038a000015}]
shell\AutoRun\command - E:\driver\usb\–Ό‡‘Š•†‘Ν€ŒŽ
shell\open\command - E:\driver\usb\–Ό‡‘Š•†‘Ν€ŒŽ

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b57b2ca0-86ac-11dd-b6c8-00038a000015}]
shell\AutoRun\command - E:\driver\usb\–Ό‡‘Š•†‘Ν€ŒŽ
shell\open\command - E:\driver\usb\–Ό‡‘Š•†‘Ν€ŒŽ


======File associations======

.js - open - "C:\Program Files\Macromedia\Dreamweaver MX\Dreamweaver.exe" "%1"

======List of files/folders created in the last 3 months======

2009-02-16 23:36:17 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-02-16 23:28:58 ----A---- C:\WINDOWS\system32\3E.tmp
2009-02-16 23:28:57 ----A---- C:\WINDOWS\system32\3D.tmp
2009-02-16 23:28:55 ----A---- C:\WINDOWS\system32\3C.tmp
2009-02-16 23:15:29 ----A---- C:\WINDOWS\system32\IntelNic.dll
2009-02-16 23:15:29 ----A---- C:\WINDOWS\system32\e100bmsg.dll
2009-02-16 23:06:53 ----A---- C:\WINDOWS\system32\Prounstl.exe
2009-02-12 17:52:39 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$
2009-02-11 17:19:25 ----D---- C:\Avenger_new
2009-02-11 16:48:10 ----A---- C:\WINDOWS\ntbtlog.txt
2009-02-11 16:19:33 ----A---- C:\WINDOWS\system32\3B.tmp
2009-02-11 16:19:31 ----A---- C:\WINDOWS\system32\3A.tmp
2009-02-11 16:19:29 ----A---- C:\WINDOWS\system32\39.tmp
2009-02-11 16:14:00 ----A---- C:\WINDOWS\system32\38.tmp
2009-02-11 16:13:59 ----A---- C:\WINDOWS\system32\37.tmp
2009-02-11 16:10:50 ----D---- C:\a93942ce21fe60e1442e
2009-02-11 15:58:22 ----A---- C:\WINDOWS\system32\36.tmp
2009-02-11 15:58:17 ----A---- C:\WINDOWS\system32\35.tmp
2009-02-11 15:30:51 ----A---- C:\WINDOWS\system32\2D.tmp
2009-02-11 15:30:49 ----A---- C:\WINDOWS\system32\24.tmp
2009-02-10 17:49:34 ----A---- C:\WINDOWS\system32\27.tmp
2009-02-10 17:45:51 ----A---- C:\WINDOWS\system32\20.tmp
2009-02-10 16:05:32 ----A---- C:\WINDOWS\system32\1F.tmp
2009-02-10 15:27:51 ----A---- C:\WINDOWS\system32\2B.tmp
2009-02-10 15:04:15 ----A---- C:\WINDOWS\system32\22.tmp
2009-02-10 15:04:14 ----A---- C:\WINDOWS\system32\21.tmp
2009-02-10 15:01:23 ----A---- C:\WINDOWS\system32\1E.tmp
2009-02-10 15:01:20 ----A---- C:\WINDOWS\system32\14.tmp
2009-02-09 22:55:55 ----A---- C:\WINDOWS\system32\g++.exe
2009-02-09 22:55:55 ----A---- C:\WINDOWS\system32\34.tmp
2009-02-09 22:53:45 ----A---- C:\WINDOWS\system32\2A.tmp
2009-02-09 22:53:41 ----A---- C:\WINDOWS\system32\29.tmp
2009-02-09 22:53:39 ----A---- C:\WINDOWS\system32\28.tmp
2009-02-09 22:24:56 ----A---- C:\WINDOWS\system32\26.tmp
2009-02-09 22:22:15 ----A---- C:\WINDOWS\system32\13.tmp
2009-02-09 22:22:12 ----A---- C:\WINDOWS\system32\12.tmp
2009-02-09 22:22:10 ----A---- C:\WINDOWS\system32\11.tmp
2009-02-09 22:18:45 ----A---- C:\WINDOWS\system32\alunotify.exe
2009-02-09 22:18:45 ----A---- C:\WINDOWS\system32\1D.tmp
2009-02-09 19:32:35 ----A---- C:\WINDOWS\system32\1B.tmp
2009-02-09 19:22:18 ----A---- C:\WINDOWS\system32\zpeng25.dll
2009-02-09 19:22:18 ----A---- C:\WINDOWS\system32\vsxml.dll
2009-02-09 19:22:16 ----D---- C:\WINDOWS\system32\ZoneLabs
2009-02-09 19:22:15 ----D---- C:\Program Files\Zone Labs
2009-02-09 19:22:15 ----A---- C:\WINDOWS\system32\vspubapi.dll
2009-02-09 19:22:15 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2009-02-09 17:55:10 ----A---- C:\WINDOWS\system32\idag.exe
2009-02-09 17:55:10 ----A---- C:\WINDOWS\system32\33.tmp
2009-02-09 17:55:09 ----A---- C:\WINDOWS\system32\30.tmp
2009-02-09 17:55:08 ----A---- C:\WINDOWS\system32\2F.tmp
2009-02-09 17:55:07 ----A---- C:\WINDOWS\system32\2E.tmp
2009-02-09 17:54:33 ----A---- C:\WINDOWS\system32\vsutil.dll
2009-02-09 17:54:33 ----A---- C:\WINDOWS\system32\vsinit.dll
2009-02-09 17:54:33 ----A---- C:\WINDOWS\system32\vsdata.dll
2009-02-09 17:54:12 ----D---- C:\WINDOWS\Internet Logs
2009-02-09 17:48:18 ----HD---- C:\$AVG8.VAULT$
2009-02-09 17:47:52 ----A---- C:\WINDOWS\system32\1A.tmp
2009-02-09 17:47:51 ----A---- C:\WINDOWS\system32\17.tmp
2009-02-09 17:47:51 ----A---- C:\WINDOWS\system32\16.tmp
2009-02-09 17:47:49 ----A---- C:\WINDOWS\system32\15.tmp
2009-02-09 17:47:11 ----A---- C:\WINDOWS\system32\10.tmp
2009-02-09 15:25:57 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2009-02-09 12:11:37 ----D---- C:\rsit
2009-02-09 12:11:08 ----D---- C:\Program Files\Windows Installer Clean Up
2009-02-09 12:10:56 ----D---- C:\Program Files\MSECACHE
2009-02-09 12:06:38 ----D---- C:\Program Files\spybot - search & destroy
2009-02-09 11:44:21 ----D---- C:\SDFix
2009-02-09 11:22:14 ----RASHD---- C:\autorun.inf
2009-02-08 20:52:59 ----SHD---- C:\RECYCLER
2009-02-08 19:55:49 ----AD---- C:\WINDOWS\temp
2009-02-08 19:55:42 ----A---- C:\ComboFix.txt
2009-02-08 19:32:25 ----RASH---- C:\BOOT.BAK
2009-02-08 19:32:05 ----RSHD---- C:\cmdcons
2009-02-08 19:32:05 ----A---- C:\WINDOWS\UPGRADE.TXT
2009-02-08 19:32:02 ----D---- C:\WINDOWS\setup.pss
2009-02-08 18:55:51 ----D---- C:\WINDOWS\ERDNT
2009-02-08 18:55:51 ----D---- C:\Qoobox
2009-02-05 15:35:09 ----D---- C:\Program Files\Trend Micro
2009-02-05 14:57:52 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-02-04 20:46:48 ----D---- C:\Avenger_old
2009-02-03 23:51:46 ----A---- C:\WINDOWS\system32\_wvUlifCR.dll
2009-02-03 19:16:55 ----A---- C:\WINDOWS\adobe.bat
2009-02-03 00:57:55 ----A---- C:\WINDOWS\system32\9b41b444-.txt
2009-02-03 00:27:45 ----A---- C:\WINDOWS\system32\acXMLParser.dll
2009-02-03 00:27:44 ----A---- C:\WINDOWS\system32\cdintf300.dll
2009-01-13 20:02:42 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2008-12-30 14:51:49 ----A---- C:\WINDOWS\webica.ini
2008-12-30 14:51:49 ----A---- C:\COMLOG.txt
2008-12-30 14:48:35 ----D---- C:\Documents and Settings\Ashleigh Day\Application Data\Download Manager
2008-12-30 14:44:07 ----D---- C:\Program Files\CCleaner
2008-12-30 14:40:20 ----D---- C:\Documents and Settings\Ashleigh Day\Application Data\Malwarebytes
2008-12-30 14:40:09 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-12-29 08:41:55 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-12-29 08:41:40 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-12-28 15:36:14 ----D---- C:\WINDOWS\Prefetch
2008-12-28 15:18:42 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-12-28 15:18:32 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-12-28 15:18:21 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-12-28 15:18:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-12-28 15:17:56 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-12-28 15:17:45 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-28 15:17:30 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-12-28 15:17:19 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-28 15:17:09 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-12-28 15:16:56 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-12-28 15:16:46 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-12-28 15:16:35 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-12-28 15:16:25 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-12-28 15:16:16 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-12-28 15:16:04 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2008-12-28 15:15:52 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-12-28 15:15:43 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-12-28 15:15:32 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-12-28 15:15:21 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-12-28 15:15:12 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-12-28 15:06:03 ----D---- C:\WINDOWS\system32\scripting
2008-12-28 15:06:00 ----D---- C:\WINDOWS\l2schemas
2008-12-28 15:05:59 ----D---- C:\WINDOWS\system32\en
2008-12-28 15:05:59 ----D---- C:\Program Files\msn
2008-12-28 14:56:51 ----D---- C:\WINDOWS\network diagnostic
2008-12-26 11:50:23 ----D---- C:\Program Files\Citrix
2008-12-14 13:27:57 ----D---- C:\Documents and Settings\Ashleigh Day\Application Data\IObit
2008-12-14 13:27:55 ----D---- C:\Program Files\IObit
2008-12-14 03:06:29 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-14 03:06:20 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-14 03:02:11 ----HDC---- C:\WINDOWS\$NtUninstallKB954600_0$
2008-12-14 03:01:52 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$
2008-12-13 14:53:48 ----D---- C:\Simcity 2000
2008-11-23 22:09:02 ----A---- C:\WINDOWS\RMTOOLS.DLL
2008-11-23 22:08:59 ----D---- C:\MAXIS

======List of files/folders modified in the last 3 months======

2009-02-17 00:40:48 ----D---- C:\WINDOWS\system32
2009-02-16 23:36:23 ----D---- C:\WINDOWS\system32\drivers
2009-02-16 23:36:17 ----AD---- C:\Program Files
2009-02-16 23:35:53 ----D---- C:\WINDOWS
2009-02-16 23:35:53 ----A---- C:\WINDOWS\ModemLog_TOSHIBA Software Modem.txt
2009-02-16 23:34:34 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-16 23:00:24 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-16 22:23:42 ----HD---- C:\WINDOWS\inf
2009-02-12 17:51:54 ----HD---- C:\WINDOWS\$hf_mig$
2009-02-11 16:48:55 ----SHD---- C:\System Volume Information
2009-02-11 16:48:55 ----D---- C:\WINDOWS\system32\Restore
2009-02-11 16:13:24 ----SD---- C:\WINDOWS\Tasks
2009-02-11 16:10:57 ----D---- C:\WINDOWS\Debug
2009-02-11 16:06:50 ----D---- C:\WINDOWS\SoftwareDistribution
2009-02-10 15:28:16 ----SD---- C:\Documents and Settings\Ashleigh Day\Application Data\Microsoft
2009-02-09 22:11:46 ----SHD---- C:\WINDOWS\Installer
2009-02-09 22:11:46 ----SHD---- C:\Config.Msi
2009-02-09 22:07:04 ----D---- C:\Program Files\Java
2009-02-09 20:13:08 ----D---- C:\Program Files\Kazaa Lite K++
2009-02-09 20:12:27 ----D---- C:\Program Files\Winamp
2009-02-09 17:54:31 ----D---- C:\WINDOWS\WinSxS
2009-02-09 16:41:19 ----D---- C:\Program Files\Lavasoft
2009-02-09 16:41:09 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-02-09 16:35:53 ----D---- C:\Program Files\Common Files
2009-02-09 15:39:20 ----D---- C:\Documents and Settings
2009-02-09 15:30:44 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2009-02-09 15:25:56 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-02-09 09:59:32 ----RASH---- C:\boot.ini
2009-02-09 09:59:32 ----AC---- C:\WINDOWS\win.ini
2009-02-09 09:59:32 ----A---- C:\WINDOWS\system.ini
2009-02-08 19:42:15 ----D---- C:\WINDOWS\AppPatch
2009-02-08 19:04:54 ----D---- C:\WINDOWS\system32\config
2009-02-08 18:39:57 ----D---- C:\WINDOWS\Help
2009-02-08 18:27:28 ----D---- C:\Program Files\Bonjour
2009-02-08 12:02:43 ----HD---- C:\Program Files\InstallShield Installation Information
2009-02-04 20:59:32 ----D---- C:\WINDOWS\system32\CatRoot
2009-02-03 19:56:31 ----D---- C:\WINDOWS\system32\wbem
2009-02-03 19:53:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-02-03 19:53:23 ----D---- C:\Program Files\Quicken
2009-02-03 19:51:49 ----D---- C:\WINDOWS\Registration
2009-02-03 15:21:12 ----A---- C:\WINDOWS\system32\MRT.exe
2009-02-03 00:55:30 ----A---- C:\WINDOWS\system32\userinit.exe
2009-02-03 00:52:02 ----A---- C:\WINDOWS\system32\user32.DLL
2009-02-03 00:48:44 ----AC---- C:\WINDOWS\Quicken.ini
2009-02-01 19:38:00 ----AC---- C:\WINDOWS\CIV.INI
2009-01-25 15:13:20 ----D---- C:\Program Files\Warcraft III
2008-12-30 17:18:07 ----D---- C:\WINDOWS\Minidump
2008-12-30 14:50:35 ----D---- C:\Documents and Settings\Ashleigh Day\Application Data\ICAClient
2008-12-30 14:48:34 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-30 14:40:45 ----D---- C:\Program Files\CleanUp!
2008-12-28 15:39:15 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-28 15:35:30 ----D---- C:\WINDOWS\system32\Setup
2008-12-28 15:35:25 ----RSD---- C:\WINDOWS\Fonts
2008-12-28 15:15:23 ----D---- C:\Program Files\Messenger
2008-12-28 15:14:28 ----D---- C:\WINDOWS\security
2008-12-28 15:06:36 ----D---- C:\WINDOWS\ServicePackFiles
2008-12-28 15:06:32 ----D---- C:\WINDOWS\ime
2008-12-28 15:06:05 ----D---- C:\WINDOWS\system32\usmt
2008-12-28 15:06:05 ----D---- C:\WINDOWS\system32\en-US
2008-12-28 15:05:58 ----D---- C:\WINDOWS\system32\bits
2008-12-28 15:05:58 ----D---- C:\WINDOWS\peernet
2008-12-28 15:05:57 ----D---- C:\Program Files\Movie Maker
2008-12-28 15:00:41 ----D---- C:\WINDOWS\system32\npp
2008-12-28 15:00:37 ----D---- C:\WINDOWS\msagent
2008-12-28 15:00:35 ----D---- C:\WINDOWS\srchasst
2008-12-28 15:00:30 ----D---- C:\Program Files\NetMeeting
2008-12-28 15:00:28 ----D---- C:\WINDOWS\system32\Com
2008-12-28 15:00:23 ----D---- C:\Program Files\Windows NT
2008-12-28 15:00:23 ----D---- C:\Program Files\Windows Media Player
2008-12-28 15:00:22 ----D---- C:\Program Files\Outlook Express
2008-12-28 15:00:17 ----D---- C:\Program Files\Common Files\System
2008-12-28 14:59:44 ----D---- C:\WINDOWS\system32\oobe
2008-12-28 14:59:40 ----D---- C:\WINDOWS\system
2008-12-28 14:54:24 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-12-28 14:54:12 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-12-28 14:47:58 ----D---- C:\WINDOWS\EHome
2008-12-14 03:13:17 ----D---- C:\Program Files\Internet Explorer
2008-12-12 22:40:02 ----A---- C:\WINDOWS\system32\mshtml.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2004-10-07 35840]
R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2006-05-19 2432]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2006-05-19 2560]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 meiudf;meiudf; C:\WINDOWS\System32\Drivers\meiudf.sys [2002-11-15 90384]
R1 TMEI3E;TMEI3E; C:\WINDOWS\System32\Drivers\TMEI3E.SYS [2002-09-26 5760]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-08-29 12032]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2006-12-26 15440]
R2 irda;IrDA Protocol; C:\WINDOWS\System32\DRIVERS\irda.sys [2008-04-13 88192]
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Compatible Transport Protocol; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [2002-08-29 63232]
R2 NwlnkSpx;NWLink SPX/SPXII Protocol; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [2002-08-29 55936]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-08-21 98752]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\WINDOWS\System32\DRIVERS\AGRSM.sys [2002-11-22 1157856]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\System32\DRIVERS\Apfiltr.sys [2002-12-13 99577]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 E100B;Intel® PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2002-09-25 140800]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2006-12-26 34760]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2002-12-12 919338]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SMCIRDA;SMC IrCC Miniport Device Driver; C:\WINDOWS\System32\DRIVERS\smcirda.sys [2001-09-11 38425]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2002-11-04 519168]
R3 tsdhd;TOSHIBA SD Card Host Controller Driver; C:\WINDOWS\System32\DRIVERS\tsdhd.sys [2002-11-05 25888]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 w70n51;Intel® PRO/Wireless 7100 Adapter Driver; C:\WINDOWS\System32\DRIVERS\w70n51.sys [2003-01-13 2370688]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\System32\DRIVERS\wanatw4.sys [2002-10-04 33588]
S1 ethbmwyj;ethbmwyj; C:\WINDOWS\system32\drivers\ethbmwyj.sys [2009-02-11 138336]
S1 ethbsftc;ethbsftc; C:\WINDOWS\system32\drivers\ethbsftc.sys [2009-02-11 138336]
S1 ethequfa;ethequfa; C:\WINDOWS\system32\drivers\ethequfa.sys [2009-02-11 138336]
S1 ethfghfi;ethfghfi; C:\WINDOWS\system32\drivers\ethfghfi.sys [2009-02-11 138336]
S1 ethgbyty;ethgbyty; C:\WINDOWS\system32\drivers\ethgbyty.sys [2009-02-11 138336]
S1 ethjqemx;ethjqemx; C:\WINDOWS\system32\drivers\ethjqemx.sys [2009-02-11 138336]
S1 ethnnphb;ethnnphb; C:\WINDOWS\system32\drivers\ethnnphb.sys [2009-02-11 138336]
S1 ethtwsvr;ethtwsvr; C:\WINDOWS\system32\drivers\ethtwsvr.sys [2009-02-11 138336]
S1 ethwxizh;ethwxizh; C:\WINDOWS\system32\drivers\ethwxizh.sys [2009-02-11 138336]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S3 AR5211;Atheros AR5001 Wireless Network Adapter Service; C:\WINDOWS\System32\DRIVERS\ar5211.sys [2003-01-17 253248]
S3 Bridge;MAC Bridge; C:\WINDOWS\System32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BridgeMP;MAC Bridge Miniport; C:\WINDOWS\System32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 dot4;MS IEEE-1284.4 Driver; C:\WINDOWS\System32\DRIVERS\Dot4.sys [2008-04-13 206976]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 Dot4Scan;Scan Class Driver for IEEE-1284.4; C:\WINDOWS\System32\DRIVERS\Dot4Scan.sys [2001-08-17 8704]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\WINDOWS\System32\DRIVERS\dot4usb.sys [2001-08-17 23808]
S3 gv3;Intel GV3 Processor Driver; C:\WINDOWS\System32\DRIVERS\gv3.sys [2002-11-18 30976]
S3 Passthru;Passthru; C:\WINDOWS\system32\DRIVERS\ndisio.sys []
S3 pciSd;pciSd; C:\WINDOWS\System32\DRIVERS\tossdpci.sys [2002-10-09 15143]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 TBiosDrv;TBiosDrv; \??\C:\WINDOWS\System32\Drivers\Tbiosdrv.sys []
S3 tosrfec;Bluetooth ACPI from TOSHIBA; C:\WINDOWS\System32\DRIVERS\tosrfec.sys [2002-12-13 8541]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 vsdatant;vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 sr;System Restore Filter Driver; C:\WINDOWS\System32\DRIVERS\sr.sys [2008-04-13 73472]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 DVD-RAM_Service;DVD-RAM_Service; C:\WINDOWS\System32\DVDRAMSV.exe [2002-11-08 69632]
R2 Irmon;Infrared Monitor; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2002-12-12 81920]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-07-15 65536]
R2 Tmesbs;Tmesbs32; C:\Program Files\TOSHIBA\TME3\Tmesbs32.exe [2002-11-29 106496]
R2 Tmesrv;Tmesrv3; C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe [2003-01-21 143360]
R2 WANMiniportService;WAN Miniport (ATW) Service; C:\WINDOWS\wanmpsvc.exe [2002-10-04 86016]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 285184]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-26 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 90112]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 930816]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

-----------------EOF-----------------

#5 sblax2000

sblax2000
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:37 PM

Posted 17 February 2009 - 03:52 AM

Sorry for the delay, thank you for looking at my problem.

I tried to run Gmer but windows says gmer.exe has encountered a problem and needs to close.

Thanks.

#6 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 17 February 2009 - 04:26 AM

Please make sure you disable ALL of your Antivirus/Antispyware/Firewall before running ComboFix.. Please visit HERE if you don't know how.. Please re-enable them back after performing all steps given..

Please download ComboFix by sUBs from HERE or HERE or HERE and save it to your Desktop.

During the download, rename Combofix to Combo-Fix as follows:

Posted Image

Posted Image


It is important you rename Combofix during the download, but not after.

**NOTE: If you are using Firefox, make sure that your download settings are as follows:
  • Tools->Options->Main tab
  • Set to "Always ask me where to Save the files".

After that, double-click and run Combo-Fix. Let it finish its job and post the log here

If ComboFix asked you to install Recovery Console, please do so.. It will be your best interest..

Note: DON'T do anything with your computer while ComboFix is running.. Let ComboFix finishes its job..

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#7 sblax2000

sblax2000
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:37 PM

Posted 17 February 2009 - 02:01 PM

During the combo-fix, I received two errors, one was msas2009.exe encountered error and closed (I had deleted asas2009.exe yesterday). Combofix report follows:

ComboFix 09-02-15.01 - Ashleigh Day 2009-02-17 10:43:01.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.261 [GMT -8:00]
Running from: c:\documents and settings\Ashleigh Day\Desktop\Combo-Fix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\CrucialSoft Ltd
c:\windows\system32\e100bmsg.dll
c:\windows\system32\init32.exe
c:\windows\system32\okieuuk.dll
c:\windows\system32\win32hlp.cnf

c:\windows\system32\userinit.exe . . . is infected!!

c:\windows\system32\spoolsv.exe . . . is infected!!

c:\windows\explorer.exe . . . is infected!!

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_Passthru


((((((((((((((((((((((((( Files Created from 2009-01-17 to 2009-02-17 )))))))))))))))))))))))))))))))
.

2009-02-17 10:49 . 2009-02-17 10:49 <DIR> d-------- c:\documents and settings\All Users\Application Data\CrucialSoft Ltd
2009-02-17 10:49 . 2009-02-17 10:49 81,931 --a------ c:\windows\system32\7.tmp
2009-02-17 10:49 . 2009-02-17 10:49 48 --a------ c:\windows\system32\6.tmp
2009-02-17 10:39 . 2009-02-17 10:41 <DIR> d-------- C:\ComboFix
2009-02-17 10:32 . 2009-02-17 10:32 81,931 --a------ c:\windows\system32\5.tmp
2009-02-17 10:32 . 2009-02-17 10:32 48 --a------ c:\windows\system32\4.tmp
2009-02-17 10:01 . 2009-02-17 10:01 81,931 --a------ c:\windows\system32\3.tmp
2009-02-17 10:01 . 2009-02-17 10:01 48 --a------ c:\windows\system32\2.tmp
2009-02-16 23:36 . 2009-02-16 23:36 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-16 23:36 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-16 23:36 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-02-16 23:28 . 2009-02-16 23:29 81,931 --a------ c:\windows\system32\3E.tmp
2009-02-16 23:28 . 2009-02-16 23:28 88 --a------ c:\windows\system32\3C.tmp
2009-02-16 23:28 . 2009-02-16 23:28 1 --a------ c:\windows\system32\3D.tmp
2009-02-16 23:15 . 2002-09-25 06:09 140,800 --a------ c:\windows\system32\drivers\e100b325.sys
2009-02-16 23:15 . 2001-07-20 06:40 23,040 --a------ c:\windows\system32\IntelNic.dll
2009-02-16 23:15 . 2002-06-13 11:32 5,110 --a------ c:\windows\system32\e100b325.din
2009-02-16 23:06 . 2002-10-02 12:49 73,728 --a------ c:\windows\system32\Prounstl.exe
2009-02-11 17:19 . 2009-02-11 17:20 <DIR> d-------- C:\Avenger_new
2009-02-11 16:19 . 2009-02-11 16:19 164,708 --a------ c:\windows\system32\3A.tmp
2009-02-11 16:19 . 2009-02-11 16:19 32,256 --ah----- c:\documents and settings\Ashleigh Day\nneqbj.exe
2009-02-11 16:19 . 2009-02-11 16:19 24,577 --a------ c:\windows\system32\3B.tmp
2009-02-11 16:19 . 2009-02-11 16:19 128 --a------ c:\windows\system32\39.tmp
2009-02-11 16:14 . 2009-02-11 16:16 164,708 --a------ c:\windows\system32\38.tmp
2009-02-11 16:13 . 2009-02-11 16:14 128 --a------ c:\windows\system32\37.tmp
2009-02-11 16:10 . 2009-02-11 16:10 <DIR> d-------- C:\a93942ce21fe60e1442e
2009-02-11 16:01 . 2009-02-11 16:01 32,256 --ah----- c:\documents and settings\Ashleigh Day\gsdkrx.exe
2009-02-11 15:58 . 2009-02-11 16:01 102,995 --a------ c:\windows\system32\36.tmp
2009-02-11 15:58 . 2009-02-11 15:58 128 --a------ c:\windows\system32\35.tmp
2009-02-11 15:30 . 2009-02-11 15:33 163,652 --a------ c:\windows\system32\2D.tmp
2009-02-11 15:30 . 2009-02-11 15:30 128 --a------ c:\windows\system32\24.tmp
2009-02-10 17:49 . 2009-02-10 17:49 32,768 --ah----- c:\documents and settings\Ashleigh Day\kyr.exe
2009-02-10 17:49 . 2009-02-10 17:49 88 --a------ c:\windows\system32\27.tmp
2009-02-10 17:48 . 2009-02-10 17:48 32,768 --ah----- c:\documents and settings\Ashleigh Day\pbior.exe
2009-02-10 17:45 . 2009-02-10 17:46 88 --a------ c:\windows\system32\20.tmp
2009-02-10 16:05 . 2009-02-10 16:05 88 --a------ c:\windows\system32\1F.tmp
2009-02-10 15:30 . 2009-02-10 15:30 32,768 --ah----- c:\documents and settings\Ashleigh Day\ncvys.exe
2009-02-10 15:27 . 2009-02-10 15:27 88 --a------ c:\windows\system32\2B.tmp
2009-02-10 15:04 . 2009-02-10 15:04 129,861 --a------ c:\windows\system32\22.tmp
2009-02-10 15:04 . 2009-02-10 15:04 32,768 --ah----- c:\documents and settings\Ashleigh Day\cduados.exe
2009-02-10 15:04 . 2009-02-10 15:04 88 --a------ c:\windows\system32\21.tmp
2009-02-10 15:03 . 2009-02-10 15:03 32,768 --ah----- c:\documents and settings\Ashleigh Day\cbsmsv.exe
2009-02-10 15:01 . 2009-02-10 15:03 129,861 --a------ c:\windows\system32\1E.tmp
2009-02-10 15:01 . 2009-02-10 15:01 88 --a------ c:\windows\system32\14.tmp
2009-02-09 22:55 . 2009-02-09 22:55 64,512 --a------ c:\windows\system32\g++.exe
2009-02-09 22:55 . 2009-02-09 22:55 0 --a------ c:\windows\system32\34.tmp
2009-02-09 22:53 . 2009-02-09 22:55 37,951 --a------ c:\windows\system32\2A.tmp
2009-02-09 22:53 . 2009-02-09 22:53 29,184 --a------ c:\windows\system32\29.tmp
2009-02-09 22:53 . 2009-02-09 22:53 172 --a------ c:\windows\system32\28.tmp
2009-02-09 22:24 . 2009-02-09 22:24 0 --a------ c:\windows\system32\26.tmp
2009-02-09 22:22 . 2009-02-09 22:24 162,756 --a------ c:\windows\system32\13.tmp
2009-02-09 22:22 . 2009-02-09 22:22 29,184 --a------ c:\windows\system32\12.tmp
2009-02-09 22:22 . 2009-02-09 22:22 172 --a------ c:\windows\system32\11.tmp
2009-02-09 22:18 . 2009-02-09 22:18 64,512 --a------ c:\windows\system32\alunotify.exe
2009-02-09 22:18 . 2009-02-09 22:18 0 --a------ c:\windows\system32\1D.tmp
2009-02-09 19:33 . 2009-02-11 16:16 138,336 --a------ c:\windows\system32\drivers\ethwxizh.sys
2009-02-09 19:33 . 2009-02-11 16:16 138,336 --a------ c:\windows\system32\drivers\ethnnphb.sys
2009-02-09 19:33 . 2009-02-11 16:16 138,336 --a------ c:\windows\system32\drivers\ethgbyty.sys
2009-02-09 19:33 . 2009-02-11 16:16 138,336 --a------ c:\windows\system32\drivers\ethequfa.sys
2009-02-09 19:33 . 2009-02-11 16:16 138,336 --a------ c:\windows\system32\drivers\ethbmwyj.sys
2009-02-09 19:32 . 2009-02-11 16:16 138,336 --a------ c:\windows\system32\drivers\ethtwsvr.sys
2009-02-09 19:32 . 2009-02-11 16:16 138,336 --a------ c:\windows\system32\drivers\ethjqemx.sys
2009-02-09 19:32 . 2009-02-11 16:16 138,336 --a------ c:\windows\system32\drivers\ethfghfi.sys
2009-02-09 19:32 . 2009-02-11 16:16 138,336 --a------ c:\windows\system32\drivers\ethbsftc.sys
2009-02-09 19:32 . 2009-02-09 19:32 0 --a------ c:\windows\system32\1B.tmp
2009-02-09 19:22 . 2009-02-09 19:22 <DIR> d-------- c:\windows\system32\ZoneLabs
2009-02-09 19:22 . 2009-02-09 19:22 <DIR> d-------- c:\program files\Zone Labs
2009-02-09 19:22 . 2008-11-13 15:18 1,221,008 --a------ c:\windows\system32\zpeng25.dll
2009-02-09 19:21 . 2009-02-09 19:22 347,973 --a------ c:\windows\system32\vsconfig.xml
2009-02-09 17:55 . 2009-02-09 17:55 64,817 --a------ c:\windows\system32\30.tmp
2009-02-09 17:55 . 2009-02-09 17:55 64,512 --a------ c:\windows\system32\idag.exe
2009-02-09 17:55 . 2009-02-09 17:55 29,184 --a------ c:\windows\system32\2F.tmp
2009-02-09 17:55 . 2009-02-09 17:55 172 --a------ c:\windows\system32\2E.tmp
2009-02-09 17:55 . 2009-02-09 17:55 0 --a------ c:\windows\system32\33.tmp
2009-02-09 17:54 . 2009-02-09 19:22 <DIR> d-------- c:\windows\Internet Logs
2009-02-09 17:48 . 2009-02-09 21:01 <DIR> d--h----- C:\$AVG8.VAULT$
2009-02-09 17:47 . 2009-02-09 17:47 64,817 --a------ c:\windows\system32\17.tmp
2009-02-09 17:47 . 2009-02-09 17:47 29,184 --a------ c:\windows\system32\16.tmp
2009-02-09 17:47 . 2009-02-09 17:47 172 --a------ c:\windows\system32\15.tmp
2009-02-09 17:47 . 2009-02-09 17:47 0 --a------ c:\windows\system32\1A.tmp
2009-02-09 17:47 . 2009-02-09 17:47 0 --a------ c:\windows\system32\10.tmp
2009-02-09 15:49 . 2009-02-09 15:49 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Malwarebytes
2009-02-09 15:39 . 2003-01-29 14:49 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Symantec
2009-02-09 15:39 . 2003-01-29 16:15 <DIR> d-------- c:\documents and settings\Administrator\Application Data\InterVideo
2009-02-09 15:39 . 2003-01-29 14:00 <DIR> d-------- c:\documents and settings\Administrator\Application Data\InterTrust
2009-02-09 15:39 . 2003-01-29 14:41 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Drag'n Drop CD+DVD
2009-02-09 15:39 . 2009-02-09 17:04 <DIR> d-------- c:\documents and settings\Administrator
2009-02-09 15:25 . 2009-02-10 15:31 <DIR> d-------- c:\documents and settings\All Users\Application Data\avg8
2009-02-09 12:11 . 2009-02-09 12:11 <DIR> d-------- C:\rsit
2009-02-09 12:11 . 2009-02-09 12:11 <DIR> d-------- c:\program files\Windows Installer Clean Up
2009-02-09 12:10 . 2009-02-09 12:10 <DIR> d-------- c:\program files\MSECACHE
2009-02-09 12:06 . 2009-02-09 12:06 <DIR> d-------- c:\program files\spybot - search & destroy
2009-02-09 11:44 . 2008-11-06 02:03 <DIR> d-------- C:\SDFix
2009-02-05 15:35 . 2009-02-05 15:35 <DIR> d-------- c:\program files\Trend Micro
2009-02-05 14:57 . 2009-02-09 16:41 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2009-02-04 20:46 . 2009-02-04 20:47 <DIR> d-------- C:\Avenger_old
2009-02-03 23:51 . 2009-02-03 23:51 284,160 --a------ c:\windows\system32\_wvUlifCR.dll
2009-02-03 19:20 . 2009-02-03 19:20 33,920 --a------ c:\windows\system32\drivers\thegboxt.sys
2009-02-03 19:17 . 2009-02-11 16:19 67,072 ---h----- c:\windows\system32\secupdat.dat
2009-02-03 19:17 . 2009-02-03 19:39 5 --a------ c:\windows\_id.dat
2009-02-03 19:16 . 2009-02-11 16:18 128 --a------ c:\windows\adobe.bat
2009-02-03 00:56 . 2009-02-03 00:52 578,560 --a------ c:\windows\system32\fnoohf
2009-02-03 00:55 . 2009-02-03 00:55 142,848 --a--c--- c:\windows\system32\dllcache\userinit.exe
2009-02-03 00:52 . 2009-02-03 00:52 <DIR> d-------- c:\documents and settings\NetworkService\Application Data\Intuit
2009-02-03 00:52 . 2009-02-03 00:52 578,560 --a--c--- c:\windows\system32\dllcache\user32.dll
2009-02-03 00:52 . 2009-02-03 01:02 77,312 --a------ c:\windows\system32\re3d.pf
2009-02-03 00:52 . 2009-02-03 01:02 32,768 --a------ c:\windows\system32\rer.wa
2009-02-03 00:52 . 2009-02-03 01:02 32,768 --a------ c:\windows\system32\qzhr1.ant
2009-02-03 00:52 . 2009-02-03 01:02 28,672 --a------ c:\windows\system32\do8d.sr
2009-02-03 00:52 . 2009-02-03 01:02 28,672 --a------ c:\windows\system32\dedwf.lp
2009-02-03 00:27 . 2008-08-19 09:46 3,523,872 --a------ c:\windows\system32\cdintf300.dll
2009-02-03 00:27 . 2008-08-19 09:46 1,848,608 --a------ c:\windows\system32\acXMLParser.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-10 06:07 --------- d-----w c:\program files\Java
2009-02-10 04:13 --------- d-----w c:\program files\Kazaa Lite K++
2009-02-10 04:12 --------- d-----w c:\program files\Winamp
2009-02-10 00:41 --------- d-----w c:\program files\Lavasoft
2009-02-09 23:30 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec
2009-02-09 02:27 --------- d-----w c:\program files\Bonjour
2009-02-08 20:02 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-04 03:53 --------- d-----w c:\program files\Quicken
2009-01-25 23:13 --------- d-----w c:\program files\Warcraft III
2008-12-30 22:52 --------- d-----w c:\documents and settings\Ashleigh Day\Application Data\Download Manager
2008-12-30 22:50 --------- d-----w c:\documents and settings\Ashleigh Day\Application Data\ICAClient
2008-12-30 22:44 --------- d-----w c:\program files\CCleaner
2008-12-30 22:43 --------- d-----w c:\program files\Citrix
2008-12-30 22:40 --------- d-----w c:\program files\CleanUp!
2008-12-30 22:40 --------- d-----w c:\documents and settings\Ashleigh Day\Application Data\Malwarebytes
2008-12-30 22:40 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2004-01-27 10:09 49,080 -c--a-w c:\documents and settings\Ashleigh Day\Application Data\GDIPFONTCACHEV1.DAT
2003-11-17 16:24 18,607 -c--a-w c:\program files\setuplog.txt
2002-04-19 04:57 41,232 ----a-w c:\program files\opera\program\plugins\icalogon.dll
2002-04-19 04:57 24,848 ----a-w c:\program files\opera\program\plugins\pscript.dll
2002-04-19 04:57 41,232 ----a-w c:\program files\opera\program\plugins\sslasock.dll
2002-04-19 04:57 41,232 ----a-w c:\program files\opera\program\plugins\sslsdk_b.dll
.

------- Sigcheck -------

2008-04-13 16:12 1051136 0ed959b7ab50ea79c01c9c1c74f14c41 c:\windows\explorer.exe
2007-06-13 03:26 1050624 f1891718852ecf3c573c75c786070417 c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
2007-06-13 02:23 1050624 8bacd20944948f8cd16dac00988bc900 c:\windows\$NtServicePackUninstall$\explorer.exe
2004-08-03 23:56 1049600 72daac98feaff5678c3d0b44bfc5b18a c:\windows\$NtUninstallKB938828$\explorer.exe
2008-04-13 16:12 1051136 61191da0465ccd40b8df727253aead52 c:\windows\ServicePackFiles\i386\explorer.exe

2004-08-03 23:56 32768 5d40219e210c11baeea114abafddbfbf c:\windows\$NtServicePackUninstall$\ctfmon.exe
2008-04-13 16:12 32768 2d554507e7a09528ebe9e063701ed409 c:\windows\ServicePackFiles\i386\ctfmon.exe
2008-04-13 16:12 32768 021777bc8a55025412d3082b19d2fbad c:\windows\system32\ctfmon.exe

2005-06-10 15:53 75264 32f4448a0ee14ca69963205ed019eedd c:\windows\$hf_mig$\KB896423\SP2GDR\spoolsv.exe
2005-06-10 16:17 75264 6f32473cdb8891e37fadf7cb3b123c03 c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
2005-06-10 15:53 75264 b430eaf2714a9fa8f95f4750ef1eab6c c:\windows\$NtServicePackUninstall$\spoolsv.exe
2004-08-03 23:56 75264 27238d46fc7b226fd8465b115da05ee8 c:\windows\$NtUninstallKB896423$\spoolsv.exe
2002-08-29 04:00 68608 ad4bd4bc2060f842cb4907dad9a133f0 c:\windows\$NtUninstallKB896423_0$\spoolsv.exe
2008-04-13 16:12 75264 9d836e014403a1c85b323b7fd46adae3 c:\windows\ServicePackFiles\i386\spoolsv.exe
2008-04-13 16:12 75264 8438e88368f2155bb588fd8610f38872 c:\windows\system32\spoolsv.exe

2004-08-03 23:56 41984 677b3543cf2c2f334eefb2dcbef9bd16 c:\windows\$NtServicePackUninstall$\userinit.exe
2008-04-13 16:12 43520 0393b71e2c0a32c02ea0164251176e03 c:\windows\ServicePackFiles\i386\userinit.exe
2009-02-03 00:55 142848 5b8335422dc6d8839b21d7223307f187 c:\windows\system32\userinit.exe
2009-02-03 00:55 142848 5b8335422dc6d8839b21d7223307f187 c:\windows\system32\dllcache\userinit.exe
.
((((((((((((((((((((((((((((( SnapShot@2009-02-08_19.52.35.01 )))))))))))))))))))))))))))))))))))))))))
.
- 2005-10-21 04:02:28 184,320 ----a-w c:\windows\ERDNT\Hiv-backup\ERDNT.EXE
+ 2005-10-21 04:02:28 163,328 ----a-w c:\windows\ERDNT\Hiv-backup\ERDNT.EXE
- 2009-02-09 03:46:30 32,768 -c--a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-02-17 18:48:49 32,768 -c--a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2009-02-09 03:46:30 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-02-17 18:48:49 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2009-02-09 03:46:30 49,152 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-02-17 18:48:49 49,152 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2002-08-29 12:00:00 218,368 ----a-w c:\windows\system32\jumguwuy.dat
+ 2002-08-29 12:00:00 104,448 ----a-w c:\windows\system32\laiibkh.dll
- 2007-03-16 01:19:28 1,476,992 ----a-w c:\windows\system32\LegitCheckControl.dll
+ 2008-03-21 02:06:36 1,480,232 ----a-w c:\windows\system32\LegitCheckControl.dll
- 2009-01-10 01:35:28 20,853,704 ----a-w c:\windows\system32\MRT.exe
+ 2009-02-03 23:21:12 21,244,864 ----a-w c:\windows\system32\MRT.exe
- 2007-11-30 12:39:22 17,272 ----a-w c:\windows\system32\spmsg.dll
+ 2008-07-09 07:38:24 17,272 ------w c:\windows\system32\spmsg.dll
+ 2008-11-13 23:18:44 107,408 ----a-w c:\windows\system32\vsdata.dll
+ 2008-11-13 23:19:00 353,680 ----a-w c:\windows\system32\vsdatant.sys
+ 2008-11-13 23:18:44 216,464 ----a-w c:\windows\system32\vsinit.dll
+ 2008-11-13 23:18:44 107,408 ----a-w c:\windows\system32\vsmonapi.dll
+ 2008-11-13 23:18:44 310,160 ----a-w c:\windows\system32\vspubapi.dll
+ 2008-11-13 23:18:46 475,536 ----a-w c:\windows\system32\vsutil.dll
+ 2008-11-13 23:18:46 110,480 ----a-w c:\windows\system32\vsxml.dll
+ 2008-11-13 23:19:02 28,048 ----a-w c:\windows\system32\ZoneLabs\lib\Alert.zip.dll
+ 2008-11-13 23:19:02 322,960 ----a-w c:\windows\system32\ZoneLabs\lib\ConfigWizard.zip.dll
+ 2008-11-13 23:19:02 122,768 ----a-w c:\windows\system32\ZoneLabs\lib\DashBoard.zip.dll
+ 2008-11-13 23:19:02 331,664 ----a-w c:\windows\system32\ZoneLabs\lib\LicenseUI.zip.dll
+ 2008-11-13 23:18:44 106,896 ----a-w c:\windows\system32\ZoneLabs\vsdb.dll
+ 2008-11-13 23:18:56 2,405,776 ----a-w c:\windows\system32\ZoneLabs\vsmon.exe
+ 2007-11-07 04:23:58 224,768 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll
+ 2007-11-07 09:19:34 568,832 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll
+ 2007-11-07 09:19:34 655,872 ----a-w c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 32768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="NvQTwk" [X]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2002-12-25 180224]
"00THotkey"="c:\windows\System32\00THotkey.exe" [2003-01-17 10:41 274432]
"TMESRV.EXE"="c:\program files\TOSHIBA\TME3\TMESRV31.EXE" [2003-01-21 143360]
"TMERzCtl.EXE"="c:\program files\TOSHIBA\TME3\TMERzCtl.EXE" [2003-01-21 90112]
"TMEEJME.EXE"="c:\program files\TOSHIBA\TME3\TMEEJME.EXE" [2003-01-21 86016]
"TMESBS.EXE"="c:\program files\TOSHIBA\TME3\TMESBS32.EXE" [2002-11-29 106496]
"DpUtil"="c:\program files\TOSHIBA\DualPointUtility\TEDTray.exe" [2003-01-07 196608]
"TosHKCW.exe"="c:\program files\TOSHIBA\Wireless Hotkey\TosHKCW.exe" [2002-09-09 69632]
"ezShieldProtector for Px"="c:\windows\System32\ezSP_Px.exe" [2002-08-20 61440]
"Pinger"="c:\toshiba\ivp\ism\pinger.exe" [2002-10-17 180224]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 77824]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936]
"nwiz"="nwiz.exe" [2002-12-12 c:\windows\system32\nwiz.exe]
"000StTHK"="000StTHK.exe" [2001-06-23 20:28 45056 c:\windows\system32\000StTHK.exe]
"TFNF5"="TFNF5.exe" [2001-08-03 c:\windows\system32\TFNF5.exe]
"TFncKy"="TFncKy.exe" [BU]
"Tpwrtray"="TPWRTRAY.EXE" [2002-12-10 c:\windows\system32\TPWRTRAY.EXE]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
RAMASST.lnk - c:\windows\system32\RAMASST.exe [2003-01-29 172032]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\explorer.exe,"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i263_32.drv
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= DivXa32.acm
"VIDC.I263"= i263_32.drv
"msacm.L3CODECP"= L3CODECP.acm
"VIDC.D263"= xl_x263dec.dll
"msacm.ac3filter"= ac3filter.acm

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\thegboxt.sys]
@="Driver"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk]
backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Billminder.lnk]
backup=c:\windows\pss\Billminder.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Program Neighborhood Agent.lnk]
backup=c:\windows\pss\Program Neighborhood Agent.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk]
backup=c:\windows\pss\Quicken Scheduled Updates.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Startup.lnk]
backup=c:\windows\pss\Quicken Startup.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 22:16 39792 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2008-04-13 16:12 32768 c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\delmsbb]
--a--c--- 2003-01-07 01:56 345088 c:\windows\delmsbb.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeviceDiscovery]
--a--c--- 2003-05-21 17:37 249917 c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DIGServices]
--a--c--- 2005-05-19 13:55 119296 c:\program files\ESPNRunTime\DIGServices.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DIGStream]
--a--c--- 2005-05-18 14:49 303104 c:\program files\DIGStream\digstream.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-10-01 18:57 289576 c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]
--a------ 2008-01-07 12:02 516096 c:\program files\Winamp Remote\bin\OrbTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-09-06 14:09 434176 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a--c--- 2003-10-31 19:42 53248 c:\program files\ASUSTek\ASUSDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a--c--- 2005-11-10 13:03 57455 c:\program files\Java\jre1.5.0_06\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a--c--- 2005-11-29 20:30 200749 c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViewMgr]
--a--c--- 2004-11-10 20:15 111816 c:\program files\Viewpoint\Viewpoint Manager\ViewMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Trillian\\trillian.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Macromedia\\Dreamweaver MX\\Dreamweaver.exe"=
"c:\\Program Files\\Starcraft\\StarCraft.exe"=
"c:\\Program Files\\Warcraft III\\War3.exe"=
"c:\\Program Files\\Warcraft III\\Frozen Throne.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017

R0 thegboxt;thegboxt;c:\windows\system32\drivers\thegboxt.sys [2009-02-03 33920]
R1 TMEI3E;TMEI3E;c:\windows\system32\drivers\TMEI3E.sys [2003-01-29 5760]
R2 Tmesbs;Tmesbs32;c:\program files\Toshiba\TME3\tmesbs32.exe [2003-01-29 106496]
R2 Tmesrv;Tmesrv3;c:\program files\Toshiba\TME3\TMESRV31.exe [2003-01-29 143360]
S1 ethbmwyj;ethbmwyj;c:\windows\system32\drivers\ethbmwyj.sys [2009-02-09 138336]
S1 ethbsftc;ethbsftc;c:\windows\system32\drivers\ethbsftc.sys [2009-02-09 138336]
S1 ethequfa;ethequfa;c:\windows\system32\drivers\ethequfa.sys [2009-02-09 138336]
S1 ethfghfi;ethfghfi;c:\windows\system32\drivers\ethfghfi.sys [2009-02-09 138336]
S1 ethgbyty;ethgbyty;c:\windows\system32\drivers\ethgbyty.sys [2009-02-09 138336]
S1 ethjqemx;ethjqemx;c:\windows\system32\drivers\ethjqemx.sys [2009-02-09 138336]
S1 ethnnphb;ethnnphb;c:\windows\system32\drivers\ethnnphb.sys [2009-02-09 138336]
S1 ethtwsvr;ethtwsvr;c:\windows\system32\drivers\ethtwsvr.sys [2009-02-09 138336]
S1 ethwxizh;ethwxizh;c:\windows\system32\drivers\ethwxizh.sys [2009-02-09 138336]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ofkvyasu

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{004ee300-4fb0-11da-b290-00038a000015}]
\Shell\AutoRun\command - e:\driver\usb\–Ό‡‘Š•†‘Ν€ŒŽ
\Shell\open\command - e:\driver\usb\–Ό‡‘Š•†‘Ν€ŒŽ

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b57b2ca0-86ac-11dd-b6c8-00038a000015}]
\Shell\AutoRun\command - e:\driver\usb\–Ό‡‘Š•†‘Ν€ŒŽ
\Shell\open\command - e:\driver\usb\–Ό‡‘Š•†‘Ν€ŒŽ
.
Contents of the 'Scheduled Tasks' folder

2009-02-09 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe []

2009-02-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-02-12 c:\windows\Tasks\At1.job
- c:\windows\system32\unzcbmq.dll []

2009-02-11 c:\windows\Tasks\At2.job
- c:\windows\system32\unzcbmq.dll []

2009-02-11 c:\windows\Tasks\At3.job
- c:\windows\system32\unzcbmq.dll []

2009-02-11 c:\windows\Tasks\At4.job
- c:\windows\system32\unzcbmq.dll []

2009-02-11 c:\windows\Tasks\At5.job
- c:\windows\system32\unzcbmq.dll []

2009-02-12 c:\windows\Tasks\At6.job
- c:\windows\system32\unzcbmq.dll []

2009-02-11 c:\windows\Tasks\At7.job
- c:\windows\system32\unzcbmq.dll []

2009-02-12 c:\windows\Tasks\At8.job
- c:\windows\system32\unzcbmq.dll []

2009-02-17 c:\windows\Tasks\htptngft.job
- c:\windows\system32\yayyAsSJ.dll []
.
- - - - ORPHANS REMOVED - - - -

HKU-Default-Run-bnafzdcj.exe - c:\windows\bnafzdcj.exe
HKU-Default-Run-lfzjeioa.exe - c:\windows\lfzjeioa.exe
HKU-Default-Run-xlpjeapl.exe - c:\windows\xlpjeapl.exe
HKCU-Explorer_Run-services - c:\windows\services.exe
MSConfigStartUp-AIM - c:\program files\AIM\aim.exe
MSConfigStartUp-ccApp - c:\program files\Common Files\Symantec Shared\ccApp.exe
MSConfigStartUp-ccRegVfy - c:\program files\Common Files\Symantec Shared\ccRegVfy.exe
MSConfigStartUp-cogad - c:\documents and settings\Ashleigh Day\Application Data\cogad\cogad.exe
MSConfigStartUp-svhost - nettbyll.exe


.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
Handler: ms-its51 - {F6F1E82D-DE4D-11D2-875C-0000F8105754} - c:\program files\Common Files\Microsoft Shared\Information Retrieval\itss51.dll
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
Name-Space Handler: HTTPS\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-17 10:49:27
Windows 5.1.2600 Service Pack 3 NTFS

detected NTDLL code modification:
ZwOpenFile

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


c:\windows\system32\6.tmp 48 bytes
c:\windows\system32\7.tmp 81931 bytes

scan completed successfully
hidden files: 2

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(2328)
c:\program files\Bonjour\mdnsNSP.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\DVDRAMSV.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\windows\wanmpsvc.exe
c:\program files\Toshiba\TOSHIBA Controls\TFncKy.exe
c:\program files\Apoint2K\ApntEx.exe
.
**************************************************************************
.
Completion time: 2009-02-17 10:54:45 - machine was rebooted
ComboFix-quarantined-files.txt 2009-02-17 18:54:39
ComboFix2.txt 2009-02-09 03:55:42

Pre-Run: 26,108,821,504 bytes free
Post-Run: 26,137,415,680 bytes free

431 --- E O F --- 2009-02-13 01:52:48

#8 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 18 February 2009 - 01:22 AM

IMPORTANT!! Please read quote below.. It's important!!

