loukass

Membres

Afficher le profil Afficher son activité

Compteur de contenus
33
Inscription
le 16 mai 2008
Dernière visite
le 4 juin 2008

Type de contenu

Toute l’activité

Profils

Forums

Blogs

Tout ce qui a été posté par loukass

grosse infection[résolu]

loukass a répondu à un(e) sujet de loukass dans Analyses et éradication malwares

Salut, A y est,j'ai pu récuperer "regedit.ex";suis allé le chercher dans les sous-dossiers du CD. Par contre depuis ma dernière analyse Combo: mon bureau et toutes les fonctions du démarrage ont disparues(plus de programmes ni documents ,raccourçis inexistant,internet ausi ...).Je suis obligé de travailler en mode sans échec pour y avoir accès. Je crois avoir lancé l'analyse Combo 'en mode sans échec' ça doit avoir un rapport Allé le rapport Combo: ComboFix 08-05-12.1 - lucas 2008-05-19 19:45:10.5 - NTFSx86 MINIMAL Microsoft Windows XP Professionnel 5.1.2600.0.1252.1.1036.18.414 [GMT 2:00] Endroit: C:\Documents and Settings\lucas\Bureau\ComboFix.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\lucas\Application Data\SSEMBL~1 C:\Documents and Settings\lucas\Application Data\WNSXS~1 C:\Program Files\inetget2 C:\Program Files\JavaCore C:\Program Files\JavaCore\UnInstall.exe C:\Program Files\Temporary C:\WINDOWS\pskt.ini C:\WINDOWS\system32\cMWGOqru.ini . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-19 to 2008-05-19 )))))))))))))))))))))))))))))))))))) . 2008-05-19 19:48 . 2008-05-19 19:49 166,912 -ra------ C:\WINDOWS\system32\updatees.exe 2008-05-19 19:44 . 2001-08-28 14:00 150,528 --a------ C:\WINDOWS\REGEDIT.EXE 2008-05-19 19:41 . 2001-08-28 14:00 150,528 --------- C:\REGEDIT.EXE 2008-05-19 14:36 . 2008-05-19 14:36 47,104 --a------ C:\WINDOWS\mrofinu1001186.exe 2008-05-19 05:39 . 2008-05-19 05:39 13,502 --a------ C:\WINDOWS\system32\JambaIconFR.ico 2008-05-19 05:38 . 2008-05-19 05:38 9,662 --a------ C:\WINDOWS\system32\ZoneAlarmIconFR.ico 2008-05-19 05:08 . 2008-05-19 05:08 <REP> d-------- C:\Program Files\Spcron 2008-05-19 04:57 . 2008-05-19 13:49 <REP> d-------- C:\Program Files\Svconr 2008-05-19 03:16 . 2008-05-19 03:16 <REP> d---s---- C:\WINDOWS\system32\Microsoft 2008-05-19 02:17 . 2008-05-19 03:17 <REP> d--h-c--- C:\WINDOWS\$xpsp1hfm$ 2008-05-19 02:17 . 2008-05-19 04:37 24,576 --a------ C:\WINDOWS\system32\xpsp1hfm.exe 2008-05-18 14:16 . 2008-05-18 14:16 60 --a------ C:\WINDOWS\system32\i 2008-05-18 05:35 . 2008-05-18 05:35 <REP> d-------- C:\WINDOWS\ERUNT 2008-05-18 05:21 . 2008-05-19 04:37 92,672 --a------ C:\WINDOWS\system32\fiwcr.exe 2008-05-18 05:21 . 2008-05-19 04:37 26,112 --a------ C:\WINDOWS\system32\supxnqbj.exe 2008-05-18 05:21 . 2008-05-19 04:37 23,040 --a------ C:\WINDOWS\system32\jrpjb.exe 2008-05-18 05:21 . 2008-05-19 04:37 9,216 --a------ C:\WINDOWS\system32\opluoht.exe 2008-05-18 05:21 . 2008-05-18 05:21 1,635 --a------ C:\WINDOWS\system32\vhlcl.exe 2008-05-18 05:21 . 2008-05-18 05:21 1,635 --a------ C:\WINDOWS\system32\rtharh.exe 2008-05-17 17:19 . 2008-05-19 04:37 92,672 --a------ C:\WINDOWS\system32\muoa.exe 2008-05-17 17:19 . 2008-05-19 04:37 26,112 --a------ C:\WINDOWS\system32\mxoae.exe 2008-05-17 17:19 . 2008-05-19 04:37 23,040 --a------ C:\WINDOWS\system32\swgxue.exe 2008-05-17 17:19 . 2008-05-19 04:37 9,216 --a------ C:\WINDOWS\system32\oekcd.exe 2008-05-17 17:19 . 2008-05-17 17:19 1,635 --a------ C:\WINDOWS\system32\ssmsqz.exe 2008-05-17 17:19 . 2008-05-17 17:19 1,635 --a------ C:\WINDOWS\system32\ahykja.exe 2008-05-17 16:49 . 2008-05-19 04:37 92,672 --a------ C:\WINDOWS\system32\xomnd.exe 2008-05-17 16:49 . 2008-05-19 04:37 26,112 --a------ C:\WINDOWS\system32\yhpahsk.exe 2008-05-17 16:49 . 2008-05-19 04:37 23,040 --a------ C:\WINDOWS\system32\mxfohaga.exe 2008-05-17 16:49 . 2008-05-17 16:49 18,944 --a------ C:\WINDOWS\system32\udthgju.exe 2008-05-17 16:49 . 2008-05-17 16:49 1,635 --a------ C:\WINDOWS\system32\naopll.exe 2008-05-17 16:49 . 2008-05-17 16:49 1,635 --a------ C:\WINDOWS\system32\jyvrjqui.exe 2008-05-17 16:43 . 2008-05-17 16:49 44,184 --ah----- C:\WINDOWS\system32\vqvlxbnu.exe 2008-05-17 16:19 . 2008-05-17 16:29 82,600 --ah----- C:\WINDOWS\system32\ujylvz.exe 2008-05-17 16:17 . 2008-05-17 16:17 <REP> d-------- C:\Documents and Settings\lucas\Application Data\Malwarebytes 2008-05-17 16:16 . 2008-05-17 16:16 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-05-17 16:16 . 2008-05-17 16:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-05-17 16:16 . 2008-05-05 20:46 27,048 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys 2008-05-17 16:16 . 2008-05-05 20:46 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2008-05-17 16:14 . 2008-05-19 04:36 92,672 --a------ C:\WINDOWS\system32\bwwflwtt.exe 2008-05-17 16:14 . 2008-05-19 04:36 26,112 --a------ C:\WINDOWS\system32\bknq.exe 2008-05-17 16:14 . 2008-05-19 04:37 23,040 --a------ C:\WINDOWS\system32\fsciefz.exe 2008-05-17 16:14 . 2008-05-17 16:14 18,944 --a------ C:\WINDOWS\system32\zvse.exe 2008-05-17 16:13 . 2008-05-17 16:13 11,520 --a------ C:\WINDOWS\system32\ujargygb.exe 2008-05-17 16:05 . 2008-05-17 16:28 125,952 --------- C:\WINDOWS\system32\yxmmouky.dll 2008-05-17 16:05 . 2008-05-17 16:28 116,224 --------- C:\WINDOWS\system32\xbpwskkj.dll 2008-05-17 16:04 . 2008-05-17 16:28 371,712 --------- C:\WINDOWS\system32\urqOGWMc.dll 2008-05-17 15:59 . 2008-05-17 16:28 57,344 --------- C:\WINDOWS\system32\geBsstrP.dll 2008-05-17 15:59 . 2008-05-19 04:37 26,112 --a------ C:\WINDOWS\system32\jgfb.exe 2008-05-17 15:59 . 2008-05-19 04:37 23,040 --a------ C:\WINDOWS\system32\snou.exe 2008-05-17 15:59 . 2008-05-17 15:59 18,944 --a------ C:\WINDOWS\system32\civksq.exe 2008-05-17 15:59 . 2008-05-17 15:59 1,635 --a------ C:\WINDOWS\system32\fomcwite.exe 2008-05-17 15:59 . 2008-05-17 15:59 1,635 --a------ C:\WINDOWS\system32\ehkfah.exe 2008-05-17 15:55 . 2008-05-19 04:37 76,800 --ah----- C:\WINDOWS\system32\zalm.exe 2008-05-17 15:51 . 2008-05-19 04:37 92,672 --a------ C:\WINDOWS\system32\hggq.exe 2008-05-17 15:51 . 2008-05-19 04:37 26,112 --a------ C:\WINDOWS\system32\mzadj.exe 2008-05-17 15:51 . 2008-05-19 04:37 23,040 --a------ C:\WINDOWS\system32\ohskkd.exe 2008-05-17 15:51 . 2008-05-19 04:37 9,216 --a------ C:\WINDOWS\system32\hpqagbu.exe 2008-05-17 15:51 . 2008-05-17 15:51 1,635 --a------ C:\WINDOWS\system32\idgy.exe 2008-05-17 15:51 . 2008-05-17 15:51 1,635 --a------ C:\WINDOWS\system32\eygic.exe 2008-05-17 15:31 . 2008-05-19 04:37 92,672 --a------ C:\WINDOWS\system32\vjltud.exe 2008-05-17 15:31 . 2008-05-19 04:37 26,112 --a------ C:\WINDOWS\system32\vxdyocf.exe 2008-05-17 15:31 . 2008-05-19 04:37 23,040 --a------ C:\WINDOWS\system32\jstmc.exe 2008-05-17 15:31 . 2008-05-19 04:37 9,216 --a------ C:\WINDOWS\system32\xcmhlvh.exe 2008-05-17 15:31 . 2008-05-17 15:31 1,635 --a------ C:\WINDOWS\system32\hpvuyjd.exe 2008-05-17 15:31 . 2008-05-17 15:31 1,635 --a------ C:\WINDOWS\system32\fmcn.exe 2008-05-17 15:26 . 2008-05-19 04:37 46,080 --a------ C:\WINDOWS\system32\llidsxkn.exe 2008-05-17 15:25 . 2008-05-17 15:27 14,336 --ah----- C:\WINDOWS\system32\hfzmv.exe 2008-05-17 15:15 . 2008-05-17 15:15 84 --a------ C:\WINDOWS\system32\c.bat 2008-05-17 15:06 . 2008-05-17 15:06 11,584 --a------ C:\WINDOWS\system32\hdxdibvn.exe 2008-05-17 15:05 . 2008-05-19 04:37 46,080 --a------ C:\WINDOWS\system32\pjsgnyfz.exe 2008-05-17 15:05 . 2008-05-19 04:37 26,112 --a------ C:\WINDOWS\system32\dske.exe 2008-05-17 15:05 . 2008-05-19 04:36 9,216 --a------ C:\WINDOWS\system32\brrqss.exe 2008-05-17 15:05 . 2008-05-17 15:05 1,635 --a------ C:\WINDOWS\system32\ukadogu.exe 2008-05-17 15:05 . 2008-05-17 15:05 1,635 --a------ C:\WINDOWS\system32\skemf.exe 2008-05-16 17:58 . 2008-05-19 04:37 92,672 --a------ C:\WINDOWS\system32\erlxsw.exe 2008-05-16 17:58 . 2008-05-16 17:58 55,808 --a------ C:\WINDOWS\system32\zmturno.exe 2008-05-16 17:58 . 2008-05-19 04:37 26,112 --a------ C:\WINDOWS\system32\nmqucv.exe 2008-05-16 17:58 . 2008-05-19 04:37 23,040 --a------ C:\WINDOWS\system32\olykuq.exe 2008-05-16 17:58 . 2008-05-16 17:58 1,635 --a------ C:\WINDOWS\system32\sgis.exe 2008-05-16 17:58 . 2008-05-16 17:58 1,635 --a------ C:\WINDOWS\system32\dagw.exe 2008-05-16 17:53 . 2008-05-19 04:37 46,080 --a------ C:\WINDOWS\system32\vunfm.exe 2008-05-16 17:53 . 2008-05-19 04:37 26,112 --a------ C:\WINDOWS\system32\ifny.exe 2008-05-16 17:53 . 2008-05-19 04:37 23,040 --a------ C:\WINDOWS\system32\idtubyyh.exe 2008-05-16 17:53 . 2008-05-16 17:53 1,635 --a------ C:\WINDOWS\system32\jqda.exe 2008-05-16 17:53 . 2008-05-16 17:53 1,635 --a------ C:\WINDOWS\system32\imot.exe 2008-05-16 17:47 . 2008-05-19 04:35 491,520 -r-hsc--- C:\WINDOWS\system32\dllcache\wingptd.exe 2008-05-16 17:43 . 2008-05-19 04:37 92,672 --a------ C:\WINDOWS\system32\lbxux.exe 2008-05-16 17:43 . 2008-05-19 04:37 46,080 --a------ C:\WINDOWS\system32\usggnf.exe 2008-05-16 17:43 . 2008-05-19 04:37 26,112 --a------ C:\WINDOWS\system32\gjmcozr.exe 2008-05-16 17:43 . 2008-05-19 04:37 23,040 --a------ C:\WINDOWS\system32\vvurq.exe 2008-05-16 17:43 . 2008-05-16 17:43 1,635 --a------ C:\WINDOWS\system32\zmxrwqb.exe 2008-05-16 17:43 . 2008-05-16 17:43 1,635 --a------ C:\WINDOWS\system32\rdtmcw.exe 2008-05-16 17:34 . 2008-05-19 04:36 46,080 --a------ C:\WINDOWS\system32\arpxbf.exe 2008-05-16 17:25 . 2008-05-19 04:37 50,176 --a------ C:\WINDOWS\system32\pygc.exe 2008-05-16 17:22 . 2008-05-19 04:37 26,112 --a------ C:\WINDOWS\system32\vlssmsop.exe 2008-05-16 17:22 . 2008-05-19 04:37 23,040 --a------ C:\WINDOWS\system32\qpow.exe 2008-05-16 17:22 . 2008-05-16 17:22 1,635 --a------ C:\WINDOWS\system32\qwlzzrk.exe 2008-05-16 17:22 . 2008-05-16 17:22 1,635 --a------ C:\WINDOWS\system32\eqnryzh.exe 2008-05-16 17:17 . 2008-05-19 04:37 92,672 --a------ C:\WINDOWS\system32\gcypfpbs.exe 2008-05-16 17:17 . 2008-05-19 04:37 26,112 --a------ C:\WINDOWS\system32\ukfeuwfy.exe 2008-05-16 17:17 . 2008-05-19 04:37 23,040 --a------ C:\WINDOWS\system32\zmnh.exe 2008-05-16 17:17 . 2008-05-16 17:17 1,635 --a------ C:\WINDOWS\system32\tevilf.exe 2008-05-16 17:17 . 2008-05-16 17:17 1,635 --a------ C:\WINDOWS\system32\fsvyvb.exe 2008-05-16 16:57 . 2008-05-16 16:58 42,496 --a------ C:\WINDOWS\system32\gzq.exe 2008-05-16 16:49 . 2008-05-16 16:49 35,840 --a------ C:\WINDOWS\system32\xcbi.exe 2008-05-16 16:49 . 2008-05-16 16:49 1,635 --a------ C:\WINDOWS\system32\zgpw.exe 2008-05-16 16:49 . 2008-05-16 16:49 1,635 --a------ C:\WINDOWS\system32\pnxewdo.exe 2008-05-16 16:47 . 2008-05-16 16:47 <REP> d-------- C:\Program Files\Avira 2008-05-16 16:34 . 2008-05-16 16:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-05-16 16:17 . 2008-05-16 16:17 1,024 --ah----- C:\WINDOWS\system32\config\systemprofile\NtUser.dat.LOG 2008-05-16 16:14 . 2008-05-19 04:36 26,112 --a------ C:\WINDOWS\system32\afbsahfp.exe 2008-05-16 16:14 . 2008-05-19 04:37 23,040 --a------ C:\WINDOWS\system32\pnmfp.exe 2008-05-16 16:14 . 2008-05-16 16:14 1,635 --a------ C:\WINDOWS\system32\qtvot.exe 2008-05-16 16:14 . 2008-05-16 16:14 1,635 --a------ C:\WINDOWS\system32\ohadods.exe 2008-05-16 16:03 . 2008-05-19 04:37 26,112 --a------ C:\WINDOWS\system32\iwfdhxar.exe 2008-05-16 16:03 . 2008-05-19 04:37 23,040 --a------ C:\WINDOWS\system32\hmihy.exe 2008-05-16 16:03 . 2008-05-16 16:03 1,635 --a------ C:\WINDOWS\system32\mzud.exe 2008-05-16 16:03 . 2008-05-16 16:03 1,635 --a------ C:\WINDOWS\system32\hdcbn.exe 2008-05-16 15:21 . 2008-05-19 04:36 26,112 --a------ C:\WINDOWS\system32\bofyws.exe 2008-05-16 15:21 . 2008-05-16 15:21 1,635 --a------ C:\WINDOWS\system32\qltcvoeo.exe 2008-05-16 15:21 . 2008-05-16 15:21 1,635 --a------ C:\WINDOWS\system32\kxnqfq.exe 2008-05-16 15:08 . 2008-05-19 04:37 26,112 --a------ C:\WINDOWS\system32\vjboq.exe 2008-05-16 15:08 . 2008-05-16 15:08 1,635 --a------ C:\WINDOWS\system32\dhwjw.exe 2008-05-16 15:08 . 2008-05-16 15:08 1,635 --a------ C:\WINDOWS\system32\bkdod.exe 2008-05-16 14:38 . 2008-05-19 04:37 2,048 --a------ C:\WINDOWS\system32\tefwyfks.exe . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-19 02:39 100,352 ----a-w C:\WINDOWS\system32\clipbrd.exe 2008-05-19 02:36 84,992 ----a-w C:\WINDOWS\system32\ahui.exe 2008-05-19 02:35 99,840 ----a-w C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\HelpHost.exe 2008-05-19 02:34 775,168 ----a-w C:\WINDOWS\system32\mmc.exe 2008-05-19 02:34 67,584 ----a-w C:\WINDOWS\system32\notepad.exe 2008-05-19 02:34 54,784 ----a-w C:\WINDOWS\system32\rasphone.exe 2008-05-19 02:34 24,064 ----a-w C:\WINDOWS\system32\mshta.exe 2008-05-19 02:34 19,456 ----a-w C:\WINDOWS\system32\fontview.exe 2008-05-19 02:34 14,336 ----a-w C:\WINDOWS\system32\perfmon.exe 2008-04-21 20:57 33,952 ----a-w C:\WINDOWS\system32\drivers\oreans32.sys 2008-04-21 20:44 --------- d-----w C:\Program Files\microsoft frontpage 2008-04-21 20:42 --------- d-----w C:\Program Files\Services en ligne . ------- Sigcheck ------- 2004-08-04 08:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ip6fw.sys 2001-08-28 14:00 1014784 a13db50e5f4ce8b35c721df8d49325b2 C:\WINDOWS\explorer.exe 2008-05-19 04:36 1036288 c3bff67ff2095cbfc8a834988a92d81f C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\explorer.exe 2008-05-19 04:38 1005056 ed5b0745b124d5ffeed20758c1c6725d C:\WINDOWS\system32\dllcache\explorer.exe 2008-05-19 04:36 15360 6c408d6a6139b95d5a8b287a989f4cc5 C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ctfmon.exe 2008-05-19 04:35 13312 5bb3d44bea2c3c72a00981e6a40675c7 C:\WINDOWS\system32\ctfmon.exe 2008-05-19 04:37 13312 cb89691b96446d0dacd5c5ed34bb0843 C:\WINDOWS\system32\dllcache\ctfmon.exe . ((((((((((((((((((((((((((((( snapshot_2008-05-17_15.46.14.70 ))))))))))))))))))))))))))))))))))))))))) . - 2004-05-17 22:38:25 189,952 -c----w C:\WINDOWS\$NtUninstallKB842773$\spuninst\spuninst.exe + 2002-09-30 08:58:30 126,464 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329390\shmedia.dll + 2002-09-06 13:54:04 5,632 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329390\spmsg.dll + 2008-05-19 02:35:53 47,104 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329390\spuninst.exe + 2002-09-21 10:44:08 10,752 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329390\update\spcustom.dll + 2008-05-19 02:35:53 282,624 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329390\update\update.exe + 2002-10-01 15:52:30 46,208 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329834\raspptp.sys + 2002-09-06 13:54:04 5,632 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329834\spmsg.dll + 2008-05-19 02:35:53 47,104 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329834\spuninst.exe + 2002-09-21 10:44:08 10,752 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329834\update\spcustom.dll + 2008-05-19 02:35:53 282,624 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q329834\update\update.exe + 2008-05-19 02:35:53 68,608 -c----w C:\WINDOWS\$xpsp1hfm$\Q810833\locator.exe + 2002-11-14 08:01:18 5,632 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q810833\spmsg.dll + 2008-05-19 02:35:53 88,064 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q810833\spuninst.exe + 2002-11-14 08:04:54 18,432 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q810833\update\spcustom.dll + 2008-05-19 02:35:54 418,816 -c--a-w C:\WINDOWS\$xpsp1hfm$\Q810833\update\update.exe - 2002-10-28 06:37:58 163,840 ------w C:\WINDOWS\alcrmv.exe + 2008-05-19 02:35:49 131,072 ----a-w C:\WINDOWS\alcrmv.exe - 2002-10-28 06:37:58 241,664 ------w C:\WINDOWS\alcupd.exe + 2008-05-19 02:35:49 208,896 ----a-w C:\WINDOWS\alcupd.exe - 2006-05-24 23:22:06 53,248 ----a-w C:\WINDOWS\bdoscandel.exe + 2008-05-19 02:35:34 53,248 ----a-w C:\WINDOWS\bdoscandel.exe - 2008-05-17 13:45:17 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-05-19 17:47:47 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-05-19 02:35:55 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE + 2008-05-18 03:35:04 1,212,416 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000001\NTUSER.DAT + 2008-05-18 03:35:04 12,288 ----a-w C:\WINDOWS\ERUNT\SDFIX\Users\00000002\UsrClass.dat + 2008-05-19 02:35:56 163,328 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE + 2008-05-18 03:35:03 1,212,416 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000001\NTUSER.DAT + 2008-05-18 03:35:03 12,288 ----a-w C:\WINDOWS\ERUNT\SDFIX_First_Run\Users\00000002\UsrClass.dat - 2000-08-31 06:00:00 106,496 ----a-w C:\WINDOWS\fdsv.exe + 2000-08-31 06:00:00 86,016 ----a-w C:\WINDOWS\fdsv.exe - 2000-08-31 06:00:00 110,592 ----a-w C:\WINDOWS\grep.exe + 2008-05-19 02:35:49 80,384 ----a-w C:\WINDOWS\grep.exe - 2001-08-28 12:00:00 241,664 ----a-w C:\WINDOWS\inf\unregmp2.exe + 2008-05-19 02:35:56 229,376 ----a-w C:\WINDOWS\inf\unregmp2.exe - 2008-04-21 20:48:42 196,608 ----a-r C:\WINDOWS\Installer\{350C97B8-3D7C-4EE8-BAA9-00BCB3D54227}\places.exe + 2008-05-19 02:35:56 166,400 ----a-r C:\WINDOWS\Installer\{350C97B8-3D7C-4EE8-BAA9-00BCB3D54227}\places.exe - 2001-08-28 12:00:00 235,008 ----a-w C:\WINDOWS\msagent\agentsvr.exe + 2008-05-19 02:35:56 235,008 ----a-w C:\WINDOWS\msagent\agentsvr.exe - 2001-08-28 12:00:00 77,312 ----a-w C:\WINDOWS\NOTEPAD.EXE + 2008-05-19 02:35:00 67,584 ----a-w C:\WINDOWS\NOTEPAD.EXE - 2001-08-28 12:00:00 692,224 ----a-w C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\HelpCtr.exe + 2008-05-19 02:35:24 692,224 ----a-w C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\HelpCtr.exe - 2001-08-28 12:00:00 694,272 ----a-w C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\HelpSvc.exe + 2008-05-19 02:35:57 694,272 ----a-w C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\HelpSvc.exe - 2001-08-28 12:00:00 147,968 ----a-w C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\msconfig.exe + 2008-05-19 02:35:30 147,968 ----a-w C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\msconfig.exe - 2001-08-28 12:00:00 35,328 ----a-w C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\notiflag.exe + 2008-05-19 02:35:57 35,328 ----a-w C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\notiflag.exe - 2001-08-28 12:00:00 139,264 ----a-w C:\WINDOWS\PCHEALTH\UploadLB\Binaries\UploadM.exe + 2008-05-19 02:35:57 139,264 ----a-w C:\WINDOWS\PCHEALTH\UploadLB\Binaries\UploadM.exe - 2000-08-31 06:00:00 98,816 ----a-w C:\WINDOWS\sed.exe + 2008-05-19 02:35:50 98,816 ----a-w C:\WINDOWS\sed.exe - 2004-07-30 23:44:05 27,136 ----a-w C:\WINDOWS\SoftwareDistribution\Download\6f217d5e6d4044f32e9bee81e815c6ce\sp1qfe\bitsinst.exe - 2004-05-17 22:38:25 159,744 ----a-w C:\WINDOWS\SoftwareDistribution\Download\6f217d5e6d4044f32e9bee81e815c6ce\spuninst.exe - 2004-05-14 22:12:09 628,736 ----a-w C:\WINDOWS\SoftwareDistribution\Download\6f217d5e6d4044f32e9bee81e815c6ce\update\update.exe - 2004-08-19 23:09:50 189,952 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\accwiz.exe - 2004-08-19 23:09:50 4,096 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\actmovie.exe - 2004-08-19 23:09:50 16,439 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\admin.exe - 2004-08-19 23:09:50 256,512 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\agentsvr.exe - 2004-08-19 23:09:50 98,304 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ahui.exe - 2004-08-19 23:09:51 44,544 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\alg.exe - 2004-08-04 05:11:04 24,576 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\aspnet_regiis.exe - 2004-08-04 05:11:04 32,768 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\aspnet_wp.exe - 2004-08-19 23:09:51 30,720 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\asr_fmt.exe - 2004-08-19 23:09:51 25,088 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\at.exe - 2004-08-19 23:09:51 11,264 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\atmadm.exe - 2004-08-19 23:09:51 14,336 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\auditusr.exe - 2004-08-19 23:09:51 16,439 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\author.exe - 2004-08-19 23:09:51 71,680 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\blastcln.exe - 2004-07-20 01:54:03 94,208 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\caspol.exe - 2004-08-19 23:09:51 188,480 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\cfgwiz.exe - 2004-08-19 23:09:51 56,832 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\cipher.exe - 2004-08-19 23:09:51 5,632 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\cisvc.exe - 2004-08-19 23:09:51 65,536 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\cleanmgr.exe - 2004-08-19 23:09:51 20,480 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\cliconfg.exe - 2004-08-19 23:09:51 104,448 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\clipbrd.exe - 2004-08-19 23:09:51 33,280 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\clipsrv.exe - 2004-08-19 23:09:51 400,896 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\cmd.exe - 2004-08-19 23:09:51 47,104 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\cmdl32.exe - 2004-08-19 23:09:51 40,448 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\cmmon32.exe - 2004-08-19 23:09:51 65,536 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\cmstp.exe - 2004-08-19 23:09:51 9,728 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\comrepl.exe - 2004-08-19 23:09:51 1,044,480 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\conf.exe - 2004-08-19 23:09:51 27,648 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\conime.exe - 2004-08-04 05:11:17 49,152 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\csc.exe - 2004-08-19 23:09:51 98,304 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\cscript.exe - 2004-08-19 23:09:51 42,496 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\davcdata.exe - 2004-08-19 23:09:51 31,744 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ddeshare.exe - 2004-08-19 23:09:51 25,088 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\defrag.exe - 2004-08-19 23:09:51 82,432 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\dfrgfat.exe - 2004-08-19 23:09:51 104,960 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\dfrgntfs.exe - 2004-08-19 23:09:51 548,352 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\dialer.exe - 2004-08-19 23:09:51 85,504 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\diantz.exe - 2004-08-19 23:09:51 167,936 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\diskpart.exe - 2004-08-19 23:09:51 294,912 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\dlimport.exe - 2004-08-19 23:09:51 5,120 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\dllhost.exe - 2004-08-19 23:09:51 225,280 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\dmadmin.exe - 2004-08-19 23:09:51 15,872 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\dmremote.exe - 2004-08-19 23:09:51 30,208 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\dplaysvr.exe - 2004-08-19 23:09:51 18,432 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\dpnsvr.exe - 2004-08-19 23:09:51 83,456 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\dpvsetup.exe - 2004-08-19 23:09:51 10,752 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\dumprep.exe - 2004-08-19 23:09:51 17,920 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\dvdupgrd.exe - 2004-08-19 23:09:51 180,224 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\dwwin.exe - 2004-08-19 23:09:51 1,298,432 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\dxdiag.exe - 2004-08-19 23:09:51 195,072 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\eudcedit.exe - 2004-08-19 23:09:51 52,736 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\evcreate.exe - 2004-08-19 23:09:52 26,112 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\evntcmd.exe - 2004-08-19 23:09:52 94,720 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\evntwin.exe - 2004-08-19 23:09:53 45,568 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\extrac32.exe - 2004-08-19 23:09:53 20,992 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\faxpatch.exe - 2004-08-19 23:09:54 29,184 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\findstr.exe - 2004-08-19 23:09:54 22,528 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\fltmc.exe - 2004-08-19 23:09:54 21,504 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\fontview.exe - 2004-08-19 23:09:54 15,120 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\fp98sadm.exe - 2004-08-19 23:09:54 109,840 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\fp98swin.exe - 2004-08-19 23:09:54 24,632 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\fpadmcgi.exe - 2004-08-19 23:09:54 188,494 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\fpcount.exe - 2004-08-19 23:09:54 20,538 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\fpremadm.exe - 2004-08-19 23:09:54 28,728 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\fpsrvadm.exe - 2004-08-19 23:09:54 193,024 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\fsquirt.exe - 2004-08-19 23:09:54 46,080 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ftp.exe - 2004-08-19 23:09:54 143,360 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\fxsclnt.exe - 2004-08-19 23:09:54 238,592 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\fxscover.exe - 2004-08-19 23:09:54 268,800 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\fxssvc.exe - 2004-08-19 23:09:54 123,392 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\gprslt.exe - 2004-08-19 23:09:54 39,424 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\grpconv.exe - 2004-08-19 23:09:54 768,512 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\helpctr.exe - 2004-08-19 23:09:54 743,936 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\helpsvc.exe - 2004-08-19 23:09:54 10,752 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\hh.exe - 2004-08-19 23:09:54 18,944 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\hscupd.exe - 2004-08-19 23:09:54 218,624 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\icwconn1.exe - 2004-08-19 23:09:54 86,016 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\icwconn2.exe - 2004-08-19 23:09:54 24,576 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\icwrmind.exe - 2004-08-19 23:09:54 34,304 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ie4uinit.exe - 2004-08-19 23:09:54 18,432 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\iedw.exe - 2004-07-20 01:54:05 7,680 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ieexec.exe - 2004-08-19 23:09:54 93,184 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\iexplore.exe - 2004-08-19 23:09:54 114,688 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\iexpress.exe - 2004-08-19 23:09:54 31,232 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\iisrstas.exe - 2004-08-04 05:11:47 184,320 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ilasm.exe - 2004-08-19 23:09:54 150,016 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\imapi.exe - 2004-08-19 23:09:54 15,872 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\inetin51.exe - 2004-08-19 23:09:54 20,480 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\inetwiz.exe - 2004-07-20 01:54:05 24,576 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\installutil.exe - 2004-08-19 23:09:51 32,768 