Delete your version of ComboFix from your computer.. I suspect that you have Virut virus in the computer..


Some info about Virut.. It infects ALL executable files, in each and every partition the computer has, including any files inside the thumbdrive and external hard disk that been used with that computer...


Ok.. Looking at ComboFix log, I would advised you to start backup all of your valuable data/documents/pictures/movies/songs/etc.. Do NOT backup any applications/installer and Do NOT backup any .exe/.scr/.htm/.html/.xml/.zip/.rar files... We are looking for possible Virut or Sality infection, and if it is.. Then you might have to wipe the machine clean..

Make sure you back-up everything ONLY via CD or DVD (non-rewritable)




But lets do this first.. (after you backup all important stuff)...


From a clean computer, download these three files and burn them on a CD (Do not use thumbdrive or external hard disk).. We will need to run ALL programs DIRECTLY from the CD

rename.com (this is Dr.Web CureIt renamed by me)
ComboFix
AVZ Antiviral Toolkit (AVZ)




Step 1: rename.com


Run rename.com at the infected computer DIRECTLY from the CD
  • Double-click the rename.com file and Allow to run the express scan
  • This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, please do a re-scan.. This time, choose Complete Scan
  • Click the green arrow button at the right, and the scan will start.
  • After the scan finished, click Select all
  • Click on Cure and choose Move incurable
  • When the scan has finished, in the menu, click File and choose Save report list
  • Save the report to your Desktop. The report will be called DrWeb.csv
  • Close Dr.Web Cureit. Reboot your PC in Normal Mode, and post DrWeb.csv in your next reply (Open it as Notepad)



Step 2: AVZ

  • Unzip avz4 into the Desktop
  • Double click on AVZ.exe to run it.
  • Run an update by clicking the Auto Update button on the Right of the Log window: Posted Image
  • Click Start to begin the update.. (If you can't update it, just skip it..)
Note: If you recieve an error message, chose a different source, then click Start again



1. Start AVZ.
2. Choose from the menu File => Standard scripts and mark the 3. Healing/Quarantine and Advanced System Investigation check box.
3. Click on the Execute selected scripts.
4. Automatic scanning, healing and system check will be executed.
5. A logfile (avz_sysinfo.htm) will be created and saved in the LOG folder in the AVZ directory as virusinfo_syscure.zip.
6. It is necessary to reboot your machine, because AVZ might disturb some program operations (like antiviruses and firewall) during the system scan.
7. All applications will work properly after the system restart.


  • After that, please restart AVZ again,
  • From the "File" menu, choose "Standard Scripts"
  • Put a check next to item 2: Advanced System Investigation
  • Click Execute selected scripts
  • At the next prompt, click the OK button
  • Let the scan run and click "OK" when the completion prompt pops up
  • Now Close out of the Standard Scripts window, and exit AVZ
  • Navigate to the avz4 folder and locate the folder LOG
  • Inside the LOG folder you will find virusinfo_syscheck.htm and virusinfo_syscheck.zip
  • Attach virusinfo_syscheck.htm to your next reply



Step 3: ComboFix

Just double-click ComboFix directly from the CD and run it.. Remember to disable ALL Antivirus/Antispyware/Firewall first..



Post these logs in your next reply.. Each log in separate post..

1. rename.com (Dr.Web CureIt)
2. Attach virusinfo_syscheck.htm
3. ComboFix

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#9 sblax2000

sblax2000
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:37 PM

Posted 18 February 2009 - 04:03 AM

I have saved those files to a cd. Unfortunately, I ended up backing up my personal files to an external drive last week.

The situation has worsened, I am unable to start up the system in normal or safe mode. The windows loading screen fades to blue and nothing happens. I can run task manager, but that is it. What can I do? I can't get the the cd to run those programs.

Thanks.

#10 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 18 February 2009 - 05:48 AM

Open Task Manager (Ctrl + Alt + Del) and go to File >> New Task (Run...) >> type explorer.exe >> Enter

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#11 sblax2000

sblax2000
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:37 PM

Posted 18 February 2009 - 03:57 PM

Thanks, it took a while to figure out I needed to just run it in a new task. here is the dr web:

smagent.exe;c:\program files\analog devices\soundmax;Win32.Virut.56;Cured.;
apntex.exe;c:\program files\apoint2k;Win32.Virut.56;Cured.;
apoint.exe;c:\program files\apoint2k;Win32.Virut.56;Cured.;
idrivert.exe;c:\program files\common files\installshield\driver\11\intel 32;Win32.Virut.56;Cured.;
dap.exe;c:\program files\dap;Win32.Virut.56;Cured.;
msmsgs.exe;c:\program files\messenger;Win32.Virut.56;Cured.;
setup50.exe;c:\program files\outlook express;Win32.Virut.56;Cured.;
clonecdtray.exe;c:\program files\slysoft\clonecd;Win32.Virut.56;Cured.;
tedtray.exe;c:\program files\toshiba\dualpointutility;Win32.Virut.56;Cured.;
tmeejme.exe;c:\program files\toshiba\tme3;Win32.Virut.56;Cured.;
tmerzctl.exe;c:\program files\toshiba\tme3;Win32.Virut.56;Cured.;
tmesbs32.exe;c:\program files\toshiba\tme3;Win32.Virut.56;Cured.;
tmesrv31.exe;c:\program files\toshiba\tme3;Win32.Virut.56;Cured.;
tfncky.exe;c:\program files\toshiba\toshiba controls;Win32.Virut.56;Cured.;
toshkcw.exe;c:\program files\toshiba\wireless hotkey;Win32.Virut.56;Cured.;
wmpnetwk.exe;c:\program files\windows media player;Win32.Virut.56;Cured.;
pinger.exe;c:\toshiba\ivp\ism;Win32.Virut.56;Cured.;
explorer.exe;c:\windows;Win32.Virut.56;Cured.;
unregmp2.exe;c:\windows\inf;Win32.Virut.56;Cured.;
xpnetdiag.exe;c:\windows\network diagnostic;Win32.Virut.56;Cured.;
000stthk.exe;c:\windows\system32;Win32.Virut.56;Cured.;
00thotkey.exe;c:\windows\system32;Win32.Virut.56;Cured.;
alg.exe;c:\windows\system32;Win32.Virut.56;Cured.;
cisvc.exe;c:\windows\system32;Win32.Virut.56;Cured.;
clipsrv.exe;c:\windows\system32;Win32.Virut.56;Cured.;
ctfmon.exe;c:\windows\system32;Win32.Virut.56;Cured.;
dllhost.exe;c:\windows\system32;Win32.Virut.56;Cured.;
dmadmin.exe;c:\windows\system32;Win32.Virut.56;Cured.;
dvdramsv.exe;c:\windows\system32;Win32.Virut.56;Cured.;
ezsp_px.exe;c:\windows\system32;Win32.Virut.56;Cured.;
fxssvc.exe;c:\windows\system32;Win32.Virut.56;Cured.;
ie4uinit.exe;c:\windows\system32;Win32.Virut.56;Cured.;
ieudinit.exe;c:\windows\system32;Win32.Virut.56;Cured.;
imapi.exe;c:\windows\system32;Win32.Virut.56;Cured.;
locator.exe;c:\windows\system32;Win32.Virut.56;Cured.;
logon.scr;c:\windows\system32;Win32.Virut.56;Cured.;
logonui.exe;c:\windows\system32;Win32.Virut.56;Cured.;
mnmsrvc.exe;c:\windows\system32;Win32.Virut.56;Cured.;
msdtc.exe;c:\windows\system32;Win32.Virut.56;Cured.;
msiexec.exe;c:\windows\system32;Win32.Virut.56;Cured.;
netdde.exe;c:\windows\system32;Win32.Virut.56;Cured.;
ntsd.exe;c:\windows\system32;Win32.Virut.56;Cured.;
nvsvc32.exe;c:\windows\system32;Win32.Virut.56;Cured.;
nwiz.exe;c:\windows\system32;Win32.Virut.56;Cured.;
ramasst.exe;c:\windows\system32;Win32.Virut.56;Cured.;
regsvr32.exe;c:\windows\system32;Win32.Virut.56;Cured.;
rsvp.exe;c:\windows\system32;Win32.Virut.56;Cured.;
rundll32.exe;c:\windows\system32;Win32.Virut.56;Cured.;
scardsvr.exe;c:\windows\system32;Win32.Virut.56;Cured.;
sessmgr.exe;c:\windows\system32;Win32.Virut.56;Cured.;
shmgrate.exe;c:\windows\system32;Win32.Virut.56;Cured.;
smlogsvc.exe;c:\windows\system32;Win32.Virut.56;Cured.;
spoolsv.exe;c:\windows\system32;Win32.Virut.56;Cured.;
tfnf5.exe;c:\windows\system32;Win32.Virut.56;Cured.;
tpwrtray.exe;c:\windows\system32;Win32.Virut.56;Cured.;
ups.exe;c:\windows\system32;Win32.Virut.56;Cured.;
userinit.exe;c:\windows\system32;Win32.Virut.56;Cured.;
vssvc.exe;c:\windows\system32;Win32.Virut.56;Cured.;
winmgmt.exe;c:\windows\system32\wbem;Win32.Virut.56;Cured.;
wmiapsrv.exe;c:\windows\system32\wbem;Win32.Virut.56;Cured.;
wanmpsvc.exe;c:\windows;Win32.Virut.56;Cured.;
audiograbber.exe;C:\audiograbber;Win32.Virut.56;Cured.;
ndisio.sys;C:\Avenger_new;Trojan.NtRootKit.2561;Deleted.;
xpsp1hfm.exe;C:\c6fff3891cd97cce1fde6219c616e2;Win32.Virut.56;Cured.;
spuninst.exe;C:\c6fff3891cd97cce1fde6219c616e2\common;Win32.Virut.56;Cured.;
update.exe;C:\c6fff3891cd97cce1fde6219c616e2\common;Win32.Virut.56;Cured.;
spuninst.exe;C:\c6fff3891cd97cce1fde6219c616e2\sp2;Win32.Virut.56;Cured.;
update.exe;C:\c6fff3891cd97cce1fde6219c616e2\sp2\update;Win32.Virut.56;Cured.;
cbsmsv.exe;C:\Documents and Settings\Ashleigh Day;Win32.Virut.56;Cured.;
cbsmsv.exe;C:\Documents and Settings\Ashleigh Day;Trojan.Packed.154;Deleted.;
cduados.exe;C:\Documents and Settings\Ashleigh Day;Win32.Virut.56;Cured.;
cduados.exe;C:\Documents and Settings\Ashleigh Day;Trojan.Packed.154;Deleted.;
gsdkrx.exe;C:\Documents and Settings\Ashleigh Day;Win32.Virut.56;Cured.;
gsdkrx.exe;C:\Documents and Settings\Ashleigh Day;Trojan.Spambot.4336;Deleted.;
kyr.exe;C:\Documents and Settings\Ashleigh Day;Win32.Virut.56;Cured.;
kyr.exe;C:\Documents and Settings\Ashleigh Day;Trojan.Packed.154;Deleted.;
ncvys.exe;C:\Documents and Settings\Ashleigh Day;Win32.Virut.56;Cured.;
ncvys.exe;C:\Documents and Settings\Ashleigh Day;Trojan.Packed.154;Deleted.;
nneqbj.exe;C:\Documents and Settings\Ashleigh Day;Win32.Virut.56;Cured.;
nneqbj.exe;C:\Documents and Settings\Ashleigh Day;Trojan.Spambot.4336;Deleted.;
pbior.exe;C:\Documents and Settings\Ashleigh Day;Win32.Virut.56;Cured.;
pbior.exe;C:\Documents and Settings\Ashleigh Day;Trojan.Packed.154;Deleted.;
gmer.exe;C:\Documents and Settings\Ashleigh Day\Desktop;Win32.Virut.56;Cured.;
EXPAND.EXE;C:\Documents and Settings\Ashleigh Day\Desktop\Backup\I386;Win32.Virut.56;Cured.;
FAXPATCH.EXE;C:\Documents and Settings\Ashleigh Day\Desktop\Backup\I386;Win32.Virut.56;Cured.;
NETSETUP.EXE;C:\Documents and Settings\Ashleigh Day\Desktop\Backup\I386;Win32.Virut.56;Cured.;
NTSD.EXE;C:\Documents and Settings\Ashleigh Day\Desktop\Backup\I386;Win32.Virut.56;Cured.;
REGEDIT.EXE;C:\Documents and Settings\Ashleigh Day\Desktop\Backup\I386;Win32.Virut.56;Cured.;
SPNPINST.EXE;C:\Documents and Settings\Ashleigh Day\Desktop\Backup\I386;Win32.Virut.56;Cured.;
SYSPARSE.EXE;C:\Documents and Settings\Ashleigh Day\Desktop\Backup\I386;Win32.Virut.56;Cured.;
TELNET.EXE;C:\Documents and Settings\Ashleigh Day\Desktop\Backup\I386;Win32.Virut.56;Cured.;
WINNT32.EXE;C:\Documents and Settings\Ashleigh Day\Desktop\Backup\I386;Win32.Virut.56;Cured.;
AWDVSTUB.EXE;C:\Documents and Settings\Ashleigh Day\Desktop\Backup\I386\WIN9XMIG\FAX;Win32.Virut.56;Cured.;
MKNTFRMCACHE.EXE;C:\Documents and Settings\Ashleigh Day\Desktop\Backup\I386\WIN9XMIG\MAPI\DLL;Win32.Virut.56;Cured.;
ComboFix.exe/data002\32788R22FWJFW\c.bat;C:\Documents and Settings\Ashleigh Day\Desktop\Fixit programs\ComboFix.exe/data002;Probably BATCH.Virus;;
ComboFix.exe/data002\32788R22FWJFW\psexec.cfexe;C:\Documents and Settings\Ashleigh Day\Desktop\Fixit programs\ComboFix.exe/data002;Program.PsExec.171;;
data002;C:\Documents and Settings\Ashleigh Day\Desktop\Fixit programs;Archive contains infected objects;;
ComboFix.exe;C:\Documents and Settings\Ashleigh Day\Desktop\Fixit programs;Container contains infected objects;Moved.;
SDFix.exe\SDFix\apps\Process.exe;C:\Documents and Settings\Ashleigh Day\Desktop\Fixit programs\SDFix.exe;Tool.Prockill;;
SDFix.exe;C:\Documents and Settings\Ashleigh Day\Desktop\Fixit programs;Archive contains infected objects;Moved.;
RosoftAudioToolsFree.exe\data015;C:\Documents and Settings\Ashleigh Day\My Documents\My Deliveries\cnet\RosoftAudioToolsFree.exe;Adware.MyWay;;
RosoftAudioToolsFree.exe\data018;C:\Documents and Settings\Ashleigh Day\My Documents\My Deliveries\cnet\RosoftAudioToolsFree.exe;Adware.MyWay;;
RosoftAudioToolsFree.exe\data019;C:\Documents and Settings\Ashleigh Day\My Documents\My Deliveries\cnet\RosoftAudioToolsFree.exe;Adware.MyWay;;
RosoftAudioToolsFree.exe\data020;C:\Documents and Settings\Ashleigh Day\My Documents\My Deliveries\cnet\RosoftAudioToolsFree.exe;Adware.MyWay;;
RosoftAudioToolsFree.exe\data021;C:\Documents and Settings\Ashleigh Day\My Documents\My Deliveries\cnet\RosoftAudioToolsFree.exe;Adware.MyWay.origin;;
RosoftAudioToolsFree.exe\data024;C:\Documents and Settings\Ashleigh Day\My Documents\My Deliveries\cnet\RosoftAudioToolsFree.exe;Adware.nCase;;
RosoftAudioToolsFree.exe;C:\Documents and Settings\Ashleigh Day\My Documents\My Deliveries\cnet;Archive contains infected objects;Moved.;
Kazaap.EXE\data024;C:\Documents and Settings\Ashleigh Day\My Documents\My Deliveries\kdx\Kazaap.EXE;Trojan.StartPage;;
Kazaap.EXE;C:\Documents and Settings\Ashleigh Day\My Documents\My Deliveries\kdx;Archive contains infected objects;Moved.;
Protected_05_27_2004_08_40_36.asf;C:\Documents and Settings\Ashleigh Day\My Documents\My Music\downloads\0004BA7D;Trojan.DownLoader.1729;Deleted.;
arcview.exe;C:\ESRI\AV_GIS30\ARCVIEW\BIN32;Win32.Virut.56;Cured.;
AvUtilities.exe;C:\ESRI\AV_GIS30\ARCVIEW\BIN32;Win32.Virut.56;Cured.;
IMPORT71.EXE;C:\ESRI\AV_GIS30\ARCVIEW\BIN32;Win32.Virut.56;Cured.;
mifshape.exe;C:\ESRI\AV_GIS30\ARCVIEW\BIN32;Win32.Virut.56;Incurable.Moved.;
projutil.exe;C:\ESRI\AV_GIS30\ARCVIEW\BIN32;Win32.Virut.56;Cured.;
RPF_Idx.exe;C:\ESRI\AV_GIS30\ARCVIEW\BIN32;Win32.Virut.56;Cured.;
sdtsp2a.exe;C:\ESRI\AV_GIS30\ARCVIEW\BIN32;Win32.Virut.56;Cured.;
sdtsr2g.exe;C:\ESRI\AV_GIS30\ARCVIEW\BIN32;Win32.Virut.56;Cured.;
SHAPEDXF.EXE;C:\ESRI\AV_GIS30\ARCVIEW\BIN32;Win32.Virut.56;Incurable.Moved.;
avreports.exe;C:\ESRI\AV_GIS30\ARCVIEW\REPORTS;Win32.Virut.56;Cured.;
ESRIdqR3.exe;C:\ESRI\AV_GIS30\ARCVIEW\Samples\ext\esridqr3;Win32.Virut.56;Cured.;
ac3config.exe;C:\Program Files\AC3Filter;Win32.Virut.56;Cured.;
dialog_patch.exe;C:\Program Files\AC3Filter;Win32.Virut.56;Cured.;
CDCopier.exe;C:\Program Files\Adaptec\Easy CD Creator 5\Easy CD Creator;Win32.Virut.56;Cured.;
Creatr50.exe;C:\Program Files\Adaptec\Easy CD Creator 5\Easy CD Creator;Win32.Virut.56;Cured.;
SesApp.exe;C:\Program Files\Adaptec\Easy CD Creator 5\Easy CD Creator;Win32.Virut.56;Cured.;
vcdcr32.exe;C:\Program Files\Adaptec\Easy CD Creator 5\Easy CD Creator;Win32.Virut.56;Cured.;
PhRelay.exe;C:\Program Files\Adaptec\Easy CD Creator 5\PhotoRelay;Win32.Virut.56;Cured.;
sndstrm.exe;C:\Program Files\Adaptec\Easy CD Creator 5\SoundStream;Win32.Virut.56;Cured.;
VideoImp.exe;C:\Program Files\Adaptec\Easy CD Creator 5\VideoImpression;Win32.Virut.56;Cured.;
AcroRd32.exe;C:\Program Files\Adobe\Acrobat 5.0\Reader;Win32.Virut.56;Cured.;
Acrobat.exe;C:\Program Files\Adobe\Acrobat 6.0\Acrobat;Win32.Virut.56;Cured.;
AdobeUpdateManager.exe;C:\Program Files\Adobe\Acrobat 6.0\Acrobat;Win32.Virut.56;Cured.;
capserve.exe;C:\Program Files\Adobe\Acrobat 6.0\Acrobat\plug_ins\PaperCapture\Server\Roman;Win32.Virut.56;Cured.;
ConsoleApp.exe;C:\Program Files\Adobe\Acrobat 6.0\Acrobat\plug_ins\Printme;Win32.Virut.56;Cured.;
acroaum.exe;C:\Program Files\Adobe\Acrobat 6.0\Acrobat\Updater;Win32.Virut.56;Cured.;
Acrobat Elements.exe;C:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements;Win32.Virut.56;Cured.;
AdobeUpdateManager.exe;C:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements;Win32.Virut.56;Cured.;
acrodist.exe;C:\Program Files\Adobe\Acrobat 6.0\Distillr;Win32.Virut.56;Cured.;
acrotray.exe;C:\Program Files\Adobe\Acrobat 6.0\Distillr;Win32.Virut.56;Cured.;
setup.exe;C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig709\ENU_;Win32.Virut.56;Cured.;
ahv.exe;C:\Program Files\Adobe\Adobe Help Viewer\1.0;Win32.Virut.56;Cured.;
ImageReady.exe;C:\Program Files\Adobe\Photoshop 7.0;Win32.Virut.56;Cured.;
Photoshop.exe;C:\Program Files\Adobe\Photoshop 7.0;Win32.Virut.56;Cured.;
Droplet Template.exe;C:\Program Files\Adobe\Photoshop 7.0\Required;Win32.Virut.56;Cured.;
Constrain 350, Make JPG 30.exe;C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets;Win32.Virut.56;Cured.;
Constrain to 200x200 pixels.exe;C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets;Win32.Virut.56;Cured.;
Constrain to 64X64 pixels.exe;C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets;Win32.Virut.56;Cured.;
Make Button.exe;C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets;Win32.Virut.56;Cured.;
Make GIF (128 colors).exe;C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets;Win32.Virut.56;Cured.;
Make GIF (32, no dither).exe;C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets;Win32.Virut.56;Cured.;
Make GIF (64 colors).exe;C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets;Win32.Virut.56;Cured.;
Make JPEG (quality 10).exe;C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets;Win32.Virut.56;Cured.;
Make JPEG (quality 30).exe;C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets;Win32.Virut.56;Cured.;
Make JPEG (quality 60).exe;C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets;Win32.Virut.56;Cured.;
Multi-Size Save.exe;C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets;Win32.Virut.56;Cured.;
Unsharp Mask.exe;C:\Program Files\Adobe\Photoshop 7.0\Samples\Droplets\ImageReady Droplets;Win32.Virut.56;Cured.;
HotFix64.exe;C:\Program Files\Adobe\Security Update;Win32.Virut.56;Cured.;
asex.exe;C:\Program Files\All Sound Recorder XP;Win32.Virut.56;Cured.;
asr.exe;C:\Program Files\All Sound Recorder XP;Win32.Virut.56;Cured.;
AEEnable.exe;C:\Program Files\Analog Devices\SoundMAX;Win32.Virut.56;Cured.;
install.exe;C:\Program Files\Analog Devices\SoundMAX;Win32.Virut.56;Cured.;
RemADI.exe;C:\Program Files\Analog Devices\SoundMAX;Win32.Virut.56;Cured.;
Remove.exe;C:\Program Files\Analog Devices\SoundMAX;Win32.Virut.56;Cured.;
SMAgentI.exe;C:\Program Files\Analog Devices\SoundMAX;Win32.Virut.56;Cured.;
SMAgentX.exe;C:\Program Files\Analog Devices\SoundMAX;Win32.Virut.56;Cured.;
SMTray.exe;C:\Program Files\Analog Devices\SoundMAX;Win32.Virut.56;Cured.;
SMWizard.exe;C:\Program Files\Analog Devices\SoundMAX;Win32.Virut.56;Cured.;
pxlreg.exe;C:\Program Files\AnalyzerXL;Win32.Virut.56;Cured.;
Ezcapt.exe;C:\Program Files\Apoint2K;Win32.Virut.56;Cured.;
EzPopup.exe;C:\Program Files\Apoint2K;Win32.Virut.56;Cured.;
Uninstap.exe;C:\Program Files\Apoint2K;Win32.Virut.56;Cured.;
ASUSDVD.exe;C:\Program Files\ASUSTek\ASUSDVD;Win32.Virut.56;Cured.;
cldma.exe;C:\Program Files\ASUSTek\ASUSDVD;Win32.Virut.56;Cured.;
cltest.exe;C:\Program Files\ASUSTek\ASUSDVD;Win32.Virut.56;Cured.;
ddtester.exe;C:\Program Files\ASUSTek\ASUSDVD;Win32.Virut.56;Cured.;
dvdrgn.exe;C:\Program Files\ASUSTek\ASUSDVD;Win32.Virut.56;Cured.;
PDVDServ.exe;C:\Program Files\ASUSTek\ASUSDVD;Win32.Virut.56;Cured.;
migraten.exe;C:\Program Files\Citrix\icaweb32;Win32.Virut.56;Cured.;
wfcmoven.exe;C:\Program Files\Citrix\icaweb32;Win32.Virut.56;Cured.;
wfcrun32.exe;C:\Program Files\Citrix\icaweb32;Win32.Virut.56;Cured.;
wfica32.exe;C:\Program Files\Citrix\icaweb32;Win32.Virut.56;Cured.;
Civ3Edit.exe;C:\Program Files\Civ3;Win32.Virut.56;Cured.;
mythxpak.exe;C:\Program Files\Civ3;Win32.Virut.56;Cured.;
mythxuha.exe;C:\Program Files\Civ3;Win32.Virut.56;Cured.;
Cleanup.exe;C:\Program Files\CleanUp!;Win32.Virut.56;Cured.;
uninstall.exe;C:\Program Files\CleanUp!;Win32.Virut.56;Cured.;
licenseack.exe;C:\Program Files\Common Files\Adaptec Shared\CDEngine;Win32.Virut.56;Cured.;
createcd50.exe;C:\Program Files\Common Files\Adaptec Shared\CreateCD;Win32.Virut.56;Cured.;
CDLabel.exe;C:\Program Files\Common Files\Adaptec Shared\Label Creator;Win32.Virut.56;Cured.;
sndedit.exe;C:\Program Files\Common Files\Adaptec Shared\Sound Editor;Win32.Virut.56;Cured.;
RoxiScan.exe;C:\Program Files\Common Files\Adaptec Shared\Support;Win32.Virut.56;Cured.;
Adobe Gamma Loader.exe;C:\Program Files\Common Files\Adobe\Calibration;Win32.Virut.56;Cured.;
AdobeWorkgroupHelper.exe;C:\Program Files\Common Files\Adobe\Workflow;Win32.Virut.56;Cured.;
cltdiag.exe;C:\Program Files\Common Files\aolshare;Win32.Virut.56;Cured.;
sinf.exe;C:\Program Files\Common Files\aolshare\sysinfo;Win32.Virut.56;Cured.;
IDriver.exe;C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32;Win32.Virut.56;Cured.;
IDriver2.exe;C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32;Win32.Virut.56;Cured.;
IDriver.exe;C:\Program Files\Common Files\InstallShield\Driver\7\Intel 32;Win32.Virut.56;Cured.;
IKernel.exe;C:\Program Files\Common Files\InstallShield\Engine\6\Intel 32;Win32.Virut.56;Cured.;
knlwrap.exe;C:\Program Files\Common Files\InstallShield\Engine\6\Intel 32;Win32.Virut.56;Cured.;
DotNetInstaller.exe;C:\Program Files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32;Win32.Virut.56;Cured.;
DotNetInstaller.exe;C:\Program Files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32;Win32.Virut.56;Cured.;
launcher.exe;C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_05.b05;Win32.Virut.56;Cured.;
zipper.exe;C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_05.b05;Win32.Virut.56;Cured.;
launcher.exe;C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_06.b05;Win32.Virut.56;Cured.;
zipper.exe;C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_06.b05;Win32.Virut.56;Cured.;
ARTGALRY.EXE;C:\Program Files\Common Files\Microsoft Shared\Artgalry;Win32.Virut.56;Cured.;
CAG.EXE;C:\Program Files\Common Files\Microsoft Shared\Artgalry;Win32.Virut.56;Cured.;
eqnedt32.exe;C:\Program Files\Common Files\Microsoft Shared\Equation;Win32.Virut.56;Cured.;
ACMSETUP.EXE;C:\Program Files\Common Files\Microsoft Shared\Geography\Setup;Win32.Virut.56;Cured.;
msdraw.exe;C:\Program Files\Common Files\Microsoft Shared\MSDraw;Win32.Virut.56;Cured.;
msinfo32.exe;C:\Program Files\Common Files\Microsoft Shared\MSInfo;Win32.Virut.56;Cured.;
OFFPRV10.EXE;C:\Program Files\Common Files\Microsoft Shared\MSInfo;Win32.Virut.56;Cured.;
MSInfo32.exe;C:\Program Files\Common Files\Microsoft Shared\MsInfoRf;Win32.Virut.56;Cured.;
SrchAdmStp.exe;C:\Program Files\Common Files\Microsoft Shared\MSSearch\Bin;Win32.Virut.56;Cured.;
RefReg.exe;C:\Program Files\Common Files\Microsoft Shared\Reference Titles;Win32.Virut.56;Cured.;
SfcSvr10.exe;C:\Program Files\Common Files\Microsoft Shared\Reference Titles;Win32.Virut.56;Cured.;
ERS2000.EXE;C:\Program Files\Common Files\Microsoft Shared\Reference Titles\A;Win32.Virut.56;Cured.;
piolch.exe;C:\Program Files\Common Files\Microsoft Shared\Shoebox;Win32.Virut.56;Cured.;
sapisvr.exe;C:\Program Files\Common Files\Microsoft Shared\Speech;Win32.Virut.56;Cured.;
Wrdart32.exe;C:\Program Files\Common Files\Microsoft Shared\WordArt;Win32.Virut.56;Cured.;
WkCalRem.exe;C:\Program Files\Common Files\Microsoft Shared\Works Shared;Win32.Virut.56;Cured.;
wkscal.exe;C:\Program Files\Common Files\Microsoft Shared\Works Shared;Win32.Virut.56;Cured.;
rnuninst.exe;C:\Program Files\Common Files\Real\Update;Win32.Virut.56;Cured.;
r1puninst.exe;C:\Program Files\Common Files\Real\Update_OB;Win32.Virut.56;Cured.;
RealOneMessageCenter.exe;C:\Program Files\Common Files\Real\Update_OB;Win32.Virut.56;Cured.;
realsched.exe;C:\Program Files\Common Files\Real\Update_OB;Win32.Virut.56;Cured.;
rnxproc.exe;C:\Program Files\Common Files\Real\Update_OB;Win32.Virut.56;Cured.;
upgrdhlp.exe;C:\Program Files\Common Files\Real\Update_OB;Win32.Virut.56;Cured.;
mp3join.exe;C:\Program Files\Cool MP3 Splitter;Win32.Virut.56;Cured.;
splitter.exe;C:\Program Files\Cool MP3 Splitter;Win32.Virut.56;Cured.;
UpdateIPR.exe;C:\Program Files\CyberLink\Common;Win32.Virut.56;Cured.;
DAPBHO.dll;C:\Program Files\DAP;Adware.IEBar;Incurable.Moved.;
dapie.dll;C:\Program Files\DAP;Adware.Dap;Incurable.Moved.;
dapns.dll;C:\Program Files\DAP;Adware.Dap;Incurable.Moved.;
dapupd.exe;C:\Program Files\DAP;Win32.Virut.56;Cured.;
UNWISE.EXE;C:\Program Files\DAP;Win32.Virut.56;Cured.;
digstream.exe;C:\Program Files\DIGStream;Win32.Virut.56;Cured.;
UNWISE.EXE;C:\Program Files\DIGStream;Win32.Virut.56;Cured.;
config.exe;C:\Program Files\DivX\DivX Codec;Win32.Virut.56;Cured.;
Converter.exe;C:\Program Files\DivX\DivX Converter;Win32.Virut.56;Cured.;
Register_DivX.exe;C:\Program Files\DivX_311alpha;Win32.Virut.56;Cured.;
SetStereo.exe;C:\Program Files\DivX_311alpha;Win32.Virut.56;Cured.;
DragDrop.exe;C:\Program Files\Drag'n Drop CD+DVD\BinFiles;Win32.Virut.56;Cured.;
dume.exe;C:\Program Files\Drag'n Drop CD+DVD\BinFiles;Win32.Virut.56;Cured.;
ezSkinInstaller.exe;C:\Program Files\Drag'n Drop CD+DVD\BinFiles;Win32.Virut.56;Cured.;
AutoGrab.exe;C:\Program Files\Drag'n Drop CD+DVD\BUMS;Win32.Virut.56;Cured.;
StartAG.exe;C:\Program Files\Drag'n Drop CD+DVD\BUMS;Win32.Virut.56;Cured.;
DVDForm.exe;C:\Program Files\DVD-RAM\WinXP\DVD-RAM Driver;Win32.Virut.56;Cured.;
WPTool.exe;C:\Program Files\DVD-RAM\WinXP\DVD-RAM Driver;Win32.Virut.56;Cured.;
UNWISE.EXE;C:\Program Files\ESPN\Toolbar;Win32.Virut.56;Cured.;
uninstall.exe;C:\Program Files\ESPNMotion;Win32.Virut.56;Cured.;
DIGServices.exe;C:\Program Files\ESPNRunTime;Win32.Virut.56;Cured.;
DIGSvcUninstall.exe;C:\Program Files\ESPNRunTime;Win32.Virut.56;Cured.;
UNWISE.EXE;C:\Program Files\ESPNRunTime;Win32.Virut.56;Cured.;
Finale Viewer.exe;C:\Program Files\Finale Viewer;Win32.Virut.56;Cured.;
smUtils.exe;C:\Program Files\Finale Viewer;Win32.Virut.56;Cured.;
googleearth.exe;C:\Program Files\Google\Google Earth;Win32.Virut.56;Cured.;
gpsbabel.exe;C:\Program Files\Google\Google Earth;Win32.Virut.56;Cured.;
hpqaprnt.exe;C:\Program Files\Hewlett-Packard\Digital Imaging\Album;Win32.Virut.56;Cured.;
DestTest.exe;C:\Program Files\Hewlett-Packard\Digital Imaging\bin;Win32.Virut.56;Cured.;
hpotdd01.exe;C:\Program Files\Hewlett-Packard\Digital Imaging\bin;Win32.Virut.56;Cured.;
hpqanon.exe;C:\Program Files\Hewlett-Packard\Digital Imaging\bin;Win32.Virut.56;Cured.;
hpqaol08.exe;C:\Program Files\Hewlett-Packard\Digital Imaging\bin;Win32.Virut.56;Cured.;
hpqclpbd.exe;C:\Program Files\Hewlett-Packard\Digital Imaging\bin;Win32.Virut.56;Cured.;
Hpqdirec.exe;C:\Program Files\Hewlett-Packard\Digital Imaging\bin;Win32.Virut.56;Cured.;
hpqdstcp.exe;C:\Program Files\Hewlett-Packard\Digital Imaging\bin;Win32.Virut.56;Cured.;
hpqEmlsz.exe;C:\Program Files\Hewlett-Packard\Digital Imaging\bin;Win32.Virut.56;Cured.;
hpqfru07.exe;C:\Program Files\Hewlett-Packard\Digital Imaging\bin;Win32.Virut.56;Cured.;
hpqirs08.exe;C:\Program Files\Hewlett-Packard\Digital Imaging\bin;Win32.Virut.56;Cured.;
hpqpos08.exe;C:\Program Files\Hewlett-Packard\Digital Imaging\bin;Win32.Virut.56;Cured.;
hpqpprop.exe;C:\Program Files\Hewlett-Packard\Digital Imaging\bin;Win32.Virut.56;Cured.;
hpqprntw.exe;C:\Program Files\Hewlett-Packard\Digital Imaging\bin;Win32.Virut.56;Cured.;
hpqptc08.exe;C:\Program Files\Hewlett-Packard\Digital Imaging\bin;Win32.Virut.56;Cured.;
hpqqpj08.exe;C:\Program Files\Hewlett-Packard\Digital Imaging\bin;Win32.Virut.56;Cured.;
hpqtax08.exe;C:\Program Files\Hewlett-Packard\Digital Imaging\bin;Win32.Virut.56;Cured.;
hpqthb08.exe;C:\Program Files\Hewlett-Packard\Digital Imaging\bin;Win32.Virut.56;Cured.;
hpqudc08.exe;C:\Program Files\Hewlett-Packard\Digital Imaging\bin;Win32.Virut.56;Cured.;
hpqvwr08.exe;C:\Program Files\Hewlett-Packard\Digital Imaging\bin;Win32.Virut.56;Cured.;
hpqwrap.exe;C:\Program Files\Hewlett-Packard\Digital Imaging\bin;Win32.Virut.56;Cured.;
svtf.exe;C:\Program Files\Hewlett-Packard\Digital Imaging\bin;Win32.Virut.56;Cured.;
HPSysDig.exe;C:\Program Files\Hewlett-Packard\Digital Imaging\Diagnostics;Win32.Virut.56;Cured.;
PAstub.exe;C:\Program Files\Hewlett-Packard\Digital Imaging\Help;Win32.Virut.56;Cured.;
browser.exe;C:\Program Files\Hewlett-Packard\hp deskjet assistant\bin;Win32.Virut.56;Cured.;
printpcl.exe;C:\Program Files\Hewlett-Packard\hp deskjet assistant\bin;Win32.Virut.56;Cured.;
prnconf.exe;C:\Program Files\Hewlett-Packard\hp print screen utility;Win32.Virut.56;Cured.;
prnsys.exe;C:\Program Files\Hewlett-Packard\hp print screen utility;Win32.Virut.56;Cured.;
prnunins.exe;C:\Program Files\Hewlett-Packard\hp print screen utility\UnInstall;Win32.Virut.56;Cured.;
hpod.exe;C:\Program Files\Hewlett-Packard\Memories Disc;Win32.Virut.56;Cured.;
hpodinst.exe;C:\Program Files\Hewlett-Packard\Memories Disc;Win32.Virut.56;Cured.;
hpodlog.exe;C:\Program Files\Hewlett-Packard\Memories Disc;Win32.Virut.56;Cured.;
Setup.exe;C:\Program Files\InstallShield Installation Information\{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF};Win32.Virut.56;Cured.;
Setup.exe;C:\Program Files\InstallShield Installation Information\{3CF0858D-1AC5-4308-9DE7-AD15288A8BDC};Win32.Virut.56;Cured.;
Setup.exe;C:\Program Files\InstallShield Installation Information\{4701BF4D-9DBD-4F3B-953A-AFC3316E821B};Win32.Virut.56;Cured.;
Setup.exe;C:\Program Files\InstallShield Installation Information\{48CF9A66-5F03-4025-ABD0-B3A3FA095A59};Win32.Virut.56;Cured.;
Setup.exe;C:\Program Files\InstallShield Installation Information\{4D826618-59C6-11D4-976E-00C04F8EEB39};Win32.Virut.56;Cured.;
Setup.exe;C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1};Win32.Virut.56;Cured.;
Setup.exe;C:\Program Files\InstallShield Installation Information\{7862BAD8-A379-4128-8AA1-EFD5A9603C53};Win32.Virut.56;Cured.;
Setup.exe;C:\Program Files\InstallShield Installation Information\{7C21EEE0-E6FD-11D4-BD19-00D0B702AEC0};Win32.Virut.56;Cured.;
Setup.exe;C:\Program Files\InstallShield Installation Information\{8B4AB829-DFD3-436D-B808-D9733D76C590};Win32.Virut.56;Cured.;
Setup.exe;C:\Program Files\InstallShield Installation Information\{930B2432-43D4-11D5-9871-00C04F8EEB39};Win32.Virut.56;Cured.;
Setup.exe;C:\Program Files\InstallShield Installation Information\{9D765FA6-F2BC-40AF-8145-50808F9BDF4E};Win32.Virut.56;Cured.;
Setup.exe;C:\Program Files\InstallShield Installation Information\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD};Win32.Virut.56;Cured.;
Setup.exe;C:\Program Files\InstallShield Installation Information\{A5BA14E0-7384-11D4-BAE7-00409631A2C8};Win32.Virut.56;Cured.;
Setup.exe;C:\Program Files\InstallShield Installation Information\{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6};Win32.Virut.56;Cured.;
Setup.exe;C:\Program Files\InstallShield Installation Information\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D};Win32.Virut.56;Cured.;
Setup.exe;C:\Program Files\InstallShield Installation Information\{DDC146FA-73E0-4FA1-A353-841EA14BF600};Win32.Virut.56;Cured.;
Setup.exe;C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C};Win32.Virut.56;Cured.;
iedw.exe;C:\Program Files\Internet Explorer;Win32.Virut.56;Cured.;
IEXPLORE(2).EXE;C:\Program Files\Internet Explorer;Win32.Virut.56;Cured.;
icwconn1.exe;C:\Program Files\Internet Explorer\Connection Wizard;Win32.Virut.56;Cured.;
icwconn2.exe;C:\Program Files\Internet Explorer\Connection Wizard;Win32.Virut.56;Cured.;
icwrmind.exe;C:\Program Files\Internet Explorer\Connection Wizard;Win32.Virut.56;Cured.;
icwtutor.exe;C:\Program Files\Internet Explorer\Connection Wizard;Win32.Virut.56;Cured.;
inetwiz.exe;C:\Program Files\Internet Explorer\Connection Wizard;Win32.Virut.56;Cured.;
isignup.exe;C:\Program Files\Internet Explorer\Connection Wizard;Win32.Virut.56;Cured.;
keygen.exe;C:\Program Files\IObit\Advanced SystemCare 3;Win32.Virut.56;Cured.;
keygen.exe;C:\Program Files\IObit\Advanced SystemCare 3;Win32.Virut.56;Cured.;
setup.exe;C:\Program Files\IObit\Advanced SystemCare 3;Win32.Virut.56;Cured.;
setup.exe;C:\Program Files\IObit\Advanced SystemCare 3;Trojan.DownLoad.23641;Deleted.;
java.exe;C:\Program Files\Java\jre1.5.0_05\bin;Win32.Virut.56;Cured.;
javacpl.exe;C:\Program Files\Java\jre1.5.0_05\bin;Win32.Virut.56;Cured.;
javaw.exe;C:\Program Files\Java\jre1.5.0_05\bin;Win32.Virut.56;Cured.;
javaws.exe;C:\Program Files\Java\jre1.5.0_05\bin;Win32.Virut.56;Cured.;
jucheck.exe;C:\Program Files\Java\jre1.5.0_05\bin;Win32.Virut.56;Cured.;
jusched.exe;C:\Program Files\Java\jre1.5.0_05\bin;Win32.Virut.56;Cured.;
keytool.exe;C:\Program Files\Java\jre1.5.0_05\bin;Win32.Virut.56;Cured.;
kinit.exe;C:\Program Files\Java\jre1.5.0_05\bin;Win32.Virut.56;Cured.;
klist.exe;C:\Program Files\Java\jre1.5.0_05\bin;Win32.Virut.56;Cured.;
ktab.exe;C:\Program Files\Java\jre1.5.0_05\bin;Win32.Virut.56;Cured.;
orbd.exe;C:\Program Files\Java\jre1.5.0_05\bin;Win32.Virut.56;Cured.;
pack200.exe;C:\Program Files\Java\jre1.5.0_05\bin;Win32.Virut.56;Cured.;
policytool.exe;C:\Program Files\Java\jre1.5.0_05\bin;Win32.Virut.56;Cured.;
rmid.exe;C:\Program Files\Java\jre1.5.0_05\bin;Win32.Virut.56;Cured.;
rmiregistry.exe;C:\Program Files\Java\jre1.5.0_05\bin;Win32.Virut.56;Cured.;
servertool.exe;C:\Program Files\Java\jre1.5.0_05\bin;Win32.Virut.56;Cured.;
tnameserv.exe;C:\Program Files\Java\jre1.5.0_05\bin;Win32.Virut.56;Cured.;
unpack200.exe;C:\Program Files\Java\jre1.5.0_05\bin;Win32.Virut.56;Cured.;
java.exe;C:\Program Files\Java\jre1.5.0_06\bin;Win32.Virut.56;Cured.;
javacpl.exe;C:\Program Files\Java\jre1.5.0_06\bin;Win32.Virut.56;Cured.;
javaw.exe;C:\Program Files\Java\jre1.5.0_06\bin;Win32.Virut.56;Cured.;
javaws.exe;C:\Program Files\Java\jre1.5.0_06\bin;Win32.Virut.56;Cured.;
jucheck.exe;C:\Program Files\Java\jre1.5.0_06\bin;Win32.Virut.56;Cured.;
jusched.exe;C:\Program Files\Java\jre1.5.0_06\bin;Win32.Virut.56;Cured.;
keytool.exe;C:\Program Files\Java\jre1.5.0_06\bin;Win32.Virut.56;Cured.;
kinit.exe;C:\Program Files\Java\jre1.5.0_06\bin;Win32.Virut.56;Cured.;
klist.exe;C:\Program Files\Java\jre1.5.0_06\bin;Win32.Virut.56;Cured.;
ktab.exe;C:\Program Files\Java\jre1.5.0_06\bin;Win32.Virut.56;Cured.;
orbd.exe;C:\Program Files\Java\jre1.5.0_06\bin;Win32.Virut.56;Cured.;
pack200.exe;C:\Program Files\Java\jre1.5.0_06\bin;Win32.Virut.56;Cured.;
policytool.exe;C:\Program Files\Java\jre1.5.0_06\bin;Win32.Virut.56;Cured.;
rmid.exe;C:\Program Files\Java\jre1.5.0_06\bin;Win32.Virut.56;Cured.;
rmiregistry.exe;C:\Program Files\Java\jre1.5.0_06\bin;Win32.Virut.56;Cured.;
servertool.exe;C:\Program Files\Java\jre1.5.0_06\bin;Win32.Virut.56;Cured.;
tnameserv.exe;C:\Program Files\Java\jre1.5.0_06\bin;Win32.Virut.56;Cured.;
unpack200.exe;C:\Program Files\Java\jre1.5.0_06\bin;Win32.Virut.56;Cured.;
kontiki.exe;C:\Program Files\Kontiki\bin;Win32.Virut.56;Cured.;
kpgreader.exe;C:\Program Files\Kontiki\bin;Win32.Virut.56;Cured.;
KPlayer.exe;C:\Program Files\Kontiki\bin;Win32.Virut.56;Cured.;
ltmoh.exe;C:\Program Files\ltmoh;Win32.Virut.56;Cured.;
Dreamweaver.exe;C:\Program Files\Macromedia\Dreamweaver MX;Win32.Virut.56;Cured.;
java.exe;C:\Program Files\Macromedia\Dreamweaver MX\JVM\bin;Win32.Virut.56;Cured.;
javac.exe;C:\Program Files\Macromedia\Dreamweaver MX\JVM\bin;Win32.Virut.56;Cured.;
javaw.exe;C:\Program Files\Macromedia\Dreamweaver MX\JVM\bin;Win32.Virut.56;Cured.;
keytool.exe;C:\Program Files\Macromedia\Dreamweaver MX\JVM\bin;Win32.Virut.56;Cured.;
policytool.exe;C:\Program Files\Macromedia\Dreamweaver MX\JVM\bin;Win32.Virut.56;Cured.;
rmid.exe;C:\Program Files\Macromedia\Dreamweaver MX\JVM\bin;Win32.Virut.56;Cured.;
rmiregistry.exe;C:\Program Files\Macromedia\Dreamweaver MX\JVM\bin;Win32.Virut.56;Cured.;
tnameserv.exe;C:\Program Files\Macromedia\Dreamweaver MX\JVM\bin;Win32.Virut.56;Cured.;
Extension Manager.exe;C:\Program Files\Macromedia\Extension Manager;Win32.Virut.56;Cured.;
Replace.exe;C:\Program Files\Macromedia\Extension Manager;Win32.Virut.56;Cured.;
Fireworks.exe;C:\Program Files\Macromedia\Fireworks MX;Win32.Virut.56;Cured.;
Flash.exe;C:\Program Files\Macromedia\Flash MX;Win32.Virut.56;Cured.;
SAFlashPlayer.exe;C:\Program Files\Macromedia\Flash MX\Players;Win32.Virut.56;Cured.;
SAFlashPlayer.exe;C:\Program Files\Macromedia\Flash MX\Players\Debug;Win32.Virut.56;Cured.;
SAFlashPlayer.exe;C:\Program Files\Macromedia\Flash MX\Players\Release;Win32.Virut.56;Cured.;
FreeHand 10 Clipart Viewer.exe;C:\Program Files\Macromedia\FreeHand 10;Win32.Virut.56;Cured.;
FreeHand 10.exe;C:\Program Files\Macromedia\FreeHand 10;Win32.Virut.56;Cured.;
Macromedia Flash Player 6.exe;C:\Program Files\Macromedia\FreeHand 10;Win32.Virut.56;Cured.;
mbam.exe;C:\Program Files\Malwarebytes' Anti-Malware;Win32.Virut.56;Cured.;
msmsgsin.exe;C:\Program Files\Messenger;Win32.Virut.56;Cured.;
Civ3Edit.exe;C:\Program Files\MicroProse Software;Win32.Virut.56;Cured.;
mythxpak.exe;C:\Program Files\MicroProse Software;Win32.Virut.56;Cured.;
mythxuha.exe;C:\Program Files\MicroProse Software;Win32.Virut.56;Cured.;
Enc2000.exe;C:\Program Files\Microsoft Encarta\Encarta Encyclopedia 2000;Win32.Virut.56;Cured.;
nhome.exe;C:\Program Files\Microsoft Encarta\Encarta Encyclopedia 2000;Win32.Virut.56;Cured.;
swfix.exe;C:\Program Files\Microsoft Encarta\Encarta Encyclopedia 2000;Win32.Virut.56;Cured.;
unee2000.exe;C:\Program Files\Microsoft Encarta\Encarta Encyclopedia 2000;Win32.Virut.56;Cured.;
Streets & Trips 2000.exe;C:\Program Files\Microsoft Expedia Streets & Trips;Win32.Virut.56;Cured.;
AUTMAP71.EXE;C:\Program Files\Microsoft Expedia Streets & Trips\system;Win32.Virut.56;Cured.;
MCDLC.EXE;C:\Program Files\Microsoft Office\Office10;Win32.Virut.56;Cured.;
WAVTOASF.EXE;C:\Program Files\Microsoft Office\Office10;Win32.Virut.56;Cured.;
WINWORD.EXE;C:\Program Files\Microsoft Office\Office10;Win32.Virut.56;Cured.;
msworks.exe;C:\Program Files\Microsoft Works;Win32.Virut.56;Cured.;
wkfud.exe;C:\Program Files\Microsoft Works;Win32.Virut.56;Cured.;
wkgdcach.exe;C:\Program Files\Microsoft Works;Win32.Virut.56;Cured.;
wklnckml.exe;C:\Program Files\Microsoft Works;Win32.Virut.56;Cured.;
wkpdfsnf.exe;C:\Program Files\Microsoft Works;Win32.Virut.56;Cured.;
wkplmstp.exe;C:\Program Files\Microsoft Works;Win32.Virut.56;Cured.;
wksab.exe;C:\Program Files\Microsoft Works;Win32.Virut.56;Cured.;
wksdb.exe;C:\Program Files\Microsoft Works;Win32.Virut.56;Cured.;
WksProj.exe;C:\Program Files\Microsoft Works;Win32.Virut.56;Cured.;
wkssb.exe;C:\Program Files\Microsoft Works;Win32.Virut.56;Cured.;
wksss.exe;C:\Program Files\Microsoft Works;Win32.Virut.56;Cured.;
WksWP.exe;C:\Program Files\Microsoft Works;Win32.Virut.56;Cured.;
wkwcestp.exe;C:\Program Files\Microsoft Works;Win32.Virut.56;Cured.;
launcher.exe;C:\Program Files\Microsoft Works Suite 2000\Setup;Win32.Virut.56;Cured.;
sleep.exe;C:\Program Files\Microsoft Works Suite 2000\Setup;Win32.Virut.56;Cured.;
moviemk.exe;C:\Program Files\Movie Maker;Win32.Virut.56;Cured.;
ez.softmagic.mp3.splitter.&.joiner.3.2.(build.1)-patch.exe;C:\Program Files\MP3 Splitter & Joiner Pro;Win32.Virut.56;Cured.;
lame.exe;C:\Program Files\MP3 Splitter & Joiner Pro;Win32.Virut.56;Cured.;
Mp3matePro.exe;C:\Program Files\MP3 Splitter & Joiner Pro;Win32.Virut.56;Cured.;
msicuu.exe;C:\Program Files\MSECACHE\WICU3;Win32.Virut.56;Cured.;
MsiZapA.exe;C:\Program Files\MSECACHE\WICU3;Win32.Virut.56;Cured.;
MsiZapU.exe;C:\Program Files\MSECACHE\WICU3;Win32.Virut.56;Cured.;
MsiZap.exe;C:\Program Files\MSECACHE\WICU3\Ansi;Win32.Virut.56;Cured.;
MsiZap.exe;C:\Program Files\MSECACHE\WICU3\Unicode;Win32.Virut.56;Cured.;
bckgzm.exe;C:\Program Files\MSN Gaming Zone\Windows;Win32.Virut.56;Cured.;
chkrzm.exe;C:\Program Files\MSN Gaming Zone\Windows;Win32.Virut.56;Cured.;
hrtzzm.exe;C:\Program Files\MSN Gaming Zone\Windows;Win32.Virut.56;Cured.;
Rvsezm.exe;C:\Program Files\MSN Gaming Zone\Windows;Win32.Virut.56;Cured.;
shvlzm.exe;C:\Program Files\MSN Gaming Zone\Windows;Win32.Virut.56;Cured.;
zClientm.exe;C:\Program Files\MSN Gaming Zone\Windows;Win32.Virut.56;Cured.;
msnmsgr.exe;C:\Program Files\MSN Messenger;Win32.Virut.56;Cured.;
cb32.exe;C:\Program Files\NetMeeting;Win32.Virut.56;Cured.;
conf.exe;C:\Program Files\NetMeeting;Win32.Virut.56;Cured.;
wb32.exe;C:\Program Files\NetMeeting;Win32.Virut.56;Cured.;
opera.exe;C:\Program Files\Opera;Win32.Virut.56;Cured.;
MSIMN(2).EXE;C:\Program Files\Outlook Express;Win32.Virut.56;Cured.;
msimn.exe;C:\Program Files\Outlook Express;Win32.Virut.56;Cured.;
oemig50.exe;C:\Program Files\Outlook Express;Win32.Virut.56;Cured.;
wab.exe;C:\Program Files\Outlook Express;Win32.Virut.56;Cured.;
wabmig.exe;C:\Program Files\Outlook Express;Win32.Virut.56;Cured.;
setup.exe;C:\Program Files\Quicken\QWDELUXE\DISK1;Win32.Virut.56;Cured.;
setup.exe;C:\Program Files\Quicken\QWHB\DISK1;Win32.Virut.56;Cured.;
PictureViewer.exe;C:\Program Files\QuickTime;Win32.Virut.56;Cured.;
QTInfo.exe;C:\Program Files\QuickTime;Win32.Virut.56;Cured.;
QTTask.exe;C:\Program Files\QuickTime;Win32.Virut.56;Cured.;
ExportController.exe;C:\Program Files\QuickTime\QTSystem;Win32.Virut.56;Cured.;
QuickTimeUpdateHelper.exe;C:\Program Files\QuickTime\QTSystem;Win32.Virut.56;Cured.;
fixrjb.exe;C:\Program Files\Real\RealPlayer;Win32.Virut.56;Cured.;
realjbox.exe;C:\Program Files\Real\RealPlayer;Win32.Virut.56;Cured.;
realplay.exe;C:\Program Files\Real\RealPlayer;Win32.Virut.56;Cured.;
rphelperapp.exe;C:\Program Files\Real\RealPlayer;Win32.Virut.56;Cured.;
setup.exe;C:\Program Files\Real\RealPlayer\Setup;Win32.Virut.56;Cured.;
AddToItunes.exe;C:\Program Files\Replay7;Win32.Virut.56;Cured.;
asf2mp3.exe;C:\Program Files\Replay7;Win32.Virut.56;Cured.;
AUDIOCV.EXE;C:\Program Files\Replay7;Win32.Virut.56;Cured.;
CDWrite.exe;C:\Program Files\Replay7;Win32.Virut.56;Cured.;
ConvertUtility.exe;C:\Program Files\Replay7;Win32.Virut.56;Cured.;
faac.exe;C:\Program Files\Replay7;Win32.Virut.56;Cured.;
Guide.exe;C:\Program Files\Replay7;Win32.Virut.56;Cured.;
lame.exe;C:\Program Files\Replay7;Win32.Virut.56;Cured.;
LameSettings.exe;C:\Program Files\Replay7;Win32.Virut.56;Cured.;
mp3enc.exe;C:\Program Files\Replay7;Win32.Virut.56;Cured.;
ReplayAV.exe;C:\Program Files\Replay7;Win32.Virut.56;Cured.;
ReplayRadio.exe;C:\Program Files\Replay7;Win32.Virut.56;Cured.;
Tuner.exe;C:\Program Files\Replay7;Win32.Virut.56;Cured.;
WM8EUTIL.exe;C:\Program Files\Replay7;Win32.Virut.56;Cured.;
btdownloadgui.exe;C:\Program Files\Replay7\BitTornado;Win32.Virut.56;Cured.;
w9xpopen.exe;C:\Program Files\Replay7\BitTornado;Win32.Virut.56;Cured.;
MP3 Magic.exe;C:\Program Files\Replay7\MP3 Magic;Win32.Virut.56;Cured.;
mp3join.exe;C:\Program Files\Replay7\MP3 Magic;Win32.Virut.56;Cured.;
Replay Player.exe;C:\Program Files\Replay7\Replay Player;Win32.Virut.56;Cured.;
arfit.exe;C:\Program Files\Seagate Crystal Reports;Win32.Virut.56;Cured.;
c2rstub.exe;C:\Program Files\Seagate Crystal Reports;Win32.Virut.56;Cured.;
crw32.exe;C:\Program Files\Seagate Crystal Reports;Win32.Virut.56;Cured.;
dexpert.exe;C:\Program Files\Seagate Crystal Reports;Win32.Virut.56;Cured.;
dsx32.exe;C:\Program Files\Seagate Crystal Reports;Win32.Virut.56;Cured.;
rptglanc.exe;C:\Program Files\Seagate Crystal Reports;Win32.Virut.56;Cured.;
sysdb32.exe;C:\Program Files\Seagate Crystal Reports;Win32.Virut.56;Cured.;
setup.exe;C:\Program Files\Seagate Crystal Reports\RptStp32;Win32.Virut.56;Cured.;
setup.exe;C:\Program Files\Seagate Crystal Reports\Uninst32;Win32.Virut.56;Cured.;
sschart.exe;C:\Program Files\Seagate Software\SSChart;Win32.Virut.56;Cured.;
CloneCD.exe;C:\Program Files\SlySoft\CloneCD;Win32.Virut.56;Cured.;
HelpLauncher.exe;C:\Program Files\SlySoft\CloneCD;Win32.Virut.56;Cured.;
BNUpdate.exe;C:\Program Files\Starcraft;Win32.Virut.56;Cured.;
StarCraft.exe;C:\Program Files\Starcraft;Win32.Virut.56;Cured.;
StarEdit.exe;C:\Program Files\Starcraft;Win32.Virut.56;Cured.;
SDVDC.exe;C:\Program Files\Super DVD Creator4.0;Win32.Virut.56;Cured.;
BTSeting.exe;C:\Program Files\Toshiba\Bluetooth Toshiba Stack;Win32.Virut.56;Cured.;
BTWLANDP.EXE;C:\Program Files\Toshiba\Bluetooth Toshiba Stack;Win32.Virut.56;Cured.;
ECCenter.exe;C:\Program Files\Toshiba\Bluetooth Toshiba Stack;Win32.Virut.56;Cured.;
SCenter.exe;C:\Program Files\Toshiba\Bluetooth Toshiba Stack;Win32.Virut.56;Cured.;
tbpwiz.exe;C:\Program Files\Toshiba\Bluetooth Toshiba Stack;Win32.Virut.56;Cured.;
TosBtInit.exe;C:\Program Files\Toshiba\Bluetooth Toshiba Stack;Win32.Virut.56;Cured.;
TosBtMng.exe;C:\Program Files\Toshiba\Bluetooth Toshiba Stack;Win32.Virut.56;Cured.;
TosBtNCS.exe;C:\Program Files\Toshiba\Bluetooth Toshiba Stack;Win32.Virut.56;Cured.;
TosBtNSS.exe;C:\Program Files\Toshiba\Bluetooth Toshiba Stack;Win32.Virut.56;Cured.;
TosBtProc.exe;C:\Program Files\Toshiba\Bluetooth Toshiba Stack;Win32.Virut.56;Cured.;
TosOBEX.exe;C:\Program Files\Toshiba\Bluetooth Toshiba Stack;Win32.Virut.56;Cured.;
cfmain.exe;C:\Program Files\Toshiba\ConfigFree;Win32.Virut.56;Cured.;
diagnote.exe;C:\Program Files\Toshiba\ConfigFree;Win32.Virut.56;Cured.;
NDSBrow.exe;C:\Program Files\Toshiba\ConfigFree;Win32.Virut.56;Cured.;
NDSDiag.exe;C:\Program Files\Toshiba\ConfigFree;Win32.Virut.56;Cured.;
NDSTray.exe;C:\Program Files\Toshiba\ConfigFree;Win32.Virut.56;Cured.;
redirect.exe;C:\Program Files\Toshiba\ConfigFree;Win32.Virut.56;Cured.;
TOSSDfmt.exe;C:\Program Files\Toshiba\SD Format;Win32.Virut.56;Cured.;
DockMode.exe;C:\Program Files\Toshiba\TME3;Win32.Virut.56;Cured.;
TInTouch.exe;C:\Program Files\Toshiba\TOSHIBA Console;Win32.Virut.56;Cured.;
UNWISE.EXE;C:\Program Files\Toshiba\Toshiba Tbiosdrv Driver;Win32.Virut.56;Cured.;
FNESSE32.EXE;C:\Program Files\Toshiba\Windows Utilities;Win32.Virut.56;Cured.;
TACSPROP.EXE;C:\Program Files\Toshiba\Windows Utilities;Win32.Virut.56;Cured.;
ThotUtil.exe;C:\Program Files\Toshiba\Windows Utilities;Win32.Virut.56;Cured.;
TOSPU.EXE;C:\Program Files\Toshiba\Windows Utilities\SVPWTool;Win32.Virut.56;Cured.;
HKCWterm.exe;C:\Program Files\Toshiba\Wireless Hotkey;Win32.Virut.56;Cured.;
UNWISE.EXE;C:\Program Files\Toshiba Access Files;Win32.Virut.56;Cured.;
Ashleigh Day.exe;C:\Program Files\Trend Micro\HijackThis;Win32.Virut.56;Cured.;
HijackThis.exe;C:\Program Files\Trend Micro\HijackThis;Win32.Virut.56;Cured.;
MtsAxInstaller.exe;C:\Program Files\Viewpoint\Viewpoint Experience Technology;Win32.Virut.56;Cured.;
ViewMgrInstaller.exe;C:\Program Files\Viewpoint\Viewpoint Manager;Win32.Virut.56;Cured.;
BNUpdate.exe;C:\Program Files\Warcraft III;Win32.Virut.56;Cured.;
Frozen Throne.exe;C:\Program Files\Warcraft III;Win32.Virut.56;Cured.;
war3.exe;C:\Program Files\Warcraft III;Win32.Virut.56;Cured.;
Warcraft III.exe;C:\Program Files\Warcraft III;Win32.Virut.56;Cured.;
World Editor.exe;C:\Program Files\Warcraft III;Win32.Virut.56;Cured.;
worldedit.exe;C:\Program Files\Warcraft III;Win32.Virut.56;Cured.;
winamp.exe;C:\Program Files\Winamp;Win32.Virut.56;Cured.;
winampa.exe;C:\Program Files\Winamp;Win32.Virut.56;Cured.;
G-Force.exe;C:\Program Files\Winamp\Plugins\G-Force;Win32.Virut.56;Cured.;
CrashReporter.exe;C:\Program Files\Winamp Remote\bin;Win32.Virut.56;Cured.;
demork.exe;C:\Program Files\Winamp Remote\bin;Win32.Virut.56;Cured.;
Orb.exe;C:\Program Files\Winamp Remote\bin;Win32.Virut.56;Cured.;
OrbMediaService.exe;C:\Program Files\Winamp Remote\bin;Win32.Virut.56;Cured.;
OrbStreamerClient.exe;C:\Program Files\Winamp Remote\bin;Win32.Virut.56;Cured.;
OrbTray.exe;C:\Program Files\Winamp Remote\bin;Win32.Virut.56;Cured.;
OrbTVBuffer.exe;C:\Program Files\Winamp Remote\bin;Win32.Virut.56;Cured.;
w9xpopen.exe;C:\Program Files\Winamp Remote\bin;Win32.Virut.56;Cured.;
msicuu.exe;C:\Program Files\Windows Installer Clean Up;Win32.Virut.56;Cured.;
MsiZap.exe;C:\Program Files\Windows Installer Clean Up;Win32.Virut.56;Cured.;
wmccds.exe;C:\Program Files\Windows Media Connect 2;Win32.Virut.56;Cured.;
WMCCFG.exe;C:\Program Files\Windows Media Connect 2;Win32.Virut.56;Cured.;
dlimport.exe;C:\Program Files\Windows Media Player;Win32.Virut.56;Cured.;
migrate.exe;C:\Program Files\Windows Media Player;Win32.Virut.56;Cured.;
mplayer2.exe;C:\Program Files\Windows Media Player;Win32.Virut.56;Cured.;
setup_wm.exe;C:\Program Files\Windows Media Player;Win32.Virut.56;Cured.;
wmdbexport.exe;C:\Program Files\Windows Media Player;Win32.Virut.56;Cured.;
wmlaunch.exe;C:\Program Files\Windows Media Player;Win32.Virut.56;Cured.;
wmpenc.exe;C:\Program Files\Windows Media Player;Win32.Virut.56;Cured.;
wmplayer.exe;C:\Program Files\Windows Media Player;Win32.Virut.56;Cured.;
wmpnscfg.exe;C:\Program Files\Windows Media Player;Win32.Virut.56;Cured.;
wmpshare.exe;C:\Program Files\Windows Media Player;Win32.Virut.56;Cured.;
wmsetsdk.exe;C:\Program Files\Windows Media Player;Win32.Virut.56;Cured.;
G-Force.exe;C:\Program Files\Windows Media Player\Visualizations\G-Force;Win32.Virut.56;Cured.;
dialer.exe;C:\Program Files\Windows NT;Win32.Virut.56;Cured.;
hypertrm.exe;C:\Program Files\Windows NT;Win32.Virut.56;Cured.;
wordpad.exe;C:\Program Files\Windows NT\Accessories;Win32.Virut.56;Cured.;
pinball.exe;C:\Program Files\Windows NT\Pinball;Win32.Virut.56;Cured.;
Rar.exe;C:\Program Files\WinRAR;Win32.Virut.56;Cured.;
RarExtLoader.exe;C:\Program Files\WinRAR;Win32.Virut.56;Cured.;
Uninstall.exe;C:\Program Files\WinRAR;Win32.Virut.56;Cured.;
UnRAR.exe;C:\Program Files\WinRAR;Win32.Virut.56;Cured.;
WinRAR.exe;C:\Program Files\WinRAR;Win32.Virut.56;Cured.;
init32.exe.vir;C:\Qoobox\Quarantine\C\WINDOWS\system32;Win32.Virut.56;Cured.;
okieuuk.dll.vir;C:\Qoobox\Quarantine\C\WINDOWS\system32;Probably Trojan.Packed.196;Incurable.Moved.;
user32.dll.vir;C:\Qoobox\Quarantine\C\WINDOWS\system32;BackDoor.Zapinit;Cured.;
catchme.exe;C:\SDFix;Win32.Virut.56;Cured.;
Cghtme.exe;C:\SDFix\apps;Win32.Virut.56;Cured.;
cliptext.exe;C:\SDFix\apps;Win32.Virut.56;Cured.;
download.exe;C:\SDFix\apps;Win32.Virut.56;Cured.;
ERUNT.EXE;C:\SDFix\apps;Win32.Virut.56;Cured.;
FixPath.exe;C:\SDFix\apps;Win32.Virut.56;Cured.;
grep.exe;C:\SDFix\apps;Win32.Virut.56;Cured.;
isadmin.exe;C:\SDFix\apps;Win32.Virut.56;Cured.;
LS.exe;C:\SDFix\apps;Win32.Virut.56;Cured.;
MD5File.exe;C:\SDFix\apps;Win32.Virut.56;Cured.;
moveex.exe;C:\SDFix\apps;Win32.Virut.56;Cured.;
Process.exe;C:\SDFix\apps;Win32.Virut.56;Cured.;
Process.exe;C:\SDFix\apps;Tool.Prockill;Incurable.Moved.;
procs.exe;C:\SDFix\apps;Win32.Virut.56;Cured.;
psservice.exe;C:\SDFix\apps;Win32.Virut.56;Cured.;
RestartIt!.exe;C:\SDFix\apps;Win32.Virut.56;Cured.;
sc.exe;C:\SDFix\apps;Win32.Virut.56;Cured.;
sed.exe;C:\SDFix\apps;Win32.Virut.56;Cured.;
SF.exe;C:\SDFix\apps;Win32.Virut.56;Cured.;
shutdown.exe;C:\SDFix\apps;Win32.Virut.56;Cured.;
Swreg.exe;C:\SDFix\apps;Win32.Virut.56;Cured.;
swsc.exe;C:\SDFix\apps;Win32.Virut.56;Cured.;
UnRAR.exe;C:\SDFix\apps;Win32.Virut.56;Cured.;
unzip.exe;C:\SDFix\apps;Win32.Virut.56;Cured.;
vfind.exe;C:\SDFix\apps;Win32.Virut.56;Cured.;
WINMSG.EXE;C:\SDFix\apps;Win32.Virut.56;Cured.;
zip.exe;C:\SDFix\apps;Win32.Virut.56;Cured.;
regedit.exe;C:\SDFix\apps\Replace;Win32.Virut.56;Cured.;
Ivpsvmgr.exe;C:\TOSHIBA\ivp\ism;Win32.Virut.56;Cured.;
Netint.exe;C:\TOSHIBA\ivp\NetInt;Win32.Virut.56;Cured.;
csinstall.exe;C:\TOSHIBA\ivp\swupdate;Win32.Virut.56;Cured.;
swupdate.exe;C:\TOSHIBA\ivp\swupdate;Win32.Virut.56;Cured.;
UNWISE.EXE;C:\TOSHIBA\ivp\swupdate;Win32.Virut.56;Cured.;
TSysSMon.exe;C:\TOSHIBA\SysStability;Win32.Virut.56;Cured.;
UNWISE.EXE;C:\TOSHIBA\SysStability;Win32.Virut.56;Cured.;
agrsmdel.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
delmsbb.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
explorer(2).exe;C:\WINDOWS;Win32.Virut.56;Cured.;
fdsv.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
grep.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
hh.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
ieuninst.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
IsUninst.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
iun6002.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
muninst.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
nCASEUninstaller.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
NCUNINST.EXE;C:\WINDOWS;Win32.Virut.56;Cured.;
NIRCMD.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
notepad.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
oeuninst.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
Q330994.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
regedit.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
ScUnin.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
sed.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
setdebug.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
slrundll.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
ST4UNST.EXE;C:\WINDOWS;Win32.Virut.56;Cured.;
SWREG.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
SWSC.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
SWXCACLS.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
TASKMAN.EXE;C:\WINDOWS;Win32.Virut.56;Cured.;
twunk_32.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
uneng.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
uninst.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
unvise32.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
VFIND.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
War3Unin.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
winhlp32.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
zip.exe;C:\WINDOWS;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$hf_mig$\KB873333;Win32.Virut.56;Cured.;
update.exe;C:\WINDOWS\$hf_mig$\KB873333\update;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$hf_mig$\KB873339;Win32.Virut.56;Cured.;
update.exe;C:\WINDOWS\$hf_mig$\KB873339\update;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$hf_mig$\KB885250;Win32.Virut.56;Cured.;
update.exe;C:\WINDOWS\$hf_mig$\KB885250\update;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$hf_mig$\KB885835;Win32.Virut.56;Cured.;
update.exe;C:\WINDOWS\$hf_mig$\KB885835\update;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$hf_mig$\KB885836;Win32.Virut.56;Cured.;
update.exe;C:\WINDOWS\$hf_mig$\KB885836\update;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$hf_mig$\KB886185;Win32.Virut.56;Cured.;
update.exe;C:\WINDOWS\$hf_mig$\KB886185\update;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$hf_mig$\KB887472;Win32.Virut.56;Cured.;
msmsgs.exe;C:\WINDOWS\$hf_mig$\KB887472\SP2QFE;Win32.Virut.56;Cured.;
update.exe;C:\WINDOWS\$hf_mig$\KB887472\update;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$hf_mig$\KB887742;Win32.Virut.56;Cured.;
update.exe;C:\WINDOWS\$hf_mig$\KB887742\update;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$hf_mig$\KB888113;Win32.Virut.56;Cured.;
update.exe;C:\WINDOWS\$hf_mig$\KB888113\update;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$hf_mig$\KB888302;Win32.Virut.56;Cured.;
update.exe;C:\WINDOWS\$hf_mig$\KB888302\update;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$hf_mig$\KB890047;Win32.Virut.56;Cured.;
update.exe;C:\WINDOWS\$hf_mig$\KB890047\update;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$hf_mig$\KB890175;Win32.Virut.56;Cured.;
update.exe;C:\WINDOWS\$hf_mig$\KB890175\update;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$hf_mig$\KB891781;Win32.Virut.56;Cured.;
update.exe;C:\WINDOWS\$hf_mig$\KB891781\update;Win32.Virut.56;Cured.;
arpidfix.exe;C:\WINDOWS\$hf_mig$\KB893756\update;Win32.Virut.56;Cured.;
hh.exe;C:\WINDOWS\$hf_mig$\KB896358\SP2GDR;Win32.Virut.56;Cured.;
hh.exe;C:\WINDOWS\$hf_mig$\KB896358\SP2QFE;Win32.Virut.56;Cured.;
spoolsv.exe;C:\WINDOWS\$hf_mig$\KB896423\SP2GDR;Win32.Virut.56;Cured.;
spoolsv.exe;C:\WINDOWS\$hf_mig$\KB896423\SP2QFE;Win32.Virut.56;Cured.;
arpidfix.exe;C:\WINDOWS\$hf_mig$\KB896423\update;Win32.Virut.56;Cured.;
arpidfix.exe;C:\WINDOWS\$hf_mig$\KB896424\update;Win32.Virut.56;Cured.;
telnet.exe;C:\WINDOWS\$hf_mig$\KB896428\SP2GDR;Win32.Virut.56;Cured.;
telnet.exe;C:\WINDOWS\$hf_mig$\KB896428\SP2QFE;Win32.Virut.56;Cured.;
iedw.exe;C:\WINDOWS\$hf_mig$\KB896688\SP2QFE;Win32.Virut.56;Cured.;
arpidfix.exe;C:\WINDOWS\$hf_mig$\KB896688\update;Win32.Virut.56;Cured.;
iedw.exe;C:\WINDOWS\$hf_mig$\KB896727\SP2QFE;Win32.Virut.56;Cured.;
arpidfix.exe;C:\WINDOWS\$hf_mig$\KB896727\update;Win32.Virut.56;Cured.;
arpidfix.exe;C:\WINDOWS\$hf_mig$\KB899587\update;Win32.Virut.56;Cured.;
arpidfix.exe;C:\WINDOWS\$hf_mig$\KB899588\update;Win32.Virut.56;Cured.;
arpidfix.exe;C:\WINDOWS\$hf_mig$\KB899591\update;Win32.Virut.56;Cured.;
arpidfix.exe;C:\WINDOWS\$hf_mig$\KB900725\update;Win32.Virut.56;Cured.;
arpidfix.exe;C:\WINDOWS\$hf_mig$\KB901017\update;Win32.Virut.56;Cured.;
migregdb.exe;C:\WINDOWS\$hf_mig$\KB902400\SP2QFE;Win32.Virut.56;Cured.;
arpidfix.exe;C:\WINDOWS\$hf_mig$\KB902400\update;Win32.Virut.56;Cured.;
arpidfix.exe;C:\WINDOWS\$hf_mig$\KB904706\update;Win32.Virut.56;Cured.;
arpidfix.exe;C:\WINDOWS\$hf_mig$\KB905414\update;Win32.Virut.56;Cured.;
arpidfix.exe;C:\WINDOWS\$hf_mig$\KB905749\update;Win32.Virut.56;Cured.;
iedw.exe;C:\WINDOWS\$hf_mig$\KB905915\SP2QFE;Win32.Virut.56;Cured.;
verclsid.exe;C:\WINDOWS\$hf_mig$\KB908531\SP2QFE;Win32.Virut.56;Cured.;
iedw.exe;C:\WINDOWS\$hf_mig$\KB912812\SP2QFE;Win32.Virut.56;Cured.;
iedw.exe;C:\WINDOWS\$hf_mig$\KB916281\SP2QFE;Win32.Virut.56;Cured.;
iedw.exe;C:\WINDOWS\$hf_mig$\KB918899\SP2QFE;Win32.Virut.56;Cured.;
agentsvr.exe;C:\WINDOWS\$hf_mig$\KB920213\SP2QFE;Win32.Virut.56;Cured.;
fltmc.exe;C:\WINDOWS\$hf_mig$\KB922582\SP2QFE;Win32.Virut.56;Cured.;
iedw.exe;C:\WINDOWS\$hf_mig$\KB922760\SP2QFE;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE;Win32.Virut.56;Cured.;
ieudinit.exe;C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE;Win32.Virut.56;Cured.;
iexplore.exe;C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE;Win32.Virut.56;Cured.;
tzchange.exe;C:\WINDOWS\$hf_mig$\KB931836\SP2QFE;Win32.Virut.56;Cured.;
tzchange.exe;C:\WINDOWS\$hf_mig$\KB933360\SP2QFE;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE;Win32.Virut.56;Cured.;
ieudinit.exe;C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE;Win32.Virut.56;Cured.;
iexplore.exe;C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE;Win32.Virut.56;Cured.;
ieudinit.exe;C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE;Win32.Virut.56;Cured.;
iexplore.exe;C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE;Win32.Virut.56;Cured.;
explorer.exe;C:\WINDOWS\$hf_mig$\KB938828\SP2QFE;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE;Win32.Virut.56;Cured.;
ieudinit.exe;C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE;Win32.Virut.56;Cured.;
iexplore.exe;C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE;Win32.Virut.56;Cured.;
ieudinit.exe;C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE;Win32.Virut.56;Cured.;
iexplore.exe;C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE;Win32.Virut.56;Cured.;
tzchange.exe;C:\WINDOWS\$hf_mig$\KB942763\SP2QFE;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE;Win32.Virut.56;Cured.;
ieudinit.exe;C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE;Win32.Virut.56;Cured.;
iexplore.exe;C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE;Win32.Virut.56;Cured.;
ieudinit.exe;C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE;Win32.Virut.56;Cured.;
iexplore.exe;C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE;Win32.Virut.56;Cured.;
ieudinit.exe;C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE;Win32.Virut.56;Cured.;
iexplore.exe;C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE;Win32.Virut.56;Cured.;
tzchange.exe;C:\WINDOWS\$hf_mig$\KB951072-v2\SP2QFE;Win32.Virut.56;Cured.;
tzchange.exe;C:\WINDOWS\$hf_mig$\KB951072-v2\SP3GDR;Win32.Virut.56;Cured.;
tzchange.exe;C:\WINDOWS\$hf_mig$\KB951072-v2\SP3QFE;Win32.Virut.56;Cured.;
cscript.exe;C:\WINDOWS\$hf_mig$\KB951978\SP3QFE;Win32.Virut.56;Cured.;
wscript.exe;C:\WINDOWS\$hf_mig$\KB951978\SP3QFE;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE;Win32.Virut.56;Cured.;
ieudinit.exe;C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE;Win32.Virut.56;Cured.;
iexplore.exe;C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE;Win32.Virut.56;Cured.;
tzchange.exe;C:\WINDOWS\$hf_mig$\KB955839\SP2QFE;Win32.Virut.56;Cured.;
tzchange.exe;C:\WINDOWS\$hf_mig$\KB955839\SP3GDR;Win32.Virut.56;Cured.;
tzchange.exe;C:\WINDOWS\$hf_mig$\KB955839\SP3QFE;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE;Win32.Virut.56;Cured.;
ieudinit.exe;C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\$hf_mig$\KB958215-IE7\SP2QFE;Win32.Virut.56;Cured.;
ieudinit.exe;C:\WINDOWS\$hf_mig$\KB958215-IE7\SP2QFE;Win32.Virut.56;Cured.;
msiexec.exe;C:\WINDOWS\$MSI31Uninstall_KB893803v2$;Win32.Virut.56;Cured.;
accwiz.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
actmovie.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
admin.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
agentsvr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ahui.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
alg.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
at.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
atmadm.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
attrib.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
auditusr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
author.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
blastcln.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
cacls.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
cfgwiz.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
cisvc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
cleanmgr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
cliconfg.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
clipbrd.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
clipsrv.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
cmd.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
cmdl32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
cmmon32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
cmstp.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
comrepl.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
comrereg.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
conf.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
conime.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
cscript.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ctfmon.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dcomcnfg.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ddeshare.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
defrag.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dfrgfat.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dfrgntfs.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dialer.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
diantz.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
diskpart.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dlimport.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dllhost.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dmadmin.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dmremote.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dplaysvr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dpnsvr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dpvsetup.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dumprep.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dvdupgrd.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dwwin.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
dxdiag.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
eudcedit.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
evntcmd.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
evntwin.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
explorer.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
extrac32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
faxpatch.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
findstr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
fltmc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
fontview.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
forcedos.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
fp98sadm.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
fp98swin.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
fpadmcgi.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
fpcount.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
fpremadm.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
fpsrvadm.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
fsquirt.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ftp.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
fxsclnt.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
fxscover.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
fxssvc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
grpconv.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
help.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
helpctr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
helpsvc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
hh.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
hscupd.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
icwconn1.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
icwconn2.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
icwrmind.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
iedw.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
iexplore.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
iexpress.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
imapi.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
inetwiz.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ipconfig.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ipv6.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ipxroute.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
irftp.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
locator.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
logman.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
logon.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
logonui.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
lsass.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
magnify.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
makecab.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
migload.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
migregdb.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
migwiz.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
mmc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
mnmsrvc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
mobsync.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
mofcomp.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
moviemk.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
mplay32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
mplayer2.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
msconfig.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
msdtc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
mshta.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
msiexec.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
msimn.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
msiregmv.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
msmsgs.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
msoobe.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
mspaint.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
mstinit.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
mstsc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
muisetup.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
narrator.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
nddeapir.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
net.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
net1.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
netdde.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
netsetup.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
netsh.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
netstat.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
notepad.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
nppagent.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
nslookup.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ntvdm.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
odbcad32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
odbcconf.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
oemig50.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
oobebaln.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
osk.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
packager.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
perfmon.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
pinball.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ping.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
pintlphr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
powercfg.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
progman.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
proquota.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
proxycfg.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
qprocess.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
rasphone.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
rcimlby.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
rcp.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
rdpclip.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
rdsaddin.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
rdshost.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
reg.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
regedit.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
regsvr32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
rexec.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
rsh.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
rstrui.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
rtcshare.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
rundll32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
runonce.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
savedump.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
scardsvr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
scrcons.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
scrnsave.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
sdbinst.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
services.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
sessmgr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
sethc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
setup.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
setup50.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
shmgrate.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
shrpubw.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
shtml.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
shutdown.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
sigverif.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
skeys.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
slrundll.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
slserv.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
smbinst.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
smi2smir.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
smlogsvc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
sndrec32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
snmp.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
snmptrap.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
sort.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
spdwnwxp.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
spider.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
spnpinst.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
spoolsv.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
spupdwxp.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ss3dfo.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ssbezier.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ssflwbox.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ssmarque.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ssmypics.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ssmyst.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
sspipes.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ssstars.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
sstext3d.scr;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
stimon.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
stub_fpsrvadm.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