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ip\asr_pfu.exe - 2004-08-04 05:59:34 9,728 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ip\comsdupd.exe - 2004-08-19 23:10:02 19,456 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ip\secedit.exe - 2004-08-04 05:59:34 12,800 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ip\spiisupd.exe - 2004-08-19 23:09:54 58,368 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ipconfig.exe - 2004-08-19 23:09:54 53,760 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ipv6.exe - 2004-08-19 23:09:54 24,576 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ipxroute.exe - 2004-08-19 23:09:54 154,112 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\irftp.exe - 2004-07-20 01:54:05 40,960 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\jsc.exe - 2004-08-04 05:31:54 480,256 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\lang\cintsetp.exe - 2004-08-04 05:31:38 57,399 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\lang\cplexe.exe - 2004-08-04 05:31:53 307,257 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\lang\imjpdct.exe - 2004-08-04 05:31:54 155,705 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\lang\imjpdsvr.exe - 2004-08-04 05:31:57 196,665 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\lang\imjpinst.exe - 2004-08-04 05:31:59 208,952 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\lang\imjpmig.exe - 2004-08-04 05:32:11 233,527 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\lang\imjprw.exe - 2004-08-04 05:32:14 262,200 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\lang\imjputy.exe - 2004-08-04 05:31:48 59,392 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\lang\imscinst.exe - 2004-08-04 05:31:48 70,144 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\lang\pintlphr.exe - 2004-08-04 05:32:15 44,032 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\lang\tintlphr.exe - 2004-08-04 05:32:15 455,168 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\lang\tintsetp.exe - 2004-08-19 23:09:54 75,264 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\locator.exe - 2004-08-19 23:09:54 103,936 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\logagent.exe - 2004-08-19 23:09:54 61,952 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\logman.exe - 2004-08-19 23:10:07 221,696 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\logon.scr - 2004-08-19 23:09:54 515,584 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\logonui.exe - 2004-08-19 23:09:54 13,312 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\lsass.exe - 2004-08-19 23:09:54 73,216 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\magnify.exe - 2004-08-19 23:09:54 85,504 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\makecab.exe - 2004-08-19 23:09:54 103,936 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\migload.exe - 2004-08-19 23:09:54 786,432 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\migrate.exe - 2004-08-19 23:09:54 7,680 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\migregdb.exe - 2004-08-19 23:09:54 246,784 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\migwiz.exe - 2004-08-19 23:09:55 242,688 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\migwiz_a.exe - 2004-08-19 23:09:56 816,128 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\mmc.exe - 2004-08-19 23:09:56 32,768 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\mnmsrvc.exe - 2004-08-19 23:09:56 144,384 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\mobsync.exe - 2004-08-19 23:09:57 16,896 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\mofcomp.exe - 2004-08-19 23:09:58 3,555,328 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\moviemk.exe - 2004-08-19 23:09:58 124,928 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\mplay32.exe - 2004-08-19 23:09:58 4,639 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\mplayer2.exe - 2004-08-19 23:09:58 19,968 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\mqbkup.exe - 2004-08-19 23:09:58 4,608 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\mqsvc.exe - 2004-08-19 23:09:58 117,248 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\mqtgsvc.exe - 2004-08-19 23:09:58 160,768 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\msconfig.exe - 2004-08-19 23:09:58 6,144 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\msdtc.exe - 2004-08-19 23:09:58 29,184 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\mshta.exe - 2004-08-19 23:09:58 77,312 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\msiexec.exe - 2004-08-19 23:09:58 60,416 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\msimn.exe - 2004-08-19 23:09:58 40,960 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\msiregmv.exe - 2004-08-19 23:09:59 1,667,584 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\msmsgs.exe - 2004-08-19 23:09:59 347,648 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\mspaint.exe - 2004-08-19 23:09:59 12,288 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\mstinit.exe - 2004-08-19 22:51:58 411,648 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\mstsc.exe - 2004-08-19 23:09:59 55,296 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\narrator.exe - 2004-08-19 23:09:59 4,096 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\nddeapir.exe - 2004-08-19 23:09:59 42,496 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\net.exe - 2004-08-19 23:09:59 124,928 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\net1.exe - 2004-08-19 23:09:59 114,176 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\netdde.exe - 2004-08-04 05:12:18 106,496 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\netfxupdate.exe - 2004-08-19 23:12:32 332,800 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\netsetup.exe - 2004-08-19 23:09:59 88,576 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\netsh.exe - 2004-08-19 23:09:59 37,888 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\netstat.exe - 2004-08-04 05:12:19 147,456 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ngen.exe - 2004-08-19 23:09:59 70,656 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\notepad.exe - 2004-08-19 23:09:59 15,360 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\nppagent.exe - 2004-08-19 23:09:59 79,360 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\nslookup.exe - 2004-08-19 23:09:59 1,230,848 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ntbackup.exe - 2004-08-19 23:09:59 420,864 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ntvdm.exe - 2004-08-19 23:09:59 32,768 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\odbcad32.exe - 2004-08-19 23:09:59 69,632 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\odbcconf.exe - 2004-08-19 23:09:59 60,928 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\oemig50.exe - 2004-08-19 23:09:59 51,712 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\oobebaln.exe - 2004-08-19 23:09:59 71,680 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\opnfiles.exe - 2004-08-19 23:10:00 216,576 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\osk.exe - 2004-08-19 23:10:00 59,904 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\packager.exe - 2004-08-19 23:10:00 15,872 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\perfmon.exe - 2004-08-19 23:10:01 284,160 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\pinball.exe - 2004-08-19 23:10:01 19,456 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ping.exe - 2004-08-19 23:10:01 49,152 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\powercfg.exe - 2004-08-19 23:10:01 109,568 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\progman.exe - 2004-08-19 23:10:02 50,688 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\proquota.exe - 2004-08-19 23:10:02 9,728 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\proxycfg.exe - 2004-08-19 23:10:02 20,992 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\qprocess.exe - 2004-08-19 23:10:02 57,344 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\rasphone.exe - 2004-08-19 23:10:02 35,840 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\rcimlby.exe - 2004-08-19 23:10:02 23,040 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\rcp.exe - 2004-08-19 23:10:02 62,464 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\rdpclip.exe - 2004-08-19 23:10:02 13,824 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\rdsaddin.exe - 2004-08-19 23:10:02 67,072 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\rdshost.exe - 2004-08-19 23:10:02 53,248 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\reg.exe - 2004-07-20 01:54:15 28,672 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\regasm.exe - 2004-08-19 23:10:02 153,088 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\regedit.exe - 2004-07-20 01:54:15 11,264 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\regsvcs.exe - 2004-08-19 23:10:02 12,288 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\regsvr32.exe - 2004-08-19 23:10:02 14,848 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\rexec.exe - 2004-08-19 23:09:54 58,368 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\root\cmpnents\mediactr\i386\medctrro.exe - 2004-08-19 23:10:02 15,872 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\rsh.exe - 2004-08-19 23:10:02 107,520 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\rsnotify.exe - 2004-08-19 23:10:02 384,512 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\rstrui.exe - 2004-08-19 23:10:02 78,336 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\rtcshare.exe - 2004-08-19 23:10:02 33,792 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\rundll32.exe - 2004-08-19 23:10:02 14,336 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\runonce.exe - 2004-08-19 23:10:02 13,824 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\savedump.exe - 2004-08-19 23:10:02 100,352 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\scardsvr.exe - 2004-08-19 23:10:02 36,864 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\scrcons.exe - 2004-08-19 23:10:07 9,216 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\scrnsave.scr - 2004-08-19 23:10:02 130,560 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\sctasks.exe - 2004-08-19 23:10:02 78,848 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\sdbinst.exe - 2004-08-19 23:10:02 108,544 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\services.exe - 2004-08-19 23:10:02 142,336 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\sessmgr.exe - 2004-08-19 23:10:02 32,768 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\sethc.exe - 2004-08-04 05:12:21 102,400 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\setregni.exe - 2004-08-19 23:10:02 23,040 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\setup.exe - 2004-08-19 23:10:02 778,240 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\setup_wm.exe - 2004-08-19 23:10:02 73,728 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\setup50.exe - 2004-08-19 23:10:02 42,496 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\shmgrate.exe - 2004-08-19 23:10:02 78,848 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\shrpubw.exe - 2004-08-19 23:10:02 16,437 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\shtml.exe - 2004-08-19 23:10:02 20,480 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\shutdown.exe - 2004-08-19 23:10:02 71,168 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\sigverif.exe - 2004-08-19 23:10:02 26,112 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\skeys.exe - 2004-08-19 23:10:02 32,866 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\slrundll.exe - 2004-08-19 23:10:02 73,796 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\slserv.exe - 2004-08-19 23:10:02 8,192 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\smbinst.exe - 2004-08-19 23:10:02 236,544 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\smi2smir.exe - 2004-08-19 23:10:02 93,184 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\smlogsvc.exe - 2004-08-19 23:10:02 133,120 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\sndrec32.exe - 2004-08-19 23:10:02 32,768 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\snmp.exe - 2004-08-19 23:10:03 8,704 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\snmptrap.exe - 2004-08-19 23:10:03 8,192 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\spdwnwxp.exe - 2004-08-19 23:10:03 539,136 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\spider.exe - 2004-08-19 14:10:04 11,776 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\spnpinst.exe - 2004-08-19 23:10:03 57,856 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\spoolsv.exe - 2004-08-03 20:42:50 173,056 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\spuninst.exe - 2004-08-03 20:43:02 15,872 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\spupdsvc.exe - 2004-08-19 23:10:03 21,504 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\spupdwxp.exe - 2004-08-19 23:10:07 708,608 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ss3dfo.scr - 2004-08-19 23:10:07 19,968 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ssbezier.scr - 2004-08-19 23:10:07 393,216 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ssflwbox.scr - 2004-08-19 23:10:07 20,992 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ssmarque.scr - 2004-08-19 23:10:07 47,104 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ssmypics.scr - 2004-08-19 23:10:07 18,944 