stub_fpsrvwin.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
svchost.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
sysocmgr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
taskmgr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
tcptest.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
telnet.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
tourstart.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
tourstrt.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
tp4mon.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
tracert.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
tzchange.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
uploadm.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
upnpcont.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
ups.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
userinit.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
utilman.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
verclsid.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
vssvc.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wab.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wabmig.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wbemtest.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wextract.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wiaacmgr.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
winhlp32.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
winlogon.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
winver.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wmiadap.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wmiapsrv.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wmiprvse.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wordpad.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wpabaln.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wpnpinst.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wscntfy.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wscript.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wuauclt.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
wuauclt1.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
xcopy.exe;C:\WINDOWS\$NtServicePackUninstall$;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB810217$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB821557$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB823182$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB823559$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB823980$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB824105$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB824141$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB824146$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB825119$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB828028$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB828035$\spuninst;Win32.Virut.56;Cured.;
comrepl.exe;C:\WINDOWS\$NtUninstallKB828741$;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB828741$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB833987$\spuninst;Win32.Virut.56;Cured.;
helpctr.exe;C:\WINDOWS\$NtUninstallKB835732$;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB835732$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB837001$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB839643$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB839645$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB840315$\spuninst;Win32.Virut.56;Cured.;
helpctr.exe;C:\WINDOWS\$NtUninstallKB840374$;Win32.Virut.56;Cured.;
hscupd.exe;C:\WINDOWS\$NtUninstallKB840374$;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB840374$\spuninst;Win32.Virut.56;Cured.;
ntvdm.exe;C:\WINDOWS\$NtUninstallKB840987$;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB840987$\spuninst;Win32.Virut.56;Cured.;
grpconv.exe;C:\WINDOWS\$NtUninstallKB841356$;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB841356$\spuninst;Win32.Virut.56;Cured.;
netdde.exe;C:\WINDOWS\$NtUninstallKB841533$;Win32.Virut.56;Cured.;
winlogon.exe;C:\WINDOWS\$NtUninstallKB841533$;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB841533$\spuninst;Win32.Virut.56;Cured.;
mstinit.exe;C:\WINDOWS\$NtUninstallKB841873$;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB841873$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB842773$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB871250$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB873333$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB873333_0$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB873339$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB873339_0$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB873376$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB885250$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB885250_0$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB885835$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB885835_0$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB885836$\spuninst;Win32.Virut.56;Cured.;
wordpad.exe;C:\WINDOWS\$NtUninstallKB885836_0$;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB885836_0$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB885884$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB886185$\spuninst;Win32.Virut.56;Cured.;
msmsgs.exe;C:\WINDOWS\$NtUninstallKB887472$;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB887472$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB887742$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB888113$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB888113_0$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB888302$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB888302_0$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB890047$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB890047_0$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB890175$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB890175_0$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB891711$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB891781$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallKB891781_0$\spuninst;Win32.Virut.56;Cured.;
hh.exe;C:\WINDOWS\$NtUninstallKB896358$;Win32.Virut.56;Cured.;
hh.exe;C:\WINDOWS\$NtUninstallKB896358_0$;Win32.Virut.56;Cured.;
spoolsv.exe;C:\WINDOWS\$NtUninstallKB896423$;Win32.Virut.56;Cured.;
spoolsv.exe;C:\WINDOWS\$NtUninstallKB896423_0$;Win32.Virut.56;Cured.;
telnet.exe;C:\WINDOWS\$NtUninstallKB896428$;Win32.Virut.56;Cured.;
telnet.exe;C:\WINDOWS\$NtUninstallKB896428_0$;Win32.Virut.56;Cured.;
iedw.exe;C:\WINDOWS\$NtUninstallKB896688$;Win32.Virut.56;Cured.;
iedw.exe;C:\WINDOWS\$NtUninstallKB896727$;Win32.Virut.56;Cured.;
orun32.exe;C:\WINDOWS\$NtUninstallKB898458$;Win32.Virut.56;Cured.;
iedw.exe;C:\WINDOWS\$NtUninstallKB905915$;Win32.Virut.56;Cured.;
iedw.exe;C:\WINDOWS\$NtUninstallKB912812$;Win32.Virut.56;Cured.;
iedw.exe;C:\WINDOWS\$NtUninstallKB916281$;Win32.Virut.56;Cured.;
iedw.exe;C:\WINDOWS\$NtUninstallKB918899$;Win32.Virut.56;Cured.;
agentsvr.exe;C:\WINDOWS\$NtUninstallKB920213$;Win32.Virut.56;Cured.;
fltmc.exe;C:\WINDOWS\$NtUninstallKB922582$;Win32.Virut.56;Cured.;
iedw.exe;C:\WINDOWS\$NtUninstallKB922760$;Win32.Virut.56;Cured.;
orun32.exe;C:\WINDOWS\$NtUninstallKB923723$;Win32.Virut.56;Cured.;
tzchange.exe;C:\WINDOWS\$NtUninstallKB933360$;Win32.Virut.56;Cured.;
explorer.exe;C:\WINDOWS\$NtUninstallKB938828$;Win32.Virut.56;Cured.;
unregmp2.exe;C:\WINDOWS\$NtUninstallKB939683$;Win32.Virut.56;Cured.;
tzchange.exe;C:\WINDOWS\$NtUninstallKB942763$;Win32.Virut.56;Cured.;
tzchange.exe;C:\WINDOWS\$NtUninstallKB951072-v2$;Win32.Virut.56;Cured.;
cscript.exe;C:\WINDOWS\$NtUninstallKB951978$;Win32.Virut.56;Cured.;
wscript.exe;C:\WINDOWS\$NtUninstallKB951978$;Win32.Virut.56;Cured.;
logagent.exe;C:\WINDOWS\$NtUninstallKB952069_WM9$;Win32.Virut.56;Cured.;
tzchange.exe;C:\WINDOWS\$NtUninstallKB955839$;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallQ327979$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallQ328310$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallQ329048$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallq329112$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallQ329115$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallQ329170$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallQ329390$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallQ329441$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallQ329834$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallQ331953$\spuninst;Win32.Virut.56;Cured.;
accwiz.exe;C:\WINDOWS\$NtUninstallQ810565$;Win32.Virut.56;Cured.;
magnify.exe;C:\WINDOWS\$NtUninstallQ810565$;Win32.Virut.56;Cured.;
migwiz.exe;C:\WINDOWS\$NtUninstallQ810565$;Win32.Virut.56;Cured.;
narrator.exe;C:\WINDOWS\$NtUninstallQ810565$;Win32.Virut.56;Cured.;
osk.exe;C:\WINDOWS\$NtUninstallQ810565$;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallQ810565$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallQ810577$\spuninst;Win32.Virut.56;Cured.;
locator.exe;C:\WINDOWS\$NtUninstallQ810833$;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallQ810833$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallQ811493$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallQ814033$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallQ815021$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallQ817287$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallQ817606$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallQ819696$\spuninst;Win32.Virut.56;Cured.;
spuninst.exe;C:\WINDOWS\$NtUninstallQ828026$\spuninst;Win32.Virut.56;Cured.;
logagent.exe;C:\WINDOWS\$NtUninstallWMFDist11$;Win32.Virut.56;Cured.;
uwdf.exe;C:\WINDOWS\$NtUninstallWMFDist11$;Win32.Virut.56;Cured.;
wdfmgr.exe;C:\WINDOWS\$NtUninstallWMFDist11$;Win32.Virut.56;Cured.;
wmsetsdk.exe;C:\WINDOWS\$NtUninstallWMFDist11$;Win32.Virut.56;Cured.;
setup_wm.exe;C:\WINDOWS\$NtUninstallwmp11$;Win32.Virut.56;Cured.;
unregmp2.exe;C:\WINDOWS\$NtUninstallwmp11$;Win32.Virut.56;Cured.;
wmlaunch.exe;C:\WINDOWS\$NtUninstallwmp11$;Win32.Virut.56;Cured.;
wmpenc.exe;C:\WINDOWS\$NtUninstallwmp11$;Win32.Virut.56;Cured.;
wmplayer.exe;C:\WINDOWS\$NtUninstallwmp11$;Win32.Virut.56;Cured.;
iTunesSetup.exe;C:\WINDOWS\Downloaded Installations\{54C0D94A-F467-4ABC-9D02-6E58748668D4};Win32.Virut.56;Cured.;
bridge.dll;C:\WINDOWS\Downloaded Program Files;Trojan.Briss;Deleted.;
TEST.OCX;C:\WINDOWS\Downloaded Program Files;Trojan.DownLoader.22528;Deleted.;
ERDNT.EXE;C:\WINDOWS\ERDNT\subs;Win32.Virut.56;Cured.;
orun32.exe;C:\WINDOWS\Help\SBSI\Training;Win32.Virut.56;Cured.;
ounins32_s.exe;C:\WINDOWS\Help\SBSI\Training;Win32.Virut.56;Cured.;
usersid.exe;C:\WINDOWS\Help\SBSI\Training;Win32.Virut.56;Cured.;
EXPAND.EXE;C:\WINDOWS\I386;Win32.Virut.56;Cured.;
NETSETUP.EXE;C:\WINDOWS\I386;Win32.Virut.56;Cured.;
NTSD.EXE;C:\WINDOWS\I386;Win32.Virut.56;Cured.;
REGEDIT.EXE;C:\WINDOWS\I386;Win32.Virut.56;Cured.;
SYSPARSE.EXE;C:\WINDOWS\I386;Win32.Virut.56;Cured.;
TELNET.EXE;C:\WINDOWS\I386;Win32.Virut.56;Cured.;
WINNT32.EXE;C:\WINDOWS\I386;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\ie7;Win32.Virut.56;Cured.;
iedw.exe;C:\WINDOWS\ie7;Win32.Virut.56;Cured.;
iexplore.exe;C:\WINDOWS\ie7;Win32.Virut.56;Cured.;
mshta.exe;C:\WINDOWS\ie7;Win32.Virut.56;Cured.;
ieResetIcons.exe;C:\WINDOWS\ie7\spuninst;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\ie7updates\KB928090-IE7;Win32.Virut.56;Cured.;
ieudinit.exe;C:\WINDOWS\ie7updates\KB928090-IE7;Win32.Virut.56;Cured.;
iexplore.exe;C:\WINDOWS\ie7updates\KB928090-IE7;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\ie7updates\KB931768-IE7;Win32.Virut.56;Cured.;
ieudinit.exe;C:\WINDOWS\ie7updates\KB931768-IE7;Win32.Virut.56;Cured.;
iexplore.exe;C:\WINDOWS\ie7updates\KB931768-IE7;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\ie7updates\KB933566-IE7;Win32.Virut.56;Cured.;
ieudinit.exe;C:\WINDOWS\ie7updates\KB933566-IE7;Win32.Virut.56;Cured.;
iexplore.exe;C:\WINDOWS\ie7updates\KB933566-IE7;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\ie7updates\KB937143-IE7;Win32.Virut.56;Cured.;
ieudinit.exe;C:\WINDOWS\ie7updates\KB937143-IE7;Win32.Virut.56;Cured.;
iexplore.exe;C:\WINDOWS\ie7updates\KB937143-IE7;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\ie7updates\KB939653-IE7;Win32.Virut.56;Cured.;
ieudinit.exe;C:\WINDOWS\ie7updates\KB939653-IE7;Win32.Virut.56;Cured.;
iexplore.exe;C:\WINDOWS\ie7updates\KB939653-IE7;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\ie7updates\KB942615-IE7;Win32.Virut.56;Cured.;
ieudinit.exe;C:\WINDOWS\ie7updates\KB942615-IE7;Win32.Virut.56;Cured.;
iexplore.exe;C:\WINDOWS\ie7updates\KB942615-IE7;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\ie7updates\KB944533-IE7;Win32.Virut.56;Cured.;
ieudinit.exe;C:\WINDOWS\ie7updates\KB944533-IE7;Win32.Virut.56;Cured.;
iexplore.exe;C:\WINDOWS\ie7updates\KB944533-IE7;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\ie7updates\KB947864-IE7;Win32.Virut.56;Cured.;
ieudinit.exe;C:\WINDOWS\ie7updates\KB947864-IE7;Win32.Virut.56;Cured.;
iexplore.exe;C:\WINDOWS\ie7updates\KB947864-IE7;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\ie7updates\KB950759-IE7;Win32.Virut.56;Cured.;
ieudinit.exe;C:\WINDOWS\ie7updates\KB950759-IE7;Win32.Virut.56;Cured.;
iexplore.exe;C:\WINDOWS\ie7updates\KB950759-IE7;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\ie7updates\KB953838-IE7;Win32.Virut.56;Cured.;
ieudinit.exe;C:\WINDOWS\ie7updates\KB953838-IE7;Win32.Virut.56;Cured.;
iexplore.exe;C:\WINDOWS\ie7updates\KB953838-IE7;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\ie7updates\KB956390-IE7;Win32.Virut.56;Cured.;
ieudinit.exe;C:\WINDOWS\ie7updates\KB956390-IE7;Win32.Virut.56;Cured.;
iexplore.exe;C:\WINDOWS\ie7updates\KB956390-IE7;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\ie7updates\KB958215-IE7;Win32.Virut.56;Cured.;
ieudinit.exe;C:\WINDOWS\ie7updates\KB958215-IE7;Win32.Virut.56;Cured.;
cplexe.exe;C:\WINDOWS\ime\imjp8_1;Win32.Virut.56;Cured.;
imjpdadm.exe;C:\WINDOWS\ime\imjp8_1;Win32.Virut.56;Cured.;
imjpdct.exe;C:\WINDOWS\ime\imjp8_1;Win32.Virut.56;Cured.;
imjpdsvr.exe;C:\WINDOWS\ime\imjp8_1;Win32.Virut.56;Cured.;
imjpinst.exe;C:\WINDOWS\ime\imjp8_1;Win32.Virut.56;Cured.;
imjpmig.exe;C:\WINDOWS\ime\imjp8_1;Win32.Virut.56;Cured.;
imjprw.exe;C:\WINDOWS\ime\imjp8_1;Win32.Virut.56;Cured.;
imjpuex.exe;C:\WINDOWS\ime\imjp8_1;Win32.Virut.56;Cured.;
imjputy.exe;C:\WINDOWS\ime\imjp8_1;Win32.Virut.56;Cured.;
imekrmig.exe;C:\WINDOWS\ime\imkr6_1;Win32.Virut.56;Cured.;
imkrinst.exe;C:\WINDOWS\ime\imkr6_1;Win32.Virut.56;Cured.;
imepadsv.exe;C:\WINDOWS\ime\shared;Win32.Virut.56;Cured.;
places.exe;C:\WINDOWS\Installer\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227};Win32.Virut.56;Cured.;
icon.exe;C:\WINDOWS\Installer\{37477865-A3F1-4772-AD43-AAFC6BCFF99F};Win32.Virut.56;Cured.;
ARPICON.exe;C:\WINDOWS\Installer\{388C130B-0079-46B4-A0D5-DC2DD7A89A7B};Win32.Virut.56;Cured.;
liteico.exe.827545C6_7013_4DE1_8E6C_DAEE4C57F54A.exe;C:\WINDOWS\Installer\{388C130B-0079-46B4-A0D5-DC2DD7A89A7B};Win32.Virut.56;Cured.;
pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe;C:\WINDOWS\Installer\{388C130B-0079-46B4-A0D5-DC2DD7A89A7B};Win32.Virut.56;Cured.;
pncico.exe.C76E2E86_AE54_4AF5_997C_63EBB83C7651.exe;C:\WINDOWS\Installer\{388C130B-0079-46B4-A0D5-DC2DD7A89A7B};Win32.Virut.56;Cured.;
NewShortcut4_8C3BCD70236347B8A53EEE8A82FD5C78.exe;C:\WINDOWS\Installer\{54C0D94A-F467-4ABC-9D02-6E58748668D4};Win32.Virut.56;Cured.;
cagicon.76D90421_D2BE_11D2_99FF_0060B0EC3D2E.exe;C:\WINDOWS\Installer\{56364334-9530-11D2-BFFC-00C04FA329AA};Win32.Virut.56;Cured.;
D0684E39.exe;C:\WINDOWS\Installer\{56364334-9530-11D2-BFFC-00C04FA329AA};Win32.Virut.56;Cured.;
_85BA426DBE00_44A3_969E_C7BDF2F6C986.exe;C:\WINDOWS\Installer\{764D06D8-D8DE-411E-A1C8-D9E9380F8A84};Win32.Virut.56;Cured.;
_A003BF363149_4FEF_8E7E_E9C39A5B9A96.exe;C:\WINDOWS\Installer\{764D06D8-D8DE-411E-A1C8-D9E9380F8A84};Win32.Virut.56;Cured.;
_D545A9F0ED09_444B_A962_2628559DCDE6.exe;C:\WINDOWS\Installer\{764D06D8-D8DE-411E-A1C8-D9E9380F8A84};Win32.Virut.56;Cured.;
icon.exe;C:\WINDOWS\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71};Win32.Virut.56;Cured.;
accicons.exe;C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9};Win32.Virut.56;Cured.;
fpicon.exe;C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9};Win32.Virut.56;Cured.;
outicon.exe;C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9};Win32.Virut.56;Cured.;
wordicon.exe;C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9};Win32.Virut.56;Cured.;
xlicons.exe;C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9};Win32.Virut.56;Cured.;
icon.exe;C:\WINDOWS\Installer\{C04E32E0-0416-434D-AFB9-6969D703A9EF};Win32.Virut.56;Cured.;
agentsvr.exe;C:\WINDOWS\msagent;Win32.Virut.56;Cured.;
helpctr.exe;C:\WINDOWS\PCHealth\HelpCtr\Binaries;Win32.Virut.56;Cured.;
HelpHost.exe;C:\WINDOWS\PCHealth\HelpCtr\Binaries;Win32.Virut.56;Cured.;
helpsvc.exe;C:\WINDOWS\PCHealth\HelpCtr\Binaries;Win32.Virut.56;Cured.;
hscupd.exe;C:\WINDOWS\PCHealth\HelpCtr\Binaries;Win32.Virut.56;Cured.;
msconfig.exe;C:\WINDOWS\PCHealth\HelpCtr\Binaries;Win32.Virut.56;Cured.;
notiflag.exe;C:\WINDOWS\PCHealth\HelpCtr\Binaries;Win32.Virut.56;Cured.;
uploadm.exe;C:\WINDOWS\PCHealth\UploadLB\Binaries;Win32.Virut.56;Cured.;
setup_wm.exe;C:\WINDOWS\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B};Win32.Virut.56;Cured.;
setup_wm.exe;C:\WINDOWS\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}$BACKUP$\System;Win32.Virut.56;Cured.;
dplaysvr.exe;C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C};Win32.Virut.56;Cured.;
dpnsvr.exe;C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C};Win32.Virut.56;Cured.;
dpvsetup.exe;C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C};Win32.Virut.56;Cured.;
dxdiag.exe;C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C};Win32.Virut.56;Cured.;
dxdllreg.exe;C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C};Win32.Virut.56;Cured.;
uwdf.exe;C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A};Win32.Virut.56;Cured.;
wdfmgr.exe;C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A};Win32.Virut.56;Cured.;
logagent.exe;C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170};Win32.Virut.56;Cured.;
logagent.exe;C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System;Win32.Virut.56;Cured.;
wmplayer.exe;C:\WINDOWS\RegisteredPackages\{B3C1B200-8F14-4C49-96D3-67425AD59914};Win32.Virut.56;Cured.;
migrate.exe;C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799};Win32.Virut.56;Cured.;
unregmp2.exe;C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799};Win32.Virut.56;Cured.;
wmlaunch.exe;C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799};Win32.Virut.56;Cured.;
wmpenc.exe;C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799};Win32.Virut.56;Cured.;
wmplayer.exe;C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799};Win32.Virut.56;Cured.;
migrate.exe;C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System;Win32.Virut.56;Cured.;
unregmp2.exe;C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System;Win32.Virut.56;Cured.;
wmplayer.exe;C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System;Win32.Virut.56;Cured.;
accwiz.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
actmovie.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
admin.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
agentsvr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ahui.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
alg.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
at.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
atmadm.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
attrib.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
auditusr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
author.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
blastcln.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
cacls.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
cfgwiz.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
cisvc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
cleanmgr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
cliconfg.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
clipbrd.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
clipsrv.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
cmd.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
cmdl32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
cmmon32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
cmstp.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
comrepl.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
comrereg.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
conf.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
conime.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
cscript.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ctfmon.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dcomcnfg.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ddeshare.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
defrag.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dfrgfat.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dfrgntfs.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dialer.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
diantz.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
diskpart.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dlimport.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dllhost.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dmadmin.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dmremote.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dplaysvr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dpnsvr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dpvsetup.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dumprep.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dvdupgrd.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dwwin.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
dxdiag.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
eudcedit.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
evntcmd.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
evntwin.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
explorer.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
extrac32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
faxpatch.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
findstr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
fltmc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
fontview.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
forcedos.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
fp98sadm.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
fp98swin.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
fpadmcgi.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
fpcount.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
fpremadm.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
fpsrvadm.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
fsquirt.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ftp.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
fxsclnt.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
fxscover.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
fxssvc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
grpconv.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
help.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
helpctr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
helpsvc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
hh.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
hscupd.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
icwconn1.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
icwconn2.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
icwrmind.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
iedw.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
iexplore.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
iexpress.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
imapi.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
inetwiz.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ipconfig.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ipv6.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ipxroute.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
irftp.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
lhmstsc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
locator.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
logagent.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
logman.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
logon.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
logonui.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
lsass.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
magnify.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
makecab.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
migload.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
migrate.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
migregdb.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
migwiz.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
migwiza.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
migwiz_a.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
mmc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
mmcperf.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
mnmsrvc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
mobsync.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
mofcomp.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
moviemk.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
mplay32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
mplayer2.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
msconfig.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
msdtc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
mshta.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
msiexec.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
msimn.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
msiregmv.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
msmsgs.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
msoobe.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
mspaint.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
mstinit.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
mstsc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
mtstocom.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
muisetup.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
napstat.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
narrator.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
nddeapir.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
net.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
net1.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
netdde.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
netsetup.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
netsh.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
netstat.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
notepad.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
nppagent.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
nslookup.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ntvdm.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
odbcad32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
odbcconf.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
oemig50.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
oobebaln.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
osk.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
packager.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
perfmon.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
pinball.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ping.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
powercfg.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
progman.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
proquota.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
proxycfg.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
qprocess.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
rasphone.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
rcimlby.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
rcp.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
rdpclip.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
rdsaddin.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
rdshost.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
reg.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
regedit.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
regsvr32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
rexec.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
rsh.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
rstrui.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
rtcshare.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
rundll32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
runonce.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
savedump.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
scardsvr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
scrcons.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
scrnsave.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
sdbinst.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
services.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
sessmgr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
sethc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
setup.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
setup50.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
setupn.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
setup_wm.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
shmgrate.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
shrpubw.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
shtml.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
shutdown.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
sigverif.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
skeys.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
slrundll.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
slserv.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
smbinst.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
smi2smir.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
smlogsvc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
sndrec32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
snmp.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
snmptrap.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
sort.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
spdwnwxp.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
spider.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
spnpinst.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
spoolsv.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
spupdwxp.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ss3dfo.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ssbezier.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ssflwbox.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ssmarque.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ssmypics.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ssmyst.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
sspipes.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ssstars.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
sstext3d.scr;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
stimon.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
stub_fpsrvadm.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
stub_fpsrvwin.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
svchost.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
sysocmgr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
taskmgr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
tcptest.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
telnet.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
tourstrt.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
tp4mon.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
tracert.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
tscupgrd.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
tzchange.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
unregmp2.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
uploadm.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
upnpcont.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
ups.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
userinit.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
utilman.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
verclsid.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
vssvc.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wab.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wabmig.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wbemtest.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wextract.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wiaacmgr.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
winhlp32.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
winlogon.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
winver.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wmiadap.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wmiapsrv.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wmiprvse.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wmplayer.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wordpad.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wpabaln.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wpnpinst.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wscntfy.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wscript.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wuauclt.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
wuauclt1.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
xcopy.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
xpnetdg.exe;C:\WINDOWS\ServicePackFiles\i386;Win32.Virut.56;Cured.;
cintsetp.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Virut.56;Cured.;
cplexe.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Virut.56;Cured.;
imjpdct.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Virut.56;Cured.;
imjpdsvr.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Virut.56;Cured.;
imjpinst.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Virut.56;Cured.;
imjpmig.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Virut.56;Cured.;
imjprw.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Virut.56;Cured.;
imjputy.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Virut.56;Cured.;
imscinst.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Virut.56;Cured.;
pintlphr.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Virut.56;Cured.;
tintlphr.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Virut.56;Cured.;
tintsetp.exe;C:\WINDOWS\ServicePackFiles\i386\lang;Win32.Virut.56;Cured.;
msmsgs.exe;C:\WINDOWS\ServicePackFiles\ServicePackCache\i386;Win32.Virut.56;Cured.;
ACT20.EXE;C:\WINDOWS\SUPPORT\TOOLS;Win32.Virut.56;Cured.;
FASTWIZ.EXE;C:\WINDOWS\SUPPORT\TOOLS;Win32.Virut.56;Cured.;
GBUNICNV.EXE;C:\WINDOWS\SUPPORT\TOOLS;Win32.Virut.56;Cured.;
MSRDPCLI.EXE;C:\WINDOWS\SUPPORT\TOOLS;Win32.Virut.56;Cured.;
SETUP.EXE;C:\WINDOWS\SUPPORT\TOOLS;Win32.Virut.56;Cured.;
1E.tmp;C:\WINDOWS\system32;Probably Trojan.Packed.196;Incurable.Moved.;
22.tmp;C:\WINDOWS\system32;Probably Trojan.Packed.196;Incurable.Moved.;
accwiz.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
actmovie.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ado.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ahui.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
alg(3).exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
alunotify.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
alunotify.exe;C:\WINDOWS\system32;Trojan.Spambot.2424;Deleted.;
arp.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
at.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
atmadm.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
attrib.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
auditusr.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
blastcln.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
bootok.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
bootvrfy.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
cacls.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
calc.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
charmap.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
chkdsk.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
chkntfs.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
cidaemon.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ckcnv.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
cleanmgr.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
CleanUp.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
cliconfg.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
clipbrd.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
clspack.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
cmd.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
cmdl32.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
cmmon32.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
cmstp.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
comp.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
compact.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
conime.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
control.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
convert.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
crrun32.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
cscript.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
cselect.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ctxsetup.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
dcomcnfg.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ddeshare.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
defrag.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
dfrgfat.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
dfrgntfs.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
diantz.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
diskpart.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
diskperf.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
DivXsm.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
dllhst3g.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
dmcpl.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
dmremote.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
doskey.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
dplaysvr.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
dpnsvr.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
dpvsetup.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
drmupgds.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
drwtsn32.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
DSndUp.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
dumprep.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
dvdplay.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
dvdupgrd.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
dwwin.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
dxdiag.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
dxdllreg.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
esentutl.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
eudcedit.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
eventvwr.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
expand.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
extrac32.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
faxpatch.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
fc.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
find.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
findstr.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
finger.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
fixmapi.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
fltmc.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
fnoohf;C:\WINDOWS\system32;BackDoor.Zapinit;Cured.;
fontview.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
forcedos.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
freecell.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
fsquirt.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
fsutil.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ftp.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
fxsclnt.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
fxscover.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
fxssend.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
g++.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
g++.exe;C:\WINDOWS\system32;Trojan.Spambot.2424;Deleted.;
grpconv.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
help.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
hostname.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
idag.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
idag.exe;C:\WINDOWS\system32;Trojan.Spambot.2424;Deleted.;
iexpress.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
Image.EXE;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ImapiRox.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
InsSec.scr;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
InsSecRc.scr;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ipconfig.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ipsec6.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ipv6.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ipxroute.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
irftp.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
IsUninst.Exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
java.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
javaw.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
javaws.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
jdbgmgr.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
jview.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
keystone.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
label.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
lights.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
lnkstub.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
lodctr.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
logagent.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
logman.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
logoff.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
lpq.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
lpr.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
lsass(3).exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
magnify.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
makecab.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
migpwd.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
mmc.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
mmcperf.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
mobsync.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
mountvol.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
mplay32.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
mpnotify.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
mrinfo.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
msfeedssync.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
msg.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
mshearts.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
mshta.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
mspaint.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
msswchx.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
mstinit.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
mstsc.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
napstat.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
narrator.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
nbtstat.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
nddeapir.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
net.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
net1.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
netsetup.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
netsh.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
netstat.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
notepad.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
nslookup.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ntvdm.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
odbcad32.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
odbcconf.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
osk.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
osuninst.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
packager.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
pathping.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
pentnt.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
perfmon.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ping.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ping6.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
powercfg.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
print.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
progman.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
proquota.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
Prounstl.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
proxycfg.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
qappsrv.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
qprocess.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
qwinsta.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rasautou.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rasdial.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rasphone.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rcimlby.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rcp.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rdpclip.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rdsaddin.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rdshost.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
recover.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
reg.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
regedt32.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
regini.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
regwiz.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
replace.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
reset.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rexec.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
route.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
routemon.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rsh.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rsm.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rsmsink.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rsmui.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rtcshare.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
runas.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
runonce.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
rwinsta.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
savedump.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
sc.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
scrnsave.scr;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
sdbinst.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
secupdat.dat;C:\WINDOWS\system32;Trojan.Spambot.4336;Deleted.;
sethc.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
setup.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
setupn.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
sfc.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
shadow.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
shrpubw.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
shutdown.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
sigverif.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
skeys.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
slrundll.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
slserv.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
smbinst.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
sndrec32.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
sndvol32.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
sol.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
sort.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
spdwnwxp.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
spider.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
spnpinst.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
spoolsv(2).exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
spupdwxp.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ss3dfo.scr;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ssbezier.scr;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ssflwbox.scr;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ssmarque.scr;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ssmypics.scr;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ssmyst.scr;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
sspipes.scr;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
ssstars.scr;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
sstext3d.scr;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
st5unst.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
stimon.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
subst.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
svchost(3).exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
syncapp.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
syskey.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
sysocmgr.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
systray.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
taskman.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
taskmgr.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tcleanup.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tcmsetup.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tcpsvcs.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
TDspBtn.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
telnet.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tftp.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tosmreg.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tourstart.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
TPWRDEL.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tracert.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tracert6.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tscon.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tscupgrd.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tsdiscon.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tskill.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tsshutdn.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tutildel.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
TWarnMsg.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
tzchange.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
unlodctr.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
upnpcont.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
usrmlnka.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
usrprbda.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
usrshuta.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
utilman.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
uwdf.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
verclsid.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
verifier.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
vssadmin.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
w32tm.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
wdfmgr.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
wextract.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
wiaacmgr.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
WinFXDocObj.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
winhlp32.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
winmine.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
winmsd.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
winver.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
wjview.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
wmpstub.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
wpabaln.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
wpdshextautoplay.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
wpnpinst.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
write.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
wscntfy.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
wscript.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
WudfHost.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
wupdmgr.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
xcopy.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
xpsp1hfm.exe;C:\WINDOWS\system32;Win32.Virut.56;Cured.;
_wvUlifCR.dll;C:\WINDOWS\system32;Probably Trojan.Packed.213;Incurable.Moved.;
comrepl.exe;C:\WINDOWS\system32\Com;Win32.Virut.56;Cured.;
comrereg.exe;C:\WINDOWS\system32\Com;Win32.Virut.56;Cured.;
718f[1].exe;C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\CNZNLTAB;Win32.Virut.56;Cured.;
718f[1].exe;C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\CNZNLTAB;Trojan.DownLoad.29164;Deleted.;
arp.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
bckgzm.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
bootok.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
bootvrfy.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
cb32.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
charmap.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
chkdsk.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
chkntfs.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
chkrzm.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
cidaemon.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
cintsetp.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
ckcnv.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
cmd.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
comp.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
compact.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
control.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
convert.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
cplexe.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
cscript.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
diskperf.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
dllhst3g.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
doskey.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
dvdplay.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
esentutl.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
eventvwr.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
expand.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
fc.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
find.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
finger.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
fixmapi.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
freecell.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
fsutil.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
fxssend.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
helphost.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
hostname.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
hrtzzm.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
ie4uinit.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
iedw.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
ieudinit.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
imekrmig.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
imepadsv.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
imjpdadm.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
imjpdct.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
imjpdsvr.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
imjpinst.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
imjpmig.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
imjprw.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
imjpuex.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
imjputy.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
imkrinst.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
imscinst.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
ipsec6.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
label.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
lights.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
lnkstub.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
lodctr.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
logagent.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
logoff.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
lpq.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
lpr.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
migrate.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
migwiz_a.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
mountvol.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
mplay32.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
mpnotify.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
mrinfo.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
msg.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
mshta.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
msswchx.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
nbtstat.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
notiflag.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
ntsd.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
osuninst.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
pathping.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
pentnt.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
ping6.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
pintlphr.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
print.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
qappsrv.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
qwinsta.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
rasautou.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
rasdial.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
recover.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
regedt32.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
regini.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
regwiz.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
replace.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
reset.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
route.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
routemon.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
rsm.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
rsmsink.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
rsmui.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
runas.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
rvsezm.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
rwinsta.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
sapisvr.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
sc.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
setup_wm.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
sfc.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
shadow.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
shvlzm.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
sndvol32.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
sol.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
srdiag.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
subst.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
syncapp.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
syskey.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
systray.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
taskman.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
tcmsetup.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
tcpsvcs.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
tftp.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
tintlphr.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
tintsetp.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
tracert6.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
tscon.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
tscupgrd.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
tsdiscon.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
tskill.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
tsshutdn.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
twunk_32.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
unlodctr.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
unregmp2.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
unsecapp.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
user32.dll;C:\WINDOWS\system32\dllcache;BackDoor.Zapinit;Cured.;
userinit.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
usrmlnka.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
usrprbda.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
usrshuta.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
verifier.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
vssadmin.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
w32tm.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
wb32.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
winhstb.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
winmgmt.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
winmine.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
winmsd.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
wmplayer.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
write.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
wscript.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
wupdmgr.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
zclientm.exe;C:\WINDOWS\system32\dllcache;Win32.Virut.56;Cured.;
cintsetp.exe;C:\WINDOWS\system32\IME\CINTLGNT;Win32.Virut.56;Cured.;
IMSCINST.EXE;C:\WINDOWS\system32\IME\PINTLGNT;Win32.Virut.56;Cured.;
pintlphr.exe;C:\WINDOWS\system32\IME\PINTLGNT;Win32.Virut.56;Cured.;
TINTLPHR.EXE;C:\WINDOWS\system32\IME\TINTLGNT;Win32.Virut.56;Cured.;
TINTSETP.EXE;C:\WINDOWS\system32\IME\TINTLGNT;Win32.Virut.56;Cured.;
SwInit.exe;C:\WINDOWS\system32\Macromed\Shockwave 10;Win32.Virut.56;Cured.;
UNWISE.EXE;C:\WINDOWS\system32\Macromed\Shockwave 10;Win32.Virut.56;Cured.;
nppagent.exe;C:\WINDOWS\system32\npp;Win32.Virut.56;Cured.;
msoobe.exe;C:\WINDOWS\system32\oobe;Win32.Virut.56;Cured.;
oobebaln.exe;C:\WINDOWS\system32\oobe;Win32.Virut.56;Cured.;
ToshibaCleanup.exe;C:\WINDOWS\system32\oobe\html\oemreg\bin;Win32.Virut.56;Cured.;
rstrui.exe;C:\WINDOWS\system32\Restore;Win32.Virut.56;Cured.;
srdiag.exe;C:\WINDOWS\system32\Restore;Win32.Virut.56;Cured.;
hpzcfg09.exe;C:\WINDOWS\system32\spool\drivers\w32x86\hpdeskjet_5600f8a2;Win32.Virut.56;Cured.;
hpzeng09.exe;C:\WINDOWS\system32\spool\drivers\w32x86\hpdeskjet_5600f8a2;Win32.Virut.56;Cured.;
hpzpre09.exe;C:\WINDOWS\system32\spool\drivers\w32x86\hpdeskjet_5600f8a2;Win32.Virut.56;Cured.;
hpzstc09.exe;C:\WINDOWS\system32\spool\drivers\w32x86\hpdeskjet_5600f8a2;Win32.Virut.56;Cured.;
hpzstw09.exe;C:\WINDOWS\system32\spool\drivers\w32x86\hpdeskjet_5600f8a2;Win32.Virut.56;Cured.;
hpztbu09.exe;C:\WINDOWS\system32\spool\drivers\w32x86\hpdeskjet_5600f8a2;Win32.Virut.56;Cured.;
hpztbx09.exe;C:\WINDOWS\system32\spool\drivers\w32x86\hpdeskjet_5600f8a2;Win32.Virut.56;Cured.;
migload.exe;C:\WINDOWS\system32\usmt;Win32.Virut.56;Cured.;
migwiz.exe;C:\WINDOWS\system32\usmt;Win32.Virut.56;Cured.;
migwiza.exe;C:\WINDOWS\system32\usmt;Win32.Virut.56;Cured.;
migwiz_a.exe;C:\WINDOWS\system32\usmt;Win32.Virut.56;Cured.;
mofcomp.exe;C:\WINDOWS\system32\wbem;Win32.Virut.56;Cured.;
scrcons.exe;C:\WINDOWS\system32\wbem;Win32.Virut.56;Cured.;
unsecapp.exe;C:\WINDOWS\system32\wbem;Win32.Virut.56;Cured.;
wbemtest.exe;C:\WINDOWS\system32\wbem;Win32.Virut.56;Cured.;
wmiadap.exe;C:\WINDOWS\system32\wbem;Win32.Virut.56;Cured.;
wmiprvse.exe;C:\WINDOWS\system32\wbem;Win32.Virut.56;Cured.;
TTCP.EXE;C:\WINDOWS\VALUEADD\MSFT\NET\TOOLS;Win32.Virut.56;Cured.;
LOADSTATE.EXE;C:\WINDOWS\VALUEADD\MSFT\USMT;Win32.Virut.56;Cured.;
SCANSTATE.EXE;C:\WINDOWS\VALUEADD\MSFT\USMT;Win32.Virut.56;Cured.;
SCANSTATE_A.EXE;C:\WINDOWS\VALUEADD\MSFT\USMT;Win32.Virut.56;Cured.;
SCANSTATE.EXE;C:\WINDOWS\VALUEADD\MSFT\USMT\ANSI;Win32.Virut.56;Cured.;
unwise32.exe;C:\WINDOWS\WNBackup\WnClient62;Win32.Virut.56;Cured.;
AUTORUN.EXE;C:\WORKSSETUP;Win32.Virut.56;Cured.;
SETUP.EXE;C:\WORKSSETUP;Win32.Virut.56;Cured.;
EQNEDT32.EXE;C:\WORKSSETUP\COMMON\MSSHARED\EQUATION;Win32.Virut.56;Cured.;
MSDRAW.EXE;C:\WORKSSETUP\COMMON\MSSHARED\MSDRAW;Win32.Virut.56;Cured.;
MSINFO32.EXE;C:\WORKSSETUP\COMMON\MSSHARED\MSINFO;Win32.Virut.56;Cured.;
PIOLCH.EXE;C:\WORKSSETUP\COMMON\MSSHARED\SHOEBOX;Win32.Virut.56;Cured.;
WKCALREM.EXE;C:\WORKSSETUP\COMMON\MSSHARED\WKSHARED;Win32.Virut.56;Cured.;
WKSCAL.EXE;C:\WORKSSETUP\COMMON\MSSHARED\WKSHARED;Win32.Virut.56;Cured.;
WRDART32.EXE;C:\WORKSSETUP\COMMON\MSSHARED\WORDART;Win32.Virut.56;Cured.;
MSWORKS.EXE;C:\WORKSSETUP\PFILES\MSWORKS;Win32.Virut.56;Cured.;
WKFUD.EXE;C:\WORKSSETUP\PFILES\MSWORKS;Win32.Virut.56;Cured.;
WKGDCACH.EXE;C:\WORKSSETUP\PFILES\MSWORKS;Win32.Virut.56;Cured.;
WKLNCKML.EXE;C:\WORKSSETUP\PFILES\MSWORKS;Win32.Virut.56;Cured.;
WKPDFSNF.EXE;C:\WORKSSETUP\PFILES\MSWORKS;Win32.Virut.56;Cured.;
WKPLMSTP.EXE;C:\WORKSSETUP\PFILES\MSWORKS;Win32.Virut.56;Cured.;
WKSAB.EXE;C:\WORKSSETUP\PFILES\MSWORKS;Win32.Virut.56;Cured.;
WKSDB.EXE;C:\WORKSSETUP\PFILES\MSWORKS;Win32.Virut.56;Cured.;
WKSPROJ.EXE;C:\WORKSSETUP\PFILES\MSWORKS;Win32.Virut.56;Cured.;
WKSSB.EXE;C:\WORKSSETUP\PFILES\MSWORKS;Win32.Virut.56;Cured.;
WKSSS.EXE;C:\WORKSSETUP\PFILES\MSWORKS;Win32.Virut.56;Cured.;
WKSWP.EXE;C:\WORKSSETUP\PFILES\MSWORKS;Win32.Virut.56;Cured.;
WKWCESTP.EXE;C:\WORKSSETUP\PFILES\MSWORKS;Win32.Virut.56;Cured.;
FIXPATH.EXE;C:\WORKSSETUP\PSS;Win32.Virut.56;Cured.;
IE6SETUP.EXE;C:\WORKSSETUP\REDIST\IE6;Win32.Virut.56;Cured.;

#12 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 18 February 2009 - 04:19 PM

FIXPATH.EXE;C:\WORKSSETUP\PSS;Win32.Virut.56;Cured.;


And Virut it is.. Lets do below first to find out how much damage it has done.. And DON'T forget to backup all your data as I said before..

Run AVZ and ComboFix and post/attach the log here...

Please zip your virusinfo_syscheck.htm before attach to here :thumbup2:

Edited by fenzodahl512, 18 February 2009 - 04:23 PM.

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#13 sblax2000

sblax2000
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:37 PM

Posted 18 February 2009 - 04:46 PM

Attached is the avz file, one more to go.

Attached Files



#14 sblax2000

sblax2000
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:37 PM

Posted 18 February 2009 - 05:08 PM

I tried to run combo fix from the cd, it asked to update and I did. I couldn't find the log file that is produced. Also, How do I remove the old combofix? There is no uninstaller?

Thanks.

#15 sblax2000

sblax2000
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:37 PM

Posted 18 February 2009 - 07:34 PM

ComboFix 09-02-17.02 - Ashleigh Day 2009-02-18 16:17:36.4 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.265 [GMT -8:00]
Running from: c:\combofix\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\userinit.exe . . . is infected!!

c:\windows\system32\spoolsv.exe . . . is infected!!

c:\windows\explorer.exe . . . is infected!!

.
((((((((((((((((((((((((( Files Created from 2009-01-19 to 2009-02-19 )))))))))))))))))))))))))))))))
.

2009-02-18 01:22 . 2009-02-18 10:40 <DIR> d-------- c:\documents and settings\Ashleigh Day\DoctorWeb
2009-02-16 23:36 . 2009-02-16 23:36 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-16 23:36 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-16 23:36 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-02-16 23:28 . 2009-02-16 23:29 81,931 --a------ c:\windows\system32\3E.tmp
2009-02-16 23:28 . 2009-02-16 23:28 88 --a------ c:\windows\system32\3C.tmp
2009-02-16 23:28 . 2009-02-16 23:28 1 --a------ c:\windows\system32\3D.tmp
2009-02-16 23:15 . 2002-09-25 06:09 140,800 --a------ c:\windows\system32\drivers\e100b325.sys
2009-02-16 23:15 . 2001-07-20 06:40 23,040 --a------ c:\windows\system32\IntelNic.dll
2009-02-16 23:15 . 2002-06-13 11:32 5,110 --a------ c:\windows\system32\e100b325.din
2009-02-16 23:06 . 2009-02-18 12:28 53,248 --a------ c:\windows\system32\Prounstl.exe
2009-02-11 17:19 . 2009-02-18 01:43 <DIR> d-------- C:\Avenger_new
2009-02-11 16:19 . 2009-02-11 16:19 164,708 --a------ c:\windows\system32\3A.tmp
2009-02-11 16:19 . 2009-02-11 16:19 24,577 --a------ c:\windows\system32\3B.tmp
2009-02-11 16:19 . 2009-02-11 16:19 128 --a------ c:\windows\system32\39.tmp
2009-02-11 16:14 . 2009-02-11 16:16 164,708 --a------ c:\windows\system32\38.tmp
2009-02-11 16:13 . 2009-02-11 16:14 128 --a------ c:\windows\system32\37.tmp
2009-02-11 16:10 . 2009-02-11 16:10 <DIR> d-------- C:\a93942ce21fe60e1442e
2009-02-11 15:58 . 2009-02-11 16:01 102,995 --a------ c:\windows\system32\36.tmp
2009-02-11 15:58 . 2009-02-11 15:58 128 --a------ c:\windows\system32\35.tmp
2009-02-11 15:30 . 2009-02-11 15:33 163,652 --a------ c:\windows\system32\2D.tmp
2009-02-11 15:30 . 2009-02-11 15:30 128 --a------ c:\windows\system32\24.tmp
2009-02-10 17:49 . 2009-02-10 17:49 88 --a------ c:\windows\system32\27.tmp
2009-02-10 17:45 . 2009-02-10 17:46 88 --a------ c:\windows\system32\20.tmp
2009-02-10 16:05 . 2009-02-10 16:05 88 --a------ c:\windows\system32\1F.tmp
2009-02-10 15:27 . 2009-02-10 15:27 88 --a------ c:\windows\system32\2B.tmp
2009-02-10 15:04 . 2009-02-10 15:04 88 --a------ c:\windows\system32\21.tmp
2009-02-10 15:01 . 2009-02-10 15:01 88 --a------ c:\windows\system32\14.tmp
2009-02-09 22:55 . 2009-02-09 22:55 0 --a------ c:\windows\system32\34.tmp
2009-02-09 22:53 . 2009-02-09 22:55 37,951 --a------ c:\windows\system32\2A.tmp
2009-02-09 22:53 . 2009-02-09 22:53 172 --a------ c:\windows\system32\28.tmp
2009-02-09 22:24 . 2009-02-09 22:24 0 --a------ c:\windows\system32\26.tmp
2009-02-09 22:22 . 2009-02-09 22:24 162,756 --a------ c:\windows\system32\13.tmp
2009-02-09 22:22 . 2009-02-09 22:22 172 --a------ c:\windows\system32\11.tmp
2009-02-09 22:18 . 2009-02-09 22:18 0 --a------ c:\windows\system32\1D.tmp
2009-02-09 19:33 . 2009-02-11 16:16 138,336 --a------ c:\windows\system32\drivers\ethwxizh.sys
2009-02-09 19:33 . 2009-02-11 16:16 138,336 --a------ c:\windows\system32\drivers\ethnnphb.sys
2009-02-09 19:33 . 2009-02-11 16:16 138,336 --a------ c:\windows\system32\drivers\ethgbyty.sys
2009-02-09 19:33 . 2009-02-11 16:16 138,336 --a------ c:\windows\system32\drivers\ethequfa.sys
2009-02-09 19:33 . 2009-02-11 16:16 138,336 --a------ c:\windows\system32\drivers\ethbmwyj.sys
2009-02-09 19:32 . 2009-02-11 16:16 138,336 --a------ c:\windows\system32\drivers\ethtwsvr.sys
2009-02-09 19:32 . 2009-02-11 16:16 138,336 --a------ c:\windows\system32\drivers\ethjqemx.sys
2009-02-09 19:32 . 2009-02-11 16:16 138,336 --a------ c:\windows\system32\drivers\ethfghfi.sys
2009-02-09 19:32 . 2009-02-11 16:16 138,336 --a------ c:\windows\system32\drivers\ethbsftc.sys
2009-02-09 19:32 . 2009-02-09 19:32 0 --a------ c:\windows\system32\1B.tmp
2009-02-09 19:22 . 2009-02-09 19:22 <DIR> d-------- c:\windows\system32\ZoneLabs
2009-02-09 19:22 . 2009-02-09 19:22 <DIR> d-------- c:\program files\Zone Labs
2009-02-09 19:22 . 2008-11-13 15:18 1,221,008 --a------ c:\windows\system32\zpeng25.dll
2009-02-09 19:21 . 2009-02-09 19:22 347,973 --a------ c:\windows\system32\vsconfig.xml
2009-02-09 17:55 . 2009-02-09 17:55 64,817 --a------ c:\windows\system32\30.tmp
2009-02-09 17:55 . 2009-02-09 17:55 172 --a------ c:\windows\system32\2E.tmp
2009-02-09 17:55 . 2009-02-09 17:55 0 --a------ c:\windows\system32\33.tmp
2009-02-09 17:54 . 2009-02-09 19:22 <DIR> d-------- c:\windows\Internet Logs
2009-02-09 17:48 . 2009-02-09 21:01 <DIR> d--h----- C:\$AVG8.VAULT$
2009-02-09 17:47 . 2009-02-09 17:47 64,817 --a------ c:\windows\system32\17.tmp
2009-02-09 17:47 . 2009-02-09 17:47 172 --a------ c:\windows\system32\15.tmp
2009-02-09 17:47 . 2009-02-09 17:47 0 --a------ c:\windows\system32\1A.tmp
2009-02-09 17:47 . 2009-02-09 17:47 0 --a------ c:\windows\system32\10.tmp
2009-02-09 15:49 . 2009-02-09 15:49 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Malwarebytes
2009-02-09 15:39 . 2003-01-29 14:49 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Symantec
2009-02-09 15:39 . 2003-01-29 16:15 <DIR> d-------- c:\documents and settings\Administrator\Application Data\InterVideo
2009-02-09 15:39 . 2003-01-29 14:00 <DIR> d-------- c:\documents and settings\Administrator\Application Data\InterTrust
2009-02-09 15:39 . 2003-01-29 14:41 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Drag'n Drop CD+DVD
2009-02-09 15:39 . 2009-02-09 17:04 <DIR> d-------- c:\documents and settings\Administrator
2009-02-09 15:25 . 2009-02-10 15:31 <DIR> d-------- c:\documents and settings\All Users\Application Data\avg8
2009-02-09 12:11 . 2009-02-09 12:11 <DIR> d-------- C:\rsit
2009-02-09 12:11 . 2009-02-09 12:11 <DIR> d-------- c:\program files\Windows Installer Clean Up
2009-02-09 12:10 . 2009-02-09 12:10 <DIR> d-------- c:\program files\MSECACHE
2009-02-09 12:06 . 2009-02-09 12:06 <DIR> d-------- c:\program files\spybot - search & destroy
2009-02-09 11:44 . 2008-11-06 02:03 <DIR> d-------- C:\SDFix
2009-02-05 15:35 . 2009-02-05 15:35 <DIR> d-------- c:\program files\Trend Micro
2009-02-05 14:57 . 2009-02-09 16:41 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2009-02-04 20:46 . 2009-02-04 20:47 <DIR> d-------- C:\Avenger_old
2009-02-03 19:20 . 2009-02-03 19:20 33,920 --a------ c:\windows\system32\drivers\thegboxt.sys
2009-02-03 19:17 . 2009-02-03 19:39 5 --a------ c:\windows\_id.dat
2009-02-03 19:16 . 2009-02-11 16:18 128 --a------ c:\windows\adobe.bat
2009-02-03 00:56 . 2009-02-03 00:52 578,560 --a------ c:\windows\system32\fnoohf
2009-02-03 00:55 . 2009-02-18 12:32 125,440 --a--c--- c:\windows\system32\dllcache\userinit.exe
2009-02-03 00:52 . 2009-02-03 00:52 <DIR> d-------- c:\documents and settings\NetworkService\Application Data\Intuit
2009-02-03 00:52 . 2009-02-03 00:52 578,560 --a--c--- c:\windows\system32\dllcache\user32.dll
2009-02-03 00:52 . 2009-02-03 01:02 77,312 --a------ c:\windows\system32\re3d.pf
2009-02-03 00:52 . 2009-02-03 01:02 32,768 --a------ c:\windows\system32\rer.wa
2009-02-03 00:52 . 2009-02-03 01:02 32,768 --a------ c:\windows\system32\qzhr1.ant
2009-02-03 00:52 . 2009-02-03 01:02 28,672 --a------ c:\windows\system32\do8d.sr
2009-02-03 00:52 . 2009-02-03 01:02 28,672 --a------ c:\windows\system32\dedwf.lp

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-18 20:45 --------- d-----w c:\program files\DAP
2009-02-18 20:30 77,824 -c--a-w c:\windows\system32\wmpstub.exe
2009-02-18 20:30 5,632 -c--a-w c:\windows\system32\write.exe
2009-02-18 20:30 32,256 -c--a-w c:\windows\system32\wupdmgr.exe
2009-02-18 20:30 32,256 ----a-w c:\windows\system32\wpabaln.exe
2009-02-18 20:30 30,720 ----a-w c:\windows\system32\xcopy.exe
2009-02-18 20:30 26,112 -c--a-w c:\windows\system32\xpsp1hfm.exe
2009-02-18 20:30 17,408 -c--a-w c:\windows\system32\wpdshextautoplay.exe
2009-02-18 20:30 155,648 ----a-w c:\windows\system32\wscript.exe
2009-02-18 20:30 146,432 -c--a-w c:\windows\system32\WudfHost.exe
2009-02-18 20:30 13,824 ----a-w c:\windows\system32\wscntfy.exe
2009-02-18 20:30 11,264 ----a-w c:\windows\system32\wpnpinst.exe
2009-02-18 20:28 9,728 -c--a-w c:\windows\system32\reset.exe
2009-02-18 20:27 9,728 -c--a-w c:\windows\system32\label.exe
2009-02-18 20:26 9,216 -c--a-w c:\windows\system32\finger.exe
2009-02-18 20:25 98,304 ----a-w c:\windows\system32\ahui.exe
2009-02-18 20:16 150,528 ----a-w c:\windows\PCHealth\UploadLB\Binaries\uploadm.exe
2009-02-18 20:15 99,840 -c--a-w c:\windows\PCHealth\HelpCtr\Binaries\HelpHost.exe
2009-02-18 20:15 769,024 ----a-w c:\windows\PCHealth\HelpCtr\Binaries\helpctr.exe
2009-02-18 20:15 744,448 ----a-w c:\windows\PCHealth\HelpCtr\Binaries\helpsvc.exe
2009-02-18 20:15 35,328 -c--a-w c:\windows\PCHealth\HelpCtr\Binaries\notiflag.exe
2009-02-18 20:15 18,432 ----a-w c:\windows\PCHealth\HelpCtr\Binaries\hscupd.exe
2009-02-18 20:15 169,984 ----a-w c:\windows\PCHealth\HelpCtr\Binaries\msconfig.exe
2009-02-18 19:56 49,152 -c--a-w c:\windows\Help\SBSI\Training\usersid.exe
2009-02-18 19:56 233,472 -c--a-w c:\windows\Help\SBSI\Training\ounins32_s.exe
2009-02-18 19:56 1,077,248 ----a-w c:\windows\Help\SBSI\Training\orun32.exe
2009-02-18 09:24 96,256 ----a-w c:\windows\system32\msiexec.exe
2009-02-18 09:23 75,264 ----a-w c:\windows\system32\locator.exe
2009-02-18 09:16 --------- d-----w c:\program files\Quicken
2009-02-18 09:15 --------- d-----w c:\program files\Trillian
2009-02-10 06:07 --------- d-----w c:\program files\Java
2009-02-10 04:13 --------- d-----w c:\program files\Kazaa Lite K++
2009-02-10 04:12 --------- d-----w c:\program files\Winamp
2009-02-10 00:41 --------- d-----w c:\program files\Lavasoft
2009-02-09 23:30 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec
2009-02-09 02:27 --------- d-----w c:\program files\Bonjour
2009-02-08 20:02 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-03 08:52 578,560 ----a-w c:\windows\system32\user32.DLL
2009-01-25 23:13 --------- d-----w c:\program files\Warcraft III
2008-12-30 22:52 --------- d-----w c:\documents and settings\Ashleigh Day\Application Data\Download Manager
2008-12-30 22:50 --------- d-----w c:\documents and settings\Ashleigh Day\Application Data\ICAClient
2008-12-30 22:43 --------- d-----w c:\program files\Citrix
2008-12-30 22:40 --------- d-----w c:\program files\CleanUp!
2008-12-30 22:40 --------- d-----w c:\documents and settings\Ashleigh Day\Application Data\Malwarebytes
2008-12-30 22:40 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2004-01-27 10:09 49,080 -c--a-w c:\documents and settings\Ashleigh Day\Application Data\GDIPFONTCACHEV1.DAT
2003-11-17 16:24 18,607 -c--a-w c:\program files\setuplog.txt
2002-04-19 04:57 41,232 ----a-w c:\program files\opera\program\plugins\icalogon.dll
2002-04-19 04:57 24,848 ----a-w c:\program files\opera\program\plugins\pscript.dll
2002-04-19 04:57 41,232 ----a-w c:\program files\opera\program\plugins\sslasock.dll
2002-04-19 04:57 41,232 ----a-w c:\program files\opera\program\plugins\sslsdk_b.dll
.

------- Sigcheck -------

2009-02-18 01:23 1051136 6c854de4834a3953c8c14d611e85d025 c:\windows\explorer.exe
2009-02-18 11:38 1033216 7b440dcdcd5b5e5af5197e72df44c627 c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
2009-02-18 11:43 1033216 14a0c5ae4cf9222341ae665b61ededc7 c:\windows\$NtServicePackUninstall$\explorer.exe
2009-02-18 11:50 1032192 03a80666eb7ce8cc447719b6bcda86b1 c:\windows\$NtUninstallKB938828$\explorer.exe
2009-02-18 12:19 1033728 a7944193d17a6a48a69650722f09dcab c:\windows\ServicePackFiles\i386\explorer.exe

2009-02-18 11:42 15360 ad10f9819a74a17f2ff09655429d64d1 c:\windows\$NtServicePackUninstall$\ctfmon.exe
2009-02-18 12:18 15360 3c9ce046bcfb2b457d9a4285285c4f86 c:\windows\ServicePackFiles\i386\ctfmon.exe
2009-02-18 01:23 32768 8641a27ac9cd3043802b763a4e480850 c:\windows\system32\ctfmon.exe

2009-02-18 11:35 57856 ffe4cf7a2ad2f155956afc9674a4cd53 c:\windows\$hf_mig$\KB896423\SP2GDR\spoolsv.exe
2009-02-18 11:35 57856 993c91e758e8cdd4c65aa1b0df3284c3 c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
2009-02-18 11:46 57856 28587f8bd5607ecd708cfac3175057e6 c:\windows\$NtServicePackUninstall$\spoolsv.exe
2009-02-18 11:48 57856 526e7aeb46f1ad23f7647ae748842ebd c:\windows\$NtUninstallKB896423$\spoolsv.exe
2009-02-18 11:48 51200 fb8e629fc11fb71364a617b9c9465ae1 c:\windows\$NtUninstallKB896423_0$\spoolsv.exe
2009-02-18 12:23 57856 c90f13f8c2a99639b2aed85720968b99 c:\windows\ServicePackFiles\i386\spoolsv.exe
2009-02-18 01:24 75264 d6c27c8d1af01d1c288865abc7088e9f c:\windows\system32\spoolsv.exe