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ssmyst.scr - 2004-08-19 23:10:07 610,304 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\sspipes.scr - 2004-08-19 23:10:07 14,336 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ssstars.scr - 2004-08-19 23:10:07 684,032 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\sstext3d.scr - 2004-08-19 23:10:03 14,848 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\stimon.exe - 2004-08-19 23:10:03 16,449 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\stub_fpsrvadm.exe - 2004-08-19 23:10:03 65,601 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\stub_fpsrvwin.exe - 2004-08-19 23:10:03 14,336 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\svchost.exe - 2004-08-19 23:10:03 107,520 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\sysocmgr.exe - 2004-08-19 23:10:03 143,360 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\taskmgr.exe - 2004-08-19 23:10:03 32,827 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\tcptest.exe - 2004-08-19 23:10:03 77,824 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\telnet.exe - 2004-08-19 23:10:03 63,488 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\tlntadmn.exe - 2004-08-19 23:10:03 80,384 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\tlntsess.exe - 2004-08-19 23:10:03 75,264 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\tlntsvr.exe - 2004-08-04 05:12:45 118,784 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\togac.exe - 2004-08-19 23:10:03 347,136 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\tourstrt.exe - 2004-08-19 23:10:03 82,432 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\tp4mon.exe - 2004-08-19 23:10:03 260,096 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\tracerpt.exe - 2004-08-19 23:10:03 13,312 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\tracert.exe - 2004-08-19 22:52:05 44,544 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\tscupgrd.exe - 2004-08-19 23:10:03 208,896 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\unregmp2.exe - 2004-08-19 14:09:56 4,608 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\update\fixccs.exe - 2004-08-19 14:10:00 6,656 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\update\nv4prep.exe - 2004-08-19 14:10:04 11,776 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\update\spnpinst.exe - 2004-07-17 20:55:54 668,160 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\update\update.exe - 2004-08-19 23:10:03 151,040 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\uploadm.exe - 2004-08-19 23:10:03 16,896 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\upnpcont.exe - 2004-08-19 23:10:03 18,432 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ups.exe - 2004-08-19 23:10:03 25,088 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\userinit.exe - 2004-08-19 23:10:03 50,176 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\utilman.exe - 2004-07-20 01:54:21 716,800 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\vbc.exe - 2004-08-19 23:10:03 295,424 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\vssvc.exe - 2004-08-19 23:10:03 46,080 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wab.exe - 2004-08-19 23:10:03 30,208 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wabmig.exe - 2004-08-19 23:10:04 119,808 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wbemtest.exe - 2004-08-19 23:10:04 66,560 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wextract.exe - 2004-08-19 23:10:04 438,784 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wiaacmgr.exe - 2004-08-19 23:10:04 288,256 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\winhlp32.exe - 2004-08-19 23:10:04 506,368 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\winlogon.exe - 2004-08-19 23:10:04 5,632 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\winver.exe - 2004-08-19 23:10:04 196,608 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wmiadap.exe - 2004-08-19 23:10:04 126,464 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wmiapsrv.exe - 2004-08-19 23:10:04 369,664 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wmic.exe - 2004-08-19 23:10:05 218,112 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wmiprvse.exe - 2004-08-19 23:10:05 73,728 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wmplayer.exe - 2004-08-19 23:10:05 218,112 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wordpad.exe - 2004-08-19 23:10:05 32,256 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wpabaln.exe - 2004-08-19 23:10:05 32,768 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wpnpinst.exe - 2004-08-19 23:10:05 13,824 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wscntfy.exe - 2004-08-19 23:10:05 114,688 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wscript.exe - 2004-08-19 23:10:05 112,640 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wuauclt.exe - 2004-08-19 23:10:05 168,960 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wuauclt1.exe - 2004-08-19 23:10:05 30,720 ----a-w C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\xcopy.exe - 2002-10-28 06:38:08 47,104 ----a-r C:\WINDOWS\soundman.exe + 2008-05-19 02:35:33 47,104 ----a-r C:\WINDOWS\soundman.exe - 2000-08-31 06:00:00 136,704 ----a-w C:\WINDOWS\swsc.exe + 2008-05-19 02:35:51 136,704 ----a-w C:\WINDOWS\swsc.exe - 2000-08-31 06:00:00 212,480 ----a-w C:\WINDOWS\swxcacls.exe + 2008-05-19 02:35:51 212,480 ----a-w C:\WINDOWS\swxcacls.exe - 2001-08-28 12:00:00 4,096 ----a-w C:\WINDOWS\system32\actmovie.exe + 2008-05-19 02:36:55 4,096 ----a-w C:\WINDOWS\system32\actmovie.exe - 2008-04-27 14:08:04 8,472 ---ha-w C:\WINDOWS\system32\ajwop.exe + 2008-04-27 14:08:04 27,928 ---ha-w C:\WINDOWS\system32\ajwop.exe - 2001-08-28 12:00:00 40,960 ----a-w C:\WINDOWS\system32\alg.exe + 2008-05-19 02:35:18 40,960 ----a-w C:\WINDOWS\system32\alg.exe - 2008-05-05 15:49:44 47,616 ----a-w C:\WINDOWS\system32\aof.exe + 2008-05-19 02:36:55 47,616 ----a-w C:\WINDOWS\system32\aof.exe - 2001-08-28 12:00:00 19,968 ----a-w C:\WINDOWS\system32\arp.exe + 2008-05-19 02:36:56 19,968 ----a-w C:\WINDOWS\system32\arp.exe - 2001-08-28 12:00:00 27,648 ----a-w C:\WINDOWS\system32\asr_fmt.exe + 2008-05-19 02:36:56 27,648 ----a-w C:\WINDOWS\system32\asr_fmt.exe - 2001-08-28 12:00:00 37,888 ----a-w C:\WINDOWS\system32\asr_ldm.exe + 2008-05-19 02:36:56 37,888 ----a-w C:\WINDOWS\system32\asr_ldm.exe - 2001-08-28 12:00:00 22,528 ----a-w C:\WINDOWS\system32\at.exe + 2008-05-19 02:36:56 22,528 ----a-w C:\WINDOWS\system32\at.exe - 2001-08-28 12:00:00 10,240 ----a-w C:\WINDOWS\system32\atmadm.exe + 2008-05-19 02:36:56 10,240 ----a-w C:\WINDOWS\system32\atmadm.exe - 2001-08-28 12:00:00 20,992 ----a-w C:\WINDOWS\system32\attrib.exe + 2008-05-19 02:36:57 11,264 ----a-w C:\WINDOWS\system32\attrib.exe - 2001-08-28 12:00:00 152,064 ----a-w C:\WINDOWS\system32\bootcfg.exe + 2008-05-19 02:36:57 152,064 ----a-w C:\WINDOWS\system32\bootcfg.exe - 2001-08-28 12:00:00 4,608 ----a-w C:\WINDOWS\system32\bootok.exe + 2008-05-19 02:36:57 4,608 ----a-w C:\WINDOWS\system32\bootok.exe - 2001-08-28 12:00:00 5,120 ----a-w C:\WINDOWS\system32\bootvrfy.exe + 2008-05-19 02:36:57 5,120 ----a-w C:\WINDOWS\system32\bootvrfy.exe - 2008-04-29 16:07:36 32,768 ----a-w C:\WINDOWS\system32\bpdatkcv.exe + 2008-05-19 02:36:58 23,040 ----a-w C:\WINDOWS\system32\bpdatkcv.exe - 2001-08-28 12:00:00 19,456 ----a-w C:\WINDOWS\system32\cacls.exe + 2008-05-19 02:36:58 19,456 ----a-w C:\WINDOWS\system32\cacls.exe - 2001-08-28 12:00:00 115,200 ----a-w C:\WINDOWS\system32\calc.exe + 2008-05-19 02:36:58 115,200 ----a-w C:\WINDOWS\system32\calc.exe - 2001-08-28 12:00:00 80,896 ----a-w C:\WINDOWS\system32\charmap.exe + 2008-05-19 02:36:59 80,896 ----a-w C:\WINDOWS\system32\charmap.exe - 2001-08-28 12:00:00 11,776 ----a-w C:\WINDOWS\system32\chkdsk.exe + 2008-05-19 02:36:59 11,776 ----a-w C:\WINDOWS\system32\chkdsk.exe - 2001-08-28 12:00:00 11,264 ----a-w C:\WINDOWS\system32\chkntfs.exe + 2008-05-19 02:36:59 11,264 ----a-w C:\WINDOWS\system32\chkntfs.exe - 2001-08-28 12:00:00 8,192 ----a-w C:\WINDOWS\system32\cidaemon.exe + 2008-05-19 02:36:59 8,192 ----a-w C:\WINDOWS\system32\cidaemon.exe - 2001-08-28 12:00:00 45,568 ----a-w C:\WINDOWS\system32\cipher.exe + 2008-05-19 02:36:59 45,568 ----a-w C:\WINDOWS\system32\cipher.exe - 2001-08-28 12:00:00 5,120 ----a-w C:\WINDOWS\system32\cisvc.exe + 2008-05-19 02:35:19 5,120 ----a-w C:\WINDOWS\system32\cisvc.exe - 2001-08-28 12:00:00 7,680 ----a-w C:\WINDOWS\system32\ckcnv.exe + 2008-05-19 02:36:59 7,680 ----a-w C:\WINDOWS\system32\ckcnv.exe - 2001-08-28 12:00:00 62,976 ----a-w C:\WINDOWS\system32\cleanmgr.exe + 2008-05-19 02:36:59 62,976 ----a-w C:\WINDOWS\system32\cleanmgr.exe - 2001-08-28 12:00:00 45,632 ----a-w C:\WINDOWS\system32\cliconfg.exe + 2008-05-19 02:36:59 45,056 ----a-w C:\WINDOWS\system32\cliconfg.exe - 2001-08-28 12:00:00 30,720 ----a-w C:\WINDOWS\system32\clipsrv.exe + 2008-05-19 02:35:19 30,720 ----a-w C:\WINDOWS\system32\clipsrv.exe - 2001-08-28 12:00:00 397,824 ----a-w C:\WINDOWS\system32\cmd.exe + 2008-05-19 02:37:00 388,096 ----a-w C:\WINDOWS\system32\cmd.exe - 2001-08-28 12:00:00 41,472 ----a-w C:\WINDOWS\system32\cmdl32.exe + 2008-05-19 02:37:00 41,472 ----a-w C:\WINDOWS\system32\cmdl32.exe - 2001-08-28 12:00:00 35,840 ----a-w C:\WINDOWS\system32\cmmon32.exe + 2008-05-19 02:37:00 35,840 ----a-w C:\WINDOWS\system32\cmmon32.exe - 2001-08-28 12:00:00 56,832 ----a-w C:\WINDOWS\system32\cmstp.exe + 2008-05-19 02:37:01 56,832 ----a-w C:\WINDOWS\system32\cmstp.exe - 2001-08-28 12:00:00 8,192 ----a-w C:\WINDOWS\system32\Com\comrepl.exe + 2008-05-19 02:37:49 8,192 ----a-w C:\WINDOWS\system32\Com\comrepl.exe - 2001-08-28 12:00:00 5,120 ----a-w C:\WINDOWS\system32\Com\comrereg.exe + 2008-05-19 02:37:49 5,120 ----a-w C:\WINDOWS\system32\Com\comrereg.exe - 2001-08-28 12:00:00 15,872 ----a-w C:\WINDOWS\system32\comp.exe + 2008-05-19 02:37:01 15,872 ----a-w C:\WINDOWS\system32\comp.exe - 2001-08-28 12:00:00 18,432 ----a-w C:\WINDOWS\system32\compact.exe + 2008-05-19 02:37:01 18,432 ----a-w C:\WINDOWS\system32\compact.exe - 2008-05-17 13:45:18 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat + 2008-05-19 02:57:49 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat + 2008-05-19 02:57:51 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Internet Explorer\MSIMGSIZ.DAT - 2008-05-17 13:45:18 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat + 2008-05-19 02:57:49 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat + 2008-05-19 02:57:50 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008051920080520\index.dat - 2008-05-16 15:47:33 503,808 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\IJ212PAB\84785_winsgh[1].exe + 2008-05-19 02:37:50 491,520 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\IJ212PAB\84785_winsgh[1].exe - 2008-05-17 13:45:18 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2008-05-19 02:57:49 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - 2008-05-16 15:50:02 389,120 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\O5M5GBIP\84785_winhtb[1].exe + 2008-05-19 02:37:50 389,120 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\O5M5GBIP\84785_winhtb[1].exe - 2001-08-28 12:00:00 24,576 ----a-w C:\WINDOWS\system32\conime.exe + 2008-05-19 02:37:01 24,576 ----a-w C:\WINDOWS\system32\conime.exe - 2001-08-28 12:00:00 8,192 ----a-w C:\WINDOWS\system32\control.exe + 2008-05-19 02:37:01 8,192 ----a-w C:\WINDOWS\system32\control.exe - 2001-08-28 12:00:00 13,824 ----a-w C:\WINDOWS\system32\convert.exe + 2008-05-19 02:37:01 13,824 ----a-w C:\WINDOWS\system32\convert.exe - 2001-08-28 12:00:00 561,664 ----a-w C:\WINDOWS\system32\crypt32.dll + 2002-09-23 13:10:48 551,424 ----a-w C:\WINDOWS\system32\crypt32.dll - 2001-08-28 12:00:00 114,738 ----a-w C:\WINDOWS\system32\cscript.exe + 2008-05-19 02:37:01 102,400 ----a-w C:\WINDOWS\system32\cscript.exe - 2001-08-28 12:00:00 5,120 ----a-w C:\WINDOWS\system32\dcomcnfg.exe + 2008-05-19 02:37:01 5,120 ----a-w C:\WINDOWS\system32\dcomcnfg.exe - 2001-08-28 12:00:00 28,672 ----a-w C:\WINDOWS\system32\ddeshare.exe + 2008-05-19 02:37:01 28,672 ----a-w C:\WINDOWS\system32\ddeshare.exe - 2001-08-28 12:00:00 109,568 ----a-w C:\WINDOWS\system32\defrag.exe + 2008-05-19 02:37:02 109,568 ----a-w C:\WINDOWS\system32\defrag.exe - 2001-08-28 12:00:00 73,216 ----a-w C:\WINDOWS\system32\dfrgfat.exe + 2008-05-19 02:37:02 73,216 ----a-w C:\WINDOWS\system32\dfrgfat.exe - 2001-08-28 12:00:00 85,504 ----a-w C:\WINDOWS\system32\dfrgntfs.exe + 2008-05-19 02:37:02 85,504 ----a-w C:\WINDOWS\system32\dfrgntfs.exe - 2001-08-28 12:00:00 79,360 ----a-w C:\WINDOWS\system32\diantz.exe + 2008-05-19 02:37:02 79,360 ----a-w C:\WINDOWS\system32\diantz.exe - 2001-08-28 12:00:00 150,016 ----a-w C:\WINDOWS\system32\diskpart.exe + 2008-05-19 02:37:02 150,016 ----a-w C:\WINDOWS\system32\diskpart.exe - 2001-08-28 12:00:00 19,456 ----a-w C:\WINDOWS\system32\diskperf.exe + 2008-05-19 02:37:02 19,456 ----a-w C:\WINDOWS\system32\diskperf.exe - 2001-08-28 12:00:00 185,344 -c--a-w C:\WINDOWS\system32\dllcache\accwiz.exe + 2008-05-19 02:37:51 185,344 -c--a-w C:\WINDOWS\system32\dllcache\accwiz.exe - 2001-08-28 12:00:00 4,096 -c--a-w C:\WINDOWS\system32\dllcache\actmovie.exe + 2008-05-19 02:37:51 4,096 -c--a-w C:\WINDOWS\system32\dllcache\actmovie.exe - 2001-05-23 03:15:08 16,439 -c--a-w C:\WINDOWS\system32\dllcache\admin.exe + 2008-05-19 02:37:51 16,384 -c--a-w C:\WINDOWS\system32\dllcache\admin.exe - 2001-08-28 12:00:00 235,008 -c--a-w C:\WINDOWS\system32\dllcache\agentsvr.exe + 2008-05-19 02:37:52 235,008 -c--a-w C:\WINDOWS\system32\dllcache\agentsvr.exe - 2001-08-28 12:00:00 84,992 -c--a-w C:\WINDOWS\system32\dllcache\ahui.exe + 2008-05-19 02:37:52 84,992 -c--a-w C:\WINDOWS\system32\dllcache\ahui.exe - 2001-08-28 12:00:00 40,960 -c--a-w C:\WINDOWS\system32\dllcache\alg.exe + 2008-05-19 02:37:52 40,960 -c--a-w C:\WINDOWS\system32\dllcache\alg.exe - 2001-08-28 12:00:00 19,968 -c--a-w C:\WINDOWS\system32\dllcache\arp.exe + 2008-05-19 02:37:52 19,968 -c--a-w C:\WINDOWS\system32\dllcache\arp.exe - 2001-08-28 12:00:00 27,648 -c--a-w C:\WINDOWS\system32\dllcache\asr_fmt.exe + 2008-05-19 02:37:52 27,648 -c--a-w C:\WINDOWS\system32\dllcache\asr_fmt.exe - 2001-08-28 12:00:00 37,888 -c--a-w C:\WINDOWS\system32\dllcache\asr_ldm.exe + 2008-05-19 02:37:52 37,888 -c--a-w C:\WINDOWS\system32\dllcache\asr_ldm.exe - 2001-08-28 12:00:00 22,528 -c--a-w C:\WINDOWS\system32\dllcache\at.exe + 2008-05-19 02:37:52 22,528 -c--a-w C:\WINDOWS\system32\dllcache\at.exe - 2001-08-28 12:00:00 10,240 -c--a-w C:\WINDOWS\system32\dllcache\atmadm.exe + 2008-05-19 02:37:53 10,240 -c--a-w C:\WINDOWS\system32\dllcache\atmadm.exe - 2001-08-28 12:00:00 11,264 -c--a-w C:\WINDOWS\system32\dllcache\attrib.exe + 2008-05-19 02:37:53 11,264 -c--a-w C:\WINDOWS\system32\dllcache\attrib.exe - 2001-05-23 03:15:08 16,439 -c--a-w C:\WINDOWS\system32\dllcache\author.exe + 2008-05-19 02:37:53 16,384 -c--a-w C:\WINDOWS\system32\dllcache\author.exe - 2001-08-28 12:00:00 42,577 -c--a-w C:\WINDOWS\system32\dllcache\bckgzm.exe + 2008-05-19 02:37:53 42,496 -c--a-w C:\WINDOWS\system32\dllcache\bckgzm.exe - 2001-08-28 12:00:00 152,064 -c--a-w C:\WINDOWS\system32\dllcache\bootcfg.exe + 2008-05-19 02:37:53 152,064 -c--a-w C:\WINDOWS\system32\dllcache\bootcfg.exe - 2001-08-28 12:00:00 4,608 -c--a-w C:\WINDOWS\system32\dllcache\bootok.exe + 2008-05-19 02:37:53 4,608 -c--a-w C:\WINDOWS\system32\dllcache\bootok.exe - 2001-08-28 12:00:00 5,120 -c--a-w C:\WINDOWS\system32\dllcache\bootvrfy.exe + 2008-05-19 02:37:54 5,120 -c--a-w C:\WINDOWS\system32\dllcache\bootvrfy.exe - 2001-08-28 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\cacls.exe + 2008-05-19 02:37:54 19,456 -c--a-w C:\WINDOWS\system32\dllcache\cacls.exe - 2001-08-28 12:00:00 115,200 -c--a-w C:\WINDOWS\system32\dllcache\calc.exe + 2008-05-19 02:37:54 115,200 -c--a-w C:\WINDOWS\system32\dllcache\calc.exe - 2001-08-28 12:00:00 12,288 -c--a-w C:\WINDOWS\system32\dllcache\cb32.exe + 2008-05-19 02:37:54 12,288 -c--a-w C:\WINDOWS\system32\dllcache\cb32.exe - 2001-05-23 03:15:08 188,480 -c--a-w C:\WINDOWS\system32\dllcache\cfgwiz.exe + 2008-05-19 02:37:54 188,416 -c--a-w C:\WINDOWS\system32\dllcache\cfgwiz.exe - 2001-08-28 12:00:00 10,240 -c--a-w C:\WINDOWS\system32\dllcache\change.exe + 2008-05-19 02:37:54 10,240 -c--a-w C:\WINDOWS\system32\dllcache\change.exe - 2001-08-28 12:00:00 80,896 -c--a-w C:\WINDOWS\system32\dllcache\charmap.exe + 2008-05-19 02:37:55 80,896 -c--a-w C:\WINDOWS\system32\dllcache\charmap.exe - 2001-08-28 12:00:00 13,824 -c--a-w C:\WINDOWS\system32\dllcache\chglogon.exe + 2008-05-19 02:37:55 13,824 -c--a-w C:\WINDOWS\system32\dllcache\chglogon.exe - 2001-08-28 12:00:00 15,872 -c--a-w C:\WINDOWS\system32\dllcache\chgport.exe + 2008-05-19 02:37:55 15,872 -c--a-w C:\WINDOWS\system32\dllcache\chgport.exe - 2001-08-28 12:00:00 14,848 -c--a-w C:\WINDOWS\system32\dllcache\chgusr.exe + 2008-05-19 02:37:55 14,848 -c--a-w C:\WINDOWS\system32\dllcache\chgusr.exe - 2001-08-28 12:00:00 11,776 -c--a-w C:\WINDOWS\system32\dllcache\chkdsk.exe + 2008-05-19 02:37:55 11,776 -c--a-w C:\WINDOWS\system32\dllcache\chkdsk.exe - 2001-08-28 12:00:00 11,264 -c--a-w C:\WINDOWS\system32\dllcache\chkntfs.exe + 2008-05-19 02:37:55 11,264 -c--a-w C:\WINDOWS\system32\dllcache\chkntfs.exe - 2001-08-28 12:00:00 42,575 -c--a-w C:\WINDOWS\system32\dllcache\chkrzm.exe + 2008-05-19 02:37:55 42,496 -c--a-w C:\WINDOWS\system32\dllcache\chkrzm.exe - 2001-08-28 12:00:00 8,192 -c--a-w C:\WINDOWS\system32\dllcache\cidaemon.exe + 2008-05-19 02:37:56 8,192 -c--a-w C:\WINDOWS\system32\dllcache\cidaemon.exe - 2001-08-28 12:00:00 540,745 -c--a-w C:\WINDOWS\system32\dllcache\cintsetp.exe + 2008-05-19 02:37:56 540,672 -c--a-w C:\WINDOWS\system32\dllcache\cintsetp.exe - 2001-08-28 12:00:00 45,568 -c--a-w C:\WINDOWS\system32\dllcache\cipher.exe + 2008-05-19 02:37:56 45,568 -c--a-w C:\WINDOWS\system32\dllcache\cipher.exe - 2001-08-28 12:00:00 5,120 -c--a-w C:\WINDOWS\system32\dllcache\cisvc.exe + 2008-05-19 02:37:56 5,120 -c--a-w C:\WINDOWS\system32\dllcache\cisvc.exe - 2001-08-28 12:00:00 7,680 -c--a-w C:\WINDOWS\system32\dllcache\ckcnv.exe + 2008-05-19 02:37:56 7,680 -c--a-w C:\WINDOWS\system32\dllcache\ckcnv.exe - 2001-08-28 12:00:00 62,976 -c--a-w C:\WINDOWS\system32\dllcache\cleanmgr.exe + 2008-05-19 02:37:56 62,976 -c--a-w C:\WINDOWS\system32\dllcache\cleanmgr.exe - 2001-08-28 12:00:00 100,352 -c--a-w C:\WINDOWS\system32\dllcache\clipbrd.exe + 2008-05-19 02:37:56 100,352 -c--a-w C:\WINDOWS\system32\dllcache\clipbrd.exe - 2001-08-28 12:00:00 30,720 -c--a-w C:\WINDOWS\system32\dllcache\clipsrv.exe + 2008-05-19 02:37:56 30,720 -c--a-w C:\WINDOWS\system32\dllcache\clipsrv.exe - 2001-08-28 12:00:00 388,096 -c--a-w C:\WINDOWS\system32\dllcache\cmd.exe + 2008-05-19 02:37:57 388,096 -c--a-w C:\WINDOWS\system32\dllcache\cmd.exe - 2001-08-28 12:00:00 41,472 -c--a-w C:\WINDOWS\system32\dllcache\cmdl32.exe + 2008-05-19 02:37:57 41,472 -c--a-w C:\WINDOWS\system32\dllcache\cmdl32.exe - 2001-08-28 12:00:00 35,840 -c--a-w C:\WINDOWS\system32\dllcache\cmmon32.exe + 2008-05-19 02:37:57 35,840 -c--a-w C:\WINDOWS\system32\dllcache\cmmon32.exe - 2001-08-28 12:00:00 56,832 -c--a-w C:\WINDOWS\system32\dllcache\cmstp.exe + 2008-05-19 02:37:57 56,832 -c--a-w C:\WINDOWS\system32\dllcache\cmstp.exe - 2001-08-28 12:00:00 15,872 -c--a-w C:\WINDOWS\system32\dllcache\comp.exe + 2008-05-19 02:37:57 15,872 -c--a-w C:\WINDOWS\system32\dllcache\comp.exe - 2001-08-28 12:00:00 18,432 -c--a-w C:\WINDOWS\system32\dllcache\compact.exe + 2008-05-19 02:37:57 18,432 -c--a-w C:\WINDOWS\system32\dllcache\compact.exe - 2001-08-28 12:00:00 8,192 -c--a-w C:\WINDOWS\system32\dllcache\comrepl.exe + 2008-05-19 02:37:57 8,192 -c--a-w C:\WINDOWS\system32\dllcache\comrepl.exe - 2001-08-28 12:00:00 5,120 -c--a-w C:\WINDOWS\system32\dllcache\comrereg.exe + 2008-05-19 02:37:57 5,120 -c--a-w C:\WINDOWS\system32\dllcache\comrereg.exe - 2001-08-28 12:00:00 1,007,616 -c--a-w C:\WINDOWS\system32\dllcache\conf.exe + 2008-05-19 02:37:58 1,007,616 -c--a-w C:\WINDOWS\system32\dllcache\conf.exe - 2001-08-28 12:00:00 24,576 -c--a-w C:\WINDOWS\system32\dllcache\conime.exe + 2008-05-19 02:37:58 24,576 -c--a-w C:\WINDOWS\system32\dllcache\conime.exe - 2001-08-28 12:00:00 8,192 -c--a-w C:\WINDOWS\system32\dllcache\control.exe + 2008-05-19 02:37:58 8,192 -c--a-w C:\WINDOWS\system32\dllcache\control.exe - 2001-08-28 12:00:00 13,824 -c--a-w C:\WINDOWS\system32\dllcache\convert.exe + 2008-05-19 02:37:58 13,824 -c--a-w C:\WINDOWS\system32\dllcache\convert.exe - 2001-08-28 12:00:00 56,832 -c--a-w C:\WINDOWS\system32\dllcache\convlog.exe + 2008-05-19 02:37:58 56,832 -c--a-w C:\WINDOWS\system32\dllcache\convlog.exe - 2001-08-28 12:00:00 61,492 -c--a-w C:\WINDOWS\system32\dllcache\cplexe.exe + 2008-05-19 02:37:58 61,440 -c--a-w C:\WINDOWS\system32\dllcache\cplexe.exe - 2001-08-28 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\cprofile.exe + 2008-05-19 02:37:58 19,456 -c--a-w C:\WINDOWS\system32\dllcache\cprofile.exe - 2001-08-28 12:00:00 561,664 -c--a-w C:\WINDOWS\system32\dllcache\crypt32.dll + 2002-09-23 13:10:48 551,424 -c--a-w C:\WINDOWS\system32\dllcache\crypt32.dll - 2001-08-28 12:00:00 102,450 -c--a-w C:\WINDOWS\system32\dllcache\cscript.exe + 2008-05-19 02:37:58 102,400 -c--a-w C:\WINDOWS\system32\dllcache\cscript.exe - 2001-08-28 12:00:00 39,424 -c--a-w C:\WINDOWS\system32\dllcache\davcdata.exe + 2008-05-19 02:37:59 39,424 -c--a-w C:\WINDOWS\system32\dllcache\davcdata.exe - 2001-08-28 12:00:00 5,120 -c--a-w C:\WINDOWS\system32\dllcache\dcomcnfg.exe + 2008-05-19 02:37:59 5,120 -c--a-w C:\WINDOWS\system32\dllcache\dcomcnfg.exe - 2001-08-28 12:00:00 28,672 -c--a-w C:\WINDOWS\system32\dllcache\ddeshare.exe + 2008-05-19 02:37:59 28,672 -c--a-w C:\WINDOWS\system32\dllcache\ddeshare.exe - 2001-08-28 12:00:00 109,568 -c--a-w C:\WINDOWS\system32\dllcache\defrag.exe + 2008-05-19 02:37:59 109,568 -c--a-w C:\WINDOWS\system32\dllcache\defrag.exe - 2001-08-28 12:00:00 73,216 -c--a-w C:\WINDOWS\system32\dllcache\dfrgfat.exe + 2008-05-19 02:37:59 73,216 -c--a-w C:\WINDOWS\system32\dllcache\dfrgfat.exe - 2001-08-28 12:00:00 85,504 -c--a-w C:\WINDOWS\system32\dllcache\dfrgntfs.exe + 2008-05-19 02:37:59 85,504 -c--a-w C:\WINDOWS\system32\dllcache\dfrgntfs.exe - 2001-08-28 12:00:00 531,456 -c--a-w C:\WINDOWS\system32\dllcache\dialer.exe + 2008-05-19 02:38:00 531,456 -c--a-w C:\WINDOWS\system32\dllcache\dialer.exe - 2001-08-28 12:00:00 79,360 -c--a-w C:\WINDOWS\system32\dllcache\diantz.exe + 2008-05-19 02:38:01 79,360 -c--a-w C:\WINDOWS\system32\dllcache\diantz.exe - 2001-08-28 12:00:00 150,016 -c--a-w C:\WINDOWS\system32\dllcache\diskpart.exe + 2008-05-19 02:38:01 150,016 -c--a-w C:\WINDOWS\system32\dllcache\diskpart.exe - 2001-08-28 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\diskperf.exe + 2008-05-19 02:38:01 19,456 -c--a-w C:\WINDOWS\system32\dllcache\diskperf.exe - 2001-08-28 12:00:00 294,912 -c--a-w C:\WINDOWS\system32\dllcache\dlimport.exe + 2008-05-19 02:38:01 294,912 -c--a-w C:\WINDOWS\system32\dllcache\dlimport.exe - 2001-08-28 12:00:00 4,608 -c--a-w C:\WINDOWS\system32\dllcache\dllhost.exe + 2008-05-19 02:38:01 4,608 -c--a-w C:\WINDOWS\system32\dllcache\dllhost.exe - 2001-08-28 12:00:00 4,608 -c--a-w C:\WINDOWS\system32\dllcache\dllhst3g.exe + 2008-05-19 02:38:01 4,608 -c--a-w C:\WINDOWS\system32\dllcache\dllhst3g.exe - 2001-08-28 12:00:00 205,312 -c--a-w C:\WINDOWS\system32\dllcache\dmadmin.exe + 2008-05-19 02:38:01 205,312 -c--a-w C:\WINDOWS\system32\dllcache\dmadmin.exe - 2001-08-28 12:00:00 14,336 -c--a-w C:\WINDOWS\system32\dllcache\dmremote.exe + 2008-05-19 02:38:01 14,336 -c--a-w C:\WINDOWS\system32\dllcache\dmremote.exe - 2001-08-28 12:00:00 10,752 -c--a-w C:\WINDOWS\system32\dllcache\doskey.exe + 2008-05-19 02:38:02 10,752 -c--a-w C:\WINDOWS\system32\dllcache\doskey.exe - 2001-08-28 12:00:00 26,112 -c--a-w C:\WINDOWS\system32\dllcache\dplaysvr.exe + 2008-05-19 02:38:02 26,112 -c--a-w C:\WINDOWS\system32\dllcache\dplaysvr.exe - 2001-08-28 12:00:00 18,944 -c--a-w C:\WINDOWS\system32\dllcache\dpnsvr.exe + 2008-05-19 02:38:02 18,944 -c--a-w C:\WINDOWS\system32\dllcache\dpnsvr.exe - 2001-08-28 12:00:00 59,392 -c--a-w C:\WINDOWS\system32\dllcache\dpvsetup.exe + 2008-05-19 02:38:02 59,392 -c--a-w C:\WINDOWS\system32\dllcache\dpvsetup.exe - 2001-08-28 12:00:00 60,928 -c--a-w C:\WINDOWS\system32\dllcache\drvqry.exe + 2008-05-19 02:38:02 60,928 -c--a-w C:\WINDOWS\system32\dllcache\drvqry.exe - 2001-08-28 12:00:00 47,104 -c--a-w C:\WINDOWS\system32\dllcache\drwtsn32.exe + 2008-05-19 02:38:02 47,104 -c--a-w C:\WINDOWS\system32\dllcache\drwtsn32.exe - 2001-08-28 12:00:00 30,208 -c--a-w C:\WINDOWS\system32\dllcache\dumprep.exe + 2008-05-19 02:38:02 30,208 -c--a-w C:\WINDOWS\system32\dllcache\dumprep.exe - 2001-08-28 12:00:00 15,872 -c--a-w C:\WINDOWS\system32\dllcache\dvdupgrd.exe + 2008-05-19 02:38:02 15,872 -c--a-w C:\WINDOWS\system32\dllcache\dvdupgrd.exe - 2001-08-28 12:00:00 786,432 -c--a-w C:\WINDOWS\system32\dllcache\dxdiag.exe + 2008-05-19 02:38:03 786,432 -c--a-w C:\WINDOWS\system32\dllcache\dxdiag.exe - 2001-08-28 12:00:00 39,424 -c--a-w C:\WINDOWS\system32\dllcache\esentutl.exe + 2008-05-19 02:38:03 39,424 -c--a-w C:\WINDOWS\system32\dllcache\esentutl.exe - 2001-08-28 12:00:00 180,736 -c--a-w C:\WINDOWS\system32\dllcache\eudcedit.exe + 2008-05-19 02:38:03 180,736 -c--a-w C:\WINDOWS\system32\dllcache\eudcedit.exe - 2001-08-28 12:00:00 50,176 -c--a-w C:\WINDOWS\system32\dllcache\evcreate.exe + 2008-05-19 02:38:03 50,176 -c--a-w C:\WINDOWS\system32\dllcache\evcreate.exe - 2001-08-28 12:00:00 9,216 -c--a-w C:\WINDOWS\system32\dllcache\eventvwr.exe + 2008-05-19 02:38:03 9,216 -c--a-w C:\WINDOWS\system32\dllcache\eventvwr.exe - 2001-08-28 12:00:00 24,576 -c--a-w C:\WINDOWS\system32\dllcache\evntcmd.exe + 2008-05-19 02:38:03 24,576 -c--a-w C:\WINDOWS\system32\dllcache\evntcmd.exe - 2001-08-28 12:00:00 87,552 -c--a-w C:\WINDOWS\system32\dllcache\evntwin.exe + 2008-05-19 02:38:04 87,552 -c--a-w C:\WINDOWS\system32\dllcache\evntwin.exe - 2001-08-28 12:00:00 81,408 -c--a-w C:\WINDOWS\system32\dllcache\evtrig.exe + 2008-05-19 02:38:04 81,408 -c--a-w C:\WINDOWS\system32\dllcache\evtrig.exe - 2001-08-23 15:47:44 23,040 -c--a-w C:\WINDOWS\system32\dllcache\EXCH_regtrace.exe + 2008-05-19 02:38:04 23,040 -c--a-w C:\WINDOWS\system32\dllcache\EXCH_regtrace.exe - 2001-08-28 12:00:00 16,896 -c--a-w C:\WINDOWS\system32\dllcache\expand.exe + 2008-05-19 02:38:04 16,896 -c--a-w C:\WINDOWS\system32\dllcache\expand.exe - 2001-08-28 12:00:00 40,960 -c--a-w C:\WINDOWS\system32\dllcache\extrac32.exe + 2008-05-19 02:38:04 40,960 -c--a-w C:\WINDOWS\system32\dllcache\extrac32.exe - 2001-08-28 12:00:00 14,848 -c--a-w C:\WINDOWS\system32\dllcache\fc.exe + 2008-05-19 02:38:05 14,848 -c--a-w C:\WINDOWS\system32\dllcache\fc.exe - 2001-08-28 12:00:00 9,216 -c--a-w C:\WINDOWS\system32\dllcache\find.exe + 2008-05-19 02:38:05 9,216 -c--a-w C:\WINDOWS\system32\dllcache\find.exe - 2001-08-28 12:00:00 27,136 -c--a-w C:\WINDOWS\system32\dllcache\findstr.exe + 2008-05-19 02:38:05 27,136 -c--a-w C:\WINDOWS\system32\dllcache\findstr.exe - 2001-08-28 12:00:00 10,240 -c--a-w