2009-02-18 11:46 24576 14e199bcc03fd1ecfdcd3ba538a2bc15 c:\windows\$NtServicePackUninstall$\userinit.exe
2009-02-18 12:23 26112 1a0e1fcb406da42bbbaebb61408f72ae c:\windows\ServicePackFiles\i386\userinit.exe
2009-02-18 01:24 125440 529f443b06c0b6cef2841e1d4dc6b531 c:\windows\system32\userinit.exe
2009-02-18 12:32 125440 529f443b06c0b6cef2841e1d4dc6b531 c:\windows\system32\dllcache\userinit.exe
.
((((((((((((((((((((((((((((( SnapShot_2009-02-17_10.53.40.14 )))))))))))))))))))))))))))))))))))))))))
.
- 2004-12-01 04:22:42 187,392 -c--a-w c:\windows\$hf_mig$\KB873333\spuninst.exe
+ 2009-02-18 19:34:32 169,984 -c--a-w c:\windows\$hf_mig$\KB873333\spuninst.exe
- 2004-11-30 22:46:40 672,256 -c--a-w c:\windows\$hf_mig$\KB873333\update\update.exe
+ 2009-02-18 19:34:33 654,848 -c--a-w c:\windows\$hf_mig$\KB873333\update\update.exe
- 2004-10-14 18:36:18 187,392 -c--a-w c:\windows\$hf_mig$\KB873339\spuninst.exe
+ 2009-02-18 19:34:35 169,984 -c--a-w c:\windows\$hf_mig$\KB873339\spuninst.exe
- 2004-10-14 18:34:54 672,256 -c--a-w c:\windows\$hf_mig$\KB873339\update\update.exe
+ 2009-02-18 19:34:36 654,848 -c--a-w c:\windows\$hf_mig$\KB873339\update\update.exe
- 2004-12-01 04:22:42 187,392 -c--a-w c:\windows\$hf_mig$\KB885250\spuninst.exe
+ 2009-02-18 19:34:37 169,984 -c--a-w c:\windows\$hf_mig$\KB885250\spuninst.exe
- 2004-11-30 22:46:40 672,256 -c--a-w c:\windows\$hf_mig$\KB885250\update\update.exe
+ 2009-02-18 19:34:38 654,848 -c--a-w c:\windows\$hf_mig$\KB885250\update\update.exe
- 2004-10-14 19:36:18 187,392 -c--a-w c:\windows\$hf_mig$\KB885835\spuninst.exe
+ 2009-02-18 19:34:40 169,984 -c--a-w c:\windows\$hf_mig$\KB885835\spuninst.exe
- 2004-10-14 19:34:54 672,256 -c--a-w c:\windows\$hf_mig$\KB885835\update\update.exe
+ 2009-02-18 19:34:42 654,848 -c--a-w c:\windows\$hf_mig$\KB885835\update\update.exe
- 2004-10-14 19:36:18 187,392 -c--a-w c:\windows\$hf_mig$\KB885836\spuninst.exe
+ 2009-02-18 19:34:43 169,984 -c--a-w c:\windows\$hf_mig$\KB885836\spuninst.exe
- 2004-10-14 19:34:54 672,256 -c--a-w c:\windows\$hf_mig$\KB885836\update\update.exe
+ 2009-02-18 19:34:43 654,848 -c--a-w c:\windows\$hf_mig$\KB885836\update\update.exe
- 2004-10-14 18:36:16 187,392 -c--a-w c:\windows\$hf_mig$\KB886185\spuninst.exe
+ 2009-02-18 19:34:45 169,984 -c--a-w c:\windows\$hf_mig$\KB886185\spuninst.exe
- 2004-10-14 18:34:52 672,256 -c--a-w c:\windows\$hf_mig$\KB886185\update\update.exe
+ 2009-02-18 19:34:45 654,848 -c--a-w c:\windows\$hf_mig$\KB886185\update\update.exe
- 2004-10-13 16:21:24 1,711,616 -c--a-w c:\windows\$hf_mig$\KB887472\SP2QFE\msmsgs.exe
+ 2009-02-18 19:34:47 1,694,208 -c--a-w c:\windows\$hf_mig$\KB887472\SP2QFE\msmsgs.exe
- 2004-10-14 18:36:18 187,392 -c--a-w c:\windows\$hf_mig$\KB887472\spuninst.exe
+ 2009-02-18 19:34:47 169,984 -c--a-w c:\windows\$hf_mig$\KB887472\spuninst.exe
- 2004-10-14 18:34:54 672,256 -c--a-w c:\windows\$hf_mig$\KB887472\update\update.exe
+ 2009-02-18 19:34:48 654,848 -c--a-w c:\windows\$hf_mig$\KB887472\update\update.exe
- 2004-10-14 17:36:18 187,392 -c--a-w c:\windows\$hf_mig$\KB887742\spuninst.exe
+ 2009-02-18 19:34:49 169,984 -c--a-w c:\windows\$hf_mig$\KB887742\spuninst.exe
- 2004-10-14 17:34:54 672,256 -c--a-w c:\windows\$hf_mig$\KB887742\update\update.exe
+ 2009-02-18 19:34:50 654,848 -c--a-w c:\windows\$hf_mig$\KB887742\update\update.exe
- 2004-10-14 18:36:18 187,392 -c--a-w c:\windows\$hf_mig$\KB888113\spuninst.exe
+ 2009-02-18 19:34:51 169,984 -c--a-w c:\windows\$hf_mig$\KB888113\spuninst.exe
- 2004-10-14 18:34:54 672,256 -c--a-w c:\windows\$hf_mig$\KB888113\update\update.exe
+ 2009-02-18 19:34:52 654,848 -c--a-w c:\windows\$hf_mig$\KB888113\update\update.exe
- 2004-12-01 04:22:42 187,392 -c--a-w c:\windows\$hf_mig$\KB888302\spuninst.exe
+ 2009-02-18 19:34:53 169,984 -c--a-w c:\windows\$hf_mig$\KB888302\spuninst.exe
- 2004-11-30 22:46:40 672,256 -c--a-w c:\windows\$hf_mig$\KB888302\update\update.exe
+ 2009-02-18 19:34:54 654,848 -c--a-w c:\windows\$hf_mig$\KB888302\update\update.exe
- 2004-12-01 04:22:42 187,392 -c--a-w c:\windows\$hf_mig$\KB890047\spuninst.exe
+ 2009-02-18 19:34:57 169,984 -c--a-w c:\windows\$hf_mig$\KB890047\spuninst.exe
- 2004-11-30 22:46:40 672,256 -c--a-w c:\windows\$hf_mig$\KB890047\update\update.exe
+ 2009-02-18 19:34:58 654,848 -c--a-w c:\windows\$hf_mig$\KB890047\update\update.exe
- 2004-12-01 04:22:42 187,392 -c--a-w c:\windows\$hf_mig$\KB890175\spuninst.exe
+ 2009-02-18 19:34:59 169,984 -c--a-w c:\windows\$hf_mig$\KB890175\spuninst.exe
- 2004-11-30 22:46:40 672,256 -c--a-w c:\windows\$hf_mig$\KB890175\update\update.exe
+ 2009-02-18 19:35:00 654,848 -c--a-w c:\windows\$hf_mig$\KB890175\update\update.exe
- 2004-12-01 04:22:42 187,392 -c--a-w c:\windows\$hf_mig$\KB891781\spuninst.exe
+ 2009-02-18 19:35:12 169,984 -c--a-w c:\windows\$hf_mig$\KB891781\spuninst.exe
- 2004-11-30 22:46:40 672,256 -c--a-w c:\windows\$hf_mig$\KB891781\update\update.exe
+ 2009-02-18 19:35:12 654,848 -c--a-w c:\windows\$hf_mig$\KB891781\update\update.exe
- 2005-07-08 02:27:08 48,128 -c--a-w c:\windows\$hf_mig$\KB893756\update\arpidfix.exe
+ 2009-02-18 19:35:18 30,720 -c--a-w c:\windows\$hf_mig$\KB893756\update\arpidfix.exe
- 2005-05-26 23:22:01 28,160 -c--a-w c:\windows\$hf_mig$\KB896358\SP2GDR\hh.exe
+ 2009-02-18 19:35:22 10,752 -c--a-w c:\windows\$hf_mig$\KB896358\SP2GDR\hh.exe
- 2005-05-26 23:26:50 28,160 -c--a-w c:\windows\$hf_mig$\KB896358\SP2QFE\hh.exe
+ 2009-02-18 19:35:23 10,752 -c--a-w c:\windows\$hf_mig$\KB896358\SP2QFE\hh.exe
- 2005-06-10 23:53:32 75,264 -c--a-w c:\windows\$hf_mig$\KB896423\SP2GDR\spoolsv.exe
+ 2009-02-18 19:35:27 57,856 -c--a-w c:\windows\$hf_mig$\KB896423\SP2GDR\spoolsv.exe
- 2005-06-11 00:17:13 75,264 -c--a-w c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
+ 2009-02-18 19:35:27 57,856 -c--a-w c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
- 2005-06-29 23:54:32 48,128 -c--a-w c:\windows\$hf_mig$\KB896423\update\arpidfix.exe
+ 2009-02-18 19:35:27 30,720 -c--a-w c:\windows\$hf_mig$\KB896423\update\arpidfix.exe
- 2005-10-06 00:39:46 48,128 -c--a-w c:\windows\$hf_mig$\KB896424\update\arpidfix.exe
+ 2009-02-18 19:35:30 30,720 -c--a-w c:\windows\$hf_mig$\KB896424\update\arpidfix.exe
- 2005-05-10 23:45:48 93,184 -c--a-w c:\windows\$hf_mig$\KB896428\SP2GDR\telnet.exe
+ 2009-02-18 19:35:31 75,776 -c--a-w c:\windows\$hf_mig$\KB896428\SP2GDR\telnet.exe
- 2005-05-10 23:51:10 93,184 -c--a-w c:\windows\$hf_mig$\KB896428\SP2QFE\telnet.exe
+ 2009-02-18 19:35:31 75,776 -c--a-w c:\windows\$hf_mig$\KB896428\SP2QFE\telnet.exe
- 2005-09-02 21:52:55 35,840 -c--a-w c:\windows\$hf_mig$\KB896688\SP2QFE\iedw.exe
+ 2009-02-18 19:35:34 18,432 -c--a-w c:\windows\$hf_mig$\KB896688\SP2QFE\iedw.exe
- 2005-10-04 22:39:55 48,128 -c--a-w c:\windows\$hf_mig$\KB896688\update\arpidfix.exe
+ 2009-02-18 19:35:36 30,720 -c--a-w c:\windows\$hf_mig$\KB896688\update\arpidfix.exe
- 2005-07-02 23:38:24 35,840 -c--a-w c:\windows\$hf_mig$\KB896727\SP2QFE\iedw.exe
+ 2009-02-18 19:35:38 18,432 -c--a-w c:\windows\$hf_mig$\KB896727\SP2QFE\iedw.exe
- 2005-07-19 23:40:46 48,128 -c--a-w c:\windows\$hf_mig$\KB896727\update\arpidfix.exe
+ 2009-02-18 19:35:40 30,720 -c--a-w c:\windows\$hf_mig$\KB896727\update\arpidfix.exe
- 2005-06-29 23:54:32 48,128 -c--a-w c:\windows\$hf_mig$\KB899587\update\arpidfix.exe
+ 2009-02-18 19:35:43 30,720 -c--a-w c:\windows\$hf_mig$\KB899587\update\arpidfix.exe
- 2005-06-29 23:54:32 48,128 -c--a-w c:\windows\$hf_mig$\KB899588\update\arpidfix.exe
+ 2009-02-18 19:35:45 30,720 -c--a-w c:\windows\$hf_mig$\KB899588\update\arpidfix.exe
- 2005-06-29 23:54:32 48,128 -c--a-w c:\windows\$hf_mig$\KB899591\update\arpidfix.exe
+ 2009-02-18 19:35:46 30,720 -c--a-w c:\windows\$hf_mig$\KB899591\update\arpidfix.exe
- 2005-09-27 00:36:24 48,128 -c--a-w c:\windows\$hf_mig$\KB900725\update\arpidfix.exe
+ 2009-02-18 19:35:50 30,720 -c--a-w c:\windows\$hf_mig$\KB900725\update\arpidfix.exe
- 2005-09-09 23:26:26 48,128 -c--a-w c:\windows\$hf_mig$\KB901017\update\arpidfix.exe
+ 2009-02-18 19:35:52 30,720 -c--a-w c:\windows\$hf_mig$\KB901017\update\arpidfix.exe
- 2005-07-25 23:42:35 26,112 -c--a-w c:\windows\$hf_mig$\KB902400\SP2QFE\migregdb.exe
+ 2009-02-18 19:35:58 8,704 -c--a-w c:\windows\$hf_mig$\KB902400\SP2QFE\migregdb.exe
- 2005-07-26 02:21:18 48,128 -c--a-w c:\windows\$hf_mig$\KB902400\update\arpidfix.exe
+ 2009-02-18 19:36:00 30,720 -c--a-w c:\windows\$hf_mig$\KB902400\update\arpidfix.exe
- 2005-08-30 02:02:00 48,128 -c--a-w c:\windows\$hf_mig$\KB904706\update\arpidfix.exe
+ 2009-02-18 19:36:02 30,720 -c--a-w c:\windows\$hf_mig$\KB904706\update\arpidfix.exe
- 2005-08-19 23:50:31 48,128 -c--a-w c:\windows\$hf_mig$\KB905414\update\arpidfix.exe
+ 2009-02-18 19:36:04 30,720 -c--a-w c:\windows\$hf_mig$\KB905414\update\arpidfix.exe
- 2005-08-23 01:01:30 48,128 -c--a-w c:\windows\$hf_mig$\KB905749\update\arpidfix.exe
+ 2009-02-18 19:36:05 30,720 -c--a-w c:\windows\$hf_mig$\KB905749\update\arpidfix.exe
- 2005-10-21 01:54:43 35,840 -c--a-w c:\windows\$hf_mig$\KB905915\SP2QFE\iedw.exe
+ 2009-02-18 19:36:08 18,432 -c--a-w c:\windows\$hf_mig$\KB905915\SP2QFE\iedw.exe
- 2006-03-17 01:05:35 46,080 -c--a-w c:\windows\$hf_mig$\KB908531\SP2QFE\verclsid.exe
+ 2009-02-18 19:36:13 28,672 -c--a-w c:\windows\$hf_mig$\KB908531\SP2QFE\verclsid.exe
- 2006-03-04 01:34:41 35,840 -c--a-w c:\windows\$hf_mig$\KB912812\SP2QFE\iedw.exe
+ 2009-02-18 19:36:25 18,432 -c--a-w c:\windows\$hf_mig$\KB912812\SP2QFE\iedw.exe
- 2006-05-09 11:41:31 35,840 -c--a-w c:\windows\$hf_mig$\KB916281\SP2QFE\iedw.exe
+ 2009-02-18 19:36:41 18,432 -c--a-w c:\windows\$hf_mig$\KB916281\SP2QFE\iedw.exe
- 2006-06-23 08:48:30 35,840 -c--a-w c:\windows\$hf_mig$\KB918899\SP2QFE\iedw.exe
+ 2009-02-18 19:36:59 18,432 -c--a-w c:\windows\$hf_mig$\KB918899\SP2QFE\iedw.exe
- 2006-10-12 11:54:07 273,920 -c--a-w c:\windows\$hf_mig$\KB920213\SP2QFE\agentsvr.exe
+ 2009-02-18 19:37:05 256,512 -c--a-w c:\windows\$hf_mig$\KB920213\SP2QFE\agentsvr.exe
- 2006-08-21 09:43:32 40,448 -c--a-w c:\windows\$hf_mig$\KB922582\SP2QFE\fltmc.exe
+ 2009-02-18 19:37:21 23,040 -c--a-w c:\windows\$hf_mig$\KB922582\SP2QFE\fltmc.exe
- 2006-09-13 09:10:27 35,840 -c--a-w c:\windows\$hf_mig$\KB922760\SP2QFE\iedw.exe
+ 2009-02-18 19:37:25 18,432 -c--a-w c:\windows\$hf_mig$\KB922760\SP2QFE\iedw.exe
- 2007-03-06 07:54:01 74,240 -c--a-w c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\ie4uinit.exe
+ 2009-02-18 19:38:10 56,832 -c--a-w c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\ie4uinit.exe
- 2007-03-06 07:54:01 31,232 -c--a-w c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\ieudinit.exe
+ 2009-02-18 19:38:12 13,824 -c--a-w c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\ieudinit.exe
- 2007-02-28 06:51:34 642,560 -c--a-w c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\iexplore.exe
+ 2009-02-18 19:38:12 625,152 -c--a-w c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\iexplore.exe
- 2007-01-29 09:25:04 77,824 -c--a-w c:\windows\$hf_mig$\KB931836\SP2QFE\tzchange.exe
+ 2009-02-18 19:38:21 60,416 -c--a-w c:\windows\$hf_mig$\KB931836\SP2QFE\tzchange.exe
- 2007-07-18 10:33:06 77,824 -c--a-w c:\windows\$hf_mig$\KB933360\SP2QFE\tzchange.exe
+ 2009-02-18 19:38:26 60,416 -c--a-w c:\windows\$hf_mig$\KB933360\SP2QFE\tzchange.exe
- 2007-04-24 14:20:37 74,240 -c--a-w c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\ie4uinit.exe
+ 2009-02-18 19:38:28 56,832 -c--a-w c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\ie4uinit.exe
- 2007-04-24 14:20:37 31,232 -c--a-w c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\ieudinit.exe
+ 2009-02-18 19:38:30 13,824 -c--a-w c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\ieudinit.exe
- 2007-04-24 14:20:41 642,560 -c--a-w c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\iexplore.exe
+ 2009-02-18 19:38:30 625,152 -c--a-w c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\iexplore.exe
- 2007-06-27 09:16:27 80,896 -c--a-w c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\ie4uinit.exe
+ 2009-02-18 19:38:43 63,488 -c--a-w c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\ie4uinit.exe
- 2007-06-27 09:16:27 31,232 -c--a-w c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\ieudinit.exe
+ 2009-02-18 19:38:45 13,824 -c--a-w c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\ieudinit.exe
- 2007-06-27 09:16:52 642,560 -c--a-w c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\iexplore.exe
+ 2009-02-18 19:38:45 625,152 -c--a-w c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\iexplore.exe
- 2007-06-13 11:26:03 1,050,624 ----a-w c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
+ 2009-02-18 19:38:53 1,033,216 ----a-w c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
- 2007-08-17 10:12:34 88,064 -c--a-w c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\ie4uinit.exe
+ 2009-02-18 19:38:57 70,656 -c--a-w c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\ie4uinit.exe
- 2007-08-17 10:12:35 31,232 -c--a-w c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\ieudinit.exe
+ 2009-02-18 19:38:59 13,824 -c--a-w c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\ieudinit.exe
- 2007-08-17 10:12:49 642,560 -c--a-w c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\iexplore.exe
+ 2009-02-18 19:39:00 625,152 -c--a-w c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\iexplore.exe
- 2007-10-10 08:16:47 88,064 -c--a-w c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\ie4uinit.exe
+ 2009-02-18 19:39:12 70,656 -c--a-w c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\ie4uinit.exe
- 2007-10-10 08:16:47 31,232 -c--a-w c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\ieudinit.exe
+ 2009-02-18 19:39:14 13,824 -c--a-w c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\ieudinit.exe
- 2007-10-10 08:16:56 643,072 -c--a-w c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\iexplore.exe
+ 2009-02-18 19:39:14 625,664 -c--a-w c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\iexplore.exe
- 2007-11-13 11:02:46 77,824 -c--a-w c:\windows\$hf_mig$\KB942763\SP2QFE\tzchange.exe
+ 2009-02-18 19:39:19 60,416 -c--a-w c:\windows\$hf_mig$\KB942763\SP2QFE\tzchange.exe
- 2007-12-06 08:34:28 88,064 -c--a-w c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\ie4uinit.exe
+ 2009-02-18 19:39:27 70,656 -c--a-w c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\ie4uinit.exe
- 2007-12-06 08:34:29 31,232 -c--a-w c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\ieudinit.exe
+ 2009-02-18 19:39:29 13,824 -c--a-w c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\ieudinit.exe
- 2007-12-06 08:34:45 643,072 -c--a-w c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\iexplore.exe
+ 2009-02-18 19:39:29 625,664 -c--a-w c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\iexplore.exe
- 2008-02-22 09:39:56 88,064 -c--a-w c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\ie4uinit.exe
+ 2009-02-18 19:39:42 70,656 -c--a-w c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\ie4uinit.exe
- 2008-02-22 09:39:56 31,232 -c--a-w c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\ieudinit.exe
+ 2009-02-18 19:39:44 13,824 -c--a-w c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\ieudinit.exe
- 2008-02-22 09:40:22 643,072 -c--a-w c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\iexplore.exe
+ 2009-02-18 19:39:44 625,664 -c--a-w c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\iexplore.exe
- 2008-04-22 08:02:19 88,064 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ie4uinit.exe
+ 2009-02-18 19:39:58 70,656 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ie4uinit.exe
- 2008-04-22 08:02:19 31,232 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieudinit.exe
+ 2009-02-18 19:40:00 13,824 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\ieudinit.exe
- 2008-04-22 08:02:46 643,072 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe
+ 2009-02-18 19:40:00 625,664 -c--a-w c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe
- 2008-07-14 11:03:00 80,384 -c--a-w c:\windows\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
+ 2009-02-18 19:40:13 62,976 -c--a-w c:\windows\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
- 2008-07-11 12:42:28 80,384 -c--a-w c:\windows\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
+ 2009-02-18 19:40:13 62,976 -c--a-w c:\windows\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
- 2008-07-11 12:51:51 80,384 -c--a-w c:\windows\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
+ 2009-02-18 19:40:13 62,976 -c--a-w c:\windows\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
- 2008-05-07 09:07:23 155,648 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\cscript.exe
+ 2009-02-18 19:40:27 135,168 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\cscript.exe
- 2008-05-08 11:24:44 176,128 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\wscript.exe
+ 2009-02-18 19:40:28 155,648 ----a-w c:\windows\$hf_mig$\KB951978\SP3QFE\wscript.exe
- 2008-06-23 08:23:18 88,064 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ie4uinit.exe
+ 2009-02-18 19:40:35 70,656 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ie4uinit.exe
- 2008-06-23 08:23:18 31,232 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieudinit.exe
+ 2009-02-18 19:40:36 13,824 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\ieudinit.exe
- 2008-06-23 08:23:52 643,072 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe
+ 2009-02-18 19:40:37 625,664 -c--a-w c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe
- 2008-10-22 09:47:25 80,384 ----a-w c:\windows\$hf_mig$\KB955839\SP2QFE\tzchange.exe
+ 2009-02-18 19:40:53 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP2QFE\tzchange.exe
- 2008-10-23 10:06:59 80,384 ----a-w c:\windows\$hf_mig$\KB955839\SP3GDR\tzchange.exe
+ 2009-02-18 19:40:54 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP3GDR\tzchange.exe
- 2008-10-23 10:17:49 80,384 ----a-w c:\windows\$hf_mig$\KB955839\SP3QFE\tzchange.exe
+ 2009-02-18 19:40:54 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP3QFE\tzchange.exe
- 2008-08-25 08:43:21 88,064 -c--a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ie4uinit.exe
+ 2009-02-18 19:40:56 70,656 -c--a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ie4uinit.exe
- 2008-08-25 08:43:21 31,232 -c--a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieudinit.exe
+ 2009-02-18 19:40:58 13,824 -c--a-w c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\ieudinit.exe
- 2008-10-16 12:46:08 88,064 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ie4uinit.exe
+ 2009-02-18 19:41:25 70,656 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ie4uinit.exe
- 2008-10-16 12:46:08 31,232 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieudinit.exe
+ 2009-02-18 19:41:27 13,824 ----a-w c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\ieudinit.exe
- 2002-08-29 12:00:00 81,920 -c----w c:\windows\$MSI31Uninstall_KB893803v2$\msiexec.exe
+ 2009-02-18 19:41:39 64,512 -c--a-w c:\windows\$MSI31Uninstall_KB893803v2$\msiexec.exe
- 2004-08-04 07:56:47 201,216 -c----w c:\windows\$NtServicePackUninstall$\accwiz.exe
+ 2009-02-18 19:41:44 183,808 -c--a-w c:\windows\$NtServicePackUninstall$\accwiz.exe
- 2004-08-04 07:56:47 21,504 -c----w c:\windows\$NtServicePackUninstall$\actmovie.exe
+ 2009-02-18 19:41:48 4,096 -c--a-w c:\windows\$NtServicePackUninstall$\actmovie.exe
- 2004-08-04 07:56:47 36,919 -c----w c:\windows\$NtServicePackUninstall$\admin.exe
+ 2009-02-18 19:41:49 16,384 -c--a-w c:\windows\$NtServicePackUninstall$\admin.exe
- 2006-10-12 11:09:53 273,920 -c----w c:\windows\$NtServicePackUninstall$\agentsvr.exe
+ 2009-02-18 19:41:51 256,512 -c--a-w c:\windows\$NtServicePackUninstall$\agentsvr.exe
- 2004-08-04 07:56:47 115,712 -c----w c:\windows\$NtServicePackUninstall$\ahui.exe
+ 2009-02-18 19:41:53 98,304 -c--a-w c:\windows\$NtServicePackUninstall$\ahui.exe
- 2004-08-04 07:56:47 61,952 -c----w c:\windows\$NtServicePackUninstall$\alg.exe
+ 2009-02-18 19:41:54 44,544 -c--a-w c:\windows\$NtServicePackUninstall$\alg.exe
- 2004-08-04 07:56:47 42,496 -c----w c:\windows\$NtServicePackUninstall$\at.exe
+ 2009-02-18 19:42:30 25,088 -c--a-w c:\windows\$NtServicePackUninstall$\at.exe
- 2004-08-04 07:56:47 28,672 -c----w c:\windows\$NtServicePackUninstall$\atmadm.exe
+ 2009-02-18 19:42:32 11,264 -c--a-w c:\windows\$NtServicePackUninstall$\atmadm.exe
- 2002-08-29 12:00:00 28,672 -c----w c:\windows\$NtServicePackUninstall$\attrib.exe
+ 2009-02-18 19:42:32 11,264 -c--a-w c:\windows\$NtServicePackUninstall$\attrib.exe
- 2004-08-04 07:56:47 31,744 -c----w c:\windows\$NtServicePackUninstall$\auditusr.exe
+ 2009-02-18 19:42:32 14,336 -c--a-w c:\windows\$NtServicePackUninstall$\auditusr.exe
- 2004-08-04 07:56:47 36,919 -c----w c:\windows\$NtServicePackUninstall$\author.exe
+ 2009-02-18 19:42:32 16,384 -c--a-w c:\windows\$NtServicePackUninstall$\author.exe
- 2004-08-04 07:56:47 89,088 -c----w c:\windows\$NtServicePackUninstall$\blastcln.exe
+ 2009-02-18 19:42:35 71,680 -c--a-w c:\windows\$NtServicePackUninstall$\blastcln.exe
- 2002-08-29 12:00:00 35,840 -c----w c:\windows\$NtServicePackUninstall$\cacls.exe
+ 2009-02-18 19:42:37 18,432 -c--a-w c:\windows\$NtServicePackUninstall$\cacls.exe
- 2004-08-04 07:56:47 208,960 -c----w c:\windows\$NtServicePackUninstall$\cfgwiz.exe
+ 2009-02-18 19:42:40 188,416 -c--a-w c:\windows\$NtServicePackUninstall$\cfgwiz.exe
- 2004-08-04 07:56:47 23,040 -c----w c:\windows\$NtServicePackUninstall$\cisvc.exe
+ 2009-02-18 19:42:42 5,632 -c--a-w c:\windows\$NtServicePackUninstall$\cisvc.exe
- 2004-08-04 07:56:47 81,408 -c----w c:\windows\$NtServicePackUninstall$\cleanmgr.exe
+ 2009-02-18 19:42:43 64,000 -c--a-w c:\windows\$NtServicePackUninstall$\cleanmgr.exe
- 2004-08-04 07:56:47 40,960 -c----w c:\windows\$NtServicePackUninstall$\cliconfg.exe
+ 2009-02-18 19:42:43 20,480 -c--a-w c:\windows\$NtServicePackUninstall$\cliconfg.exe
- 2004-08-04 07:56:47 120,320 -c----w c:\windows\$NtServicePackUninstall$\clipbrd.exe
+ 2009-02-18 19:42:43 102,912 -c--a-w c:\windows\$NtServicePackUninstall$\clipbrd.exe
- 2004-08-04 07:56:47 50,688 -c----w c:\windows\$NtServicePackUninstall$\clipsrv.exe
+ 2009-02-18 19:42:44 33,280 -c--a-w c:\windows\$NtServicePackUninstall$\clipsrv.exe
- 2004-08-04 07:56:48 406,016 -c----w c:\windows\$NtServicePackUninstall$\cmd.exe
+ 2009-02-18 19:42:44 388,608 -c--a-w c:\windows\$NtServicePackUninstall$\cmd.exe
- 2004-08-04 07:56:48 64,512 -c----w c:\windows\$NtServicePackUninstall$\cmdl32.exe
+ 2009-02-18 19:42:45 47,104 -c--a-w c:\windows\$NtServicePackUninstall$\cmdl32.exe
- 2004-08-04 07:56:48 57,344 -c----w c:\windows\$NtServicePackUninstall$\cmmon32.exe
+ 2009-02-18 19:42:45 39,936 -c--a-w c:\windows\$NtServicePackUninstall$\cmmon32.exe
- 2004-08-04 07:56:48 80,896 -c----w c:\windows\$NtServicePackUninstall$\cmstp.exe
+ 2009-02-18 19:42:45 63,488 -c--a-w c:\windows\$NtServicePackUninstall$\cmstp.exe
- 2004-08-04 07:56:48 27,136 -c----w c:\windows\$NtServicePackUninstall$\comrepl.exe
+ 2009-02-18 19:42:48 9,728 -c--a-w c:\windows\$NtServicePackUninstall$\comrepl.exe
- 2002-08-29 12:00:00 22,528 -c----w c:\windows\$NtServicePackUninstall$\comrereg.exe
+ 2009-02-18 19:42:48 5,120 -c--a-w c:\windows\$NtServicePackUninstall$\comrereg.exe
- 2004-08-04 07:56:48 1,052,672 -c----w c:\windows\$NtServicePackUninstall$\conf.exe
+ 2009-02-18 19:42:49 1,032,192 -c--a-w c:\windows\$NtServicePackUninstall$\conf.exe
- 2004-08-04 07:56:48 45,056 -c----w c:\windows\$NtServicePackUninstall$\conime.exe
+ 2009-02-18 19:42:50 27,648 -c--a-w c:\windows\$NtServicePackUninstall$\conime.exe
- 2004-08-04 07:56:48 118,784 -c----w c:\windows\$NtServicePackUninstall$\cscript.exe
+ 2009-02-18 19:42:51 98,304 -c--a-w c:\windows\$NtServicePackUninstall$\cscript.exe
- 2004-08-04 07:56:48 32,768 -c----w c:\windows\$NtServicePackUninstall$\ctfmon.exe
+ 2009-02-18 19:42:53 15,360 -c--a-w c:\windows\$NtServicePackUninstall$\ctfmon.exe
- 2002-08-29 12:00:00 22,528 -c----w c:\windows\$NtServicePackUninstall$\dcomcnfg.exe
+ 2009-02-18 19:42:56 5,120 -c--a-w c:\windows\$NtServicePackUninstall$\dcomcnfg.exe
- 2004-08-04 07:56:48 47,616 -c----w c:\windows\$NtServicePackUninstall$\ddeshare.exe
+ 2009-02-18 19:42:56 30,208 -c--a-w c:\windows\$NtServicePackUninstall$\ddeshare.exe
- 2004-08-04 07:56:48 42,496 -c----w c:\windows\$NtServicePackUninstall$\defrag.exe
+ 2009-02-18 19:42:57 25,088 -c--a-w c:\windows\$NtServicePackUninstall$\defrag.exe
- 2004-08-04 07:56:48 99,840 -c----w c:\windows\$NtServicePackUninstall$\dfrgfat.exe
+ 2009-02-18 19:42:57 82,432 -c--a-w c:\windows\$NtServicePackUninstall$\dfrgfat.exe
- 2004-08-04 07:56:48 122,368 -c----w c:\windows\$NtServicePackUninstall$\dfrgntfs.exe
+ 2009-02-18 19:42:57 104,960 -c--a-w c:\windows\$NtServicePackUninstall$\dfrgntfs.exe
- 2004-08-04 07:56:48 556,544 -c----w c:\windows\$NtServicePackUninstall$\dialer.exe
+ 2009-02-18 19:42:59 539,136 -c--a-w c:\windows\$NtServicePackUninstall$\dialer.exe
- 2004-08-04 07:56:48 102,912 -c----w c:\windows\$NtServicePackUninstall$\diantz.exe
+ 2009-02-18 19:42:59 85,504 -c--a-w c:\windows\$NtServicePackUninstall$\diantz.exe
- 2004-08-04 07:56:48 181,248 -c----w c:\windows\$NtServicePackUninstall$\diskpart.exe
+ 2009-02-18 19:43:00 163,840 -c--a-w c:\windows\$NtServicePackUninstall$\diskpart.exe
- 2004-08-04 07:56:48 315,392 -c----w c:\windows\$NtServicePackUninstall$\dlimport.exe
+ 2009-02-18 19:43:00 294,912 -c--a-w c:\windows\$NtServicePackUninstall$\dlimport.exe
- 2004-08-04 07:56:48 22,528 -c----w c:\windows\$NtServicePackUninstall$\dllhost.exe
+ 2009-02-18 19:43:00 5,120 -c--a-w c:\windows\$NtServicePackUninstall$\dllhost.exe
- 2004-08-04 07:56:48 242,176 -c----w c:\windows\$NtServicePackUninstall$\dmadmin.exe
+ 2009-02-18 19:43:00 224,768 -c--a-w c:\windows\$NtServicePackUninstall$\dmadmin.exe
- 2004-08-04 07:56:48 33,280 -c----w c:\windows\$NtServicePackUninstall$\dmremote.exe
+ 2009-02-18 19:43:01 15,872 -c--a-w c:\windows\$NtServicePackUninstall$\dmremote.exe
- 2004-08-04 07:56:48 47,616 -c----w c:\windows\$NtServicePackUninstall$\dplaysvr.exe
+ 2009-02-18 19:43:03 30,208 -c--a-w c:\windows\$NtServicePackUninstall$\dplaysvr.exe
- 2004-08-04 07:56:48 35,840 -c----w c:\windows\$NtServicePackUninstall$\dpnsvr.exe
+ 2009-02-18 19:43:04 18,432 -c--a-w c:\windows\$NtServicePackUninstall$\dpnsvr.exe
- 2004-08-04 07:56:48 100,864 -c----w c:\windows\$NtServicePackUninstall$\dpvsetup.exe
+ 2009-02-18 19:43:04 83,456 -c--a-w c:\windows\$NtServicePackUninstall$\dpvsetup.exe
- 2004-08-04 07:56:48 28,160 -c----w c:\windows\$NtServicePackUninstall$\dumprep.exe
+ 2009-02-18 19:43:06 10,752 -c--a-w c:\windows\$NtServicePackUninstall$\dumprep.exe
- 2004-08-04 07:56:48 35,328 -c----w c:\windows\$NtServicePackUninstall$\dvdupgrd.exe
+ 2009-02-18 19:43:06 17,920 -c--a-w c:\windows\$NtServicePackUninstall$\dvdupgrd.exe
- 2004-08-04 07:56:48 200,704 -c----w c:\windows\$NtServicePackUninstall$\dwwin.exe
+ 2009-02-18 19:43:07 180,224 -c--a-w c:\windows\$NtServicePackUninstall$\dwwin.exe
- 2004-08-04 07:56:48 1,318,912 -c----w c:\windows\$NtServicePackUninstall$\dxdiag.exe
+ 2009-02-18 19:43:08 1,298,432 -c--a-w c:\windows\$NtServicePackUninstall$\dxdiag.exe
- 2004-08-04 07:56:49 210,432 -c----w c:\windows\$NtServicePackUninstall$\eudcedit.exe
+ 2009-02-18 19:43:11 193,024 -c--a-w c:\windows\$NtServicePackUninstall$\eudcedit.exe
- 2004-08-04 07:56:49 41,472 -c----w c:\windows\$NtServicePackUninstall$\evntcmd.exe
+ 2009-02-18 19:43:11 24,064 -c--a-w c:\windows\$NtServicePackUninstall$\evntcmd.exe
- 2004-08-04 07:56:49 109,568 -c----w c:\windows\$NtServicePackUninstall$\evntwin.exe
+ 2009-02-18 19:43:12 92,160 -c--a-w c:\windows\$NtServicePackUninstall$\evntwin.exe
- 2007-06-13 10:23:07 1,050,624 -c----w c:\windows\$NtServicePackUninstall$\explorer.exe
+ 2009-02-18 19:43:12 1,033,216 -c--a-w c:\windows\$NtServicePackUninstall$\explorer.exe
- 2004-08-04 07:56:49 62,976 -c----w c:\windows\$NtServicePackUninstall$\extrac32.exe
+ 2009-02-18 19:43:14 45,568 -c--a-w c:\windows\$NtServicePackUninstall$\extrac32.exe
- 2004-08-04 07:56:49 38,400 -c----w c:\windows\$NtServicePackUninstall$\faxpatch.exe
+ 2009-02-18 19:43:14 20,992 -c--a-w c:\windows\$NtServicePackUninstall$\faxpatch.exe
- 2004-08-04 07:56:49 44,544 -c----w c:\windows\$NtServicePackUninstall$\findstr.exe
+ 2009-02-18 19:43:14 27,136 -c--a-w c:\windows\$NtServicePackUninstall$\findstr.exe
- 2006-08-21 09:14:58 40,448 -c----w c:\windows\$NtServicePackUninstall$\fltmc.exe
+ 2009-02-18 19:43:15 23,040 -c--a-w c:\windows\$NtServicePackUninstall$\fltmc.exe
- 2004-08-04 07:56:49 38,400 -c----w c:\windows\$NtServicePackUninstall$\fontview.exe
+ 2009-02-18 19:43:16 20,992 -c--a-w c:\windows\$NtServicePackUninstall$\fontview.exe
- 2002-08-29 12:00:00 24,576 -c----w c:\windows\$NtServicePackUninstall$\forcedos.exe
+ 2009-02-18 19:43:16 7,168 -c--a-w c:\windows\$NtServicePackUninstall$\forcedos.exe
- 2004-08-04 07:56:49 32,528 -c----w c:\windows\$NtServicePackUninstall$\fp98sadm.exe
+ 2009-02-18 19:43:19 14,848 -c--a-w c:\windows\$NtServicePackUninstall$\fp98sadm.exe
- 2004-08-04 07:56:49 127,248 -c----w c:\windows\$NtServicePackUninstall$\fp98swin.exe
+ 2009-02-18 19:43:19 109,568 -c--a-w c:\windows\$NtServicePackUninstall$\fp98swin.exe
- 2004-08-04 07:56:49 45,112 -c----w c:\windows\$NtServicePackUninstall$\fpadmcgi.exe
+ 2009-02-18 19:43:19 24,576 -c--a-w c:\windows\$NtServicePackUninstall$\fpadmcgi.exe
- 2004-08-04 07:56:49 208,974 -c----w c:\windows\$NtServicePackUninstall$\fpcount.exe
+ 2009-02-18 19:43:19 188,416 -c--a-w c:\windows\$NtServicePackUninstall$\fpcount.exe
- 2004-08-04 07:56:49 41,018 -c----w c:\windows\$NtServicePackUninstall$\fpremadm.exe
+ 2009-02-18 19:43:20 20,480 -c--a-w c:\windows\$NtServicePackUninstall$\fpremadm.exe
- 2004-08-04 07:56:49 49,208 -c----w c:\windows\$NtServicePackUninstall$\fpsrvadm.exe
+ 2009-02-18 19:43:20 28,672 -c--a-w c:\windows\$NtServicePackUninstall$\fpsrvadm.exe
- 2004-08-04 07:56:50 210,432 -c----w c:\windows\$NtServicePackUninstall$\fsquirt.exe
+ 2009-02-18 19:43:21 193,024 -c--a-w c:\windows\$NtServicePackUninstall$\fsquirt.exe
- 2004-08-04 07:56:49 59,904 -c----w c:\windows\$NtServicePackUninstall$\ftp.exe
+ 2009-02-18 19:43:21 42,496 -c--a-w c:\windows\$NtServicePackUninstall$\ftp.exe
- 2004-08-04 07:56:49 160,768 -c----w c:\windows\$NtServicePackUninstall$\fxsclnt.exe
+ 2009-02-18 19:43:21 143,360 -c--a-w c:\windows\$NtServicePackUninstall$\fxsclnt.exe
- 2004-08-04 07:56:49 246,784 -c----w c:\windows\$NtServicePackUninstall$\fxscover.exe
+ 2009-02-18 19:43:22 229,376 -c--a-w c:\windows\$NtServicePackUninstall$\fxscover.exe
- 2004-08-04 07:56:49 285,184 -c----w c:\windows\$NtServicePackUninstall$\fxssvc.exe
+ 2009-02-18 19:43:22 267,776 -c--a-w c:\windows\$NtServicePackUninstall$\fxssvc.exe
- 2004-08-04 07:56:49 56,832 -c----w c:\windows\$NtServicePackUninstall$\grpconv.exe
+ 2009-02-18 19:43:24 39,424 -c--a-w c:\windows\$NtServicePackUninstall$\grpconv.exe
- 2002-08-29 12:00:00 32,256 -c----w c:\windows\$NtServicePackUninstall$\help.exe
+ 2009-02-18 19:43:26 14,848 -c--a-w c:\windows\$NtServicePackUninstall$\help.exe
- 2004-08-04 07:56:49 785,920 -c----w c:\windows\$NtServicePackUninstall$\helpctr.exe
+ 2009-02-18 19:43:26 768,512 -c--a-w c:\windows\$NtServicePackUninstall$\helpctr.exe
- 2004-08-04 07:56:50 761,344 -c----w c:\windows\$NtServicePackUninstall$\helpsvc.exe
+ 2009-02-18 19:43:27 743,936 -c--a-w c:\windows\$NtServicePackUninstall$\helpsvc.exe
- 2005-05-26 23:22:01 28,160 -c----w c:\windows\$NtServicePackUninstall$\hh.exe
+ 2009-02-18 19:43:28 10,752 -c--a-w c:\windows\$NtServicePackUninstall$\hh.exe
- 2004-08-04 07:56:50 36,352 -c----w c:\windows\$NtServicePackUninstall$\hscupd.exe
+ 2009-02-18 19:43:30 18,944 -c--a-w c:\windows\$NtServicePackUninstall$\hscupd.exe
- 2004-08-04 07:56:50 231,936 -c----w c:\windows\$NtServicePackUninstall$\icwconn1.exe
+ 2009-02-18 19:43:33 214,528 -c--a-w c:\windows\$NtServicePackUninstall$\icwconn1.exe
- 2004-08-04 07:56:50 106,496 -c----w c:\windows\$NtServicePackUninstall$\icwconn2.exe
+ 2009-02-18 19:43:33 86,016 -c--a-w c:\windows\$NtServicePackUninstall$\icwconn2.exe
- 2004-08-04 07:56:50 45,056 -c----w c:\windows\$NtServicePackUninstall$\icwrmind.exe
+ 2009-02-18 19:43:34 24,576 -c--a-w c:\windows\$NtServicePackUninstall$\icwrmind.exe
- 2004-08-04 07:56:50 51,712 -c----w c:\windows\$NtServicePackUninstall$\ie4uinit.exe
+ 2009-02-18 19:43:34 34,304 -c--a-w c:\windows\$NtServicePackUninstall$\ie4uinit.exe
- 2004-08-04 07:56:50 35,840 -c----w c:\windows\$NtServicePackUninstall$\iedw.exe
+ 2009-02-18 19:43:35 18,432 -c--a-w c:\windows\$NtServicePackUninstall$\iedw.exe
- 2004-08-04 07:56:50 110,592 -c----w c:\windows\$NtServicePackUninstall$\iexplore.exe
+ 2009-02-18 19:43:36 93,184 -c--a-w c:\windows\$NtServicePackUninstall$\iexplore.exe
- 2004-08-04 07:56:50 132,096 -c----w c:\windows\$NtServicePackUninstall$\iexpress.exe
+ 2009-02-18 19:43:36 114,688 -c--a-w c:\windows\$NtServicePackUninstall$\iexpress.exe
- 2004-08-04 07:56:50 167,424 -c----w c:\windows\$NtServicePackUninstall$\imapi.exe
+ 2009-02-18 19:43:37 150,016 -c--a-w c:\windows\$NtServicePackUninstall$\imapi.exe
- 2004-08-04 07:56:50 40,960 -c----w c:\windows\$NtServicePackUninstall$\inetwiz.exe
+ 2009-02-18 19:43:40 20,480 -c--a-w c:\windows\$NtServicePackUninstall$\inetwiz.exe
- 2004-08-04 07:56:50 73,216 -c----w c:\windows\$NtServicePackUninstall$\ipconfig.exe
+ 2009-02-18 19:43:40 55,808 -c--a-w c:\windows\$NtServicePackUninstall$\ipconfig.exe
- 2004-08-04 07:56:50 70,656 -c----w c:\windows\$NtServicePackUninstall$\ipv6.exe
+ 2009-02-18 19:43:42 53,248 -c--a-w c:\windows\$NtServicePackUninstall$\ipv6.exe
- 2004-08-04 07:56:50 40,960 -c----w c:\windows\$NtServicePackUninstall$\ipxroute.exe
+ 2009-02-18 19:43:43 23,552 -c--a-w c:\windows\$NtServicePackUninstall$\ipxroute.exe
- 2004-08-04 07:56:50 169,984 -c----w c:\windows\$NtServicePackUninstall$\irftp.exe
+ 2009-02-18 19:43:44 152,576 -c--a-w c:\windows\$NtServicePackUninstall$\irftp.exe
- 2004-08-04 07:56:50 92,672 -c----w c:\windows\$NtServicePackUninstall$\locator.exe
+ 2009-02-18 19:43:56 75,264 -c--a-w c:\windows\$NtServicePackUninstall$\locator.exe
- 2004-08-04 07:56:50 76,800 -c----w c:\windows\$NtServicePackUninstall$\logman.exe
+ 2009-02-18 19:43:56 59,392 -c--a-w c:\windows\$NtServicePackUninstall$\logman.exe
- 2004-08-04 07:56:57 238,080 -c----w c:\windows\$NtServicePackUninstall$\logon.scr
+ 2009-02-18 19:43:56 220,672 -c--a-w c:\windows\$NtServicePackUninstall$\logon.scr
- 2004-08-04 07:56:50 531,968 -c----w c:\windows\$NtServicePackUninstall$\logonui.exe
+ 2009-02-18 19:43:57 514,560 -c--a-w c:\windows\$NtServicePackUninstall$\logonui.exe
- 2004-08-04 07:56:50 30,720 -c----w c:\windows\$NtServicePackUninstall$\lsass.exe
+ 2009-02-18 19:43:58 13,312 -c--a-w c:\windows\$NtServicePackUninstall$\lsass.exe
- 2004-08-04 07:56:50 90,112 -c----w c:\windows\$NtServicePackUninstall$\magnify.exe
+ 2009-02-18 19:43:58 72,704 -c--a-w c:\windows\$NtServicePackUninstall$\magnify.exe
- 2004-08-04 07:56:50 102,912 -c----w c:\windows\$NtServicePackUninstall$\makecab.exe
+ 2009-02-18 19:43:59 85,504 -c--a-w c:\windows\$NtServicePackUninstall$\makecab.exe
- 2004-08-04 07:56:50 120,832 -c----w c:\windows\$NtServicePackUninstall$\migload.exe
+ 2009-02-18 19:44:01 103,424 -c--a-w c:\windows\$NtServicePackUninstall$\migload.exe
- 2004-08-04 07:56:51 25,088 -c----w c:\windows\$NtServicePackUninstall$\migregdb.exe
+ 2009-02-18 19:44:01 7,680 -c--a-w c:\windows\$NtServicePackUninstall$\migregdb.exe
- 2004-08-04 07:56:51 257,536 -c----w c:\windows\$NtServicePackUninstall$\migwiz.exe
+ 2009-02-18 19:44:01 240,128 -c--a-w c:\windows\$NtServicePackUninstall$\migwiz.exe
- 2004-08-04 07:56:51 832,512 -c----w c:\windows\$NtServicePackUninstall$\mmc.exe
+ 2009-02-18 19:44:04 815,104 -c--a-w c:\windows\$NtServicePackUninstall$\mmc.exe
- 2004-08-04 07:56:51 53,248 -c----w c:\windows\$NtServicePackUninstall$\mnmsrvc.exe
+ 2009-02-18 19:44:06 32,768 -c--a-w c:\windows\$NtServicePackUninstall$\mnmsrvc.exe
- 2004-08-04 07:56:51 160,768 -c----w c:\windows\$NtServicePackUninstall$\mobsync.exe
+ 2009-02-18 19:44:06 143,360 -c--a-w c:\windows\$NtServicePackUninstall$\mobsync.exe
- 2004-08-04 07:56:51 33,792 -c----w c:\windows\$NtServicePackUninstall$\mofcomp.exe
+ 2009-02-18 19:44:07 16,384 -c--a-w c:\windows\$NtServicePackUninstall$\mofcomp.exe
- 2004-08-04 07:56:52 3,572,736 -c----w c:\windows\$NtServicePackUninstall$\moviemk.exe
+ 2009-02-18 19:44:07 3,555,328 -c--a-w c:\windows\$NtServicePackUninstall$\moviemk.exe
- 2004-08-04 07:56:52 140,800 -c----w c:\windows\$NtServicePackUninstall$\mplay32.exe
+ 2009-02-18 19:44:10 123,392 -c--a-w c:\windows\$NtServicePackUninstall$\mplay32.exe
- 2004-08-04 07:56:52 22,047 -c----w c:\windows\$NtServicePackUninstall$\mplayer2.exe
+ 2009-02-18 19:44:10 4,608 -c--a-w c:\windows\$NtServicePackUninstall$\mplayer2.exe
- 2004-08-04 07:56:53 175,616 -c----w c:\windows\$NtServicePackUninstall$\msconfig.exe
+ 2009-02-18 19:44:15 158,208 -c--a-w c:\windows\$NtServicePackUninstall$\msconfig.exe
- 2004-08-04 07:56:53 23,552 -c----w c:\windows\$NtServicePackUninstall$\msdtc.exe
+ 2009-02-18 19:44:18 6,144 -c--a-w c:\windows\$NtServicePackUninstall$\msdtc.exe
- 2004-08-04 07:56:53 46,592 -c----w c:\windows\$NtServicePackUninstall$\mshta.exe
+ 2009-02-18 19:44:22 29,184 -c--a-w c:\windows\$NtServicePackUninstall$\mshta.exe
- 2005-05-04 21:45:36 96,256 -c----w c:\windows\$NtServicePackUninstall$\msiexec.exe
+ 2009-02-18 19:44:23 78,848 -c--a-w c:\windows\$NtServicePackUninstall$\msiexec.exe
- 2004-08-04 07:56:53 77,824 -c----w c:\windows\$NtServicePackUninstall$\msimn.exe
+ 2009-02-18 19:44:24 60,416 -c--a-w c:\windows\$NtServicePackUninstall$\msimn.exe
- 2004-08-04 07:56:53 58,368 -c----w c:\windows\$NtServicePackUninstall$\msiregmv.exe
+ 2009-02-18 19:44:25 40,960 -c--a-w c:\windows\$NtServicePackUninstall$\msiregmv.exe
- 2004-08-04 07:56:53 1,684,992 -c----w c:\windows\$NtServicePackUninstall$\msmsgs.exe
+ 2009-02-18 19:44:27 1,667,584 -c--a-w c:\windows\$NtServicePackUninstall$\msmsgs.exe
- 2002-08-29 12:00:00 45,568 -c----w c:\windows\$NtServicePackUninstall$\msoobe.exe
+ 2009-02-18 19:44:30 28,160 -c--a-w c:\windows\$NtServicePackUninstall$\msoobe.exe
- 2004-08-04 07:56:53 360,448 -c----w c:\windows\$NtServicePackUninstall$\mspaint.exe
+ 2009-02-18 19:44:31 343,040 -c--a-w c:\windows\$NtServicePackUninstall$\mspaint.exe
- 2004-08-04 07:56:53 29,696 -c----w c:\windows\$NtServicePackUninstall$\mstinit.exe
+ 2009-02-18 19:44:33 12,288 -c--a-w c:\windows\$NtServicePackUninstall$\mstinit.exe
- 2004-08-04 05:59:40 424,960 -c----w c:\windows\$NtServicePackUninstall$\mstsc.exe
+ 2009-02-18 19:44:35 407,552 -c--a-w c:\windows\$NtServicePackUninstall$\mstsc.exe
- 2004-08-04 07:56:53 108,032 -c----w c:\windows\$NtServicePackUninstall$\muisetup.exe
+ 2009-02-18 19:44:40 90,624 -c--a-w c:\windows\$NtServicePackUninstall$\muisetup.exe
- 2004-08-04 07:56:54 71,168 -c----w c:\windows\$NtServicePackUninstall$\narrator.exe
+ 2009-02-18 19:44:40 53,760 -c--a-w c:\windows\$NtServicePackUninstall$\narrator.exe
- 2004-08-04 07:56:54 21,504 -c----w c:\windows\$NtServicePackUninstall$\nddeapir.exe
+ 2009-02-18 19:44:41 4,096 -c--a-w c:\windows\$NtServicePackUninstall$\nddeapir.exe
- 2004-08-04 07:56:54 59,904 -c----w c:\windows\$NtServicePackUninstall$\net.exe
+ 2009-02-18 19:44:42 42,496 -c--a-w c:\windows\$NtServicePackUninstall$\net.exe
- 2004-08-04 07:56:54 142,336 -c----w c:\windows\$NtServicePackUninstall$\net1.exe
+ 2009-02-18 19:44:42 124,928 -c--a-w c:\windows\$NtServicePackUninstall$\net1.exe
- 2004-08-04 07:56:54 128,512 -c----w c:\windows\$NtServicePackUninstall$\netdde.exe
+ 2009-02-18 19:44:43 111,104 -c--a-w c:\windows\$NtServicePackUninstall$\netdde.exe
- 2004-08-04 08:02:44 349,184 -c----w c:\windows\$NtServicePackUninstall$\netsetup.exe
+ 2009-02-18 19:44:45 331,776 -c--a-w c:\windows\$NtServicePackUninstall$\netsetup.exe
- 2004-08-04 07:56:54 103,424 -c----w c:\windows\$NtServicePackUninstall$\netsh.exe
+ 2009-02-18 19:44:46 86,016 -c--a-w c:\windows\$NtServicePackUninstall$\netsh.exe
- 2004-08-04 07:56:54 54,272 -c----w c:\windows\$NtServicePackUninstall$\netstat.exe
+ 2009-02-18 19:44:46 36,864 -c--a-w c:\windows\$NtServicePackUninstall$\netstat.exe
- 2004-08-04 07:56:54 86,528 -c----w c:\windows\$NtServicePackUninstall$\notepad.exe
+ 2009-02-18 19:44:47 69,120 -c--a-w c:\windows\$NtServicePackUninstall$\notepad.exe
- 2004-08-04 07:56:54 32,768 -c----w c:\windows\$NtServicePackUninstall$\nppagent.exe
+ 2009-02-18 19:44:48 15,360 -c--a-w c:\windows\$NtServicePackUninstall$\nppagent.exe
- 2004-08-04 07:56:54 94,208 -c----w c:\windows\$NtServicePackUninstall$\nslookup.exe
+ 2009-02-18 19:44:48 76,800 -c--a-w c:\windows\$NtServicePackUninstall$\nslookup.exe
- 2004-08-04 07:56:54 437,248 -c----w c:\windows\$NtServicePackUninstall$\ntvdm.exe
+ 2009-02-18 19:45:00 419,840 -c--a-w c:\windows\$NtServicePackUninstall$\ntvdm.exe
- 2004-08-04 07:56:54 53,248 -c----w c:\windows\$NtServicePackUninstall$\odbcad32.exe
+ 2009-02-18 19:45:02 32,768 -c--a-w c:\windows\$NtServicePackUninstall$\odbcad32.exe
- 2004-08-04 07:56:54 90,112 -c----w c:\windows\$NtServicePackUninstall$\odbcconf.exe
+ 2009-02-18 19:45:02 69,632 -c--a-w c:\windows\$NtServicePackUninstall$\odbcconf.exe
- 2004-08-04 07:56:54 77,824 -c----w c:\windows\$NtServicePackUninstall$\oemig50.exe
+ 2009-02-18 19:45:03 60,416 -c--a-w c:\windows\$NtServicePackUninstall$\oemig50.exe
- 2004-08-04 07:56:54 68,608 -c----w c:\windows\$NtServicePackUninstall$\oobebaln.exe
+ 2009-02-18 19:45:06 51,200 -c--a-w c:\windows\$NtServicePackUninstall$\oobebaln.exe
- 2004-08-04 07:56:55 232,960 -c----w c:\windows\$NtServicePackUninstall$\osk.exe
+ 2009-02-18 19:45:06 215,552 -c--a-w c:\windows\$NtServicePackUninstall$\osk.exe
- 2004-08-04 07:56:55 75,776 -c----w c:\windows\$NtServicePackUninstall$\packager.exe
+ 2009-02-18 19:45:07 58,368 -c--a-w c:\windows\$NtServicePackUninstall$\packager.exe
- 2004-08-04 07:56:55 33,280 -c----w c:\windows\$NtServicePackUninstall$\perfmon.exe
+ 2009-02-18 19:45:09 15,872 -c--a-w c:\windows\$NtServicePackUninstall$\perfmon.exe
- 2004-08-04 07:56:55 298,496 -c----w c:\windows\$NtServicePackUninstall$\pinball.exe
+ 2009-02-18 19:45:10 281,088 -c--a-w c:\windows\$NtServicePackUninstall$\pinball.exe
- 2004-08-04 07:56:55 35,328 -c----w c:\windows\$NtServicePackUninstall$\ping.exe
+ 2009-02-18 19:45:10 17,920 -c--a-w c:\windows\$NtServicePackUninstall$\ping.exe
- 2002-08-29 12:00:00 87,552 -c----w c:\windows\$NtServicePackUninstall$\pintlphr.exe
+ 2009-02-18 19:45:10 70,144 -c--a-w c:\windows\$NtServicePackUninstall$\pintlphr.exe
- 2004-08-04 07:56:55 66,560 -c----w c:\windows\$NtServicePackUninstall$\powercfg.exe
+ 2009-02-18 19:45:11 49,152 -c--a-w c:\windows\$NtServicePackUninstall$\powercfg.exe
- 2004-08-04 07:56:55 126,976 -c----w c:\windows\$NtServicePackUninstall$\progman.exe
+ 2009-02-18 19:45:12 109,568 -c--a-w c:\windows\$NtServicePackUninstall$\progman.exe
- 2004-08-04 07:56:55 67,584 -c----w c:\windows\$NtServicePackUninstall$\proquota.exe
+ 2009-02-18 19:45:12 50,176 -c--a-w c:\windows\$NtServicePackUninstall$\proquota.exe
- 2004-08-04 07:56:55 26,624 -c----w c:\windows\$NtServicePackUninstall$\proxycfg.exe
+ 2009-02-18 19:45:12 9,216 -c--a-w c:\windows\$NtServicePackUninstall$\proxycfg.exe
- 2004-08-04 07:56:55 37,888 -c----w c:\windows\$NtServicePackUninstall$\qprocess.exe
+ 2009-02-18 19:45:15 20,480 -c--a-w c:\windows\$NtServicePackUninstall$\qprocess.exe
- 2004-08-04 07:56:55 74,240 -c----w c:\windows\$NtServicePackUninstall$\rasphone.exe
+ 2009-02-18 19:45:17 56,832 -c--a-w c:\windows\$NtServicePackUninstall$\rasphone.exe
- 2004-08-04 07:56:55 53,248 -c----w c:\windows\$NtServicePackUninstall$\rcimlby.exe
+ 2009-02-18 19:45:18 35,840 -c--a-w c:\windows\$NtServicePackUninstall$\rcimlby.exe
- 2004-08-04 07:56:55 38,912 -c----w c:\windows\$NtServicePackUninstall$\rcp.exe
+ 2009-02-18 19:45:18 21,504 -c--a-w c:\windows\$NtServicePackUninstall$\rcp.exe
- 2004-08-04 07:56:55 79,872 -c----w c:\windows\$NtServicePackUninstall$\rdpclip.exe
+ 2009-02-18 19:45:19 62,464 -c--a-w c:\windows\$NtServicePackUninstall$\rdpclip.exe
- 2004-08-04 07:56:55 31,232 -c----w c:\windows\$NtServicePackUninstall$\rdsaddin.exe
+ 2009-02-18 19:45:19 13,824 -c--a-w c:\windows\$NtServicePackUninstall$\rdsaddin.exe
- 2004-08-04 07:56:55 84,480 -c----w c:\windows\$NtServicePackUninstall$\rdshost.exe
+ 2009-02-18 19:45:19 67,072 -c--a-w c:\windows\$NtServicePackUninstall$\rdshost.exe
- 2004-08-04 07:56:55 67,584 -c----w c:\windows\$NtServicePackUninstall$\reg.exe
+ 2009-02-18 19:45:19 50,176 -c--a-w c:\windows\$NtServicePackUninstall$\reg.exe
- 2004-08-04 07:56:55 163,840 -c----w c:\windows\$NtServicePackUninstall$\regedit.exe
+ 2009-02-18 19:45:58 146,432 -c--a-w c:\windows\$NtServicePackUninstall$\regedit.exe
- 2004-08-04 07:56:55 29,184 -c----w c:\windows\$NtServicePackUninstall$\regsvr32.exe
+ 2009-02-18 19:45:58 11,776 -c--a-w c:\windows\$NtServicePackUninstall$\regsvr32.exe
- 2004-08-04 07:56:55 31,232 -c----w c:\windows\$NtServicePackUninstall$\rexec.exe
+ 2009-02-18 19:45:58 13,824 -c--a-w c:\windows\$NtServicePackUninstall$\rexec.exe
- 2004-08-04 07:56:55 32,256 -c----w c:\windows\$NtServicePackUninstall$\rsh.exe
+ 2009-02-18 19:46:01 14,848 -c--a-w c:\windows\$NtServicePackUninstall$\rsh.exe
- 2004-08-04 07:56:55 397,824 -c----w c:\windows\$NtServicePackUninstall$\rstrui.exe
+ 2009-02-18 19:46:01 380,416 -c--a-w c:\windows\$NtServicePackUninstall$\rstrui.exe
- 2004-08-04 07:56:55 94,720 -c----w c:\windows\$NtServicePackUninstall$\rtcshare.exe
+ 2009-02-18 19:46:02 77,312 -c--a-w c:\windows\$NtServicePackUninstall$\rtcshare.exe
- 2004-08-04 07:56:55 50,688 -c----w c:\windows\$NtServicePackUninstall$\rundll32.exe
+ 2009-02-18 19:46:02 33,280 -c--a-w c:\windows\$NtServicePackUninstall$\rundll32.exe
- 2004-08-04 07:56:55 31,744 -c----w c:\windows\$NtServicePackUninstall$\runonce.exe
+ 2009-02-18 19:46:02 14,336 -c--a-w c:\windows\$NtServicePackUninstall$\runonce.exe
- 2004-08-04 07:56:55 30,720 -c----w c:\windows\$NtServicePackUninstall$\savedump.exe
+ 2009-02-18 19:46:03 13,312 -c--a-w c:\windows\$NtServicePackUninstall$\savedump.exe
- 2004-08-04 07:56:55 113,152 -c----w c:\windows\$NtServicePackUninstall$\scardsvr.exe
+ 2009-02-18 19:46:03 95,744 -c--a-w c:\windows\$NtServicePackUninstall$\scardsvr.exe
- 2004-08-04 07:56:55 54,272 -c----w c:\windows\$NtServicePackUninstall$\scrcons.exe
+ 2009-02-18 19:46:04 36,864 -c--a-w c:\windows\$NtServicePackUninstall$\scrcons.exe
- 2004-08-04 07:56:57 26,624 -c----w c:\windows\$NtServicePackUninstall$\scrnsave.scr
+ 2009-02-18 19:46:05 9,216 -c--a-w c:\windows\$NtServicePackUninstall$\scrnsave.scr
- 2004-08-04 07:56:55 94,720 -c----w c:\windows\$NtServicePackUninstall$\sdbinst.exe
+ 2009-02-18 19:46:05 77,312 -c--a-w c:\windows\$NtServicePackUninstall$\sdbinst.exe
- 2004-08-04 07:56:55 125,440 -c----w c:\windows\$NtServicePackUninstall$\services.exe
+ 2009-02-18 19:46:06 108,032 -c--a-w c:\windows\$NtServicePackUninstall$\services.exe
- 2004-08-04 07:56:56 158,208 -c----w c:\windows\$NtServicePackUninstall$\sessmgr.exe
+ 2009-02-18 19:46:07 140,800 -c--a-w c:\windows\$NtServicePackUninstall$\sessmgr.exe
- 2004-08-04 07:56:56 48,640 -c----w c:\windows\$NtServicePackUninstall$\sethc.exe
+ 2009-02-18 19:46:07 31,232 -c--a-w c:\windows\$NtServicePackUninstall$\sethc.exe
- 2004-08-04 07:56:56 40,448 -c----w c:\windows\$NtServicePackUninstall$\setup.exe
+ 2009-02-18 19:46:07 23,040 -c--a-w c:\windows\$NtServicePackUninstall$\setup.exe
- 2004-08-04 07:56:56 90,624 -c----w c:\windows\$NtServicePackUninstall$\setup50.exe
+ 2009-02-18 19:46:07 73,216 -c--a-w c:\windows\$NtServicePackUninstall$\setup50.exe
- 2004-08-04 07:56:56 59,904 -c----w c:\windows\$NtServicePackUninstall$\shmgrate.exe
+ 2009-02-18 19:46:10 42,496 -c--a-w c:\windows\$NtServicePackUninstall$\shmgrate.exe
- 2004-08-04 07:56:56 95,232 -c----w c:\windows\$NtServicePackUninstall$\shrpubw.exe
+ 2009-02-18 19:46:11 77,824 -c--a-w c:\windows\$NtServicePackUninstall$\shrpubw.exe
- 2004-08-04 07:56:56 36,917 -c----w c:\windows\$NtServicePackUninstall$\shtml.exe
+ 2009-02-18 19:46:11 16,384 -c--a-w c:\windows\$NtServicePackUninstall$\shtml.exe
- 2004-08-04 07:56:56 36,864 -c----w c:\windows\$NtServicePackUninstall$\shutdown.exe