C:\WINDOWS\system32\dllcache\finger.exe + 2008-05-19 02:38:05 10,240 -c--a-w C:\WINDOWS\system32\dllcache\finger.exe - 2001-08-28 12:00:00 3,072 -c--a-w C:\WINDOWS\system32\dllcache\fixmapi.exe + 2008-05-19 02:38:05 3,072 -c--a-w C:\WINDOWS\system32\dllcache\fixmapi.exe - 2001-08-28 12:00:00 15,360 -c--a-w C:\WINDOWS\system32\dllcache\flattemp.exe + 2008-05-19 02:38:05 15,360 -c--a-w C:\WINDOWS\system32\dllcache\flattemp.exe - 2001-08-28 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\fontview.exe + 2008-05-19 02:38:05 19,456 -c--a-w C:\WINDOWS\system32\dllcache\fontview.exe - 2001-08-28 12:00:00 7,168 -c--a-w C:\WINDOWS\system32\dllcache\forcedos.exe + 2008-05-19 02:38:05 7,168 -c--a-w C:\WINDOWS\system32\dllcache\forcedos.exe - 2001-05-23 03:15:08 14,608 -c--a-w C:\WINDOWS\system32\dllcache\fp98sadm.exe + 2008-05-19 02:38:05 14,336 -c--a-w C:\WINDOWS\system32\dllcache\fp98sadm.exe - 2001-05-23 03:15:08 109,328 -c--a-w C:\WINDOWS\system32\dllcache\fp98swin.exe + 2008-05-19 02:38:05 109,056 -c--a-w C:\WINDOWS\system32\dllcache\fp98swin.exe - 2001-05-23 03:15:08 24,632 -c--a-w C:\WINDOWS\system32\dllcache\fpadmcgi.exe + 2008-05-19 02:38:06 24,576 -c--a-w C:\WINDOWS\system32\dllcache\fpadmcgi.exe - 2001-05-23 03:15:08 94,208 -c--a-w C:\WINDOWS\system32\dllcache\fpcount.exe + 2008-05-19 02:38:06 94,208 -c--a-w C:\WINDOWS\system32\dllcache\fpcount.exe - 2001-05-23 03:15:08 20,538 -c--a-w C:\WINDOWS\system32\dllcache\fpremadm.exe + 2008-05-19 02:38:06 20,480 -c--a-w C:\WINDOWS\system32\dllcache\fpremadm.exe - 2001-08-28 12:00:00 55,808 -c--a-w C:\WINDOWS\system32\dllcache\freecell.exe + 2008-05-19 02:38:06 55,808 -c--a-w C:\WINDOWS\system32\dllcache\freecell.exe - 2001-08-28 12:00:00 61,952 -c--a-w C:\WINDOWS\system32\dllcache\fsutil.exe + 2008-05-19 02:38:06 61,952 -c--a-w C:\WINDOWS\system32\dllcache\fsutil.exe - 2001-08-28 12:00:00 44,032 -c--a-w C:\WINDOWS\system32\dllcache\ftp.exe + 2008-05-19 02:38:06 44,032 -c--a-w C:\WINDOWS\system32\dllcache\ftp.exe - 2001-08-28 12:00:00 131,584 -c--a-w C:\WINDOWS\system32\dllcache\fxsclnt.exe + 2008-05-19 02:38:06 131,584 -c--a-w C:\WINDOWS\system32\dllcache\fxsclnt.exe - 2001-08-28 12:00:00 225,280 -c--a-w C:\WINDOWS\system32\dllcache\fxscover.exe + 2008-05-19 02:38:07 225,280 -c--a-w C:\WINDOWS\system32\dllcache\fxscover.exe - 2001-08-28 12:00:00 11,776 -c--a-w C:\WINDOWS\system32\dllcache\fxssend.exe + 2008-05-19 02:38:07 11,776 -c--a-w C:\WINDOWS\system32\dllcache\fxssend.exe - 2001-08-28 12:00:00 250,368 -c--a-w C:\WINDOWS\system32\dllcache\fxssvc.exe + 2008-05-19 02:38:07 250,368 -c--a-w C:\WINDOWS\system32\dllcache\fxssvc.exe - 2001-08-28 12:00:00 57,344 -c--a-w C:\WINDOWS\system32\dllcache\getmac.exe + 2008-05-19 02:38:07 57,344 -c--a-w C:\WINDOWS\system32\dllcache\getmac.exe - 2001-08-28 12:00:00 115,200 -c--a-w C:\WINDOWS\system32\dllcache\gprslt.exe + 2008-05-19 02:38:07 115,200 -c--a-w C:\WINDOWS\system32\dllcache\gprslt.exe - 2001-08-28 12:00:00 59,392 -c--a-w C:\WINDOWS\system32\dllcache\gpupdate.exe + 2008-05-19 02:38:08 59,392 -c--a-w C:\WINDOWS\system32\dllcache\gpupdate.exe - 2001-08-28 12:00:00 37,888 -c--a-w C:\WINDOWS\system32\dllcache\grpconv.exe + 2008-05-19 02:38:08 37,888 -c--a-w C:\WINDOWS\system32\dllcache\grpconv.exe - 2001-08-28 12:00:00 16,384 -c--a-w C:\WINDOWS\system32\dllcache\help.exe + 2008-05-19 02:38:08 16,384 -c--a-w C:\WINDOWS\system32\dllcache\help.exe - 2001-08-28 12:00:00 692,224 -c--a-w C:\WINDOWS\system32\dllcache\helpctr.exe + 2008-05-19 02:38:09 692,224 -c--a-w C:\WINDOWS\system32\dllcache\helpctr.exe - 2001-08-28 12:00:00 99,840 -c--a-w C:\WINDOWS\system32\dllcache\helphost.exe + 2008-05-19 02:38:09 99,840 -c--a-w C:\WINDOWS\system32\dllcache\helphost.exe - 2001-08-28 12:00:00 694,272 -c--a-w C:\WINDOWS\system32\dllcache\helpsvc.exe + 2008-05-19 02:38:09 694,272 -c--a-w C:\WINDOWS\system32\dllcache\helpsvc.exe - 2001-08-28 12:00:00 26,647 -c--a-w C:\WINDOWS\system32\dllcache\hh.exe + 2008-05-19 02:38:09 10,752 -c--a-w C:\WINDOWS\system32\dllcache\hh.exe - 2001-08-28 12:00:00 67,612 -c--a-w C:\WINDOWS\system32\dllcache\hhsetup.dll + 2002-09-23 11:14:20 37,888 -c--a-w C:\WINDOWS\system32\dllcache\hhsetup.dll - 2001-08-28 12:00:00 8,704 -c--a-w C:\WINDOWS\system32\dllcache\hostname.exe + 2008-05-19 02:38:09 8,704 -c--a-w C:\WINDOWS\system32\dllcache\hostname.exe - 2001-08-28 12:00:00 42,573 -c--a-w C:\WINDOWS\system32\dllcache\hrtzzm.exe + 2008-05-19 02:38:09 42,496 -c--a-w C:\WINDOWS\system32\dllcache\hrtzzm.exe - 2001-08-28 12:00:00 213,504 -c--a-w C:\WINDOWS\system32\dllcache\icwconn1.exe + 2008-05-19 02:38:10 213,504 -c--a-w C:\WINDOWS\system32\dllcache\icwconn1.exe - 2001-08-28 12:00:00 77,824 -c--a-w C:\WINDOWS\system32\dllcache\icwconn2.exe + 2008-05-19 02:38:10 77,824 -c--a-w C:\WINDOWS\system32\dllcache\icwconn2.exe - 2001-08-28 12:00:00 24,576 -c--a-w C:\WINDOWS\system32\dllcache\icwrmind.exe + 2008-05-19 02:38:10 24,576 -c--a-w C:\WINDOWS\system32\dllcache\icwrmind.exe - 2001-08-28 12:00:00 73,728 -c--a-w C:\WINDOWS\system32\dllcache\icwtutor.exe + 2008-05-19 02:38:10 73,728 -c--a-w C:\WINDOWS\system32\dllcache\icwtutor.exe - 2001-08-28 12:00:00 28,160 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe + 2008-05-19 02:38:11 28,160 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe - 2001-08-28 12:00:00 91,136 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe + 2008-05-19 02:38:11 91,136 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe - 2001-08-28 12:00:00 99,840 -c--a-w C:\WINDOWS\system32\dllcache\iexpress.exe + 2008-05-19 02:38:11 99,840 -c--a-w C:\WINDOWS\system32\dllcache\iexpress.exe - 2001-08-28 12:00:00 14,848 -c--a-w C:\WINDOWS\system32\dllcache\iisreset.exe + 2008-05-19 02:38:11 14,848 -c--a-w C:\WINDOWS\system32\dllcache\iisreset.exe - 2001-08-28 12:00:00 28,672 -c--a-w C:\WINDOWS\system32\dllcache\iisrstas.exe + 2008-05-19 02:38:11 28,672 -c--a-w C:\WINDOWS\system32\dllcache\iisrstas.exe - 2001-08-28 12:00:00 6,656 -c--a-w C:\WINDOWS\system32\dllcache\iissync.exe + 2008-05-19 02:38:12 6,656 -c--a-w C:\WINDOWS\system32\dllcache\iissync.exe - 2001-08-28 12:00:00 118,784 -c--a-w C:\WINDOWS\system32\dllcache\imapi.exe + 2008-05-19 02:38:12 118,784 -c--a-w C:\WINDOWS\system32\dllcache\imapi.exe - 2001-08-28 12:00:00 44,032 -c--a-w C:\WINDOWS\system32\dllcache\imekrmig.exe + 2008-05-19 02:38:12 44,032 -c--a-w C:\WINDOWS\system32\dllcache\imekrmig.exe - 2001-08-28 12:00:00 311,359 -c--a-w C:\WINDOWS\system32\dllcache\imepadsv.exe + 2008-05-19 02:38:12 311,296 -c--a-w C:\WINDOWS\system32\dllcache\imepadsv.exe - 2001-08-28 12:00:00 57,398 -c--a-w C:\WINDOWS\system32\dllcache\imjpdadm.exe + 2008-05-19 02:38:12 57,344 -c--a-w C:\WINDOWS\system32\dllcache\imjpdadm.exe - 2001-08-28 12:00:00 307,254 -c--a-w C:\WINDOWS\system32\dllcache\imjpdct.exe + 2008-05-19 02:38:12 307,200 -c--a-w C:\WINDOWS\system32\dllcache\imjpdct.exe - 2001-08-28 12:00:00 155,702 -c--a-w C:\WINDOWS\system32\dllcache\imjpdsvr.exe + 2008-05-19 02:38:12 155,648 -c--a-w C:\WINDOWS\system32\dllcache\imjpdsvr.exe - 2001-08-28 12:00:00 196,662 -c--a-w C:\WINDOWS\system32\dllcache\imjpinst.exe + 2008-05-19 02:38:13 196,608 -c--a-w C:\WINDOWS\system32\dllcache\imjpinst.exe - 2001-08-28 12:00:00 208,949 -c--a-w C:\WINDOWS\system32\dllcache\imjpmig.exe + 2008-05-19 02:38:13 208,896 -c--a-w C:\WINDOWS\system32\dllcache\imjpmig.exe - 2001-08-28 12:00:00 233,524 -c--a-w C:\WINDOWS\system32\dllcache\imjprw.exe + 2008-05-19 02:38:13 233,472 -c--a-w C:\WINDOWS\system32\dllcache\imjprw.exe - 2001-08-28 12:00:00 45,109 -c--a-w C:\WINDOWS\system32\dllcache\imjpuex.exe + 2008-05-19 02:38:13 45,056 -c--a-w C:\WINDOWS\system32\dllcache\imjpuex.exe - 2001-08-28 12:00:00 262,197 -c--a-w C:\WINDOWS\system32\dllcache\imjputy.exe + 2008-05-19 02:38:13 262,144 -c--a-w C:\WINDOWS\system32\dllcache\imjputy.exe - 2001-08-28 12:00:00 59,904 -c--a-w C:\WINDOWS\system32\dllcache\imkrinst.exe + 2008-05-19 02:38:13 59,904 -c--a-w C:\WINDOWS\system32\dllcache\imkrinst.exe - 2001-08-28 12:00:00 77,824 -c--a-w C:\WINDOWS\system32\dllcache\imscinst.exe + 2008-05-19 02:38:14 77,824 -c--a-w C:\WINDOWS\system32\dllcache\imscinst.exe - 2001-08-28 12:00:00 14,336 -c--a-w C:\WINDOWS\system32\dllcache\inetin51.exe + 2008-05-19 02:38:14 14,336 -c--a-w C:\WINDOWS\system32\dllcache\inetin51.exe - 2001-08-28 12:00:00 7,680 -c--a-w C:\WINDOWS\system32\dllcache\inetmgr.exe + 2008-05-19 02:38:14 7,680 -c--a-w C:\WINDOWS\system32\dllcache\inetmgr.exe - 2001-08-28 12:00:00 20,480 -c--a-w C:\WINDOWS\system32\dllcache\inetwiz.exe + 2008-05-19 02:38:14 20,480 -c--a-w C:\WINDOWS\system32\dllcache\inetwiz.exe - 2001-08-28 12:00:00 52,224 -c--a-w C:\WINDOWS\system32\dllcache\ipconfig.exe + 2008-05-19 02:38:14 52,224 -c--a-w C:\WINDOWS\system32\dllcache\ipconfig.exe - 2001-08-28 12:00:00 46,080 -c--a-w C:\WINDOWS\system32\dllcache\ipsec6.exe + 2008-05-19 02:38:14 46,080 -c--a-w C:\WINDOWS\system32\dllcache\ipsec6.exe - 2001-08-28 12:00:00 60,416 -c--a-w C:\WINDOWS\system32\dllcache\ipv6.exe + 2008-05-19 02:38:14 60,416 -c--a-w C:\WINDOWS\system32\dllcache\ipv6.exe - 2001-08-28 12:00:00 23,040 -c--a-w C:\WINDOWS\system32\dllcache\ipxroute.exe + 2008-05-19 02:38:14 23,040 -c--a-w C:\WINDOWS\system32\dllcache\ipxroute.exe - 2001-08-28 12:00:00 16,384 -c--a-w C:\WINDOWS\system32\dllcache\isignup.exe + 2008-05-19 02:38:14 16,384 -c--a-w C:\WINDOWS\system32\dllcache\isignup.exe - 2001-08-28 12:00:00 155,552 -c--a-w C:\WINDOWS\system32\dllcache\itircl.dll + 2002-09-23 11:14:20 143,872 -c--a-w C:\WINDOWS\system32\dllcache\itircl.dll - 2001-08-28 12:00:00 138,048 -c--a-w C:\WINDOWS\system32\dllcache\itss.dll + 2002-09-23 11:14:20 122,368 -c--a-w C:\WINDOWS\system32\dllcache\itss.dll - 2001-08-28 12:00:00 593,948 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll + 2003-01-13 12:57:58 589,881 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll - 2001-08-28 12:00:00 9,728 -c--a-w C:\WINDOWS\system32\dllcache\label.exe + 2008-05-19 02:38:14 9,728 -c--a-w C:\WINDOWS\system32\dllcache\label.exe - 2001-08-28 12:00:00 30,208 -c--a-w C:\WINDOWS\system32\dllcache\lights.exe + 2008-05-19 02:38:15 30,208 -c--a-w C:\WINDOWS\system32\dllcache\lights.exe - 2001-08-28 12:00:00 26,624 -c--a-w C:\WINDOWS\system32\dllcache\lnkstub.exe + 2008-05-19 02:38:15 26,624 -c--a-w C:\WINDOWS\system32\dllcache\lnkstub.exe - 2001-08-28 12:00:00 68,096 -c--a-w C:\WINDOWS\system32\dllcache\locator.exe + 2008-05-19 02:38:15 68,608 -c--a-w C:\WINDOWS\system32\dllcache\locator.exe - 2001-08-28 12:00:00 5,120 -c--a-w C:\WINDOWS\system32\dllcache\lodctr.exe + 2008-05-19 02:38:15 5,120 -c--a-w C:\WINDOWS\system32\dllcache\lodctr.exe - 2001-08-28 12:00:00 24,576 -c--a-w C:\WINDOWS\system32\dllcache\logagent.exe + 2008-05-19 02:38:15 24,576 -c--a-w C:\WINDOWS\system32\dllcache\logagent.exe - 2001-08-28 12:00:00 57,856 -c--a-w C:\WINDOWS\system32\dllcache\logman.exe + 2008-05-19 02:38:15 57,856 -c--a-w C:\WINDOWS\system32\dllcache\logman.exe - 2001-08-28 12:00:00 15,872 -c--a-w C:\WINDOWS\system32\dllcache\logoff.exe + 2008-05-19 02:38:15 15,872 -c--a-w C:\WINDOWS\system32\dllcache\logoff.exe - 2001-08-28 12:00:00 220,672 -c--a-w C:\WINDOWS\system32\dllcache\logon.scr + 2008-05-19 02:38:15 220,672 -c--a-w C:\WINDOWS\system32\dllcache\logon.scr - 2001-08-28 12:00:00 505,344 -c--a-w C:\WINDOWS\system32\dllcache\logonui.exe + 2008-05-19 02:38:16 505,344 -c--a-w C:\WINDOWS\system32\dllcache\logonui.exe - 2001-08-28 12:00:00 6,144 -c--a-w C:\WINDOWS\system32\dllcache\lpq.exe + 2008-05-19 02:38:16 6,144 -c--a-w C:\WINDOWS\system32\dllcache\lpq.exe - 2001-08-28 12:00:00 9,216 -c--a-w C:\WINDOWS\system32\dllcache\lpr.exe + 2008-05-19 02:38:16 9,216 -c--a-w C:\WINDOWS\system32\dllcache\lpr.exe - 2001-08-28 12:00:00 11,776 -c--a-w C:\WINDOWS\system32\dllcache\lsass.exe + 2008-05-19 02:38:16 11,776 -c--a-w C:\WINDOWS\system32\dllcache\lsass.exe - 2001-08-28 12:00:00 68,096 -c--a-w C:\WINDOWS\system32\dllcache\magnify.exe + 2008-05-19 02:38:16 68,096 -c--a-w C:\WINDOWS\system32\dllcache\magnify.exe - 2001-08-28 12:00:00 79,360 -c--a-w C:\WINDOWS\system32\dllcache\makecab.exe + 2008-05-19 02:38:16 79,360 -c--a-w C:\WINDOWS\system32\dllcache\makecab.exe - 2001-08-28 12:00:00 34,816 -c--a-w C:\WINDOWS\system32\dllcache\migisol.exe + 2008-05-19 02:38:16 34,816 -c--a-w C:\WINDOWS\system32\dllcache\migisol.exe - 2001-08-28 12:00:00 99,328 -c--a-w C:\WINDOWS\system32\dllcache\migload.exe + 2008-05-19 02:38:16 99,328 -c--a-w C:\WINDOWS\system32\dllcache\migload.exe - 2001-08-28 12:00:00 6,656 -c--a-w C:\WINDOWS\system32\dllcache\migregdb.exe + 2008-05-19 02:38:16 6,656 -c--a-w C:\WINDOWS\system32\dllcache\migregdb.exe - 2001-08-28 12:00:00 237,056 -c--a-w C:\WINDOWS\system32\dllcache\migwiz.exe + 2008-05-19 02:38:17 237,056 -c--a-w C:\WINDOWS\system32\dllcache\migwiz.exe - 2001-08-28 12:00:00 233,472 -c--a-w C:\WINDOWS\system32\dllcache\migwiz_a.exe + 2008-05-19 02:38:17 233,472 -c--a-w C:\WINDOWS\system32\dllcache\migwiz_a.exe - 2001-08-28 12:00:00 775,168 -c--a-w C:\WINDOWS\system32\dllcache\mmc.exe + 2008-05-19 02:38:17 775,168 -c--a-w C:\WINDOWS\system32\dllcache\mmc.exe - 2001-08-28 12:00:00 32,768 -c--a-w C:\WINDOWS\system32\dllcache\mnmsrvc.exe + 2008-05-19 02:38:17 32,768 -c--a-w C:\WINDOWS\system32\dllcache\mnmsrvc.exe - 2001-08-28 12:00:00 136,192 -c--a-w C:\WINDOWS\system32\dllcache\mobsync.exe + 2008-05-19 02:38:17 136,192 -c--a-w C:\WINDOWS\system32\dllcache\mobsync.exe - 2001-08-28 12:00:00 14,848 -c--a-w C:\WINDOWS\system32\dllcache\mofcomp.exe + 2008-05-19 02:38:17 14,848 -c--a-w C:\WINDOWS\system32\dllcache\mofcomp.exe - 2001-08-28 12:00:00 8,192 -c--a-w C:\WINDOWS\system32\dllcache\mountvol.exe + 2008-05-19 02:38:17 8,192 -c--a-w C:\WINDOWS\system32\dllcache\mountvol.exe - 2001-08-28 12:00:00 806,978 -c--a-w C:\WINDOWS\system32\dllcache\moviemk.exe + 2008-05-19 02:38:18 806,912 -c--a-w C:\WINDOWS\system32\dllcache\moviemk.exe - 2001-08-28 12:00:00 118,272 -c--a-w C:\WINDOWS\system32\dllcache\mplay32.exe + 2008-05-19 02:38:18 118,272 -c--a-w C:\WINDOWS\system32\dllcache\mplay32.exe - 2001-08-28 12:00:00 4,639 -c--a-w C:\WINDOWS\system32\dllcache\mplayer2.exe + 2008-05-19 02:38:18 4,608 -c--a-w C:\WINDOWS\system32\dllcache\mplayer2.exe - 2001-08-28 12:00:00 22,016 -c--a-w C:\WINDOWS\system32\dllcache\mpnotify.exe + 2008-05-19 02:38:18 22,016 -c--a-w C:\WINDOWS\system32\dllcache\mpnotify.exe - 2001-08-28 12:00:00 17,408 -c--a-w C:\WINDOWS\system32\dllcache\mqbkup.exe + 2008-05-19 02:38:18 17,408 -c--a-w C:\WINDOWS\system32\dllcache\mqbkup.exe - 2001-08-28 12:00:00 4,608 -c--a-w C:\WINDOWS\system32\dllcache\mqsvc.exe + 2008-05-19 02:38:18 4,608 -c--a-w C:\WINDOWS\system32\dllcache\mqsvc.exe - 2001-08-28 12:00:00 97,792 -c--a-w C:\WINDOWS\system32\dllcache\mqtgsvc.exe + 2008-05-19 02:38:18 97,792 -c--a-w C:\WINDOWS\system32\dllcache\mqtgsvc.exe - 2001-08-28 12:00:00 14,336 -c--a-w C:\WINDOWS\system32\dllcache\mrinfo.exe + 2008-05-19 02:38:18 14,336 -c--a-w C:\WINDOWS\system32\dllcache\mrinfo.exe - 2001-08-28 12:00:00 147,968 -c--a-w C:\WINDOWS\system32\dllcache\msconfig.exe + 2008-05-19 02:38:19 147,968 -c--a-w C:\WINDOWS\system32\dllcache\msconfig.exe - 2001-08-28 12:00:00 6,144 -c--a-w C:\WINDOWS\system32\dllcache\msdtc.exe + 2008-05-19 02:38:19 6,144 -c--a-w C:\WINDOWS\system32\dllcache\msdtc.exe - 2001-08-28 12:00:00 22,528 -c--a-w C:\WINDOWS\system32\dllcache\msg.exe + 2008-05-19 02:38:19 22,528 -c--a-w C:\WINDOWS\system32\dllcache\msg.exe - 2001-08-28 12:00:00 128,000 -c--a-w C:\WINDOWS\system32\dllcache\mshearts.exe + 2008-05-19 02:38:19 128,000 -c--a-w C:\WINDOWS\system32\dllcache\mshearts.exe - 2001-08-28 12:00:00 24,064 -c--a-w C:\WINDOWS\system32\dllcache\mshta.exe + 2008-05-19 02:38:19 24,064 -c--a-w C:\WINDOWS\system32\dllcache\mshta.exe - 2001-08-28 12:00:00 63,488 -c--a-w C:\WINDOWS\system32\dllcache\msiexec.exe + 2008-05-19 02:38:19 63,488 -c--a-w C:\WINDOWS\system32\dllcache\msiexec.exe - 2001-08-28 12:00:00 57,856 -c--a-w C:\WINDOWS\system32\dllcache\msimn.exe + 2008-05-19 02:38:20 57,856 -c--a-w C:\WINDOWS\system32\dllcache\msimn.exe - 2001-08-28 12:00:00 40,448 -c--a-w C:\WINDOWS\system32\dllcache\msinfo32.exe + 2008-05-19 02:38:20 40,448 -c--a-w C:\WINDOWS\system32\dllcache\msinfo32.exe - 2001-08-28 12:00:00 34,816 -c--a-w C:\WINDOWS\system32\dllcache\msiregmv.exe + 2008-05-19 02:38:20 34,816 -c--a-w C:\WINDOWS\system32\dllcache\msiregmv.exe - 2001-08-28 12:00:00 28,160 -c--a-w C:\WINDOWS\system32\dllcache\msoobe.exe + 2008-05-19 02:38:20 28,160 -c--a-w C:\WINDOWS\system32\dllcache\msoobe.exe - 2001-08-28 12:00:00 344,576 -c--a-w C:\WINDOWS\system32\dllcache\mspaint.exe + 2008-05-19 02:38:21 344,576 -c--a-w C:\WINDOWS\system32\dllcache\mspaint.exe - 2001-08-28 12:00:00 6,656 -c--a-w C:\WINDOWS\system32\dllcache\msswchx.exe + 2008-05-19 02:38:21 6,656 -c--a-w C:\WINDOWS\system32\dllcache\msswchx.exe - 2001-08-28 12:00:00 9,728 -c--a-w C:\WINDOWS\system32\dllcache\mstinit.exe + 2008-05-19 02:38:21 9,728 -c--a-w C:\WINDOWS\system32\dllcache\mstinit.exe - 2001-08-28 12:00:00 390,144 -c--a-w C:\WINDOWS\system32\dllcache\mstsc.exe + 2008-05-19 02:38:22 390,144 -c--a-w C:\WINDOWS\system32\dllcache\mstsc.exe - 2001-08-28 12:00:00 111,104 -c--a-w C:\WINDOWS\system32\dllcache\mtstocom.exe + 2008-05-19 02:38:22 111,104 -c--a-w C:\WINDOWS\system32\dllcache\mtstocom.exe - 2001-08-28 12:00:00 84,992 -c--a-w C:\WINDOWS\system32\dllcache\muisetup.exe + 2008-05-19 02:38:22 84,992 -c--a-w C:\WINDOWS\system32\dllcache\muisetup.exe - 2001-08-28 12:00:00 52,736 -c--a-w C:\WINDOWS\system32\dllcache\narrator.exe + 2008-05-19 02:38:23 52,736 -c--a-w C:\WINDOWS\system32\dllcache\narrator.exe - 2001-08-28 12:00:00 21,504 -c--a-w C:\WINDOWS\system32\dllcache\nbtstat.exe + 2008-05-19 02:38:23 21,504 -c--a-w C:\WINDOWS\system32\dllcache\nbtstat.exe - 2001-08-28 12:00:00 4,096 -c--a-w C:\WINDOWS\system32\dllcache\nddeapir.exe + 2008-05-19 02:38:23 4,096 -c--a-w C:\WINDOWS\system32\dllcache\nddeapir.exe - 2001-08-28 12:00:00 39,424 -c--a-w C:\WINDOWS\system32\dllcache\net.exe + 2008-05-19 02:38:23 39,424 -c--a-w C:\WINDOWS\system32\dllcache\net.exe - 2001-08-28 12:00:00 115,200 -c--a-w C:\WINDOWS\system32\dllcache\net1.exe + 2008-05-19 02:38:23 115,200 -c--a-w C:\WINDOWS\system32\dllcache\net1.exe - 2001-08-28 12:00:00 109,056 -c--a-w C:\WINDOWS\system32\dllcache\netdde.exe + 2008-05-19 02:38:23 109,056 -c--a-w C:\WINDOWS\system32\dllcache\netdde.exe - 2001-08-28 12:00:00 85,504 -c--a-w C:\WINDOWS\system32\dllcache\netsh.exe + 2008-05-19 02:38:23 85,504 -c--a-w C:\WINDOWS\system32\dllcache\netsh.exe - 2001-08-28 12:00:00 31,744 -c--a-w C:\WINDOWS\system32\dllcache\netstat.exe + 2008-05-19 02:38:23 31,744 -c--a-w C:\WINDOWS\system32\dllcache\netstat.exe - 2001-08-28 12:00:00 67,584 -c--a-w C:\WINDOWS\system32\dllcache\notepad.exe + 2008-05-19 02:38:24 67,584 -c--a-w C:\WINDOWS\system32\dllcache\notepad.exe - 2001-08-28 12:00:00 35,328 -c--a-w C:\WINDOWS\system32\dllcache\notiflag.exe + 2008-05-19 02:38:24 35,328 -c--a-w C:\WINDOWS\system32\dllcache\notiflag.exe - 2001-08-28 12:00:00 13,824 -c--a-w C:\WINDOWS\system32\dllcache\nppagent.exe + 2008-05-19 02:38:24 13,824 -c--a-w C:\WINDOWS\system32\dllcache\nppagent.exe - 2001-08-28 12:00:00 74,240 -c--a-w C:\WINDOWS\system32\dllcache\nslookup.exe + 2008-05-19 02:38:24 74,240 -c--a-w C:\WINDOWS\system32\dllcache\nslookup.exe - 2001-08-28 12:00:00 1,166,336 -c--a-w C:\WINDOWS\system32\dllcache\ntbackup.exe + 2008-05-19 02:38:25 1,166,336 -c--a-w C:\WINDOWS\system32\dllcache\ntbackup.exe - 2001-08-28 12:00:00 31,744 -c--a-w C:\WINDOWS\system32\dllcache\ntsd.exe + 2008-05-19 02:38:26 31,744 -c--a-w C:\WINDOWS\system32\dllcache\ntsd.exe - 2001-08-28 12:00:00 396,800 -c--a-w C:\WINDOWS\system32\dllcache\ntvdm.exe + 2008-05-19 02:38:26 396,800 -c--a-w C:\WINDOWS\system32\dllcache\ntvdm.exe - 2001-08-28 12:00:00 129,024 -c--a-w C:\WINDOWS\system32\dllcache\nwscript.exe + 2008-05-19 02:38:26 129,024 -c--a-w C:\WINDOWS\system32\dllcache\nwscript.exe - 2001-08-28 12:00:00 32,768 -c--a-w C:\WINDOWS\system32\dllcache\odbcad32.exe + 2008-05-19 02:38:26 32,768 -c--a-w C:\WINDOWS\system32\dllcache\odbcad32.exe - 2001-08-28 12:00:00 53,248 -c--a-w C:\WINDOWS\system32\dllcache\odbcconf.exe + 2008-05-19 02:38:26 53,248 -c--a-w C:\WINDOWS\system32\dllcache\odbcconf.exe - 2001-08-28 12:00:00 56,320 -c--a-w C:\WINDOWS\system32\dllcache\oemig50.exe + 2008-05-19 02:38:26 56,320 -c--a-w C:\WINDOWS\system32\dllcache\oemig50.exe - 2001-08-28 12:00:00 50,176 -c--a-w C:\WINDOWS\system32\dllcache\oobebaln.exe + 2008-05-19 02:38:26 50,176 -c--a-w C:\WINDOWS\system32\dllcache\oobebaln.exe - 2001-08-28 12:00:00 65,536 -c--a-w C:\WINDOWS\system32\dllcache\opnfiles.exe + 2008-05-19 02:38:27 65,536 -c--a-w C:\WINDOWS\system32\dllcache\opnfiles.exe - 2001-08-28 12:00:00 213,504 -c--a-w C:\WINDOWS\system32\dllcache\osk.exe + 2008-05-19 02:38:27 213,504 -c--a-w C:\WINDOWS\system32\dllcache\osk.exe - 2001-08-28 12:00:00 41,984 -c--a-w C:\WINDOWS\system32\dllcache\osuninst.exe + 2008-05-19 02:38:27 41,984 -c--a-w C:\WINDOWS\system32\dllcache\osuninst.exe - 2001-08-28 12:00:00 53,760 -c--a-w C:\WINDOWS\system32\dllcache\packager.exe + 2008-05-19 02:38:27 53,760 -c--a-w C:\WINDOWS\system32\dllcache\packager.exe - 2001-08-28 12:00:00 22,528 -c--a-w C:\WINDOWS\system32\dllcache\pathping.exe + 2008-05-19 02:38:28 22,528 -c--a-w C:\WINDOWS\system32\dllcache\pathping.exe - 2001-08-28 12:00:00 15,360 -c--a-w C:\WINDOWS\system32\dllcache\pentnt.exe + 2008-05-19 02:38:28 15,360 -c--a-w C:\WINDOWS\system32\dllcache\pentnt.exe - 2001-08-28 12:00:00 14,336 -c--a-w C:\WINDOWS\system32\dllcache\perfmon.exe + 2008-05-19 02:38:28 14,336 -c--a-w C:\WINDOWS\system32\dllcache\perfmon.exe - 2001-08-28 12:00:00 275,968 -c--a-w C:\WINDOWS\system32\dllcache\pinball.exe + 2008-05-19 02:38:29 275,968 -c--a-w C:\WINDOWS\system32\dllcache\pinball.exe - 2001-08-28 12:00:00 16,384 -c--a-w C:\WINDOWS\system32\dllcache\ping.exe + 2008-05-19 02:38:29 16,384 -c--a-w C:\WINDOWS\system32\dllcache\ping.exe - 2001-08-28 12:00:00 34,304 -c--a-w C:\WINDOWS\system32\dllcache\ping6.exe + 2008-05-19 02:38:29 34,304 -c--a-w C:\WINDOWS\system32\dllcache\ping6.exe - 2001-08-28 12:00:00 131,126 -c--a-w C:\WINDOWS\system32\dllcache\pintlphr.exe + 2008-05-19 02:38:29 131,072 -c--a-w C:\WINDOWS\system32\dllcache\pintlphr.exe - 2001-08-28 12:00:00 9,216 -c--a-w C:\WINDOWS\system32\dllcache\print.exe + 2008-05-19 02:38:29 9,216 -c--a-w C:\WINDOWS\system32\dllcache\print.exe - 2001-08-28 12:00:00 208,896 -c--a-w C:\WINDOWS\system32\dllcache\progman.exe + 2008-05-19 02:38:29 208,896 -c--a-w C:\WINDOWS\system32\dllcache\progman.exe - 2001-08-28 12:00:00 45,568 -c--a-w C:\WINDOWS\system32\dllcache\proquota.exe + 2008-05-19 02:38:29 45,568 -c--a-w C:\WINDOWS\system32\dllcache\proquota.exe - 2001-08-28 12:00:00 23,040 -c--a-w C:\WINDOWS\system32\dllcache\proxycfg.exe + 2008-05-19 02:38:29 23,040 -c--a-w C:\WINDOWS\system32\dllcache\proxycfg.exe - 2001-08-28 12:00:00 17,408 -c--a-w C:\WINDOWS\system32\dllcache\qappsrv.exe + 2008-05-19 02:38:30 17,408 -c--a-w C:\WINDOWS\system32\dllcache\qappsrv.exe - 2001-08-28 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\qprocess.exe + 2008-05-19 02:38:30 19,456 -c--a-w C:\WINDOWS\system32\dllcache\qprocess.exe - 2001-08-28 12:00:00 10,240 -c--a-w C:\WINDOWS\system32\dllcache\query.exe + 2008-05-19 02:38:30 10,240 -c--a-w C:\WINDOWS\system32\dllcache\query.exe - 2001-08-28 12:00:00 16,896 -c--a-w C:\WINDOWS\system32\dllcache\quser.exe + 2008-05-19 02:38:30 16,896 -c--a-w C:\WINDOWS\system32\dllcache\quser.exe - 2001-08-28 12:00:00 22,528 -c--a-w C:\WINDOWS\system32\dllcache\qwinsta.exe + 2008-05-19 02:38:30 22,528 -c--a-w C:\WINDOWS\system32\dllcache\qwinsta.exe - 2001-08-28 12:00:00 11,776 -c--a-w C:\WINDOWS\system32\dllcache\rasautou.exe + 2008-05-19 02:38:30 11,776 -c--a-w C:\WINDOWS\system32\dllcache\rasautou.exe - 2001-08-28 12:00:00 11,776 -c--a-w C:\WINDOWS\system32\dllcache\rasdial.exe + 2008-05-19 02:38:30 11,776 -c--a-w C:\WINDOWS\system32\dllcache\rasdial.exe - 2001-08-28 12:00:00 54,784 -c--a-w C:\WINDOWS\system32\dllcache\rasphone.exe + 2008-05-19 02:38:30 54,784 -c--a-w C:\WINDOWS\system32\dllcache\rasphone.exe - 2001-08-28 12:00:00 46,464 -c--a-w C:\WINDOWS\system32\dllcache\raspptp.sys + 2002-10-01 16:43:52 46,208 -c--a-w C:\WINDOWS\system32\dllcache\raspptp.sys - 2001-08-28 12:00:00 34,304 -c--a-w C:\WINDOWS\system32\dllcache\rcimlby.exe + 2008-05-19 02:38:30 34,304 -c--a-w C:\WINDOWS\system32\dllcache\rcimlby.exe - 2001-08-28 12:00:00 21,504 -c--a-w C:\WINDOWS\system32\dllcache\rcp.exe + 2008-05-19 02:38:30 21,504 -c--a-w C:\WINDOWS\system32\dllcache\rcp.exe - 2001-08-28 12:00:00 41,984 -c--a-w C:\WINDOWS\system32\dllcache\rdpclip.exe + 2008-05-19 02:38:31 41,984 -c--a-w C:\WINDOWS\system32\dllcache\rdpclip.exe - 2001-08-28 12:00:00 12,288 -c--a-w C:\WINDOWS\system32\dllcache\rdsaddin.exe + 2008-05-19 02:38:31 12,288 -c--a-w C:\WINDOWS\system32\dllcache\rdsaddin.exe - 2001-08-28 12:00:00 61,952 -c--a-w C:\WINDOWS\system32\dllcache\rdshost.exe + 2008-05-19 02:38:31 61,952 -c--a-w C:\WINDOWS\system32\dllcache\rdshost.exe - 2001-08-28 12:00:00 7,168 -c--a-w C:\WINDOWS\system32\dllcache\recover.exe + 2008-05-19 02:38:31 7,168 -c--a-w C:\WINDOWS\system32\dllcache\recover.exe - 2001-08-28 12:00:00 51,200 -c--a-w C:\WINDOWS\system32\dllcache\reg.exe + 2008-05-19 02:38:31 51,200 -c--a-w C:\WINDOWS\system32\dllcache\reg.exe - 2001-08-28 12:00:00 140,800 -c--a-w C:\WINDOWS\system32\dllcache\regedit.exe + 2008-05-19 02:38:31 140,800 -c--a-w C:\WINDOWS\system32\dllcache\regedit.exe - 2001-08-28 12:00:00 3,584 -c--a-w C:\WINDOWS\system32\dllcache\regedt32.exe + 2008-05-19 02:38:31 3,584 -c--a-w C:\WINDOWS\system32\dllcache\regedt32.exe - 2001-08-28 12:00:00 33,792 -c--a-w C:\WINDOWS\system32\dllcache\regini.exe + 2008-05-19 02:38:32 33,792 -c--a-w C:\WINDOWS\system32\dllcache\regini.exe - 2001-08-28 12:00:00 15,360 -c--a-w C:\WINDOWS\system32\dllcache\register.exe + 2008-05-19 02:38:32 15,360 -c--a-w C:\WINDOWS\system32\dllcache\register.exe - 2001-08-28 12:00:00 10,240 -c--a-w C:\WINDOWS\system32\dllcache\regsvr32.exe + 2008-05-19 02:38:32 10,240 -c--a-w C:\WINDOWS\system32\dllcache\regsvr32.exe - 2001-08-28 12:00:00 4,608 -c--a-w C:\WINDOWS\system32\dllcache\regwiz.exe + 2008-05-19 02:38:32 4,608 -c--a-w C:\WINDOWS\system32\dllcache\regwiz.exe - 2001-08-28 12:00:00 33,792 -c--a-w C:\WINDOWS\system32\dllcache\relog.exe + 2008-05-19 02:38:32 33,792 -c--a-w C:\WINDOWS\system32\dllcache\relog.exe - 2001-08-28 12:00:00 12,800 -c--a-w C:\WINDOWS\system32\dllcache\replace.exe + 2008-05-19 02:38:32 12,800 -c--a-w C:\WINDOWS\system32\dllcache\replace.exe - 2001-08-28 12:00:00 10,240 -c--a-w C:\WINDOWS\system32\dllcache\reset.exe + 2008-05-19 02:38:32 10,240 -c--a-w C:\WINDOWS\system32\dllcache\reset.exe - 2001-08-28 12:00:00 12,800 -c--a-w C:\WINDOWS\system32\dllcache\rexec.exe + 2008-05-19 02:38:32 12,800 -c--a-w C:\WINDOWS\system32\dllcache\rexec.exe - 2001-08-28 12:00:00 21,504 -c--a-w C:\WINDOWS\system32\dllcache\route.exe + 2008-05-19 02:38:32 21,504 -c--a-w C:\WINDOWS\system32\dllcache\route.exe - 2001-08-28 12:00:00 25,600 -c--a-w C:\WINDOWS\system32\dllcache\routemon.exe + 2008-05-19 02:38:32 25,600 -c--a-w