+ 2009-02-18 19:46:11 19,456 -c--a-w c:\windows\$NtServicePackUninstall$\shutdown.exe
- 2004-08-04 07:56:56 87,552 -c----w c:\windows\$NtServicePackUninstall$\sigverif.exe
+ 2009-02-18 19:46:12 70,144 -c--a-w c:\windows\$NtServicePackUninstall$\sigverif.exe
- 2004-08-04 07:56:56 43,520 -c----w c:\windows\$NtServicePackUninstall$\skeys.exe
+ 2009-02-18 19:46:12 26,112 -c--a-w c:\windows\$NtServicePackUninstall$\skeys.exe
- 2004-08-04 07:56:56 53,346 -c----w c:\windows\$NtServicePackUninstall$\slrundll.exe
+ 2009-02-18 19:46:13 32,768 -c--a-w c:\windows\$NtServicePackUninstall$\slrundll.exe
- 2004-08-04 07:56:56 94,276 -c----w c:\windows\$NtServicePackUninstall$\slserv.exe
+ 2009-02-18 19:46:13 73,728 -c--a-w c:\windows\$NtServicePackUninstall$\slserv.exe
- 2004-08-04 07:56:56 25,600 -c----w c:\windows\$NtServicePackUninstall$\smbinst.exe
+ 2009-02-18 19:46:14 8,192 -c--a-w c:\windows\$NtServicePackUninstall$\smbinst.exe
- 2004-08-04 07:56:56 253,952 -c----w c:\windows\$NtServicePackUninstall$\smi2smir.exe
+ 2009-02-18 19:46:14 236,544 -c--a-w c:\windows\$NtServicePackUninstall$\smi2smir.exe
- 2004-08-04 07:56:56 107,008 -c----w c:\windows\$NtServicePackUninstall$\smlogsvc.exe
+ 2009-02-18 19:46:15 89,600 -c--a-w c:\windows\$NtServicePackUninstall$\smlogsvc.exe
- 2004-08-04 07:56:56 148,992 -c----w c:\windows\$NtServicePackUninstall$\sndrec32.exe
+ 2009-02-18 19:46:15 131,584 -c--a-w c:\windows\$NtServicePackUninstall$\sndrec32.exe
- 2004-08-04 07:56:56 50,176 -c----w c:\windows\$NtServicePackUninstall$\snmp.exe
+ 2009-02-18 19:46:16 32,768 -c--a-w c:\windows\$NtServicePackUninstall$\snmp.exe
- 2004-08-04 07:56:56 26,112 -c----w c:\windows\$NtServicePackUninstall$\snmptrap.exe
+ 2009-02-18 19:46:16 8,704 -c--a-w c:\windows\$NtServicePackUninstall$\snmptrap.exe
- 2002-08-29 12:00:00 40,960 -c----w c:\windows\$NtServicePackUninstall$\sort.exe
+ 2009-02-18 19:46:17 23,552 -c--a-w c:\windows\$NtServicePackUninstall$\sort.exe
- 2004-08-04 07:56:56 25,600 -c----w c:\windows\$NtServicePackUninstall$\spdwnwxp.exe
+ 2009-02-18 19:46:17 8,192 -c--a-w c:\windows\$NtServicePackUninstall$\spdwnwxp.exe
- 2004-08-04 07:56:57 556,032 -c----w c:\windows\$NtServicePackUninstall$\spider.exe
+ 2009-02-18 19:46:17 538,624 -c--a-w c:\windows\$NtServicePackUninstall$\spider.exe
- 2004-08-04 07:56:58 29,184 -c----w c:\windows\$NtServicePackUninstall$\spnpinst.exe
+ 2009-02-18 19:46:18 11,776 -c--a-w c:\windows\$NtServicePackUninstall$\spnpinst.exe
- 2005-06-10 23:53:32 75,264 -c----w c:\windows\$NtServicePackUninstall$\spoolsv.exe
+ 2009-02-18 19:46:18 57,856 -c--a-w c:\windows\$NtServicePackUninstall$\spoolsv.exe
- 2004-08-04 07:56:57 38,912 -c----w c:\windows\$NtServicePackUninstall$\spupdwxp.exe
+ 2009-02-18 19:46:19 21,504 -c--a-w c:\windows\$NtServicePackUninstall$\spupdwxp.exe
- 2004-08-04 07:56:57 724,992 -c----w c:\windows\$NtServicePackUninstall$\ss3dfo.scr
+ 2009-02-18 19:46:22 704,512 -c--a-w c:\windows\$NtServicePackUninstall$\ss3dfo.scr
- 2004-08-04 07:56:57 37,376 -c----w c:\windows\$NtServicePackUninstall$\ssbezier.scr
+ 2009-02-18 19:46:23 19,968 -c--a-w c:\windows\$NtServicePackUninstall$\ssbezier.scr
- 2004-08-04 07:56:57 413,696 -c----w c:\windows\$NtServicePackUninstall$\ssflwbox.scr
+ 2009-02-18 19:46:23 393,216 -c--a-w c:\windows\$NtServicePackUninstall$\ssflwbox.scr
- 2004-08-04 07:56:57 38,400 -c----w c:\windows\$NtServicePackUninstall$\ssmarque.scr
+ 2009-02-18 19:46:23 20,992 -c--a-w c:\windows\$NtServicePackUninstall$\ssmarque.scr
- 2004-08-04 07:56:57 64,512 -c----w c:\windows\$NtServicePackUninstall$\ssmypics.scr
+ 2009-02-18 19:46:24 47,104 -c--a-w c:\windows\$NtServicePackUninstall$\ssmypics.scr
- 2004-08-04 07:56:57 36,352 -c----w c:\windows\$NtServicePackUninstall$\ssmyst.scr
+ 2009-02-18 19:46:24 18,944 -c--a-w c:\windows\$NtServicePackUninstall$\ssmyst.scr
- 2004-08-04 07:56:57 630,784 -c----w c:\windows\$NtServicePackUninstall$\sspipes.scr
+ 2009-02-18 19:46:24 610,304 -c--a-w c:\windows\$NtServicePackUninstall$\sspipes.scr
- 2004-08-04 07:56:57 31,744 -c----w c:\windows\$NtServicePackUninstall$\ssstars.scr
+ 2009-02-18 19:46:24 14,336 -c--a-w c:\windows\$NtServicePackUninstall$\ssstars.scr
- 2004-08-04 07:56:57 700,416 -c----w c:\windows\$NtServicePackUninstall$\sstext3d.scr
+ 2009-02-18 19:46:24 679,936 -c--a-w c:\windows\$NtServicePackUninstall$\sstext3d.scr
- 2004-08-04 07:56:57 32,256 -c----w c:\windows\$NtServicePackUninstall$\stimon.exe
+ 2009-02-18 19:46:26 14,848 -c--a-w c:\windows\$NtServicePackUninstall$\stimon.exe
- 2004-08-04 07:56:57 36,929 -c----w c:\windows\$NtServicePackUninstall$\stub_fpsrvadm.exe
+ 2009-02-18 19:46:26 16,384 -c--a-w c:\windows\$NtServicePackUninstall$\stub_fpsrvadm.exe
- 2004-08-04 07:56:57 86,081 -c----w c:\windows\$NtServicePackUninstall$\stub_fpsrvwin.exe
+ 2009-02-18 19:46:26 65,536 -c--a-w c:\windows\$NtServicePackUninstall$\stub_fpsrvwin.exe
- 2004-08-04 07:56:57 31,744 -c----w c:\windows\$NtServicePackUninstall$\svchost.exe
+ 2009-02-18 19:46:26 14,336 -c--a-w c:\windows\$NtServicePackUninstall$\svchost.exe
- 2004-08-04 07:56:57 123,392 -c----w c:\windows\$NtServicePackUninstall$\sysocmgr.exe
+ 2009-02-18 19:46:28 105,984 -c--a-w c:\windows\$NtServicePackUninstall$\sysocmgr.exe
- 2004-08-04 07:56:57 153,088 -c----w c:\windows\$NtServicePackUninstall$\taskmgr.exe
+ 2009-02-18 19:46:30 135,680 -c--a-w c:\windows\$NtServicePackUninstall$\taskmgr.exe
- 2004-08-04 07:56:57 53,307 -c----w c:\windows\$NtServicePackUninstall$\tcptest.exe
+ 2009-02-18 19:46:31 32,768 -c--a-w c:\windows\$NtServicePackUninstall$\tcptest.exe
- 2005-05-10 23:45:48 93,184 -c----w c:\windows\$NtServicePackUninstall$\telnet.exe
+ 2009-02-18 19:46:32 75,776 -c--a-w c:\windows\$NtServicePackUninstall$\telnet.exe
- 2004-08-04 07:56:57 364,544 -c----w c:\windows\$NtServicePackUninstall$\tourstart.exe
+ 2009-02-18 19:46:33 347,136 -c--a-w c:\windows\$NtServicePackUninstall$\tourstart.exe
- 2004-08-04 07:56:57 364,544 -c----w c:\windows\$NtServicePackUninstall$\tourstrt.exe
+ 2009-02-18 19:46:33 347,136 -c--a-w c:\windows\$NtServicePackUninstall$\tourstrt.exe
- 2004-08-04 07:56:58 99,840 -c----w c:\windows\$NtServicePackUninstall$\tp4mon.exe
+ 2009-02-18 19:46:34 82,432 -c--a-w c:\windows\$NtServicePackUninstall$\tp4mon.exe
- 2004-08-04 07:56:57 29,696 -c----w c:\windows\$NtServicePackUninstall$\tracert.exe
+ 2009-02-18 19:46:34 12,288 -c--a-w c:\windows\$NtServicePackUninstall$\tracert.exe
- 2008-10-22 09:47:07 80,384 -c----w c:\windows\$NtServicePackUninstall$\tzchange.exe
+ 2009-02-18 19:46:36 62,976 -c--a-w c:\windows\$NtServicePackUninstall$\tzchange.exe
- 2004-08-04 07:56:57 167,936 -c----w c:\windows\$NtServicePackUninstall$\uploadm.exe
+ 2009-02-18 19:46:38 150,528 -c--a-w c:\windows\$NtServicePackUninstall$\uploadm.exe
- 2004-08-04 07:56:57 34,304 -c----w c:\windows\$NtServicePackUninstall$\upnpcont.exe
+ 2009-02-18 19:46:38 16,896 -c--a-w c:\windows\$NtServicePackUninstall$\upnpcont.exe
- 2004-08-04 07:56:57 35,840 -c----w c:\windows\$NtServicePackUninstall$\ups.exe
+ 2009-02-18 19:46:39 18,432 -c--a-w c:\windows\$NtServicePackUninstall$\ups.exe
- 2004-08-04 07:56:57 41,984 -c----w c:\windows\$NtServicePackUninstall$\userinit.exe
+ 2009-02-18 19:46:41 24,576 -c--a-w c:\windows\$NtServicePackUninstall$\userinit.exe
- 2004-08-04 07:56:57 67,584 -c----w c:\windows\$NtServicePackUninstall$\utilman.exe
+ 2009-02-18 19:46:41 50,176 -c--a-w c:\windows\$NtServicePackUninstall$\utilman.exe
- 2006-03-17 00:38:01 46,080 -c----w c:\windows\$NtServicePackUninstall$\verclsid.exe
+ 2009-02-18 19:46:42 28,672 -c--a-w c:\windows\$NtServicePackUninstall$\verclsid.exe
- 2004-08-04 07:56:57 307,200 -c----w c:\windows\$NtServicePackUninstall$\vssvc.exe
+ 2009-02-18 19:46:44 289,792 -c--a-w c:\windows\$NtServicePackUninstall$\vssvc.exe
- 2004-08-04 07:56:57 63,488 -c----w c:\windows\$NtServicePackUninstall$\wab.exe
+ 2009-02-18 19:46:45 46,080 -c--a-w c:\windows\$NtServicePackUninstall$\wab.exe
- 2004-08-04 07:56:57 47,616 -c----w c:\windows\$NtServicePackUninstall$\wabmig.exe
+ 2009-02-18 19:46:46 30,208 -c--a-w c:\windows\$NtServicePackUninstall$\wabmig.exe
- 2004-08-04 07:56:57 133,632 -c----w c:\windows\$NtServicePackUninstall$\wbemtest.exe
+ 2009-02-18 19:46:47 116,224 -c--a-w c:\windows\$NtServicePackUninstall$\wbemtest.exe
- 2004-08-04 07:56:57 82,944 -c----w c:\windows\$NtServicePackUninstall$\wextract.exe
+ 2009-02-18 19:46:49 65,536 -c--a-w c:\windows\$NtServicePackUninstall$\wextract.exe
- 2004-08-04 07:56:57 451,072 -c----w c:\windows\$NtServicePackUninstall$\wiaacmgr.exe
+ 2009-02-18 19:46:49 433,664 -c--a-w c:\windows\$NtServicePackUninstall$\wiaacmgr.exe
- 2004-08-04 07:56:57 301,056 -c----w c:\windows\$NtServicePackUninstall$\winhlp32.exe
+ 2009-02-18 19:46:51 283,648 -c--a-w c:\windows\$NtServicePackUninstall$\winhlp32.exe
- 2004-08-04 07:56:57 519,680 -c----w c:\windows\$NtServicePackUninstall$\winlogon.exe
+ 2009-02-18 19:46:52 502,272 -c--a-w c:\windows\$NtServicePackUninstall$\winlogon.exe
- 2004-08-04 07:56:57 23,040 -c----w c:\windows\$NtServicePackUninstall$\winver.exe
+ 2009-02-18 19:46:55 5,632 -c--a-w c:\windows\$NtServicePackUninstall$\winver.exe
- 2004-08-04 07:56:57 214,016 -c----w c:\windows\$NtServicePackUninstall$\wmiadap.exe
+ 2009-02-18 19:46:56 196,608 -c--a-w c:\windows\$NtServicePackUninstall$\wmiadap.exe
- 2004-08-04 07:56:57 143,872 -c----w c:\windows\$NtServicePackUninstall$\wmiapsrv.exe
+ 2009-02-18 19:46:57 126,464 -c--a-w c:\windows\$NtServicePackUninstall$\wmiapsrv.exe
- 2004-08-04 07:56:57 235,520 -c----w c:\windows\$NtServicePackUninstall$\wmiprvse.exe
+ 2009-02-18 19:46:58 218,112 -c--a-w c:\windows\$NtServicePackUninstall$\wmiprvse.exe
- 2004-08-04 07:56:57 231,936 -c----w c:\windows\$NtServicePackUninstall$\wordpad.exe
+ 2009-02-18 19:47:00 214,528 -c--a-w c:\windows\$NtServicePackUninstall$\wordpad.exe
- 2004-08-04 07:56:57 49,664 -c----w c:\windows\$NtServicePackUninstall$\wpabaln.exe
+ 2009-02-18 19:47:00 32,256 -c--a-w c:\windows\$NtServicePackUninstall$\wpabaln.exe
- 2004-08-04 07:56:57 49,664 -c----w c:\windows\$NtServicePackUninstall$\wpnpinst.exe
+ 2009-02-18 19:47:01 32,256 -c--a-w c:\windows\$NtServicePackUninstall$\wpnpinst.exe
- 2004-08-04 07:56:57 31,232 -c----w c:\windows\$NtServicePackUninstall$\wscntfy.exe
+ 2009-02-18 19:47:01 13,824 -c--a-w c:\windows\$NtServicePackUninstall$\wscntfy.exe
- 2004-08-04 07:56:57 135,168 -c----w c:\windows\$NtServicePackUninstall$\wscript.exe
+ 2009-02-18 19:47:01 114,688 -c--a-w c:\windows\$NtServicePackUninstall$\wscript.exe
- 2004-08-04 07:56:57 128,512 -c----w c:\windows\$NtServicePackUninstall$\wuauclt.exe
+ 2009-02-18 19:47:03 111,104 -c--a-w c:\windows\$NtServicePackUninstall$\wuauclt.exe
- 2004-08-04 07:56:57 183,296 -c----w c:\windows\$NtServicePackUninstall$\wuauclt1.exe
+ 2009-02-18 19:47:03 165,888 -c--a-w c:\windows\$NtServicePackUninstall$\wuauclt1.exe
- 2004-08-04 07:56:57 48,128 -c----w c:\windows\$NtServicePackUninstall$\xcopy.exe
+ 2009-02-18 19:47:06 30,720 -c--a-w c:\windows\$NtServicePackUninstall$\xcopy.exe
- 2003-08-01 20:14:58 117,760 -c----w c:\windows\$NtUninstallKB810217$\spuninst\spuninst.exe
+ 2009-02-18 19:47:11 100,352 -c--a-w c:\windows\$NtUninstallKB810217$\spuninst\spuninst.exe
- 2003-05-11 23:26:34 106,496 -c----w c:\windows\$NtUninstallKB821557$\spuninst\spuninst.exe
+ 2009-02-18 19:47:12 89,088 -c--a-w c:\windows\$NtUninstallKB821557$\spuninst\spuninst.exe
- 2003-07-14 15:42:18 117,760 -c----w c:\windows\$NtUninstallKB823182$\spuninst\spuninst.exe
+ 2009-02-18 19:47:12 100,352 -c--a-w c:\windows\$NtUninstallKB823182$\spuninst\spuninst.exe
- 2003-05-11 23:26:34 106,496 -c----w c:\windows\$NtUninstallKB823559$\spuninst\spuninst.exe
+ 2009-02-18 19:47:13 89,088 -c--a-w c:\windows\$NtUninstallKB823559$\spuninst\spuninst.exe
- 2003-05-11 23:26:34 106,496 -c----w c:\windows\$NtUninstallKB823980$\spuninst\spuninst.exe
+ 2009-02-18 19:47:14 89,088 -c--a-w c:\windows\$NtUninstallKB823980$\spuninst\spuninst.exe
- 2003-07-14 15:42:18 117,760 -c----w c:\windows\$NtUninstallKB824105$\spuninst\spuninst.exe
+ 2009-02-18 19:47:14 100,352 -c--a-w c:\windows\$NtUninstallKB824105$\spuninst\spuninst.exe
- 2003-09-17 19:19:40 158,208 -c----w c:\windows\$NtUninstallKB824141$\spuninst\spuninst.exe
+ 2009-02-18 19:47:15 140,800 -c--a-w c:\windows\$NtUninstallKB824141$\spuninst\spuninst.exe
- 2003-08-02 04:14:56 117,760 -c----w c:\windows\$NtUninstallKB824146$\spuninst\spuninst.exe
+ 2009-02-18 19:47:16 100,352 -c--a-w c:\windows\$NtUninstallKB824146$\spuninst\spuninst.exe
- 2003-08-01 19:14:58 117,760 -c----w c:\windows\$NtUninstallKB825119$\spuninst\spuninst.exe
+ 2009-02-18 19:47:16 100,352 -c--a-w c:\windows\$NtUninstallKB825119$\spuninst\spuninst.exe
- 2003-10-14 06:50:14 158,208 -c----w c:\windows\$NtUninstallKB828028$\spuninst\spuninst.exe
+ 2009-02-18 19:47:17 140,800 -c--a-w c:\windows\$NtUninstallKB828028$\spuninst\spuninst.exe
- 2003-09-17 19:19:40 158,208 -c----w c:\windows\$NtUninstallKB828035$\spuninst\spuninst.exe
+ 2009-02-18 19:47:17 140,800 -c--a-w c:\windows\$NtUninstallKB828035$\spuninst\spuninst.exe
- 2002-08-29 12:00:00 25,600 -c----w c:\windows\$NtUninstallKB828741$\comrepl.exe
+ 2009-02-18 19:47:18 8,192 -c--a-w c:\windows\$NtUninstallKB828741$\comrepl.exe
- 2004-01-10 05:11:06 158,208 -c----w c:\windows\$NtUninstallKB828741$\spuninst\spuninst.exe
+ 2009-02-18 19:47:20 140,800 -c--a-w c:\windows\$NtUninstallKB828741$\spuninst\spuninst.exe
- 2004-01-10 05:11:06 158,208 -c----w c:\windows\$NtUninstallKB833987$\spuninst\spuninst.exe
+ 2009-02-18 19:47:20 140,800 -c--a-w c:\windows\$NtUninstallKB833987$\spuninst\spuninst.exe
- 2002-08-29 12:00:00 759,808 -c----w c:\windows\$NtUninstallKB835732$\helpctr.exe
+ 2009-02-18 19:47:21 742,400 -c--a-w c:\windows\$NtUninstallKB835732$\helpctr.exe
- 2004-01-10 05:11:06 158,208 -c----w c:\windows\$NtUninstallKB835732$\spuninst\spuninst.exe
+ 2009-02-18 19:47:23 140,800 -c--a-w c:\windows\$NtUninstallKB835732$\spuninst\spuninst.exe
- 2004-01-10 05:11:06 158,208 -c----w c:\windows\$NtUninstallKB837001$\spuninst\spuninst.exe
+ 2009-02-18 19:47:27 140,800 -c--a-w c:\windows\$NtUninstallKB837001$\spuninst\spuninst.exe
- 2004-04-10 19:24:38 175,616 -c----w c:\windows\$NtUninstallKB839643$\spuninst\spuninst.exe
+ 2009-02-18 19:47:28 158,208 -c--a-w c:\windows\$NtUninstallKB839643$\spuninst\spuninst.exe
- 2004-01-10 05:11:06 158,208 -c----w c:\windows\$NtUninstallKB839645$\spuninst\spuninst.exe
+ 2009-02-18 19:47:29 140,800 -c--a-w c:\windows\$NtUninstallKB839645$\spuninst\spuninst.exe
- 2004-05-17 22:38:24 175,616 -c----w c:\windows\$NtUninstallKB840315$\spuninst\spuninst.exe
+ 2009-02-18 19:47:29 158,208 -c--a-w c:\windows\$NtUninstallKB840315$\spuninst\spuninst.exe
- 2004-03-30 01:34:15 758,784 -c----w c:\windows\$NtUninstallKB840374$\helpctr.exe
+ 2009-02-18 19:47:30 741,376 -c--a-w c:\windows\$NtUninstallKB840374$\helpctr.exe
- 2002-08-29 12:00:00 26,112 -c----w c:\windows\$NtUninstallKB840374$\hscupd.exe
+ 2009-02-18 19:47:31 8,704 -c--a-w c:\windows\$NtUninstallKB840374$\hscupd.exe
- 2004-04-10 19:24:40 175,616 -c----w c:\windows\$NtUninstallKB840374$\spuninst\spuninst.exe
+ 2009-02-18 19:47:31 158,208 -c--a-w c:\windows\$NtUninstallKB840374$\spuninst\spuninst.exe
- 2002-08-29 12:00:00 413,184 -c----w c:\windows\$NtUninstallKB840987$\ntvdm.exe
+ 2009-02-18 19:47:33 395,776 -c--a-w c:\windows\$NtUninstallKB840987$\ntvdm.exe
- 2004-09-19 21:22:04 187,392 -c----w c:\windows\$NtUninstallKB840987$\spuninst\spuninst.exe
+ 2009-02-18 19:47:34 169,984 -c--a-w c:\windows\$NtUninstallKB840987$\spuninst\spuninst.exe
- 2002-08-29 12:00:00 55,296 -c----w c:\windows\$NtUninstallKB841356$\grpconv.exe
+ 2009-02-18 19:47:35 37,888 -c--a-w c:\windows\$NtUninstallKB841356$\grpconv.exe
- 2004-09-19 21:22:04 187,392 -c----w c:\windows\$NtUninstallKB841356$\spuninst\spuninst.exe
+ 2009-02-18 19:47:36 169,984 -c--a-w c:\windows\$NtUninstallKB841356$\spuninst\spuninst.exe
- 2002-08-29 12:00:00 123,392 -c----w c:\windows\$NtUninstallKB841533$\netdde.exe
+ 2009-02-18 19:47:36 105,984 -c--a-w c:\windows\$NtUninstallKB841533$\netdde.exe
- 2004-09-19 21:22:04 187,392 -c----w c:\windows\$NtUninstallKB841533$\spuninst\spuninst.exe
+ 2009-02-18 19:47:37 169,984 -c--a-w c:\windows\$NtUninstallKB841533$\spuninst\spuninst.exe
- 2002-08-29 12:00:00 534,016 -c----w c:\windows\$NtUninstallKB841533$\winlogon.exe
+ 2009-02-18 19:47:37 516,608 -c--a-w c:\windows\$NtUninstallKB841533$\winlogon.exe
- 2002-08-29 12:00:00 27,136 -c----w c:\windows\$NtUninstallKB841873$\mstinit.exe
+ 2009-02-18 19:47:37 9,728 -c--a-w c:\windows\$NtUninstallKB841873$\mstinit.exe
- 2004-05-17 22:38:24 175,616 -c----w c:\windows\$NtUninstallKB841873$\spuninst\spuninst.exe
+ 2009-02-18 19:47:38 158,208 -c--a-w c:\windows\$NtUninstallKB841873$\spuninst\spuninst.exe
- 2004-05-17 22:38:24 175,616 -c----w c:\windows\$NtUninstallKB842773$\spuninst\spuninst.exe
+ 2009-02-18 19:47:40 158,208 -c--a-w c:\windows\$NtUninstallKB842773$\spuninst\spuninst.exe
- 2004-10-14 19:24:18 187,392 -c----w c:\windows\$NtUninstallKB871250$\spuninst\spuninst.exe
+ 2009-02-18 19:47:41 169,984 -c--a-w c:\windows\$NtUninstallKB871250$\spuninst\spuninst.exe
- 2004-12-01 04:22:42 187,392 -c----w c:\windows\$NtUninstallKB873333$\spuninst\spuninst.exe
+ 2009-02-18 19:47:42 169,984 -c--a-w c:\windows\$NtUninstallKB873333$\spuninst\spuninst.exe
- 2004-12-01 04:22:42 187,392 -c----w c:\windows\$NtUninstallKB873333_0$\spuninst\spuninst.exe
+ 2009-02-18 19:47:43 169,984 -c--a-w c:\windows\$NtUninstallKB873333_0$\spuninst\spuninst.exe
- 2004-10-14 18:36:18 187,392 -c----w c:\windows\$NtUninstallKB873339$\spuninst\spuninst.exe
+ 2009-02-18 19:47:44 169,984 -c--a-w c:\windows\$NtUninstallKB873339$\spuninst\spuninst.exe
- 2004-10-14 18:36:18 187,392 -c----w c:\windows\$NtUninstallKB873339_0$\spuninst\spuninst.exe
+ 2009-02-18 19:47:44 169,984 -c--a-w c:\windows\$NtUninstallKB873339_0$\spuninst\spuninst.exe
- 2004-09-19 21:22:04 187,392 -c----w c:\windows\$NtUninstallKB873376$\spuninst\spuninst.exe
+ 2009-02-18 19:47:45 169,984 -c--a-w c:\windows\$NtUninstallKB873376$\spuninst\spuninst.exe
- 2004-12-01 04:22:42 187,392 -c----w c:\windows\$NtUninstallKB885250$\spuninst\spuninst.exe
+ 2009-02-18 19:47:46 169,984 -c--a-w c:\windows\$NtUninstallKB885250$\spuninst\spuninst.exe
- 2004-12-01 04:22:42 187,392 -c----w c:\windows\$NtUninstallKB885250_0$\spuninst\spuninst.exe
+ 2009-02-18 19:47:47 169,984 -c--a-w c:\windows\$NtUninstallKB885250_0$\spuninst\spuninst.exe
- 2004-10-14 19:36:18 187,392 -c----w c:\windows\$NtUninstallKB885835$\spuninst\spuninst.exe
+ 2009-02-18 19:47:48 169,984 -c--a-w c:\windows\$NtUninstallKB885835$\spuninst\spuninst.exe
- 2004-10-14 19:36:18 187,392 -c----w c:\windows\$NtUninstallKB885835_0$\spuninst\spuninst.exe
+ 2009-02-18 19:47:51 169,984 -c--a-w c:\windows\$NtUninstallKB885835_0$\spuninst\spuninst.exe
- 2004-10-14 19:36:18 187,392 -c----w c:\windows\$NtUninstallKB885836$\spuninst\spuninst.exe
+ 2009-02-18 19:47:52 169,984 -c--a-w c:\windows\$NtUninstallKB885836$\spuninst\spuninst.exe
- 2004-10-14 19:36:18 187,392 -c----w c:\windows\$NtUninstallKB885836_0$\spuninst\spuninst.exe
+ 2009-02-18 19:47:53 169,984 -c--a-w c:\windows\$NtUninstallKB885836_0$\spuninst\spuninst.exe
- 2002-08-29 12:00:00 218,112 -c----w c:\windows\$NtUninstallKB885836_0$\wordpad.exe
+ 2009-02-18 19:47:52 200,704 -c--a-w c:\windows\$NtUninstallKB885836_0$\wordpad.exe
- 2004-09-19 20:21:24 187,392 -c----w c:\windows\$NtUninstallKB885884$\spuninst\spuninst.exe
+ 2009-02-18 19:47:53 169,984 -c--a-w c:\windows\$NtUninstallKB885884$\spuninst\spuninst.exe
- 2004-10-14 18:36:16 187,392 -c----w c:\windows\$NtUninstallKB886185$\spuninst\spuninst.exe
+ 2009-02-18 19:47:54 169,984 -c--a-w c:\windows\$NtUninstallKB886185$\spuninst\spuninst.exe
- 2004-08-04 07:56:53 1,684,992 -c----w c:\windows\$NtUninstallKB887472$\msmsgs.exe
+ 2009-02-18 19:47:54 1,667,584 -c--a-w c:\windows\$NtUninstallKB887472$\msmsgs.exe
- 2004-10-14 18:36:18 187,392 -c----w c:\windows\$NtUninstallKB887472$\spuninst\spuninst.exe
+ 2009-02-18 19:47:55 169,984 -c--a-w c:\windows\$NtUninstallKB887472$\spuninst\spuninst.exe
- 2004-10-14 17:36:18 187,392 -c----w c:\windows\$NtUninstallKB887742$\spuninst\spuninst.exe
+ 2009-02-18 19:47:56 169,984 -c--a-w c:\windows\$NtUninstallKB887742$\spuninst\spuninst.exe
- 2004-10-14 18:36:18 187,392 -c----w c:\windows\$NtUninstallKB888113$\spuninst\spuninst.exe
+ 2009-02-18 19:47:56 169,984 -c--a-w c:\windows\$NtUninstallKB888113$\spuninst\spuninst.exe
- 2004-10-14 18:36:18 187,392 -c----w c:\windows\$NtUninstallKB888113_0$\spuninst\spuninst.exe
+ 2009-02-18 19:47:57 169,984 -c--a-w c:\windows\$NtUninstallKB888113_0$\spuninst\spuninst.exe
- 2004-12-01 04:22:42 187,392 -c----w c:\windows\$NtUninstallKB888302$\spuninst\spuninst.exe
+ 2009-02-18 19:47:57 169,984 -c--a-w c:\windows\$NtUninstallKB888302$\spuninst\spuninst.exe
- 2004-12-01 04:22:42 187,392 -c----w c:\windows\$NtUninstallKB888302_0$\spuninst\spuninst.exe
+ 2009-02-18 19:47:58 169,984 -c--a-w c:\windows\$NtUninstallKB888302_0$\spuninst\spuninst.exe
- 2004-12-01 04:22:42 187,392 -c----w c:\windows\$NtUninstallKB890047$\spuninst\spuninst.exe
+ 2009-02-18 19:47:59 169,984 -c--a-w c:\windows\$NtUninstallKB890047$\spuninst\spuninst.exe
- 2004-12-01 04:22:42 187,392 -c----w c:\windows\$NtUninstallKB890047_0$\spuninst\spuninst.exe
+ 2009-02-18 19:48:01 169,984 -c--a-w c:\windows\$NtUninstallKB890047_0$\spuninst\spuninst.exe
- 2004-12-01 04:22:42 187,392 -c----w c:\windows\$NtUninstallKB890175$\spuninst\spuninst.exe
+ 2009-02-18 19:48:01 169,984 -c--a-w c:\windows\$NtUninstallKB890175$\spuninst\spuninst.exe
- 2004-12-01 04:22:42 187,392 -c----w c:\windows\$NtUninstallKB890175_0$\spuninst\spuninst.exe
+ 2009-02-18 19:48:02 169,984 -c--a-w c:\windows\$NtUninstallKB890175_0$\spuninst\spuninst.exe
- 2004-12-01 05:48:24 187,392 -c----w c:\windows\$NtUninstallKB891711$\spuninst\spuninst.exe
+ 2009-02-18 19:48:10 169,984 -c--a-w c:\windows\$NtUninstallKB891711$\spuninst\spuninst.exe
- 2004-12-01 04:22:42 187,392 -c----w c:\windows\$NtUninstallKB891781$\spuninst\spuninst.exe
+ 2009-02-18 19:48:10 169,984 -c--a-w c:\windows\$NtUninstallKB891781$\spuninst\spuninst.exe
- 2004-12-01 04:22:42 187,392 -c----w c:\windows\$NtUninstallKB891781_0$\spuninst\spuninst.exe
+ 2009-02-18 19:48:11 169,984 -c--a-w c:\windows\$NtUninstallKB891781_0$\spuninst\spuninst.exe
- 2004-08-04 07:56:50 28,160 -c----w c:\windows\$NtUninstallKB896358$\hh.exe
+ 2009-02-18 19:48:17 10,752 -c--a-w c:\windows\$NtUninstallKB896358$\hh.exe
- 2002-09-22 04:13:26 28,160 -c----w c:\windows\$NtUninstallKB896358_0$\hh.exe
+ 2009-02-18 19:48:18 10,752 -c--a-w c:\windows\$NtUninstallKB896358_0$\hh.exe
- 2004-08-04 07:56:57 75,264 -c----w c:\windows\$NtUninstallKB896423$\spoolsv.exe
+ 2009-02-18 19:48:20 57,856 -c--a-w c:\windows\$NtUninstallKB896423$\spoolsv.exe
- 2002-08-29 12:00:00 68,608 -c----w c:\windows\$NtUninstallKB896423_0$\spoolsv.exe
+ 2009-02-18 19:48:21 51,200 -c--a-w c:\windows\$NtUninstallKB896423_0$\spoolsv.exe
- 2004-08-04 07:56:57 92,672 -c----w c:\windows\$NtUninstallKB896428$\telnet.exe
+ 2009-02-18 19:48:23 75,264 -c--a-w c:\windows\$NtUninstallKB896428$\telnet.exe
- 2002-08-29 12:00:00 88,576 -c----w c:\windows\$NtUninstallKB896428_0$\telnet.exe
+ 2009-02-18 19:48:23 71,168 -c--a-w c:\windows\$NtUninstallKB896428_0$\telnet.exe
- 2005-07-02 23:33:10 35,840 -c----w c:\windows\$NtUninstallKB896688$\iedw.exe
+ 2009-02-18 19:48:25 18,432 -c--a-w c:\windows\$NtUninstallKB896688$\iedw.exe
- 2004-08-04 07:56:50 35,840 -c----w c:\windows\$NtUninstallKB896727$\iedw.exe
+ 2009-02-18 19:48:28 18,432 -c--a-w c:\windows\$NtUninstallKB896727$\iedw.exe
- 2001-12-07 17:32:04 1,101,824 -c----w c:\windows\$NtUninstallKB898458$\orun32.exe
+ 2009-02-18 19:48:33 1,081,344 -c--a-w c:\windows\$NtUninstallKB898458$\orun32.exe
- 2005-09-02 21:50:39 35,840 -c----w c:\windows\$NtUninstallKB905915$\iedw.exe
+ 2009-02-18 19:48:46 18,432 -c--a-w c:\windows\$NtUninstallKB905915$\iedw.exe
- 2005-10-21 01:45:40 35,840 -c----w c:\windows\$NtUninstallKB912812$\iedw.exe
+ 2009-02-18 19:48:56 18,432 -c--a-w c:\windows\$NtUninstallKB912812$\iedw.exe
- 2006-03-04 00:39:06 35,840 -c----w c:\windows\$NtUninstallKB916281$\iedw.exe
+ 2009-02-18 19:49:05 18,432 -c--a-w c:\windows\$NtUninstallKB916281$\iedw.exe
- 2006-05-09 11:00:37 35,840 -c----w c:\windows\$NtUninstallKB918899$\iedw.exe
+ 2009-02-18 19:49:14 18,432 -c--a-w c:\windows\$NtUninstallKB918899$\iedw.exe
- 2004-08-04 07:56:47 273,920 -c----w c:\windows\$NtUninstallKB920213$\agentsvr.exe
+ 2009-02-18 19:49:18 256,512 -c--a-w c:\windows\$NtUninstallKB920213$\agentsvr.exe
- 2004-08-04 07:56:49 39,936 -c----w c:\windows\$NtUninstallKB922582$\fltmc.exe
+ 2009-02-18 19:49:23 22,528 -c--a-w c:\windows\$NtUninstallKB922582$\fltmc.exe
- 2006-06-23 08:35:52 35,840 -c----w c:\windows\$NtUninstallKB922760$\iedw.exe
+ 2009-02-18 19:49:25 18,432 -c--a-w c:\windows\$NtUninstallKB922760$\iedw.exe
- 2005-05-04 22:33:52 1,097,792 -c----w c:\windows\$NtUninstallKB923723$\orun32.exe
+ 2009-02-18 19:49:32 1,077,248 -c--a-w c:\windows\$NtUninstallKB923723$\orun32.exe
- 2007-01-29 08:58:06 77,824 -c----w c:\windows\$NtUninstallKB933360$\tzchange.exe
+ 2009-02-18 19:49:55 60,416 -c--a-w c:\windows\$NtUninstallKB933360$\tzchange.exe
- 2004-08-04 07:56:49 1,049,600 -c----w c:\windows\$NtUninstallKB938828$\explorer.exe
+ 2009-02-18 19:50:01 1,032,192 -c--a-w c:\windows\$NtUninstallKB938828$\explorer.exe
- 2006-11-02 02:31:34 333,312 -c----w c:\windows\$NtUninstallKB939683$\unregmp2.exe
+ 2009-02-18 19:50:03 315,904 -c--a-w c:\windows\$NtUninstallKB939683$\unregmp2.exe
- 2007-07-18 12:42:22 77,824 -c----w c:\windows\$NtUninstallKB942763$\tzchange.exe
+ 2009-02-18 19:50:07 60,416 -c--a-w c:\windows\$NtUninstallKB942763$\tzchange.exe
- 2007-11-13 11:31:11 77,824 -c----w c:\windows\$NtUninstallKB951072-v2$\tzchange.exe
+ 2009-02-18 19:50:21 60,416 -c--a-w c:\windows\$NtUninstallKB951072-v2$\tzchange.exe
- 2008-04-14 00:12:15 159,744 -c----w c:\windows\$NtUninstallKB951978$\cscript.exe
+ 2009-02-18 19:50:28 139,264 -c--a-w c:\windows\$NtUninstallKB951978$\cscript.exe
- 2008-04-14 00:12:41 176,128 -c----w c:\windows\$NtUninstallKB951978$\wscript.exe
+ 2009-02-18 19:50:30 155,648 -c--a-w c:\windows\$NtUninstallKB951978$\wscript.exe
- 2006-10-19 04:03:58 118,272 -c----w c:\windows\$NtUninstallKB952069_WM9$\logagent.exe
+ 2009-02-18 19:50:30 100,864 -c--a-w c:\windows\$NtUninstallKB952069_WM9$\logagent.exe
- 2008-07-14 11:09:18 80,384 -c----w c:\windows\$NtUninstallKB955839$\tzchange.exe
+ 2009-02-18 19:50:41 62,976 -c--a-w c:\windows\$NtUninstallKB955839$\tzchange.exe
- 2002-11-14 18:04:54 104,448 -c--a-w c:\windows\$NtUninstallQ327979$\spuninst\spuninst.exe
+ 2009-02-18 19:50:55 87,040 -c--a-w c:\windows\$NtUninstallQ327979$\spuninst\spuninst.exe
- 2002-11-14 17:04:54 104,448 -c----w c:\windows\$NtUninstallQ328310$\spuninst\spuninst.exe
+ 2009-02-18 19:50:56 87,040 -c--a-w c:\windows\$NtUninstallQ328310$\spuninst\spuninst.exe
- 2002-09-21 20:44:06 63,488 -c--a-w c:\windows\$NtUninstallQ329048$\spuninst\spuninst.exe
+ 2009-02-18 19:50:56 46,080 -c--a-w c:\windows\$NtUninstallQ329048$\spuninst\spuninst.exe
- 2002-09-21 20:44:06 63,488 -c--a-w c:\windows\$NtUninstallq329112$\spuninst\spuninst.exe
+ 2009-02-18 19:50:56 46,080 -c--a-w c:\windows\$NtUninstallq329112$\spuninst\spuninst.exe
- 2002-09-21 19:44:06 63,488 -c----w c:\windows\$NtUninstallQ329115$\spuninst\spuninst.exe
+ 2009-02-18 19:50:57 46,080 -c--a-w c:\windows\$NtUninstallQ329115$\spuninst\spuninst.exe
- 2002-12-17 20:32:14 104,448 -c----w c:\windows\$NtUninstallQ329170$\spuninst\spuninst.exe
+ 2009-02-18 19:50:57 87,040 -c--a-w c:\windows\$NtUninstallQ329170$\spuninst\spuninst.exe
- 2002-09-21 19:44:06 63,488 -c----w c:\windows\$NtUninstallQ329390$\spuninst\spuninst.exe
+ 2009-02-18 19:50:58 46,080 -c--a-w c:\windows\$NtUninstallQ329390$\spuninst\spuninst.exe
- 2002-11-14 17:04:54 104,448 -c----w c:\windows\$NtUninstallQ329441$\spuninst\spuninst.exe
+ 2009-02-18 19:50:58 87,040 -c--a-w c:\windows\$NtUninstallQ329441$\spuninst\spuninst.exe
- 2002-09-21 19:44:06 63,488 -c----w c:\windows\$NtUninstallQ329834$\spuninst\spuninst.exe
+ 2009-02-18 19:50:58 46,080 -c--a-w c:\windows\$NtUninstallQ329834$\spuninst\spuninst.exe
- 2002-11-07 18:59:18 104,448 -c----w c:\windows\$NtUninstallQ331953$\spuninst\spuninst.exe
+ 2009-02-18 19:50:59 87,040 -c--a-w c:\windows\$NtUninstallQ331953$\spuninst\spuninst.exe
- 2002-08-29 12:00:00 196,608 -c----w c:\windows\$NtUninstallQ810565$\accwiz.exe
+ 2009-02-18 19:50:59 179,200 -c--a-w c:\windows\$NtUninstallQ810565$\accwiz.exe
- 2002-08-29 12:00:00 84,992 -c----w c:\windows\$NtUninstallQ810565$\magnify.exe
+ 2009-02-18 19:51:00 67,584 -c--a-w c:\windows\$NtUninstallQ810565$\magnify.exe
- 2002-08-29 12:00:00 247,808 -c----w c:\windows\$NtUninstallQ810565$\migwiz.exe
+ 2009-02-18 19:51:00 230,400 -c--a-w c:\windows\$NtUninstallQ810565$\migwiz.exe
- 2002-08-29 12:00:00 68,608 -c----w c:\windows\$NtUninstallQ810565$\narrator.exe
+ 2009-02-18 19:51:00 51,200 -c--a-w c:\windows\$NtUninstallQ810565$\narrator.exe
- 2002-08-29 12:00:00 229,888 -c----w c:\windows\$NtUninstallQ810565$\osk.exe
+ 2009-02-18 19:51:00 212,480 -c--a-w c:\windows\$NtUninstallQ810565$\osk.exe
- 2002-11-14 17:04:54 104,448 -c----w c:\windows\$NtUninstallQ810565$\spuninst\spuninst.exe
+ 2009-02-18 19:51:02 87,040 -c--a-w c:\windows\$NtUninstallQ810565$\spuninst\spuninst.exe
- 2002-11-14 17:04:54 104,448 -c----w c:\windows\$NtUninstallQ810577$\spuninst\spuninst.exe
+ 2009-02-18 19:51:03 87,040 -c--a-w c:\windows\$NtUninstallQ810577$\spuninst\spuninst.exe
- 2002-08-29 12:00:00 85,504 -c----w c:\windows\$NtUninstallQ810833$\locator.exe
+ 2009-02-18 19:51:03 68,096 -c--a-w c:\windows\$NtUninstallQ810833$\locator.exe
- 2002-11-14 17:04:54 104,448 -c----w c:\windows\$NtUninstallQ810833$\spuninst\spuninst.exe
+ 2009-02-18 19:51:03 87,040 -c--a-w c:\windows\$NtUninstallQ810833$\spuninst\spuninst.exe
- 2003-03-21 23:56:52 106,496 -c----w c:\windows\$NtUninstallQ811493$\spuninst\spuninst.exe
+ 2009-02-18 19:51:05 89,088 -c--a-w c:\windows\$NtUninstallQ811493$\spuninst\spuninst.exe
- 2002-12-17 20:32:14 104,448 -c----w c:\windows\$NtUninstallQ814033$\spuninst\spuninst.exe
+ 2009-02-18 19:51:06 87,040 -c--a-w c:\windows\$NtUninstallQ814033$\spuninst\spuninst.exe
- 2003-03-21 23:56:52 106,496 -c----w c:\windows\$NtUninstallQ815021$\spuninst\spuninst.exe
+ 2009-02-18 19:51:06 89,088 -c--a-w c:\windows\$NtUninstallQ815021$\spuninst\spuninst.exe
- 2003-03-21 22:56:52 106,496 -c----w c:\windows\$NtUninstallQ817287$\spuninst\spuninst.exe
+ 2009-02-18 19:51:07 89,088 -c--a-w c:\windows\$NtUninstallQ817287$\spuninst\spuninst.exe
- 2003-03-21 22:56:52 106,496 -c----w c:\windows\$NtUninstallQ817606$\spuninst\spuninst.exe
+ 2009-02-18 19:51:07 89,088 -c--a-w c:\windows\$NtUninstallQ817606$\spuninst\spuninst.exe
- 2003-05-11 23:26:34 106,496 -c----w c:\windows\$NtUninstallQ819696$\spuninst\spuninst.exe
+ 2009-02-18 19:51:08 89,088 -c--a-w c:\windows\$NtUninstallQ819696$\spuninst\spuninst.exe
- 2003-08-18 12:24:52 155,648 -c----w c:\windows\$NtUninstallQ828026$\spuninst\spuninst.exe
+ 2009-02-18 19:51:09 138,240 -c--a-w c:\windows\$NtUninstallQ828026$\spuninst\spuninst.exe
- 2004-08-11 08:45:04 114,176 -c----w c:\windows\$NtUninstallWMFDist11$\logagent.exe
+ 2009-02-18 19:51:10 96,768 -c--a-w c:\windows\$NtUninstallWMFDist11$\logagent.exe
- 2004-08-11 08:45:04 64,512 -c----w c:\windows\$NtUninstallWMFDist11$\uwdf.exe
+ 2009-02-18 19:51:11 47,104 -c--a-w c:\windows\$NtUninstallWMFDist11$\uwdf.exe
- 2004-08-11 08:45:04 56,320 -c----w c:\windows\$NtUninstallWMFDist11$\wdfmgr.exe
+ 2009-02-18 19:51:12 38,912 -c--a-w c:\windows\$NtUninstallWMFDist11$\wdfmgr.exe
- 2004-08-11 08:45:06 839,680 -c----w c:\windows\$NtUninstallWMFDist11$\wmsetsdk.exe
+ 2009-02-18 19:51:14 819,200 -c--a-w c:\windows\$NtUninstallWMFDist11$\wmsetsdk.exe
- 2004-08-11 08:45:04 839,680 -c----w c:\windows\$NtUninstallwmp11$\setup_wm.exe
+ 2009-02-18 19:51:18 819,200 -c--a-w c:\windows\$NtUninstallwmp11$\setup_wm.exe
- 2004-08-11 08:45:04 212,992 -c----w c:\windows\$NtUninstallwmp11$\unregmp2.exe
+ 2009-02-18 19:51:19 192,512 -c--a-w c:\windows\$NtUninstallwmp11$\unregmp2.exe
- 2004-08-11 08:45:04 143,360 -c----w c:\windows\$NtUninstallwmp11$\wmlaunch.exe
+ 2009-02-18 19:51:19 122,880 -c--a-w c:\windows\$NtUninstallwmp11$\wmlaunch.exe
- 2004-08-11 08:45:04 49,152 -c----w c:\windows\$NtUninstallwmp11$\wmpenc.exe
+ 2009-02-18 19:51:20 28,672 -c--a-w c:\windows\$NtUninstallwmp11$\wmpenc.exe
- 2004-08-11 08:45:04 94,208 -c----w c:\windows\$NtUninstallwmp11$\wmplayer.exe
+ 2009-02-18 19:51:21 73,728 -c--a-w c:\windows\$NtUninstallwmp11$\wmplayer.exe
- 2002-11-25 19:20:00 76,288 -c--a-w c:\windows\agrsmdel.exe
+ 2009-02-18 19:34:14 58,880 -c--a-w c:\windows\agrsmdel.exe
- 2003-01-07 09:56:12 345,088 -c--a-w c:\windows\delmsbb.exe
+ 2009-02-18 19:34:15 327,680 -c--a-w c:\windows\delmsbb.exe
- 2006-06-19 23:02:55 294,913 -c--a-w c:\windows\Downloaded Installations\{54C0D94A-F467-4ABC-9D02-6E58748668D4}\iTunesSetup.exe
+ 2009-02-18 19:51:38 274,432 -c--a-w c:\windows\Downloaded Installations\{54C0D94A-F467-4ABC-9D02-6E58748668D4}\iTunesSetup.exe
- 2005-10-21 04:02:28 184,320 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE
+ 2009-02-18 19:51:51 166,912 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE
- 2002-08-29 12:00:00 1,021,440 -c--a-w c:\windows\explorer(2).exe
+ 2009-02-18 19:34:15 1,004,032 -c--a-w c:\windows\explorer(2).exe
- 2000-08-31 16:00:00 109,984 ----a-w c:\windows\fdsv.exe
+ 2000-08-31 16:00:00 89,504 ----a-w c:\windows\fdsv.exe
- 2000-08-31 16:00:00 97,820 ----a-w c:\windows\grep.exe
+ 2000-08-31 16:00:00 80,412 ----a-w c:\windows\grep.exe
- 2008-04-14 00:12:21 28,160 ----a-w c:\windows\hh.exe
+ 2009-02-18 19:34:17 10,752 ----a-w c:\windows\hh.exe
- 2002-08-29 12:00:00 33,280 -c--a-w c:\windows\I386\EXPAND.EXE
+ 2009-02-18 19:59:19 15,872 -c--a-w c:\windows\I386\EXPAND.EXE
- 2002-08-29 12:00:00 345,088 -c--a-w c:\windows\I386\NETSETUP.EXE
+ 2009-02-18 20:01:56 327,680 -c--a-w c:\windows\I386\NETSETUP.EXE
- 2002-08-29 12:00:00 49,152 -c--a-w c:\windows\I386\NTSD.EXE
+ 2009-02-18 20:02:23 31,744 -c--a-w c:\windows\I386\NTSD.EXE
- 2002-08-29 12:00:00 151,552 -c--a-w c:\windows\I386\REGEDIT.EXE
+ 2009-02-18 20:03:13 134,144 -c--a-w c:\windows\I386\REGEDIT.EXE
- 2002-08-29 12:00:00 262,144 -c--a-w c:\windows\I386\SYSPARSE.EXE
+ 2009-02-18 20:04:03 244,736 -c--a-w c:\windows\I386\SYSPARSE.EXE
- 2002-08-29 12:00:00 88,576 -c--a-w c:\windows\I386\TELNET.EXE
+ 2009-02-18 20:04:12 71,168 -c--a-w c:\windows\I386\TELNET.EXE
- 2002-08-29 12:00:00 63,488 -c--a-w c:\windows\I386\WINNT32.EXE
+ 2009-02-18 20:05:16 46,080 -c--a-w c:\windows\I386\WINNT32.EXE
- 2004-08-04 07:56:50 51,712 -c--a-w c:\windows\ie7\ie4uinit.exe
+ 2009-02-18 20:08:55 34,304 -c--a-w c:\windows\ie7\ie4uinit.exe
- 2006-09-13 08:52:55 35,840 -c--a-w c:\windows\ie7\iedw.exe
+ 2009-02-18 20:08:56 18,432 -c--a-w c:\windows\ie7\iedw.exe
- 2004-08-04 07:56:50 110,592 -c--a-w c:\windows\ie7\iexplore.exe
+ 2009-02-18 20:09:00 93,184 -c--a-w c:\windows\ie7\iexplore.exe
- 2004-08-04 07:56:53 46,592 -c--a-w c:\windows\ie7\mshta.exe
+ 2009-02-18 20:09:01 29,184 -c--a-w c:\windows\ie7\mshta.exe
- 2006-11-08 05:01:06 83,456 -c--a-w c:\windows\ie7\spuninst\ieResetIcons.exe
+ 2009-02-18 20:09:37 66,048 -c--a-w c:\windows\ie7\spuninst\ieResetIcons.exe
- 2006-11-07 11:26:28 72,192 -c----w c:\windows\ie7updates\KB928090-IE7\ie4uinit.exe
+ 2009-02-18 20:09:38 54,784 -c--a-w c:\windows\ie7updates\KB928090-IE7\ie4uinit.exe
- 2006-11-07 11:26:32 30,720 -c----w c:\windows\ie7updates\KB928090-IE7\ieudinit.exe
+ 2009-02-18 20:09:40 13,312 -c--a-w c:\windows\ie7updates\KB928090-IE7\ieudinit.exe
- 2006-10-17 20:04:40 639,488 -c----w c:\windows\ie7updates\KB928090-IE7\iexplore.exe
+ 2009-02-18 20:09:40 622,080 -c--a-w c:\windows\ie7updates\KB928090-IE7\iexplore.exe
- 2007-01-09 02:08:14 74,240 -c----w c:\windows\ie7updates\KB931768-IE7\ie4uinit.exe
+ 2009-02-18 20:09:44 56,832 -c--a-w c:\windows\ie7updates\KB931768-IE7\ie4uinit.exe
- 2007-01-09 02:08:10 31,232 -c----w c:\windows\ie7updates\KB931768-IE7\ieudinit.exe
+ 2009-02-18 20:09:46 13,824 -c--a-w c:\windows\ie7updates\KB931768-IE7\ieudinit.exe
- 2007-01-09 02:08:42 641,024 -c----w c:\windows\ie7updates\KB931768-IE7\iexplore.exe
+ 2009-02-18 20:09:46 623,616 -c--a-w c:\windows\ie7updates\KB931768-IE7\iexplore.exe
- 2007-03-07 08:28:17 74,240 -c----w c:\windows\ie7updates\KB933566-IE7\ie4uinit.exe
+ 2009-02-18 20:09:49 56,832 -c--a-w c:\windows\ie7updates\KB933566-IE7\ie4uinit.exe
- 2007-02-27 08:20:47 31,232 -c----w c:\windows\ie7updates\KB933566-IE7\ieudinit.exe
+ 2009-02-18 20:09:51 13,824 -c--a-w c:\windows\ie7updates\KB933566-IE7\ieudinit.exe
- 2007-02-21 08:00:58 641,024 -c----w c:\windows\ie7updates\KB933566-IE7\iexplore.exe
+ 2009-02-18 20:09:51 623,616 -c--a-w c:\windows\ie7updates\KB933566-IE7\iexplore.exe
- 2007-04-24 14:26:20 74,240 -c----w c:\windows\ie7updates\KB937143-IE7\ie4uinit.exe
+ 2009-02-18 20:09:55 56,832 -c--a-w c:\windows\ie7updates\KB937143-IE7\ie4uinit.exe
- 2007-04-24 14:26:20 31,232 -c----w c:\windows\ie7updates\KB937143-IE7\ieudinit.exe
+ 2009-02-18 20:09:56 13,824 -c--a-w c:\windows\ie7updates\KB937143-IE7\ieudinit.exe
- 2007-04-24 14:26:26 642,560 -c----w c:\windows\ie7updates\KB937143-IE7\iexplore.exe
+ 2009-02-18 20:09:56 625,152 -c--a-w c:\windows\ie7updates\KB937143-IE7\iexplore.exe
- 2007-06-27 08:27:04 80,896 -c----w c:\windows\ie7updates\KB939653-IE7\ie4uinit.exe
+ 2009-02-18 20:10:01 63,488 -c--a-w c:\windows\ie7updates\KB939653-IE7\ie4uinit.exe
- 2007-06-27 08:27:05 31,232 -c----w c:\windows\ie7updates\KB939653-IE7\ieudinit.exe
+ 2009-02-18 20:10:02 13,824 -c--a-w c:\windows\ie7updates\KB939653-IE7\ieudinit.exe
- 2007-06-27 08:27:30 642,560 -c----w c:\windows\ie7updates\KB939653-IE7\iexplore.exe
+ 2009-02-18 20:10:02 625,152 -c--a-w c:\windows\ie7updates\KB939653-IE7\iexplore.exe
- 2007-08-17 10:20:54 80,896 -c----w c:\windows\ie7updates\KB942615-IE7\ie4uinit.exe
+ 2009-02-18 20:10:06 63,488 -c--a-w c:\windows\ie7updates\KB942615-IE7\ie4uinit.exe
- 2007-08-17 10:20:54 31,232 -c----w c:\windows\ie7updates\KB942615-IE7\ieudinit.exe
+ 2009-02-18 20:10:08 13,824 -c--a-w c:\windows\ie7updates\KB942615-IE7\ieudinit.exe
- 2007-08-17 10:21:21 642,560 -c----w c:\windows\ie7updates\KB942615-IE7\iexplore.exe
+ 2009-02-18 20:10:08 625,152 -c--a-w c:\windows\ie7updates\KB942615-IE7\iexplore.exe
- 2007-10-10 10:59:40 88,064 -c----w c:\windows\ie7updates\KB944533-IE7\ie4uinit.exe
+ 2009-02-18 20:10:12 70,656 -c--a-w c:\windows\ie7updates\KB944533-IE7\ie4uinit.exe
- 2007-10-10 10:59:40 31,232 -c----w c:\windows\ie7updates\KB944533-IE7\ieudinit.exe
+ 2009-02-18 20:10:14 13,824 -c--a-w c:\windows\ie7updates\KB944533-IE7\ieudinit.exe
- 2007-10-10 10:59:52 642,560 -c----w c:\windows\ie7updates\KB944533-IE7\iexplore.exe
+ 2009-02-18 20:10:14 625,152 -c--a-w c:\windows\ie7updates\KB944533-IE7\iexplore.exe
- 2007-12-06 11:00:57 88,064 -c----w c:\windows\ie7updates\KB947864-IE7\ie4uinit.exe
+ 2009-02-18 20:10:18 70,656 -c--a-w c:\windows\ie7updates\KB947864-IE7\ie4uinit.exe
- 2007-12-06 11:00:58 31,232 -c----w c:\windows\ie7updates\KB947864-IE7\ieudinit.exe
+ 2009-02-18 20:10:20 13,824 -c--a-w c:\windows\ie7updates\KB947864-IE7\ieudinit.exe
- 2007-12-06 11:01:25 643,072 -c----w c:\windows\ie7updates\KB947864-IE7\iexplore.exe
+ 2009-02-18 20:10:20 625,664 -c--a-w c:\windows\ie7updates\KB947864-IE7\iexplore.exe
- 2008-02-29 08:55:23 88,064 -c----w c:\windows\ie7updates\KB950759-IE7\ie4uinit.exe
+ 2009-02-18 20:10:24 70,656 -c--a-w c:\windows\ie7updates\KB950759-IE7\ie4uinit.exe
- 2008-02-22 10:00:51 31,232 -c----w c:\windows\ie7updates\KB950759-IE7\ieudinit.exe
+ 2009-02-18 20:10:26 13,824 -c--a-w c:\windows\ie7updates\KB950759-IE7\ieudinit.exe
- 2008-02-29 08:55:46 643,072 -c----w c:\windows\ie7updates\KB950759-IE7\iexplore.exe
+ 2009-02-18 20:10:26 625,664 -c--a-w c:\windows\ie7updates\KB950759-IE7\iexplore.exe
- 2008-04-22 07:39:58 88,064 -c----w c:\windows\ie7updates\KB953838-IE7\ie4uinit.exe
+ 2009-02-18 20:10:30 70,656 -c--a-w c:\windows\ie7updates\KB953838-IE7\ie4uinit.exe
- 2008-04-22 07:39:58 31,232 -c----w c:\windows\ie7updates\KB953838-IE7\ieudinit.exe
+ 2009-02-18 20:10:32 13,824 -c--a-w c:\windows\ie7updates\KB953838-IE7\ieudinit.exe
- 2008-04-22 07:40:18 643,072 -c----w c:\windows\ie7updates\KB953838-IE7\iexplore.exe
+ 2009-02-18 20:10:32 625,664 -c--a-w c:\windows\ie7updates\KB953838-IE7\iexplore.exe
- 2008-06-23 09:20:25 88,064 -c----w c:\windows\ie7updates\KB956390-IE7\ie4uinit.exe
+ 2009-02-18 20:10:36 70,656 -c--a-w c:\windows\ie7updates\KB956390-IE7\ie4uinit.exe
- 2008-06-23 09:20:26 31,232 -c----w c:\windows\ie7updates\KB956390-IE7\ieudinit.exe
+ 2009-02-18 20:10:37 13,824 -c--a-w c:\windows\ie7updates\KB956390-IE7\ieudinit.exe
- 2008-06-23 09:20:52 643,072 -c----w c:\windows\ie7updates\KB956390-IE7\iexplore.exe
+ 2009-02-18 20:10:38 625,664 -c--a-w c:\windows\ie7updates\KB956390-IE7\iexplore.exe
- 2008-08-25 08:37:59 88,064 -c----w c:\windows\ie7updates\KB958215-IE7\ie4uinit.exe
+ 2009-02-18 20:10:42 70,656 -c--a-w c:\windows\ie7updates\KB958215-IE7\ie4uinit.exe
- 2008-08-25 08:38:00 31,232 -c----w c:\windows\ie7updates\KB958215-IE7\ieudinit.exe
+ 2009-02-18 20:10:43 13,824 -c--a-w c:\windows\ie7updates\KB958215-IE7\ieudinit.exe
- 2003-03-03 16:24:32 51,200 -c--a-w c:\windows\ieuninst.exe
+ 2009-02-18 19:34:18 33,792 -c--a-w c:\windows\ieuninst.exe
- 2004-08-04 05:31:38 77,879 -c--a-w c:\windows\ime\imjp8_1\cplexe.exe
+ 2009-02-18 20:10:52 57,344 -c--a-w c:\windows\ime\imjp8_1\cplexe.exe
- 2002-08-29 12:00:00 77,878 -c--a-w c:\windows\ime\imjp8_1\imjpdadm.exe
+ 2009-02-18 20:10:53 57,344 -c--a-w c:\windows\ime\imjp8_1\imjpdadm.exe
- 2004-08-04 05:31:53 327,737 -c--a-w c:\windows\ime\imjp8_1\imjpdct.exe
+ 2009-02-18 20:10:53 307,200 -c--a-w c:\windows\ime\imjp8_1\imjpdct.exe
- 2004-08-04 05:31:54 176,185 -c--a-w c:\windows\ime\imjp8_1\imjpdsvr.exe
+ 2009-02-18 20:10:54 155,648 -c--a-w c:\windows\ime\imjp8_1\imjpdsvr.exe
- 2004-08-04 05:31:57 225,669 -c--a-w c:\windows\ime\imjp8_1\imjpinst.exe
+ 2009-02-18 20:10:54 204,800 -c--a-w c:\windows\ime\imjp8_1\imjpinst.exe
- 2004-08-04 05:31:59 229,432 -c--a-w c:\windows\ime\imjp8_1\imjpmig.exe
+ 2009-02-18 20:10:54 208,896 -c--a-w c:\windows\ime\imjp8_1\imjpmig.exe
- 2004-08-04 05:32:11 254,007 -c--a-w c:\windows\ime\imjp8_1\imjprw.exe
+ 2009-02-18 20:10:55 233,472 -c--a-w c:\windows\ime\imjp8_1\imjprw.exe
- 2002-08-29 12:00:00 65,589 -c--a-w c:\windows\ime\imjp8_1\imjpuex.exe
+ 2009-02-18 20:10:55 45,056 -c--a-w c:\windows\ime\imjp8_1\imjpuex.exe
- 2004-08-04 05:32:14 282,680 -c--a-w c:\windows\ime\imjp8_1\imjputy.exe
+ 2009-02-18 20:10:55 262,144 -c--a-w c:\windows\ime\imjp8_1\imjputy.exe
- 2002-08-29 12:00:00 61,440 -c--a-w c:\windows\ime\imkr6_1\imekrmig.exe
+ 2009-02-18 20:13:19 44,032 -c--a-w c:\windows\ime\imkr6_1\imekrmig.exe
- 2002-08-29 12:00:00 77,312 -c--a-w c:\windows\ime\imkr6_1\imkrinst.exe
+ 2009-02-18 20:13:19 59,904 -c--a-w c:\windows\ime\imkr6_1\imkrinst.exe
- 2002-08-29 12:00:00 331,839 -c--a-w c:\windows\ime\shared\imepadsv.exe
+ 2009-02-18 20:13:24 311,296 -c--a-w c:\windows\ime\shared\imepadsv.exe
- 2007-06-27 05:10:26 334,848 ----a-w c:\windows\inf\unregmp2.exe
+ 2009-02-18 09:23:33 317,440 ----a-w c:\windows\inf\unregmp2.exe
- 2003-01-29 18:10:57 184,320 -c--a-r c:\windows\Installer\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}\places.exe
+ 2009-02-18 20:15:07 166,400 -c--a-w c:\windows\Installer\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}\places.exe
- 2006-11-17 07:28:45 53,248 -c--a-r c:\windows\Installer\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}\icon.exe
+ 2009-02-18 20:15:07 32,768 -c--a-w c:\windows\Installer\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}\icon.exe
- 2008-12-30 22:43:25 94,208 ----a-r c:\windows\Installer\{388C130B-0079-46B4-A0D5-DC2DD7A89A7B}\ARPICON.exe
+ 2009-02-18 20:15:07 73,728 ----a-w c:\windows\Installer\{388C130B-0079-46B4-A0D5-DC2DD7A89A7B}\ARPICON.exe
- 2008-12-30 22:43:25 94,208 ----a-r c:\windows\Installer\{388C130B-0079-46B4-A0D5-DC2DD7A89A7B}\liteico.exe.827545C6_7013_4DE1_8E6C_DAEE4C57F54A.exe
+ 2009-02-18 20:15:08 73,728 ----a-w c:\windows\Installer\{388C130B-0079-46B4-A0D5-DC2DD7A89A7B}\liteico.exe.827545C6_7013_4DE1_8E6C_DAEE4C57F54A.exe
- 2008-12-30 22:43:25 94,208 ----a-r c:\windows\Installer\{388C130B-0079-46B4-A0D5-DC2DD7A89A7B}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe
+ 2009-02-18 20:15:08 73,728 ----a-w c:\windows\Installer\{388C130B-0079-46B4-A0D5-DC2DD7A89A7B}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe
- 2008-12-30 22:43:25 94,208 ----a-r c:\windows\Installer\{388C130B-0079-46B4-A0D5-DC2DD7A89A7B}\pncico.exe.C76E2E86_AE54_4AF5_997C_63EBB83C7651.exe
+ 2009-02-18 20:15:08 73,728 ----a-w c:\windows\Installer\{388C130B-0079-46B4-A0D5-DC2DD7A89A7B}\pncico.exe.C76E2E86_AE54_4AF5_997C_63EBB83C7651.exe
- 2006-07-09 17:46:57 151,552 -c--a-r c:\windows\Installer\{54C0D94A-F467-4ABC-9D02-6E58748668D4}\NewShortcut4_8C3BCD70236347B8A53EEE8A82FD5C78.exe
+ 2009-02-18 20:15:08 131,072 -c--a-w c:\windows\Installer\{54C0D94A-F467-4ABC-9D02-6E58748668D4}\NewShortcut4_8C3BCD70236347B8A53EEE8A82FD5C78.exe
- 2004-03-22 03:32:53 49,152 -c--a-r c:\windows\Installer\{56364334-9530-11D2-BFFC-00C04FA329AA}\cagicon.76D90421_D2BE_11D2_99FF_0060B0EC3D2E.exe
+ 2009-02-18 20:15:09 28,672 -c--a-w c:\windows\Installer\{56364334-9530-11D2-BFFC-00C04FA329AA}\cagicon.76D90421_D2BE_11D2_99FF_0060B0EC3D2E.exe
- 2004-03-22 03:32:53 62,464 -c--a-r c:\windows\Installer\{56364334-9530-11D2-BFFC-00C04FA329AA}\D0684E39.exe
+ 2009-02-18 20:15:09 45,056 -c--a-w c:\windows\Installer\{56364334-9530-11D2-BFFC-00C04FA329AA}\D0684E39.exe
- 2003-01-29 18:17:27 188,416 -c--a-r c:\windows\Installer\{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}\_85BA426DBE00_44A3_969E_C7BDF2F6C986.exe
+ 2009-02-18 20:15:10 167,936 -c--a-w c:\windows\Installer\{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}\_85BA426DBE00_44A3_969E_C7BDF2F6C986.exe
- 2003-01-29 18:17:27 86,016 -c--a-r c:\windows\Installer\{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}\_A003BF363149_4FEF_8E7E_E9C39A5B9A96.exe
+ 2009-02-18 20:15:10 65,536 -c--a-w c:\windows\Installer\{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}\_A003BF363149_4FEF_8E7E_E9C39A5B9A96.exe
- 2003-01-29 18:17:27 86,016 -c--a-r c:\windows\Installer\{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}\_D545A9F0ED09_444B_A962_2628559DCDE6.exe
+ 2009-02-18 20:15:11 65,536 -c--a-w c:\windows\Installer\{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}\_D545A9F0ED09_444B_A962_2628559DCDE6.exe
- 2008-11-13 03:56:09 53,248 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
+ 2009-02-18 20:15:11 32,768 ----a-w c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
- 2004-05-10 19:52:26 188,416 -c--a-r c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\accicons.exe
+ 2009-02-18 20:15:14 167,936 -c--a-w c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\accicons.exe
- 2004-05-10 19:52:27 102,400 -c--a-r c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\fpicon.exe
+ 2009-02-18 20:15:15 81,920 -c--a-w c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\fpicon.exe
- 2004-05-10 19:52:27 135,168 -c--a-r c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\outicon.exe
+ 2009-02-18 20:15:15 114,688 -c--a-w c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\outicon.exe
- 2004-05-10 19:52:24 65,536 -c--a-r c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\wordicon.exe
+ 2009-02-18 20:15:15 45,056 -c--a-w c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\wordicon.exe
- 2004-05-10 19:52:24 110,592 -c--a-r c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\xlicons.exe
+ 2009-02-18 20:15:16 90,112 -c--a-w c:\windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\xlicons.exe
- 2007-08-16 07:05:22 53,248 -c--a-r c:\windows\Installer\{C04E32E0-0416-434D-AFB9-6969D703A9EF}\icon.exe
+ 2009-02-18 20:15:17 32,768 -c--a-w c:\windows\Installer\{C04E32E0-0416-434D-AFB9-6969D703A9EF}\icon.exe
- 1998-10-29 23:45:06 324,096 -c--a-w c:\windows\IsUninst.exe
+ 2009-02-18 19:34:18 306,688 -c--a-w c:\windows\IsUninst.exe
- 2006-09-30 02:28:52 757,760 -c--a-w c:\windows\iun6002.exe
+ 2009-02-18 19:34:19 737,280 -c--a-w c:\windows\iun6002.exe
- 2008-04-14 00:12:12 273,920 ----a-w c:\windows\msagent\agentsvr.exe
+ 2009-02-18 20:15:22 256,512 ----a-w c:\windows\msagent\agentsvr.exe
- 2004-06-18 21:40:50 50,688 -c--a-w c:\windows\muninst.exe
+ 2009-02-18 19:34:20 33,280 -c--a-w c:\windows\muninst.exe
- 2003-01-07 09:56:00 344,576 -c--a-w c:\windows\nCASEUninstaller.exe
+ 2009-02-18 19:34:20 327,168 -c--a-w c:\windows\nCASEUninstaller.exe
- 2003-07-01 02:52:09 65,536 -c--a-w c:\windows\NCUNINST.EXE
+ 2009-02-18 19:34:21 45,056 -c--a-w c:\windows\NCUNINST.EXE
- 2008-04-13 18:53:32 575,488 ------w c:\windows\network diagnostic\xpnetdiag.exe
+ 2009-02-18 09:23:34 558,080 ----a-w c:\windows\network diagnostic\xpnetdiag.exe
- 2000-08-31 16:00:00 49,152 ----a-w c:\windows\NIRCMD.exe
+ 2000-08-31 16:00:00 29,696 ----a-w c:\windows\NIRCMD.exe
- 2008-04-14 00:12:29 86,528 ----a-w c:\windows\notepad.exe
+ 2009-02-18 19:34:21 69,120 ----a-w c:\windows\notepad.exe
- 2003-07-07 20:41:08 51,200 -c--a-w c:\windows\oeuninst.exe
+ 2009-02-18 19:34:22 33,792 -c--a-w c:\windows\oeuninst.exe
- 2003-03-03 16:24:32 51,200 -c--a-w c:\windows\Q330994.exe
+ 2009-02-18 19:34:22 33,792 -c--a-w c:\windows\Q330994.exe
- 2008-04-14 00:12:32 163,840 ----a-w c:\windows\regedit.exe
+ 2009-02-18 19:34:23 146,432 ----a-w c:\windows\regedit.exe
- 2002-12-11 22:08:34 770,048 -c--a-w c:\windows\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}$BACKUP$\System\setup_wm.exe
+ 2009-02-18 20:16:24 749,568 -c--a-w c:\windows\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}$BACKUP$\System\setup_wm.exe
- 2004-08-11 08:45:04 839,680 -c--a-w c:\windows\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}\setup_wm.exe
+ 2009-02-18 20:16:23 819,200 -c--a-w c:\windows\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}\setup_wm.exe
- 2002-12-12 07:14:32 45,568 -c--a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dplaysvr.exe
+ 2009-02-18 20:16:26 28,160 -c--a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dplaysvr.exe
- 2002-12-12 07:14:32 34,304 -c--a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnsvr.exe
+ 2009-02-18 20:16:27 16,896 -c--a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnsvr.exe
- 2002-12-12 07:14:32 98,304 -c--a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpvsetup.exe
+ 2009-02-18 20:16:27 80,896 -c--a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpvsetup.exe
- 2003-05-30 16:00:02 958,464 -c--a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dxdiag.exe
+ 2009-02-18 20:16:29 937,984 -c--a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dxdiag.exe
- 2002-12-12 07:14:32 61,952 -c--a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dxdllreg.exe
+ 2009-02-18 20:16:30 44,544 -c--a-w c:\windows\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dxdllreg.exe
- 2004-08-11 08:45:04 64,512 -c--a-w c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\uwdf.exe
+ 2009-02-18 20:16:33 47,104 -c--a-w c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\uwdf.exe
- 2004-08-11 08:45:04 56,320 -c--a-w c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wdfmgr.exe
+ 2009-02-18 20:16:33 38,912 -c--a-w c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wdfmgr.exe
- 2002-12-11 13:04:20 98,816 -c--a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\logagent.exe
+ 2009-02-18 20:16:41 81,408 -c--a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\logagent.exe
- 2004-08-11 08:45:04 114,176 -c--a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\logagent.exe
+ 2009-02-18 20:16:39 96,768 -c--a-w c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\logagent.exe
- 2003-04-11 22:11:34 540,672 -c--a-w c:\windows\RegisteredPackages\{B3C1B200-8F14-4C49-96D3-67425AD59914}\wmplayer.exe
+ 2009-02-18 20:16:44 520,192 -c--a-w c:\windows\RegisteredPackages\{B3C1B200-8F14-4C49-96D3-67425AD59914}\wmplayer.exe
- 2002-12-11 13:08:46 802,816 -c--a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\migrate.exe
+ 2009-02-18 20:17:03 782,336 -c--a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\migrate.exe
- 2002-12-11 13:08:28 212,992 -c--a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\unregmp2.exe
+ 2009-02-18 20:17:04 192,512 -c--a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\unregmp2.exe
- 2002-12-11 15:27:32 94,208 -c--a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\wmplayer.exe
+ 2009-02-18 20:17:16 73,728 -c--a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\wmplayer.exe
- 2004-08-11 08:45:04 1,011,712 -c--a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\migrate.exe
+ 2009-02-18 20:16:47 991,232 -c--a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\migrate.exe
- 2004-08-11 08:45:04 212,992 -c--a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\unregmp2.exe
+ 2009-02-18 20:16:48 192,512 -c--a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\unregmp2.exe
- 2004-08-11 08:45:04 143,360 -c--a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmlaunch.exe
+ 2009-02-18 20:16:48 122,880 -c--a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmlaunch.exe
- 2004-08-11 08:45:04 49,152 -c--a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmpenc.exe
+ 2009-02-18 20:16:59 28,672 -c--a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmpenc.exe
- 2004-08-11 08:45:04 94,208 -c--a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmplayer.exe
+ 2009-02-18 20:17:02 73,728 -c--a-w c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmplayer.exe
- 2006-02-28 06:55:30 88,064 ----a-w c:\windows\ScUnin.exe
+ 2009-02-18 19:34:24 70,656 ----a-w c:\windows\ScUnin.exe
- 2000-08-31 16:00:00 116,224 ----a-w c:\windows\sed.exe
+ 2000-08-31 16:00:00 98,816 ----a-w c:\windows\sed.exe
- 2008-04-14 00:12:11 201,728 ------w c:\windows\ServicePackFiles\i386\accwiz.exe
+ 2009-02-18 20:17:21 184,320 ----a-w c:\windows\ServicePackFiles\i386\accwiz.exe
- 2008-04-14 00:12:12 21,504 ------w c:\windows\ServicePackFiles\i386\actmovie.exe
+ 2009-02-18 20:17:24 4,096 ----a-w c:\windows\ServicePackFiles\i386\actmovie.exe
- 2008-04-14 00:12:12 36,919 ------w c:\windows\ServicePackFiles\i386\admin.exe
+ 2009-02-18 20:17:24 16,384 ----a-w c:\windows\ServicePackFiles\i386\admin.exe
- 2008-04-14 00:12:12 273,920 ------w c:\windows\ServicePackFiles\i386\agentsvr.exe
+ 2009-02-18 20:17:27 256,512 ----a-w c:\windows\ServicePackFiles\i386\agentsvr.exe
- 2008-04-14 00:12:12 115,712 ------w c:\windows\ServicePackFiles\i386\ahui.exe
+ 2009-02-18 20:17:31 98,304 ----a-w c:\windows\ServicePackFiles\i386\ahui.exe
- 2008-04-14 00:12:12 61,952 ------w c:\windows\ServicePackFiles\i386\alg.exe
+ 2009-02-18 20:17:31 44,544 ----a-w c:\windows\ServicePackFiles\i386\alg.exe
- 2008-04-14 00:12:12 42,496 ------w c:\windows\ServicePackFiles\i386\at.exe
+ 2009-02-18 20:18:10 25,088 ----a-w c:\windows\ServicePackFiles\i386\at.exe
- 2008-04-14 00:12:12 28,672 ------w c:\windows\ServicePackFiles\i386\atmadm.exe
+ 2009-02-18 20:18:15 11,264 ----a-w c:\windows\ServicePackFiles\i386\atmadm.exe
- 2008-04-14 00:12:12 29,696 ------w c:\windows\ServicePackFiles\i386\attrib.exe
+ 2009-02-18 20:18:16 12,288 ----a-w c:\windows\ServicePackFiles\i386\attrib.exe
- 2008-04-14 00:12:12 31,744 ------w c:\windows\ServicePackFiles\i386\auditusr.exe
+ 2009-02-18 20:18:16 14,336 ----a-w c:\windows\ServicePackFiles\i386\auditusr.exe
- 2008-04-14 00:12:12 36,919 ------w c:\windows\ServicePackFiles\i386\author.exe
+ 2009-02-18 20:18:16 16,384 ----a-w c:\windows\ServicePackFiles\i386\author.exe
- 2008-04-14 00:12:13 89,088 ------w c:\windows\ServicePackFiles\i386\blastcln.exe
+ 2009-02-18 20:18:20 71,680 ----a-w c:\windows\ServicePackFiles\i386\blastcln.exe
- 2008-04-14 00:12:13 37,376 ------w c:\windows\ServicePackFiles\i386\cacls.exe
+ 2009-02-18 20:18:24 19,968 ----a-w c:\windows\ServicePackFiles\i386\cacls.exe
- 2008-04-14 00:12:14 208,960 ------w c:\windows\ServicePackFiles\i386\cfgwiz.exe
+ 2009-02-18 20:18:26 188,416 ----a-w c:\windows\ServicePackFiles\i386\cfgwiz.exe
- 2008-04-14 00:12:14 23,040 ------w c:\windows\ServicePackFiles\i386\cisvc.exe
+ 2009-02-18 20:18:29 5,632 ----a-w c:\windows\ServicePackFiles\i386\cisvc.exe
- 2008-04-14 00:12:14 81,408 ------w c:\windows\ServicePackFiles\i386\cleanmgr.exe
+ 2009-02-18 20:18:29 64,000 ----a-w c:\windows\ServicePackFiles\i386\cleanmgr.exe
- 2008-04-14 00:12:14 40,960 ------w c:\windows\ServicePackFiles\i386\cliconfg.exe
+ 2009-02-18 20:18:30 20,480 ----a-w c:\windows\ServicePackFiles\i386\cliconfg.exe
- 2008-04-14 00:12:14 120,320 ------w c:\windows\ServicePackFiles\i386\clipbrd.exe
+ 2009-02-18 20:18:30 102,912 ----a-w c:\windows\ServicePackFiles\i386\clipbrd.exe
- 2008-04-14 00:12:14 50,688 ------w c:\windows\ServicePackFiles\i386\clipsrv.exe
+ 2009-02-18 20:18:30 33,280 ----a-w c:\windows\ServicePackFiles\i386\clipsrv.exe
- 2008-04-14 00:12:14 406,528 ------w c:\windows\ServicePackFiles\i386\cmd.exe
+ 2009-02-18 20:18:31 389,120 ----a-w c:\windows\ServicePackFiles\i386\cmd.exe
- 2008-04-14 00:12:14 43,008 ------w c:\windows\ServicePackFiles\i386\cmdl32.exe
+ 2009-02-18 20:18:31 25,600 ----a-w c:\windows\ServicePackFiles\i386\cmdl32.exe
- 2008-04-14 00:12:15 57,344 ------w c:\windows\ServicePackFiles\i386\cmmon32.exe
+ 2009-02-18 20:18:32 39,936 ----a-w c:\windows\ServicePackFiles\i386\cmmon32.exe
- 2008-04-14 00:12:15 80,896 ------w c:\windows\ServicePackFiles\i386\cmstp.exe
+ 2009-02-18 20:18:32 63,488 ----a-w c:\windows\ServicePackFiles\i386\cmstp.exe
- 2008-04-14 00:12:15 27,136 ------w c:\windows\ServicePackFiles\i386\comrepl.exe
+ 2009-02-18 20:18:39 9,728 ----a-w c:\windows\ServicePackFiles\i386\comrepl.exe
- 2008-04-14 00:12:15 23,552 ------w c:\windows\ServicePackFiles\i386\comrereg.exe
+ 2009-02-18 20:18:39 6,144 ----a-w c:\windows\ServicePackFiles\i386\comrereg.exe
- 2008-04-14 00:12:15 1,052,672 ------w c:\windows\ServicePackFiles\i386\conf.exe
+ 2009-02-18 20:18:43 1,032,192 ----a-w c:\windows\ServicePackFiles\i386\conf.exe
- 2008-04-14 00:12:15 45,056 ------w c:\windows\ServicePackFiles\i386\conime.exe
+ 2009-02-18 20:18:44 27,648 ----a-w c:\windows\ServicePackFiles\i386\conime.exe
- 2008-04-14 00:12:15 159,744 ------w c:\windows\ServicePackFiles\i386\cscript.exe
+ 2009-02-18 20:18:45 139,264 ----a-w c:\windows\ServicePackFiles\i386\cscript.exe
- 2008-04-14 00:12:16 23,552 ------w c:\windows\ServicePackFiles\i386\dcomcnfg.exe
+ 2009-02-18 20:18:49 6,144 ----a-w c:\windows\ServicePackFiles\i386\dcomcnfg.exe
- 2008-04-14 00:12:16 47,616 ------w c:\windows\ServicePackFiles\i386\ddeshare.exe
+ 2009-02-18 20:18:50 30,208 ----a-w c:\windows\ServicePackFiles\i386\ddeshare.exe
- 2008-04-14 00:12:16 42,496 ------w c:\windows\ServicePackFiles\i386\defrag.exe
+ 2009-02-18 20:18:50 25,088 ----a-w c:\windows\ServicePackFiles\i386\defrag.exe
- 2008-04-14 00:12:16 100,352 ------w c:\windows\ServicePackFiles\i386\dfrgfat.exe
+ 2009-02-18 20:18:51 82,944 ----a-w c:\windows\ServicePackFiles\i386\dfrgfat.exe
- 2008-04-14 00:12:16 122,880 ------w c:\windows\ServicePackFiles\i386\dfrgntfs.exe
+ 2009-02-18 20:18:51 105,472 ----a-w c:\windows\ServicePackFiles\i386\dfrgntfs.exe
- 2008-04-14 00:12:17 556,544 ------w c:\windows\ServicePackFiles\i386\dialer.exe
+ 2009-02-18 20:18:52 539,136 ----a-w c:\windows\ServicePackFiles\i386\dialer.exe
- 2008-04-14 00:12:17 104,448 ------w c:\windows\ServicePackFiles\i386\diantz.exe
+ 2009-02-18 20:18:52 87,040 ----a-w c:\windows\ServicePackFiles\i386\diantz.exe
- 2008-04-14 00:12:17 181,248 ------w c:\windows\ServicePackFiles\i386\diskpart.exe
+ 2009-02-18 20:18:55 163,840 ----a-w c:\windows\ServicePackFiles\i386\diskpart.exe
- 2004-08-04 07:56:48 315,392 -c----w c:\windows\ServicePackFiles\i386\dlimport.exe
+ 2009-02-18 20:18:56 294,912 -c--a-w c:\windows\ServicePackFiles\i386\dlimport.exe
- 2008-04-14 00:12:17 22,528 ------w c:\windows\ServicePackFiles\i386\dllhost.exe
+ 2009-02-18 20:18:56 5,120 ----a-w c:\windows\ServicePackFiles\i386\dllhost.exe
- 2008-04-14 00:12:17 242,176 ------w c:\windows\ServicePackFiles\i386\dmadmin.exe
+ 2009-02-18 20:18:56 224,768 ----a-w c:\windows\ServicePackFiles\i386\dmadmin.exe
- 2008-04-14 00:12:17 33,280 ------w c:\windows\ServicePackFiles\i386\dmremote.exe
+ 2009-02-18 20:18:57 15,872 ----a-w c:\windows\ServicePackFiles\i386\dmremote.exe
- 2008-04-14 00:12:17 47,104 ------w c:\windows\ServicePackFiles\i386\dplaysvr.exe
+ 2009-02-18 20:18:59 29,696 ----a-w c:\windows\ServicePackFiles\i386\dplaysvr.exe
- 2008-04-14 00:12:17 35,328 ------w c:\windows\ServicePackFiles\i386\dpnsvr.exe
+ 2009-02-18 20:19:00 17,920 ----a-w c:\windows\ServicePackFiles\i386\dpnsvr.exe
- 2008-04-14 00:12:18 100,864 ------w c:\windows\ServicePackFiles\i386\dpvsetup.exe
+ 2009-02-18 20:19:01 83,456 ----a-w c:\windows\ServicePackFiles\i386\dpvsetup.exe
- 2008-04-14 00:12:18 28,160 ------w c:\windows\ServicePackFiles\i386\dumprep.exe
+ 2009-02-18 20:19:05 10,752 ----a-w c:\windows\ServicePackFiles\i386\dumprep.exe
- 2008-04-14 00:12:18 35,328 ------w c:\windows\ServicePackFiles\i386\dvdupgrd.exe
+ 2009-02-18 20:19:06 17,920 ----a-w c:\windows\ServicePackFiles\i386\dvdupgrd.exe
- 2008-04-14 00:12:18 200,704 ------w c:\windows\ServicePackFiles\i386\dwwin.exe
+ 2009-02-18 20:19:06 180,224 ----a-w c:\windows\ServicePackFiles\i386\dwwin.exe
- 2008-04-14 00:12:18 1,318,912 ------w c:\windows\ServicePackFiles\i386\dxdiag.exe
+ 2009-02-18 20:19:07 1,298,432 ----a-w c:\windows\ServicePackFiles\i386\dxdiag.exe
- 2008-04-14 00:12:19 210,432 ------w c:\windows\ServicePackFiles\i386\eudcedit.exe
+ 2009-02-18 20:19:12 193,024 ----a-w c:\windows\ServicePackFiles\i386\eudcedit.exe
- 2008-04-14 00:12:19 41,472 ------w c:\windows\ServicePackFiles\i386\evntcmd.exe
+ 2009-02-18 20:19:13 24,064 ----a-w c:\windows\ServicePackFiles\i386\evntcmd.exe
- 2008-04-14 00:12:19 109,568 ------w c:\windows\ServicePackFiles\i386\evntwin.exe
+ 2009-02-18 20:19:13 92,160 ----a-w c:\windows\ServicePackFiles\i386\evntwin.exe
- 2008-04-14 00:12:19 41,472 ------w c:\windows\ServicePackFiles\i386\extrac32.exe
+ 2009-02-18 20:19:15 24,064 ----a-w c:\windows\ServicePackFiles\i386\extrac32.exe
- 2008-04-14 00:12:20 38,400 ------w c:\windows\ServicePackFiles\i386\faxpatch.exe
+ 2009-02-18 20:19:15 20,992 ----a-w c:\windows\ServicePackFiles\i386\faxpatch.exe
- 2008-04-14 00:12:20 44,544 ------w c:\windows\ServicePackFiles\i386\findstr.exe
+ 2009-02-18 20:19:18 27,136 ----a-w c:\windows\ServicePackFiles\i386\findstr.exe
- 2008-04-14 00:12:20 40,448 ------w c:\windows\ServicePackFiles\i386\fltmc.exe
+ 2009-02-18 20:19:19 23,040 ----a-w c:\windows\ServicePackFiles\i386\fltmc.exe
- 2008-04-14 00:12:20 38,400 ------w c:\windows\ServicePackFiles\i386\fontview.exe
+ 2009-02-18 20:19:20 20,992 ----a-w c:\windows\ServicePackFiles\i386\fontview.exe
- 2008-04-14 00:12:20 25,088 ------w c:\windows\ServicePackFiles\i386\forcedos.exe
+ 2009-02-18 20:19:20 7,680 ----a-w c:\windows\ServicePackFiles\i386\forcedos.exe
- 2008-04-14 00:12:20 32,528 ------w c:\windows\ServicePackFiles\i386\fp98sadm.exe
+ 2009-02-18 20:19:23 14,848 ----a-w c:\windows\ServicePackFiles\i386\fp98sadm.exe
- 2008-04-14 00:12:20 127,248 ------w c:\windows\ServicePackFiles\i386\fp98swin.exe
+ 2009-02-18 20:19:23 109,568 ----a-w c:\windows\ServicePackFiles\i386\fp98swin.exe
- 2008-04-14 00:12:20 45,112 ------w c:\windows\ServicePackFiles\i386\fpadmcgi.exe
+ 2009-02-18 20:19:23 24,576 ----a-w c:\windows\ServicePackFiles\i386\fpadmcgi.exe
- 2008-04-14 00:12:20 208,974 ------w c:\windows\ServicePackFiles\i386\fpcount.exe
+ 2009-02-18 20:19:23 188,416 ----a-w c:\windows\ServicePackFiles\i386\fpcount.exe
- 2008-04-14 00:12:20 41,018 ------w c:\windows\ServicePackFiles\i386\fpremadm.exe
+ 2009-02-18 20:19:24 20,480 ----a-w c:\windows\ServicePackFiles\i386\fpremadm.exe
- 2008-04-14 00:12:20 49,208 ------w c:\windows\ServicePackFiles\i386\fpsrvadm.exe
+ 2009-02-18 20:19:24 28,672 ----a-w c:\windows\ServicePackFiles\i386\fpsrvadm.exe
- 2008-04-14 00:12:20 210,432 ------w c:\windows\ServicePackFiles\i386\fsquirt.exe
+ 2009-02-18 20:19:24 193,024 ----a-w c:\windows\ServicePackFiles\i386\fsquirt.exe
- 2008-04-14 00:12:20 59,904 ------w c:\windows\ServicePackFiles\i386\ftp.exe
+ 2009-02-18 20:19:25 42,496 ----a-w c:\windows\ServicePackFiles\i386\ftp.exe
- 2008-04-14 00:12:21 160,256 ------w c:\windows\ServicePackFiles\i386\fxsclnt.exe
+ 2009-02-18 20:19:25 142,848 ----a-w c:\windows\ServicePackFiles\i386\fxsclnt.exe
- 2008-04-14 00:12:21 246,784 ------w c:\windows\ServicePackFiles\i386\fxscover.exe
+ 2009-02-18 20:19:25 229,376 ----a-w c:\windows\ServicePackFiles\i386\fxscover.exe
- 2008-04-14 00:12:21 285,184 ------w c:\windows\ServicePackFiles\i386\fxssvc.exe
+ 2009-02-18 20:19:26 267,776 ----a-w c:\windows\ServicePackFiles\i386\fxssvc.exe
- 2008-04-14 00:12:21 56,832 ------w c:\windows\ServicePackFiles\i386\grpconv.exe
+ 2009-02-18 20:19:28 39,424 ----a-w c:\windows\ServicePackFiles\i386\grpconv.exe
- 2008-04-14 00:12:21 33,280 ------w c:\windows\ServicePackFiles\i386\help.exe
+ 2009-02-18 20:19:31 15,872 ----a-w c:\windows\ServicePackFiles\i386\help.exe
- 2008-04-14 00:12:21 786,432 ------w c:\windows\ServicePackFiles\i386\helpctr.exe
+ 2009-02-18 20:19:31 769,024 ----a-w c:\windows\ServicePackFiles\i386\helpctr.exe
- 2008-04-14 00:12:21 761,856 ------w c:\windows\ServicePackFiles\i386\helpsvc.exe
+ 2009-02-18 20:19:32 744,448 ----a-w c:\windows\ServicePackFiles\i386\helpsvc.exe
- 2008-04-14 00:12:21 28,160 ------w c:\windows\ServicePackFiles\i386\hh.exe
+ 2009-02-18 20:19:32 10,752 ----a-w c:\windows\ServicePackFiles\i386\hh.exe
- 2008-04-14 00:12:21 35,840 ------w c:\windows\ServicePackFiles\i386\hscupd.exe
+ 2009-02-18 20:19:36 18,432 ----a-w c:\windows\ServicePackFiles\i386\hscupd.exe
- 2008-04-14 00:12:22 231,936 ------w c:\windows\ServicePackFiles\i386\icwconn1.exe
+ 2009-02-18 20:19:41 214,528 ----a-w c:\windows\ServicePackFiles\i386\icwconn1.exe
- 2008-04-14 00:12:22 106,496 ------w c:\windows\ServicePackFiles\i386\icwconn2.exe
+ 2009-02-18 20:19:41 86,016 ----a-w c:\windows\ServicePackFiles\i386\icwconn2.exe
- 2008-04-14 00:12:22 45,056 ------w c:\windows\ServicePackFiles\i386\icwrmind.exe
+ 2009-02-18 20:19:43 24,576 ----a-w c:\windows\ServicePackFiles\i386\icwrmind.exe
- 2008-04-14 00:12:22 51,712 ------w c:\windows\ServicePackFiles\i386\ie4uinit.exe
+ 2009-02-18 20:19:43 34,304 ----a-w c:\windows\ServicePackFiles\i386\ie4uinit.exe
- 2008-04-14 00:12:22 35,840 ------w c:\windows\ServicePackFiles\i386\iedw.exe
+ 2009-02-18 20:19:44 18,432 ----a-w c:\windows\ServicePackFiles\i386\iedw.exe
- 2008-04-14 00:12:22 110,592 ------w c:\windows\ServicePackFiles\i386\iexplore.exe
+ 2009-02-18 20:19:47 93,184 ----a-w c:\windows\ServicePackFiles\i386\iexplore.exe
- 2008-04-14 00:12:22 132,096 ------w c:\windows\ServicePackFiles\i386\iexpress.exe
+ 2009-02-18 20:19:47 114,688 ----a-w c:\windows\ServicePackFiles\i386\iexpress.exe
- 2008-04-14 00:12:22 167,936 ------w c:\windows\ServicePackFiles\i386\imapi.exe
+ 2009-02-18 20:19:48 150,528 ----a-w c:\windows\ServicePackFiles\i386\imapi.exe
- 2008-04-14 00:12:22 40,960 ------w c:\windows\ServicePackFiles\i386\inetwiz.exe
+ 2009-02-18 20:19:50 20,480 ----a-w c:\windows\ServicePackFiles\i386\inetwiz.exe
- 2008-04-14 00:12:22 73,216 ------w c:\windows\ServicePackFiles\i386\ipconfig.exe
+ 2009-02-18 20:19:53 55,808 ----a-w c:\windows\ServicePackFiles\i386\ipconfig.exe
- 2008-04-14 00:12:23 70,656 ------w c:\windows\ServicePackFiles\i386\ipv6.exe
+ 2009-02-18 20:19:58 53,248 ----a-w c:\windows\ServicePackFiles\i386\ipv6.exe
- 2008-04-14 00:12:23 40,960 ------w c:\windows\ServicePackFiles\i386\ipxroute.exe
+ 2009-02-18 20:20:00 23,552 ----a-w c:\windows\ServicePackFiles\i386\ipxroute.exe
- 2008-04-14 00:12:23 168,960 ------w c:\windows\ServicePackFiles\i386\irftp.exe
+ 2009-02-18 20:20:01 151,552 ----a-w c:\windows\ServicePackFiles\i386\irftp.exe
- 2004-08-04 05:31:54 497,664 -c----w c:\windows\ServicePackFiles\i386\lang\cintsetp.exe
+ 2009-02-18 20:24:32 480,256 -c--a-w c:\windows\ServicePackFiles\i386\lang\cintsetp.exe
- 2004-08-04 05:31:38 77,879 -c----w c:\windows\ServicePackFiles\i386\lang\cplexe.exe
+ 2009-02-18 20:24:33 57,344 -c--a-w c:\windows\ServicePackFiles\i386\lang\cplexe.exe
- 2004-08-04 05:31:53 327,737 -c----w c:\windows\ServicePackFiles\i386\lang\imjpdct.exe
+ 2009-02-18 20:24:35 307,200 -c--a-w c:\windows\ServicePackFiles\i386\lang\imjpdct.exe
- 2004-08-04 05:31:54 176,185 -c----w c:\windows\ServicePackFiles\i386\lang\imjpdsvr.exe
+ 2009-02-18 20:24:35 155,648 -c--a-w c:\windows\ServicePackFiles\i386\lang\imjpdsvr.exe
- 2004-08-04 05:31:57 225,669 -c----w c:\windows\ServicePackFiles\i386\lang\imjpinst.exe
+ 2009-02-18 20:24:35 204,800 -c--a-w c:\windows\ServicePackFiles\i386\lang\imjpinst.exe
- 2004-08-04 05:31:59 229,432 -c----w c:\windows\ServicePackFiles\i386\lang\imjpmig.exe
+ 2009-02-18 20:24:36 208,896 -c--a-w c:\windows\ServicePackFiles\i386\lang\imjpmig.exe
- 2004-08-04 05:32:11 254,007 -c----w c:\windows\ServicePackFiles\i386\lang\imjprw.exe
+ 2009-02-18 20:24:36 233,472 -c--a-w c:\windows\ServicePackFiles\i386\lang\imjprw.exe
- 2004-08-04 05:32:14 282,680 -c----w c:\windows\ServicePackFiles\i386\lang\imjputy.exe
+ 2009-02-18 20:24:36 262,144 -c--a-w c:\windows\ServicePackFiles\i386\lang\imjputy.exe
- 2002-08-29 12:00:00 84,408 -c----w c:\windows\ServicePackFiles\i386\lang\imscinst.exe
+ 2009-02-18 20:24:37 66,560 -c--a-w c:\windows\ServicePackFiles\i386\lang\imscinst.exe
- 2008-04-13 16:43:36 87,552 ------w c:\windows\ServicePackFiles\i386\lang\pintlphr.exe
+ 2009-02-18 20:24:41 70,144 ----a-w c:\windows\ServicePackFiles\i386\lang\pintlphr.exe
- 2002-08-29 12:00:00 61,440 -c----w c:\windows\ServicePackFiles\i386\lang\tintlphr.exe
+ 2009-02-18 20:24:41 44,032 -c--a-w c:\windows\ServicePackFiles\i386\lang\tintlphr.exe
- 2002-08-29 12:00:00 472,576 -c----w c:\windows\ServicePackFiles\i386\lang\tintsetp.exe
+ 2009-02-18 20:24:42 455,168 -c--a-w c:\windows\ServicePackFiles\i386\lang\tintsetp.exe
- 2008-04-14 00:12:23 695,296 ------w c:\windows\ServicePackFiles\i386\lhmstsc.exe
+ 2009-02-18 20:20:12 677,888 ----a-w c:\windows\ServicePackFiles\i386\lhmstsc.exe
- 2008-04-14 00:12:24 92,672 ------w c:\windows\ServicePackFiles\i386\locator.exe
+ 2009-02-18 20:20:15 75,264 ----a-w c:\windows\ServicePackFiles\i386\locator.exe
- 2004-08-04 07:56:50 121,344 -c----w c:\windows\ServicePackFiles\i386\logagent.exe
+ 2009-02-18 20:20:15 103,936 -c--a-w c:\windows\ServicePackFiles\i386\logagent.exe
- 2008-04-14 00:12:24 76,800 ------w c:\windows\ServicePackFiles\i386\logman.exe
+ 2009-02-18 20:20:15 59,392 ----a-w c:\windows\ServicePackFiles\i386\logman.exe
- 2008-04-14 00:12:43 238,080 ------w c:\windows\ServicePackFiles\i386\logon.scr
+ 2009-02-18 20:20:16 220,672 ----a-w c:\windows\ServicePackFiles\i386\logon.scr
- 2008-04-14 00:12:24 531,968 ------w c:\windows\ServicePackFiles\i386\logonui.exe
+ 2009-02-18 20:20:16 514,560 ----a-w c:\windows\ServicePackFiles\i386\logonui.exe
- 2008-04-14 00:12:24 30,720 ------w c:\windows\ServicePackFiles\i386\lsass.exe
+ 2009-02-18 20:20:17 13,312 ----a-w c:\windows\ServicePackFiles\i386\lsass.exe
- 2008-04-14 00:12:24 90,112 ------w c:\windows\ServicePackFiles\i386\magnify.exe
+ 2009-02-18 20:20:18 72,704 ----a-w c:\windows\ServicePackFiles\i386\magnify.exe
- 2008-04-14 00:12:25 74,752 ------w c:\windows\ServicePackFiles\i386\makecab.exe
+ 2009-02-18 20:20:18 57,344 ----a-w c:\windows\ServicePackFiles\i386\makecab.exe
- 2008-04-14 00:12:25 121,344 ------w c:\windows\ServicePackFiles\i386\migload.exe
+ 2009-02-18 20:20:21 103,936 ----a-w c:\windows\ServicePackFiles\i386\migload.exe
- 2004-08-04 07:56:51 806,912 -c----w c:\windows\ServicePackFiles\i386\migrate.exe
+ 2009-02-18 20:20:22 786,432 -c--a-w c:\windows\ServicePackFiles\i386\migrate.exe
- 2008-04-14 00:12:25 25,088 ------w c:\windows\ServicePackFiles\i386\migregdb.exe
+ 2009-02-18 20:20:23 7,680 ----a-w c:\windows\ServicePackFiles\i386\migregdb.exe
- 2008-04-14 00:12:25 262,656 ------w c:\windows\ServicePackFiles\i386\migwiz.exe
+ 2009-02-18 20:20:23 245,248 ----a-w c:\windows\ServicePackFiles\i386\migwiz.exe
- 2004-08-04 07:56:51 253,440 -c----w c:\windows\ServicePackFiles\i386\migwiz_a.exe
+ 2009-02-18 20:20:24 236,032 -c--a-w c:\windows\ServicePackFiles\i386\migwiz_a.exe
- 2008-04-14 00:12:25 258,560 ------w c:\windows\ServicePackFiles\i386\migwiza.exe
+ 2009-02-18 20:20:23 241,152 ----a-w c:\windows\ServicePackFiles\i386\migwiza.exe
- 2008-04-14 00:12:25 1,432,064 ------w c:\windows\ServicePackFiles\i386\mmc.exe
+ 2009-02-18 20:20:27 1,414,656 ----a-w c:\windows\ServicePackFiles\i386\mmc.exe
- 2008-04-14 00:12:25 51,200 ------w c:\windows\ServicePackFiles\i386\mmcperf.exe
+ 2009-02-18 20:20:31 33,792 ----a-w c:\windows\ServicePackFiles\i386\mmcperf.exe
- 2008-04-14 00:12:25 53,248 ------w c:\windows\ServicePackFiles\i386\mnmsrvc.exe
+ 2009-02-18 20:20:34 32,768 ----a-w c:\windows\ServicePackFiles\i386\mnmsrvc.exe
- 2008-04-14 00:12:26 160,768 ------w c:\windows\ServicePackFiles\i386\mobsync.exe
+ 2009-02-18 20:20:34 143,360 ----a-w c:\windows\ServicePackFiles\i386\mobsync.exe
- 2008-04-14 00:12:26 33,792 ------w c:\windows\ServicePackFiles\i386\mofcomp.exe
+ 2009-02-18 20:20:35 16,384 ----a-w c:\windows\ServicePackFiles\i386\mofcomp.exe
- 2008-04-14 00:12:27 3,576,320 ------w c:\windows\ServicePackFiles\i386\moviemk.exe
+ 2009-02-18 20:20:42 3,558,912 ----a-w c:\windows\ServicePackFiles\i386\moviemk.exe
- 2008-04-14 00:12:27 140,800 ------w c:\windows\ServicePackFiles\i386\mplay32.exe
+ 2009-02-18 20:20:45 123,392 ----a-w c:\windows\ServicePackFiles\i386\mplay32.exe
- 2004-08-04 07:56:52 22,047 -c----w c:\windows\ServicePackFiles\i386\mplayer2.exe
+ 2009-02-18 20:20:45 4,608 -c--a-w c:\windows\ServicePackFiles\i386\mplayer2.exe
- 2008-04-14 00:12:27 187,392 ------w c:\windows\ServicePackFiles\i386\msconfig.exe
+ 2009-02-18 20:20:49 169,984 ----a-w c:\windows\ServicePackFiles\i386\msconfig.exe
- 2008-04-14 00:12:27 23,552 ------w c:\windows\ServicePackFiles\i386\msdtc.exe
+ 2009-02-18 20:20:52 6,144 ----a-w c:\windows\ServicePackFiles\i386\msdtc.exe
- 2008-04-14 00:12:27 46,592 ------w c:\windows\ServicePackFiles\i386\mshta.exe
+ 2009-02-18 20:20:55 29,184 ----a-w c:\windows\ServicePackFiles\i386\mshta.exe
- 2008-04-14 00:12:28 96,256 ------w c:\windows\ServicePackFiles\i386\msiexec.exe
+ 2009-02-18 20:20:56 78,848 ----a-w c:\windows\ServicePackFiles\i386\msiexec.exe
- 2008-04-14 00:12:28 77,824 ------w c:\windows\ServicePackFiles\i386\msimn.exe
+ 2009-02-18 20:20:57 60,416 ----a-w c:\windows\ServicePackFiles\i386\msimn.exe
- 2008-04-14 00:12:28 58,368 ------w c:\windows\ServicePackFiles\i386\msiregmv.exe
+ 2009-02-18 20:20:59 40,960 ----a-w c:\windows\ServicePackFiles\i386\msiregmv.exe
- 2008-04-14 00:12:28 1,712,640 ------w c:\windows\ServicePackFiles\i386\msmsgs.exe
+ 2009-02-18 20:21:01 1,695,232 ----a-w c:\windows\ServicePackFiles\i386\msmsgs.exe
- 2008-04-14 00:12:28 46,592 ------w c:\windows\ServicePackFiles\i386\msoobe.exe
+ 2009-02-18 20:21:28 29,184 ----a-w c:\windows\ServicePackFiles\i386\msoobe.exe
- 2008-04-14 00:12:28 360,448 ------w c:\windows\ServicePackFiles\i386\mspaint.exe
+ 2009-02-18 20:21:30 343,040 ----a-w c:\windows\ServicePackFiles\i386\mspaint.exe
- 2008-04-14 00:12:29 29,696 ------w c:\windows\ServicePackFiles\i386\mstinit.exe
+ 2009-02-18 20:21:35 12,288 ----a-w c:\windows\ServicePackFiles\i386\mstinit.exe
- 2004-08-04 05:59:40 424,960 -c----w c:\windows\ServicePackFiles\i386\mstsc.exe
+ 2009-02-18 20:21:36 407,552 -c--a-w c:\windows\ServicePackFiles\i386\mstsc.exe
- 2008-04-14 00:12:29 137,216 ------w c:\windows\ServicePackFiles\i386\mtstocom.exe
+ 2009-02-18 20:21:41 119,808 ----a-w c:\windows\ServicePackFiles\i386\mtstocom.exe
- 2008-04-14 00:12:29 108,032 ------w c:\windows\ServicePackFiles\i386\muisetup.exe
+ 2009-02-18 20:21:42 90,624 ----a-w c:\windows\ServicePackFiles\i386\muisetup.exe
- 2008-04-14 00:12:29 194,048 ------w c:\windows\ServicePackFiles\i386\napstat.exe
+ 2009-02-18 20:21:43 176,640 ----a-w c:\windows\ServicePackFiles\i386\napstat.exe
- 2008-04-14 00:12:29 71,168 ------w c:\windows\ServicePackFiles\i386\narrator.exe
+ 2009-02-18 20:21:44 53,760 ----a-w c:\windows\ServicePackFiles\i386\narrator.exe
- 2008-04-14 00:12:29 21,504 ------w c:\windows\ServicePackFiles\i386\nddeapir.exe
+ 2009-02-18 20:21:44 4,096 ----a-w c:\windows\ServicePackFiles\i386\nddeapir.exe
- 2008-04-14 00:12:29 59,904 ------w c:\windows\ServicePackFiles\i386\net.exe
+ 2009-02-18 20:21:45 42,496 ----a-w c:\windows\ServicePackFiles\i386\net.exe
- 2008-04-14 00:12:29 142,336 ------w c:\windows\ServicePackFiles\i386\net1.exe
+ 2009-02-18 20:21:45 124,928 ----a-w c:\windows\ServicePackFiles\i386\net1.exe
- 2008-04-14 00:12:29 128,512 ------w c:\windows\ServicePackFiles\i386\netdde.exe
+ 2009-02-18 20:21:50 111,104 ----a-w c:\windows\ServicePackFiles\i386\netdde.exe
- 2008-04-14 00:16:51 349,184 ------w c:\windows\ServicePackFiles\i386\netsetup.exe
+ 2009-02-18 20:21:51 331,776 ----a-w c:\windows\ServicePackFiles\i386\netsetup.exe
- 2008-04-14 00:12:29 103,424 ------w c:\windows\ServicePackFiles\i386\netsh.exe
+ 2009-02-18 20:21:52 86,016 ----a-w c:\windows\ServicePackFiles\i386\netsh.exe
- 2008-04-14 00:12:29 54,272 ------w c:\windows\ServicePackFiles\i386\netstat.exe
+ 2009-02-18 20:21:53 36,864 ----a-w c:\windows\ServicePackFiles\i386\netstat.exe
- 2008-04-14 00:12:29 86,528 ------w c:\windows\ServicePackFiles\i386\notepad.exe
+ 2009-02-18 20:21:58 69,120 ----a-w c:\windows\ServicePackFiles\i386\notepad.exe
- 2008-04-14 00:12:29 32,768 ------w c:\windows\ServicePackFiles\i386\nppagent.exe
+ 2009-02-18 20:21:58 15,360 ----a-w c:\windows\ServicePackFiles\i386\nppagent.exe
- 2008-04-14 00:12:29 94,208 ------w c:\windows\ServicePackFiles\i386\nslookup.exe
+ 2009-02-18 20:21:59 76,800 ----a-w c:\windows\ServicePackFiles\i386\nslookup.exe
- 2008-04-14 00:12:30 438,272 ------w c:\windows\ServicePackFiles\i386\ntvdm.exe
+ 2009-02-18 20:22:05 420,864 ----a-w c:\windows\ServicePackFiles\i386\ntvdm.exe
- 2008-04-14 00:12:30 53,248 ------w c:\windows\ServicePackFiles\i386\odbcad32.exe
+ 2009-02-18 20:22:11 32,768 ----a-w c:\windows\ServicePackFiles\i386\odbcad32.exe
- 2008-04-14 00:12:30 90,112 ------w c:\windows\ServicePackFiles\i386\odbcconf.exe
+ 2009-02-18 20:22:11 69,632 ----a-w c:\windows\ServicePackFiles\i386\odbcconf.exe
- 2008-04-14 00:12:30 77,824 ------w c:\windows\ServicePackFiles\i386\oemig50.exe
+ 2009-02-18 20:22:13 60,416 ----a-w c:\windows\ServicePackFiles\i386\oemig50.exe
- 2008-04-14 00:12:31 68,608 ------w c:\windows\ServicePackFiles\i386\oobebaln.exe
+ 2009-02-18 20:22:15 51,200 ----a-w c:\windows\ServicePackFiles\i386\oobebaln.exe
- 2008-04-14 00:12:31 232,960 ------w c:\windows\ServicePackFiles\i386\osk.exe
+ 2009-02-18 20:22:16 215,552 ----a-w c:\windows\ServicePackFiles\i386\osk.exe
- 2008-04-14 00:12:31 75,776 ------w c:\windows\ServicePackFiles\i386\packager.exe
+ 2009-02-18 20:22:17 58,368 ----a-w c:\windows\ServicePackFiles\i386\packager.exe
- 2008-04-14 00:12:31 33,280 ------w c:\windows\ServicePackFiles\i386\perfmon.exe
+ 2009-02-18 20:22:19 15,872 ----a-w c:\windows\ServicePackFiles\i386\perfmon.exe
- 2008-04-14 00:12:31 298,496 ------w c:\windows\ServicePackFiles\i386\pinball.exe
+ 2009-02-18 20:22:21 281,088 ----a-w c:\windows\ServicePackFiles\i386\pinball.exe
- 2008-04-14 00:12:31 35,328 ------w c:\windows\ServicePackFiles\i386\ping.exe
+ 2009-02-18 20:22:21 17,920 ----a-w c:\windows\ServicePackFiles\i386\ping.exe
- 2008-04-14 00:12:31 66,560 ------w c:\windows\ServicePackFiles\i386\powercfg.exe
+ 2009-02-18 20:22:25 49,152 ----a-w c:\windows\ServicePackFiles\i386\powercfg.exe
- 2008-04-14 00:12:31 126,976 ------w c:\windows\ServicePackFiles\i386\progman.exe
+ 2009-02-18 20:22:28 109,568 ----a-w c:\windows\ServicePackFiles\i386\progman.exe
- 2008-04-14 00:12:32 67,584 ------w c:\windows\ServicePackFiles\i386\proquota.exe
+ 2009-02-18 20:22:28 50,176 ----a-w c:\windows\ServicePackFiles\i386\proquota.exe
- 2008-04-14 00:12:32 26,624 ------w c:\windows\ServicePackFiles\i386\proxycfg.exe
+ 2009-02-18 20:22:28 9,216 ----a-w c:\windows\ServicePackFiles\i386\proxycfg.exe
- 2008-04-14 00:12:32 37,376 ------w c:\windows\ServicePackFiles\i386\qprocess.exe
+ 2009-02-18 20:22:31 19,968 ----a-w c:\windows\ServicePackFiles\i386\qprocess.exe
- 2008-04-14 00:12:32 74,240 ------w c:\windows\ServicePackFiles\i386\rasphone.exe
+ 2009-02-18 20:22:33 56,832 ----a-w c:\windows\ServicePackFiles\i386\rasphone.exe
- 2008-04-14 00:12:32 53,248 ------w c:\windows\ServicePackFiles\i386\rcimlby.exe
+ 2009-02-18 20:22:34 35,840 ----a-w c:\windows\ServicePackFiles\i386\rcimlby.exe
- 2008-04-14 00:12:32 38,912 ------w c:\windows\ServicePackFiles\i386\rcp.exe
+ 2009-02-18 20:22:34 21,504 ----a-w c:\windows\ServicePackFiles\i386\rcp.exe
- 2008-04-14 00:12:32 80,384 ------w c:\windows\ServicePackFiles\i386\rdpclip.exe
+ 2009-02-18 20:22:35 62,976 ----a-w c:\windows\ServicePackFiles\i386\rdpclip.exe
- 2008-04-14 00:12:32 31,232 ------w c:\windows\ServicePackFiles\i386\rdsaddin.exe
+ 2009-02-18 20:22:35 13,824 ----a-w c:\windows\ServicePackFiles\i386\rdsaddin.exe
- 2008-04-14 00:12:32 84,480 ------w c:\windows\ServicePackFiles\i386\rdshost.exe
+ 2009-02-18 20:22:35 67,072 ----a-w c:\windows\ServicePackFiles\i386\rdshost.exe
- 2008-04-14 00:12:32 67,584 ------w c:\windows\ServicePackFiles\i386\reg.exe
+ 2009-02-18 20:22:36 50,176 ----a-w c:\windows\ServicePackFiles\i386\reg.exe
- 2008-04-14 00:12:32 163,840 ------w c:\windows\ServicePackFiles\i386\regedit.exe
+ 2009-02-18 20:22:36 146,432 ----a-w c:\windows\ServicePackFiles\i386\regedit.exe
- 2008-04-14 00:12:32 29,184 ------w c:\windows\ServicePackFiles\i386\regsvr32.exe
+ 2009-02-18 20:22:37 11,776 ----a-w c:\windows\ServicePackFiles\i386\regsvr32.exe
- 2008-04-14 00:12:33 31,232 ------w c:\windows\ServicePackFiles\i386\rexec.exe
+ 2009-02-18 20:22:39 13,824 ----a-w c:\windows\ServicePackFiles\i386\rexec.exe
- 2008-04-14 00:12:33 32,256 ------w c:\windows\ServicePackFiles\i386\rsh.exe
+ 2009-02-18 20:22:41 14,848 ----a-w c:\windows\ServicePackFiles\i386\rsh.exe
- 2008-04-14 00:12:33 397,824 ------w c:\windows\ServicePackFiles\i386\rstrui.exe
+ 2009-02-18 20:22:41 380,416 ----a-w c:\windows\ServicePackFiles\i386\rstrui.exe
- 2008-04-14 00:12:33 94,720 ------w c:\windows\ServicePackFiles\i386\rtcshare.exe
+ 2009-02-18 20:22:41 77,312 ----a-w c:\windows\ServicePackFiles\i386\rtcshare.exe
- 2008-04-14 00:12:33 50,688 ------w c:\windows\ServicePackFiles\i386\rundll32.exe
+ 2009-02-18 20:22:42 33,280 ----a-w c:\windows\ServicePackFiles\i386\rundll32.exe
- 2008-04-14 00:12:33 31,744 ------w c:\windows\ServicePackFiles\i386\runonce.exe
+ 2009-02-18 20:22:42 14,336 ----a-w c:\windows\ServicePackFiles\i386\runonce.exe
- 2008-04-14 00:12:33 30,720 ------w c:\windows\ServicePackFiles\i386\savedump.exe
+ 2009-02-18 20:22:44 13,312 ----a-w c:\windows\ServicePackFiles\i386\savedump.exe
- 2008-04-14 00:12:33 113,152 ------w c:\windows\ServicePackFiles\i386\scardsvr.exe
+ 2009-02-18 20:22:44 95,744 ----a-w c:\windows\ServicePackFiles\i386\scardsvr.exe
- 2008-04-14 00:12:34 53,760 ------w c:\windows\ServicePackFiles\i386\scrcons.exe
+ 2009-02-18 20:22:45 36,352 ----a-w c:\windows\ServicePackFiles\i386\scrcons.exe
- 2008-04-14 00:12:43 26,624 ------w c:\windows\ServicePackFiles\i386\scrnsave.scr
+ 2009-02-18 20:22:46 9,216 ----a-w c:\windows\ServicePackFiles\i386\scrnsave.scr
- 2008-04-14 00:12:34 94,720 ------w c:\windows\ServicePackFiles\i386\sdbinst.exe
+ 2009-02-18 20:22:46 77,312 ----a-w c:\windows\ServicePackFiles\i386\sdbinst.exe
- 2008-04-14 00:12:34 125,952 ------w c:\windows\ServicePackFiles\i386\services.exe
+ 2009-02-18 20:22:48 108,544 ----a-w c:\windows\ServicePackFiles\i386\services.exe
- 2008-04-14 00:12:34 158,720 ------w c:\windows\ServicePackFiles\i386\sessmgr.exe
+ 2009-02-18 20:22:48 141,312 ----a-w c:\windows\ServicePackFiles\i386\sessmgr.exe
- 2008-04-14 00:12:34 48,640 ------w c:\windows\ServicePackFiles\i386\sethc.exe
+ 2009-02-18 20:22:49 31,232 ----a-w c:\windows\ServicePackFiles\i386\sethc.exe
- 2008-04-14 00:12:34 40,448 ------w c:\windows\ServicePackFiles\i386\setup.exe
+ 2009-02-18 20:22:49 23,040 ----a-w c:\windows\ServicePackFiles\i386\setup.exe
- 2004-08-04 07:56:56 794,624 -c----w c:\windows\ServicePackFiles\i386\setup_wm.exe
+ 2009-02-18 20:22:50 774,144 -c--a-w c:\windows\ServicePackFiles\i386\setup_wm.exe
- 2008-04-14 00:12:34 90,624 ------w c:\windows\ServicePackFiles\i386\setup50.exe
+ 2009-02-18 20:22:49 73,216 ----a-w c:\windows\ServicePackFiles\i386\setup50.exe
- 2008-04-14 00:12:35 53,248 ------w c:\windows\ServicePackFiles\i386\setupn.exe
+ 2009-02-18 20:22:49 32,768 ----a-w c:\windows\ServicePackFiles\i386\setupn.exe
- 2008-04-14 00:12:35 62,464 ------w c:\windows\ServicePackFiles\i386\shmgrate.exe
+ 2009-02-18 20:22:52 45,056 ----a-w c:\windows\ServicePackFiles\i386\shmgrate.exe
- 2008-04-14 00:12:35 95,232 ------w c:\windows\ServicePackFiles\i386\shrpubw.exe
+ 2009-02-18 20:22:52 77,824 ----a-w c:\windows\ServicePackFiles\i386\shrpubw.exe
- 2008-04-14 00:12:35 36,917 ------w c:\windows\ServicePackFiles\i386\shtml.exe
+ 2009-02-18 20:22:52 16,384 ----a-w c:\windows\ServicePackFiles\i386\shtml.exe
- 2008-04-14 00:12:35 36,864 ------w c:\windows\ServicePackFiles\i386\shutdown.exe
+ 2009-02-18 20:22:53 19,456 ----a-w c:\windows\ServicePackFiles\i386\shutdown.exe
- 2008-04-14 00:12:35 87,552 ------w c:\windows\ServicePackFiles\i386\sigverif.exe
+ 2009-02-18 20:22:53 70,144 ----a-w c:\windows\ServicePackFiles\i386\sigverif.exe
- 2008-04-14 00:12:35 43,520 ------w c:\windows\ServicePackFiles\i386\skeys.exe
+ 2009-02-18 20:22:53 26,112 ----a-w c:\windows\ServicePackFiles\i386\skeys.exe
- 2008-04-14 00:12:35 53,346 ------w c:\windows\ServicePackFiles\i386\slrundll.exe
+ 2009-02-18 20:22:55 32,768 ----a-w c:\windows\ServicePackFiles\i386\slrundll.exe
- 2008-04-14 00:12:35 94,276 ------w c:\windows\ServicePackFiles\i386\slserv.exe
+ 2009-02-18 20:22:55 73,728 ----a-w c:\windows\ServicePackFiles\i386\slserv.exe
- 2008-04-14 00:12:35 25,600 ------w c:\windows\ServicePackFiles\i386\smbinst.exe
+ 2009-02-18 20:22:56 8,192 ----a-w c:\windows\ServicePackFiles\i386\smbinst.exe
- 2008-04-14 00:12:35 253,952 ------w c:\windows\ServicePackFiles\i386\smi2smir.exe
+ 2009-02-18 20:22:56 236,544 ----a-w c:\windows\ServicePackFiles\i386\smi2smir.exe
- 2008-04-14 00:12:35 107,008 ------w c:\windows\ServicePackFiles\i386\smlogsvc.exe
+ 2009-02-18 20:22:56 89,600 ----a-w c:\windows\ServicePackFiles\i386\smlogsvc.exe
- 2008-04-14 00:12:36 148,992 ------w c:\windows\ServicePackFiles\i386\sndrec32.exe
+ 2009-02-18 20:22:57 131,584 ----a-w c:\windows\ServicePackFiles\i386\sndrec32.exe
- 2008-04-14 00:12:36 50,688 ------w c:\windows\ServicePackFiles\i386\snmp.exe
+ 2009-02-18 20:22:57 33,280 ----a-w c:\windows\ServicePackFiles\i386\snmp.exe
- 2008-04-14 00:12:36 26,112 ------w c:\windows\ServicePackFiles\i386\snmptrap.exe
+ 2009-02-18 20:22:58 8,704 ----a-w c:\windows\ServicePackFiles\i386\snmptrap.exe
- 2008-04-14 00:12:36 41,984 ------w c:\windows\ServicePackFiles\i386\sort.exe
+ 2009-02-18 20:22:58 24,576 ----a-w c:\windows\ServicePackFiles\i386\sort.exe
- 2008-04-14 00:12:36 25,088 ------w c:\windows\ServicePackFiles\i386\spdwnwxp.exe
+ 2009-02-18 20:22:59 7,680 ----a-w c:\windows\ServicePackFiles\i386\spdwnwxp.exe
- 2008-04-14 00:12:36 556,032 ------w c:\windows\ServicePackFiles\i386\spider.exe
+ 2009-02-18 20:22:59 538,624 ----a-w c:\windows\ServicePackFiles\i386\spider.exe
- 2008-04-14 12:42:38 28,672 ------w c:\windows\ServicePackFiles\i386\spnpinst.exe
+ 2009-02-18 20:23:00 11,264 ----a-w c:\windows\ServicePackFiles\i386\spnpinst.exe
- 2008-04-14 00:12:36 38,400 ------w c:\windows\ServicePackFiles\i386\spupdwxp.exe
+ 2009-02-18 20:23:02 20,992 ----a-w c:\windows\ServicePackFiles\i386\spupdwxp.exe
- 2008-04-14 00:12:43 724,992 ------w c:\windows\ServicePackFiles\i386\ss3dfo.scr
+ 2009-02-18 20:23:04 704,512 ----a-w c:\windows\ServicePackFiles\i386\ss3dfo.scr
- 2008-04-14 00:12:43 37,376 ------w c:\windows\ServicePackFiles\i386\ssbezier.scr
+ 2009-02-18 20:23:05 19,968 ----a-w c:\windows\ServicePackFiles\i386\ssbezier.scr
- 2008-04-14 00:12:43 413,696 ------w c:\windows\ServicePackFiles\i386\ssflwbox.scr
+ 2009-02-18 20:23:05 393,216 ----a-w c:\windows\ServicePackFiles\i386\ssflwbox.scr
- 2008-04-14 00:12:44 38,400 ------w c:\windows\ServicePackFiles\i386\ssmarque.scr
+ 2009-02-18 20:23:06 20,992 ----a-w c:\windows\ServicePackFiles\i386\ssmarque.scr
- 2008-04-14 00:12:44 64,512 ------w c:\windows\ServicePackFiles\i386\ssmypics.scr
+ 2009-02-18 20:23:06 47,104 ----a-w c:\windows\ServicePackFiles\i386\ssmypics.scr
- 2008-04-14 00:12:44 36,352 ------w c:\windows\ServicePackFiles\i386\ssmyst.scr
+ 2009-02-18 20:23:06 18,944 ----a-w c:\windows\ServicePackFiles\i386\ssmyst.scr
- 2008-04-14 00:12:44 630,784 ------w c:\windows\ServicePackFiles\i386\sspipes.scr
+ 2009-02-18 20:23:06 610,304 ----a-w c:\windows\ServicePackFiles\i386\sspipes.scr
- 2008-04-14 00:12:44 31,744 ------w c:\windows\ServicePackFiles\i386\ssstars.scr
+ 2009-02-18 20:23:07 14,336 ----a-w c:\windows\ServicePackFiles\i386\ssstars.scr
- 2008-04-14 00:12:44 700,416 ------w c:\windows\ServicePackFiles\i386\sstext3d.scr
+ 2009-02-18 20:23:07 679,936 ----a-w c:\windows\ServicePackFiles\i386\sstext3d.scr
- 2008-04-14 00:12:36 32,256 ------w c:\windows\ServicePackFiles\i386\stimon.exe
+ 2009-02-18 20:23:08 14,848 ----a-w c:\windows\ServicePackFiles\i386\stimon.exe
- 2008-04-14 00:12:36 36,929 ------w c:\windows\ServicePackFiles\i386\stub_fpsrvadm.exe
+ 2009-02-18 20:23:09 16,384 ----a-w c:\windows\ServicePackFiles\i386\stub_fpsrvadm.exe
- 2008-04-14 00:12:36 86,081 ------w c:\windows\ServicePackFiles\i386\stub_fpsrvwin.exe
+ 2009-02-18 20:23:09 65,536 ----a-w c:\windows\ServicePackFiles\i386\stub_fpsrvwin.exe
- 2008-04-14 00:12:36 31,744 ------w c:\windows\ServicePackFiles\i386\svchost.exe
+ 2009-02-18 20:23:10 14,336 ----a-w c:\windows\ServicePackFiles\i386\svchost.exe
- 2008-04-14 00:12:37 123,904 ------w c:\windows\ServicePackFiles\i386\sysocmgr.exe
+ 2009-02-18 20:23:12 106,496 ----a-w c:\windows\ServicePackFiles\i386\sysocmgr.exe
- 2008-04-14 00:12:37 153,088 ------w c:\windows\ServicePackFiles\i386\taskmgr.exe
+ 2009-02-18 20:23:14 135,680 ----a-w c:\windows\ServicePackFiles\i386\taskmgr.exe
- 2008-04-14 00:12:37 53,307 ------w c:\windows\ServicePackFiles\i386\tcptest.exe
+ 2009-02-18 20:23:15 32,768 ----a-w c:\windows\ServicePackFiles\i386\tcptest.exe
- 2008-04-14 00:12:37 93,184 ------w c:\windows\ServicePackFiles\i386\telnet.exe
+ 2009-02-18 20:23:15 75,776 ----a-w c:\windows\ServicePackFiles\i386\telnet.exe
- 2008-04-14 00:12:38 364,544 ------w c:\windows\ServicePackFiles\i386\tourstrt.exe
+ 2009-02-18 20:23:17 347,136 ----a-w c:\windows\ServicePackFiles\i386\tourstrt.exe
- 2008-04-14 00:12:38 100,352 ------w c:\windows\ServicePackFiles\i386\tp4mon.exe
+ 2009-02-18 20:23:17 82,944 ----a-w c:\windows\ServicePackFiles\i386\tp4mon.exe
- 2008-04-14 00:12:38 29,696 ------w c:\windows\ServicePackFiles\i386\tracert.exe
+ 2009-02-18 20:23:18 12,288 ----a-w c:\windows\ServicePackFiles\i386\tracert.exe
- 2004-08-04 05:59:27 61,952 -c----w c:\windows\ServicePackFiles\i386\tscupgrd.exe
+ 2009-02-18 20:23:19 44,544 -c--a-w c:\windows\ServicePackFiles\i386\tscupgrd.exe
- 2008-04-14 00:12:38 77,824 ------w c:\windows\ServicePackFiles\i386\tzchange.exe
+ 2009-02-18 20:23:31 60,416 ----a-w c:\windows\ServicePackFiles\i386\tzchange.exe
- 2004-08-04 07:56:57 229,376 -c----w c:\windows\ServicePackFiles\i386\unregmp2.exe
+ 2009-02-18 20:23:33 208,896 -c--a-w c:\windows\ServicePackFiles\i386\unregmp2.exe
- 2008-04-14 00:12:38 167,936 ------w c:\windows\ServicePackFiles\i386\uploadm.exe
+ 2009-02-18 20:23:35 150,528 ----a-w c:\windows\ServicePackFiles\i386\uploadm.exe
- 2008-04-14 00:12:38 34,304 ------w c:\windows\ServicePackFiles\i386\upnpcont.exe
+ 2009-02-18 20:23:35 16,896 ----a-w c:\windows\ServicePackFiles\i386\upnpcont.exe
- 2008-04-14 00:12:38 35,840 ------w c:\windows\ServicePackFiles\i386\ups.exe
+ 2009-02-18 20:23:35 18,432 ----a-w c:\windows\ServicePackFiles\i386\ups.exe
- 2008-04-14 00:12:38 67,584 ------w c:\windows\ServicePackFiles\i386\utilman.exe
+ 2009-02-18 20:23:38 50,176 ----a-w c:\windows\ServicePackFiles\i386\utilman.exe
- 2008-04-14 00:12:38 46,080 ------w c:\windows\ServicePackFiles\i386\verclsid.exe
+ 2009-02-18 20:23:39 28,672 ----a-w c:\windows\ServicePackFiles\i386\verclsid.exe
- 2008-04-14 00:12:38 307,200 ------w c:\windows\ServicePackFiles\i386\vssvc.exe
+ 2009-02-18 20:23:41 289,792 ----a-w c:\windows\ServicePackFiles\i386\vssvc.exe
- 2008-04-14 00:12:38 63,488 ------w c:\windows\ServicePackFiles\i386\wab.exe
+ 2009-02-18 20:23:41 46,080 ----a-w c:\windows\ServicePackFiles\i386\wab.exe
- 2008-04-14 00:12:39 47,616 ------w c:\windows\ServicePackFiles\i386\wabmig.exe
+ 2009-02-18 20:23:42 30,208 ----a-w c:\windows\ServicePackFiles\i386\wabmig.exe
- 2008-04-14 00:12:39 133,632 ------w c:\windows\ServicePackFiles\i386\wbemtest.exe
+ 2009-02-18 20:23:45 116,224 ----a-w c:\windows\ServicePackFiles\i386\wbemtest.exe
- 2008-04-14 00:12:39 82,432 ------w c:\windows\ServicePackFiles\i386\wextract.exe
+ 2009-02-18 20:23:47 65,024 ----a-w c:\windows\ServicePackFiles\i386\wextract.exe
- 2008-04-14 00:12:39 451,072 ------w c:\windows\ServicePackFiles\i386\wiaacmgr.exe
+ 2009-02-18 20:23:48 433,664 ----a-w c:\windows\ServicePackFiles\i386\wiaacmgr.exe
- 2008-04-14 00:12:39 301,056 ------w c:\windows\ServicePackFiles\i386\winhlp32.exe
+ 2009-02-18 20:23:50 283,648 ----a-w c:\windows\ServicePackFiles\i386\winhlp32.exe
- 2008-04-14 00:12:39 525,312 ------w c:\windows\ServicePackFiles\i386\winlogon.exe
+ 2009-02-18 20:23:51 507,904 ----a-w c:\windows\ServicePackFiles\i386\winlogon.exe
- 2008-04-14 00:12:40 23,040 ------w c:\windows\ServicePackFiles\i386\winver.exe
+ 2009-02-18 20:23:54 5,632 ----a-w c:\windows\ServicePackFiles\i386\winver.exe
- 2008-04-14 00:12:40 214,016 ------w c:\windows\ServicePackFiles\i386\wmiadap.exe
+ 2009-02-18 20:23:57 196,608 ----a-w c:\windows\ServicePackFiles\i386\wmiadap.exe
- 2008-04-14 00:12:40 143,872 ------w c:\windows\ServicePackFiles\i386\wmiapsrv.exe
+ 2009-02-18 20:23:57 126,464 ----a-w c:\windows\ServicePackFiles\i386\wmiapsrv.exe
- 2008-04-14 00:12:40 235,520 ------w c:\windows\ServicePackFiles\i386\wmiprvse.exe
+ 2009-02-18 20:23:58 218,112 ----a-w c:\windows\ServicePackFiles\i386\wmiprvse.exe
- 2004-08-04 07:56:57 94,208 -c----w c:\windows\ServicePackFiles\i386\wmplayer.exe
+ 2009-02-18 20:24:12 73,728 -c--a-w c:\windows\ServicePackFiles\i386\wmplayer.exe
- 2008-04-14 00:12:40 231,936 ------w c:\windows\ServicePackFiles\i386\wordpad.exe
+ 2009-02-18 20:24:15 214,528 ----a-w c:\windows\ServicePackFiles\i386\wordpad.exe
- 2008-04-14 00:12:40 49,664 ------w c:\windows\ServicePackFiles\i386\wpabaln.exe
+ 2009-02-18 20:24:16 32,256 ----a-w c:\windows\ServicePackFiles\i386\wpabaln.exe
- 2008-04-14 00:12:41 28,672 ------w c:\windows\ServicePackFiles\i386\wpnpinst.exe
+ 2009-02-18 20:24:16 11,264 ----a-w c:\windows\ServicePackFiles\i386\wpnpinst.exe
- 2008-04-14 00:12:41 31,232 ------w c:\windows\ServicePackFiles\i386\wscntfy.exe
+ 2009-02-18 20:24:17 13,824 ----a-w c:\windows\ServicePackFiles\i386\wscntfy.exe
- 2008-04-14 00:12:41 176,128 ------w c:\windows\ServicePackFiles\i386\wscript.exe
+ 2009-02-18 20:24:17 155,648 ----a-w c:\windows\ServicePackFiles\i386\wscript.exe
- 2008-04-14 00:12:41 128,512 ------w c:\windows\ServicePackFiles\i386\wuauclt.exe
+ 2009-02-18 20:24:20 111,104 ----a-w c:\windows\ServicePackFiles\i386\wuauclt.exe
- 2008-04-14 00:12:41 183,296 ------w c:\windows\ServicePackFiles\i386\wuauclt1.exe
+ 2009-02-18 20:24:20 165,888 ----a-w c:\windows\ServicePackFiles\i386\wuauclt1.exe
- 2008-04-14 00:12:41 48,128 ------w c:\windows\ServicePackFiles\i386\xcopy.exe
+ 2009-02-18 20:24:23 30,720 ----a-w c:\windows\ServicePackFiles\i386\xcopy.exe
- 2008-04-13 18:53:32 575,488 ------w c:\windows\ServicePackFiles\i386\xpnetdg.exe
+ 2009-02-18 20:24:28 558,080 ----a-w c:\windows\ServicePackFiles\i386\xpnetdg.exe




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users