C:\WINDOWS\system32\dllcache\routemon.exe - 2001-08-28 12:00:00 14,336 -c--a-w C:\WINDOWS\system32\dllcache\rsh.exe + 2008-05-19 02:38:32 14,336 -c--a-w C:\WINDOWS\system32\dllcache\rsh.exe - 2001-08-28 12:00:00 53,248 -c--a-w C:\WINDOWS\system32\dllcache\rsm.exe + 2008-05-19 02:38:33 53,248 -c--a-w C:\WINDOWS\system32\dllcache\rsm.exe - 2001-08-28 12:00:00 24,576 -c--a-w C:\WINDOWS\system32\dllcache\rsmsink.exe + 2008-05-19 02:38:33 24,576 -c--a-w C:\WINDOWS\system32\dllcache\rsmsink.exe - 2001-08-28 12:00:00 49,664 -c--a-w C:\WINDOWS\system32\dllcache\rsmui.exe + 2008-05-19 02:38:33 49,664 -c--a-w C:\WINDOWS\system32\dllcache\rsmui.exe - 2001-08-28 12:00:00 103,424 -c--a-w C:\WINDOWS\system32\dllcache\rsnotify.exe + 2008-05-19 02:38:33 103,424 -c--a-w C:\WINDOWS\system32\dllcache\rsnotify.exe - 2001-08-28 12:00:00 62,976 -c--a-w C:\WINDOWS\system32\dllcache\rsopprov.exe + 2008-05-19 02:38:34 62,976 -c--a-w C:\WINDOWS\system32\dllcache\rsopprov.exe - 2001-08-28 12:00:00 370,176 -c--a-w C:\WINDOWS\system32\dllcache\rstrui.exe + 2008-05-19 02:38:35 370,176 -c--a-w C:\WINDOWS\system32\dllcache\rstrui.exe - 2001-08-28 12:00:00 132,608 -c--a-w C:\WINDOWS\system32\dllcache\rsvp.exe + 2008-05-19 02:38:35 132,608 -c--a-w C:\WINDOWS\system32\dllcache\rsvp.exe - 2001-08-28 12:00:00 75,264 -c--a-w C:\WINDOWS\system32\dllcache\rtcshare.exe + 2008-05-19 02:38:35 75,264 -c--a-w C:\WINDOWS\system32\dllcache\rtcshare.exe - 2001-08-28 12:00:00 17,408 -c--a-w C:\WINDOWS\system32\dllcache\runas.exe + 2008-05-19 02:38:35 17,408 -c--a-w C:\WINDOWS\system32\dllcache\runas.exe - 2001-08-28 12:00:00 32,256 -c--a-w C:\WINDOWS\system32\dllcache\rundll32.exe + 2008-05-19 02:38:35 32,256 -c--a-w C:\WINDOWS\system32\dllcache\rundll32.exe - 2001-08-28 12:00:00 12,288 -c--a-w C:\WINDOWS\system32\dllcache\runonce.exe + 2008-05-19 02:38:36 12,288 -c--a-w C:\WINDOWS\system32\dllcache\runonce.exe - 2001-08-28 12:00:00 42,574 -c--a-w C:\WINDOWS\system32\dllcache\rvsezm.exe + 2008-05-19 02:38:36 42,496 -c--a-w C:\WINDOWS\system32\dllcache\rvsezm.exe - 2001-08-28 12:00:00 16,384 -c--a-w C:\WINDOWS\system32\dllcache\rwinsta.exe + 2008-05-19 02:38:36 16,384 -c--a-w C:\WINDOWS\system32\dllcache\rwinsta.exe - 2001-08-28 12:00:00 36,864 -c--a-w C:\WINDOWS\system32\dllcache\sapisvr.exe + 2008-05-19 02:38:36 36,864 -c--a-w C:\WINDOWS\system32\dllcache\sapisvr.exe - 2001-08-28 12:00:00 19,968 -c--a-w C:\WINDOWS\system32\dllcache\savedump.exe + 2008-05-19 02:38:36 19,968 -c--a-w C:\WINDOWS\system32\dllcache\savedump.exe - 2001-08-28 12:00:00 31,232 -c--a-w C:\WINDOWS\system32\dllcache\sc.exe + 2008-05-19 02:38:36 31,232 -c--a-w C:\WINDOWS\system32\dllcache\sc.exe - 2001-08-28 12:00:00 97,792 -c--a-w C:\WINDOWS\system32\dllcache\scardsvr.exe + 2008-05-19 02:38:36 97,792 -c--a-w C:\WINDOWS\system32\dllcache\scardsvr.exe - 2001-08-28 12:00:00 33,792 -c--a-w C:\WINDOWS\system32\dllcache\scrcons.exe + 2008-05-19 02:38:36 33,792 -c--a-w C:\WINDOWS\system32\dllcache\scrcons.exe - 2001-08-28 12:00:00 8,192 -c--a-w C:\WINDOWS\system32\dllcache\scrnsave.scr + 2008-05-19 02:38:36 8,192 -c--a-w C:\WINDOWS\system32\dllcache\scrnsave.scr - 2001-08-28 12:00:00 122,368 -c--a-w C:\WINDOWS\system32\dllcache\sctasks.exe + 2008-05-19 02:38:37 122,368 -c--a-w C:\WINDOWS\system32\dllcache\sctasks.exe - 2001-08-28 12:00:00 39,424 -c--a-w C:\WINDOWS\system32\dllcache\sdbinst.exe + 2008-05-19 02:38:37 39,424 -c--a-w C:\WINDOWS\system32\dllcache\sdbinst.exe - 2001-08-28 12:00:00 17,920 -c--a-w C:\WINDOWS\system32\dllcache\secedit.exe + 2008-05-19 02:38:37 17,920 -c--a-w C:\WINDOWS\system32\dllcache\secedit.exe - 2001-08-28 12:00:00 101,888 -c--a-w C:\WINDOWS\system32\dllcache\services.exe + 2008-05-19 02:38:37 101,888 -c--a-w C:\WINDOWS\system32\dllcache\services.exe - 2001-08-28 12:00:00 131,584 -c--a-w C:\WINDOWS\system32\dllcache\sessmgr.exe + 2008-05-19 02:38:37 131,584 -c--a-w C:\WINDOWS\system32\dllcache\sessmgr.exe - 2001-08-28 12:00:00 30,208 -c--a-w C:\WINDOWS\system32\dllcache\sethc.exe + 2008-05-19 02:38:37 30,208 -c--a-w C:\WINDOWS\system32\dllcache\sethc.exe - 2001-08-28 12:00:00 20,992 -c--a-w C:\WINDOWS\system32\dllcache\setup.exe + 2008-05-19 02:38:37 20,992 -c--a-w C:\WINDOWS\system32\dllcache\setup.exe - 2001-08-28 12:00:00 225,280 -c--a-w C:\WINDOWS\system32\dllcache\setup_wm.exe + 2008-05-19 02:38:38 225,280 -c--a-w C:\WINDOWS\system32\dllcache\setup_wm.exe - 2001-08-28 12:00:00 67,072 -c--a-w C:\WINDOWS\system32\dllcache\setup50.exe + 2008-05-19 02:38:38 67,072 -c--a-w C:\WINDOWS\system32\dllcache\setup50.exe - 2001-08-28 12:00:00 10,240 -c--a-w C:\WINDOWS\system32\dllcache\sfc.exe + 2008-05-19 02:38:38 10,240 -c--a-w C:\WINDOWS\system32\dllcache\sfc.exe - 2001-08-28 12:00:00 15,360 -c--a-w C:\WINDOWS\system32\dllcache\shadow.exe + 2008-05-19 02:38:38 15,360 -c--a-w C:\WINDOWS\system32\dllcache\shadow.exe - 2001-08-28 12:00:00 127,488 -c--a-w C:\WINDOWS\system32\dllcache\shmedia.dll + 2002-09-19 09:28:54 127,488 -c--a-w C:\WINDOWS\system32\dllcache\shmedia.dll - 2001-08-28 12:00:00 21,504 -c--a-w C:\WINDOWS\system32\dllcache\shmgrate.exe + 2008-05-19 02:38:38 21,504 -c--a-w C:\WINDOWS\system32\dllcache\shmgrate.exe - 2001-08-28 12:00:00 70,656 -c--a-w C:\WINDOWS\system32\dllcache\shrpubw.exe + 2008-05-19 02:38:38 70,656 -c--a-w C:\WINDOWS\system32\dllcache\shrpubw.exe - 2001-05-23 03:15:08 16,437 -c--a-w C:\WINDOWS\system32\dllcache\shtml.exe + 2008-05-19 02:38:38 16,384 -c--a-w C:\WINDOWS\system32\dllcache\shtml.exe - 2001-08-28 12:00:00 18,944 -c--a-w C:\WINDOWS\system32\dllcache\shutdown.exe + 2008-05-19 02:38:38 18,944 -c--a-w C:\WINDOWS\system32\dllcache\shutdown.exe - 2001-08-28 12:00:00 42,573 -c--a-w C:\WINDOWS\system32\dllcache\shvlzm.exe + 2008-05-19 02:38:39 42,496 -c--a-w C:\WINDOWS\system32\dllcache\shvlzm.exe - 2001-08-28 12:00:00 67,072 -c--a-w C:\WINDOWS\system32\dllcache\sigverif.exe + 2008-05-19 02:38:39 67,072 -c--a-w C:\WINDOWS\system32\dllcache\sigverif.exe - 2001-08-28 12:00:00 24,064 -c--a-w C:\WINDOWS\system32\dllcache\skeys.exe + 2008-05-19 02:38:39 24,064 -c--a-w C:\WINDOWS\system32\dllcache\skeys.exe - 2001-08-28 12:00:00 226,304 -c--a-w C:\WINDOWS\system32\dllcache\smi2smir.exe + 2008-05-19 02:38:39 226,304 -c--a-w C:\WINDOWS\system32\dllcache\smi2smir.exe - 2001-08-28 12:00:00 89,600 -c--a-w C:\WINDOWS\system32\dllcache\smlogsvc.exe + 2008-05-19 02:38:39 89,600 -c--a-w C:\WINDOWS\system32\dllcache\smlogsvc.exe - 2001-08-28 12:00:00 125,952 -c--a-w C:\WINDOWS\system32\dllcache\sndrec32.exe + 2008-05-19 02:38:39 125,952 -c--a-w C:\WINDOWS\system32\dllcache\sndrec32.exe - 2001-08-28 12:00:00 139,264 -c--a-w C:\WINDOWS\system32\dllcache\sndvol32.exe + 2008-05-19 02:38:40 139,264 -c--a-w C:\WINDOWS\system32\dllcache\sndvol32.exe - 2001-08-28 12:00:00 29,696 -c--a-w C:\WINDOWS\system32\dllcache\snmp.exe + 2008-05-19 02:38:40 29,696 -c--a-w C:\WINDOWS\system32\dllcache\snmp.exe - 2001-08-28 12:00:00 8,192 -c--a-w C:\WINDOWS\system32\dllcache\snmptrap.exe + 2008-05-19 02:38:40 8,192 -c--a-w C:\WINDOWS\system32\dllcache\snmptrap.exe - 2001-08-28 12:00:00 57,344 -c--a-w C:\WINDOWS\system32\dllcache\sol.exe + 2008-05-19 02:38:40 57,344 -c--a-w C:\WINDOWS\system32\dllcache\sol.exe - 2001-08-28 12:00:00 25,088 -c--a-w C:\WINDOWS\system32\dllcache\sort.exe + 2008-05-19 02:38:41 25,088 -c--a-w C:\WINDOWS\system32\dllcache\sort.exe - 2001-08-28 12:00:00 534,528 -c--a-w C:\WINDOWS\system32\dllcache\spider.exe + 2008-05-19 02:38:42 534,528 -c--a-w C:\WINDOWS\system32\dllcache\spider.exe - 2001-08-28 12:00:00 51,200 -c--a-w C:\WINDOWS\system32\dllcache\spoolsv.exe + 2008-05-19 02:38:43 51,200 -c--a-w C:\WINDOWS\system32\dllcache\spoolsv.exe - 2001-08-28 12:00:00 47,104 -c--a-w C:\WINDOWS\system32\dllcache\srdiag.exe + 2008-05-19 02:38:43 47,104 -c--a-w C:\WINDOWS\system32\dllcache\srdiag.exe - 2001-08-28 12:00:00 671,744 -c--a-w C:\WINDOWS\system32\dllcache\ss3dfo.scr + 2008-05-19 02:38:43 671,744 -c--a-w C:\WINDOWS\system32\dllcache\ss3dfo.scr - 2001-08-28 12:00:00 18,944 -c--a-w C:\WINDOWS\system32\dllcache\ssbezier.scr + 2008-05-19 02:38:43 18,944 -c--a-w C:\WINDOWS\system32\dllcache\ssbezier.scr - 2001-08-28 12:00:00 364,544 -c--a-w C:\WINDOWS\system32\dllcache\ssflwbox.scr + 2008-05-19 02:38:43 364,544 -c--a-w C:\WINDOWS\system32\dllcache\ssflwbox.scr - 2001-08-28 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\ssmarque.scr + 2008-05-19 02:38:43 19,456 -c--a-w C:\WINDOWS\system32\dllcache\ssmarque.scr - 2001-08-28 12:00:00 43,008 -c--a-w C:\WINDOWS\system32\dllcache\ssmypics.scr + 2008-05-19 02:38:43 43,008 -c--a-w C:\WINDOWS\system32\dllcache\ssmypics.scr - 2001-08-28 12:00:00 17,408 -c--a-w C:\WINDOWS\system32\dllcache\ssmyst.scr + 2008-05-19 02:38:44 17,408 -c--a-w C:\WINDOWS\system32\dllcache\ssmyst.scr - 2001-08-28 12:00:00 569,344 -c--a-w C:\WINDOWS\system32\dllcache\sspipes.scr + 2008-05-19 02:38:44 569,344 -c--a-w C:\WINDOWS\system32\dllcache\sspipes.scr - 2001-08-28 12:00:00 13,312 -c--a-w C:\WINDOWS\system32\dllcache\ssstars.scr + 2008-05-19 02:38:44 13,312 -c--a-w C:\WINDOWS\system32\dllcache\ssstars.scr - 2001-08-28 12:00:00 643,072 -c--a-w C:\WINDOWS\system32\dllcache\sstext3d.scr + 2008-05-19 02:38:44 643,072 -c--a-w C:\WINDOWS\system32\dllcache\sstext3d.scr - 2001-08-28 12:00:00 20,992 -c--a-w C:\WINDOWS\system32\dllcache\stimon.exe + 2008-05-19 02:38:44 20,992 -c--a-w C:\WINDOWS\system32\dllcache\stimon.exe - 2001-08-28 12:00:00 9,216 -c--a-w C:\WINDOWS\system32\dllcache\subst.exe + 2008-05-19 02:38:44 9,216 -c--a-w C:\WINDOWS\system32\dllcache\subst.exe - 2001-08-28 12:00:00 12,800 -c--a-w C:\WINDOWS\system32\dllcache\svchost.exe + 2008-05-19 02:38:44 12,800 -c--a-w C:\WINDOWS\system32\dllcache\svchost.exe - 2001-08-28 12:00:00 51,200 -c--a-w C:\WINDOWS\system32\dllcache\syncapp.exe + 2008-05-19 02:38:45 51,200 -c--a-w C:\WINDOWS\system32\dllcache\syncapp.exe - 2001-08-28 12:00:00 70,656 -c--a-w C:\WINDOWS\system32\dllcache\sysinfo.exe + 2008-05-19 02:38:45 70,656 -c--a-w C:\WINDOWS\system32\dllcache\sysinfo.exe - 2001-08-28 12:00:00 37,888 -c--a-w C:\WINDOWS\system32\dllcache\syskey.exe + 2008-05-19 02:38:45 37,888 -c--a-w C:\WINDOWS\system32\dllcache\syskey.exe - 2001-08-28 12:00:00 104,960 -c--a-w C:\WINDOWS\system32\dllcache\sysocmgr.exe + 2008-05-19 02:38:45 104,960 -c--a-w C:\WINDOWS\system32\dllcache\sysocmgr.exe - 2001-08-28 12:00:00 3,072 -c--a-w C:\WINDOWS\system32\dllcache\systray.exe + 2008-05-19 02:38:45 3,072 -c--a-w C:\WINDOWS\system32\dllcache\systray.exe - 2001-08-28 12:00:00 74,240 -c--a-w C:\WINDOWS\system32\dllcache\taskkill.exe + 2008-05-19 02:38:45 74,240 -c--a-w C:\WINDOWS\system32\dllcache\taskkill.exe - 2001-08-28 12:00:00 74,240 -c--a-w C:\WINDOWS\system32\dllcache\tasklist.exe + 2008-05-19 02:38:46 74,240 -c--a-w C:\WINDOWS\system32\dllcache\tasklist.exe - 2001-08-28 12:00:00 15,872 -c--a-w C:\WINDOWS\system32\dllcache\taskman.exe + 2008-05-19 02:38:46 15,872 -c--a-w C:\WINDOWS\system32\dllcache\taskman.exe - 2001-08-28 12:00:00 136,192 -c--a-w C:\WINDOWS\system32\dllcache\taskmgr.exe + 2008-05-19 02:38:46 136,192 -c--a-w C:\WINDOWS\system32\dllcache\taskmgr.exe - 2001-08-28 12:00:00 13,312 -c--a-w C:\WINDOWS\system32\dllcache\tcmsetup.exe + 2008-05-19 02:38:46 13,312 -c--a-w C:\WINDOWS\system32\dllcache\tcmsetup.exe - 2001-08-28 12:00:00 19,456 -c--a-w C:\WINDOWS\system32\dllcache\tcpsvcs.exe + 2008-05-19 02:38:46 19,456 -c--a-w C:\WINDOWS\system32\dllcache\tcpsvcs.exe - 2001-05-23 03:15:08 32,827 -c--a-w C:\WINDOWS\system32\dllcache\tcptest.exe + 2008-05-19 02:38:46 32,768 -c--a-w C:\WINDOWS\system32\dllcache\tcptest.exe - 2001-08-28 12:00:00 72,704 -c--a-w C:\WINDOWS\system32\dllcache\telnet.exe + 2008-05-19 02:38:46 72,704 -c--a-w C:\WINDOWS\system32\dllcache\telnet.exe - 2001-08-28 12:00:00 17,920 -c--a-w C:\WINDOWS\system32\dllcache\tftp.exe + 2008-05-19 02:38:47 17,920 -c--a-w C:\WINDOWS\system32\dllcache\tftp.exe - 2001-08-28 12:00:00 143,421 -c--a-w C:\WINDOWS\system32\dllcache\tintlphr.exe + 2008-05-19 02:38:47 143,360 -c--a-w C:\WINDOWS\system32\dllcache\tintlphr.exe - 2001-08-28 12:00:00 737,360 -c--a-w C:\WINDOWS\system32\dllcache\tintsetp.exe + 2008-05-19 02:38:47 737,280 -c--a-w C:\WINDOWS\system32\dllcache\tintsetp.exe - 2001-08-28 12:00:00 54,272 -c--a-w C:\WINDOWS\system32\dllcache\tlntadmn.exe + 2008-05-19 02:38:47 54,272 -c--a-w C:\WINDOWS\system32\dllcache\tlntadmn.exe - 2001-08-28 12:00:00 72,704 -c--a-w C:\WINDOWS\system32\dllcache\tlntsess.exe + 2008-05-19 02:38:47 72,704 -c--a-w C:\WINDOWS\system32\dllcache\tlntsess.exe - 2001-08-28 12:00:00 62,976 -c--a-w C:\WINDOWS\system32\dllcache\tlntsvr.exe + 2008-05-19 02:38:47 62,976 -c--a-w C:\WINDOWS\system32\dllcache\tlntsvr.exe - 2001-08-28 12:00:00 346,624 -c--a-w C:\WINDOWS\system32\dllcache\tourstrt.exe + 2008-05-19 02:38:49 346,624 -c--a-w C:\WINDOWS\system32\dllcache\tourstrt.exe - 2001-08-28 12:00:00 232,448 -c--a-w C:\WINDOWS\system32\dllcache\tracerpt.exe + 2008-05-19 02:38:49 232,448 -c--a-w C:\WINDOWS\system32\dllcache\tracerpt.exe - 2001-08-28 12:00:00 10,752 -c--a-w C:\WINDOWS\system32\dllcache\tracert.exe + 2008-05-19 02:38:49 10,752 -c--a-w C:\WINDOWS\system32\dllcache\tracert.exe - 2001-08-28 12:00:00 32,256 -c--a-w C:\WINDOWS\system32\dllcache\tracert6.exe + 2008-05-19 02:38:49 32,256 -c--a-w C:\WINDOWS\system32\dllcache\tracert6.exe - 2001-08-28 12:00:00 15,360 -c--a-w C:\WINDOWS\system32\dllcache\tscon.exe + 2008-05-19 02:38:50 15,360 -c--a-w C:\WINDOWS\system32\dllcache\tscon.exe - 2001-08-28 12:00:00 40,448 -c--a-w C:\WINDOWS\system32\dllcache\tscupgrd.exe + 2008-05-19 02:38:50 40,448 -c--a-w C:\WINDOWS\system32\dllcache\tscupgrd.exe - 2001-08-28 12:00:00 14,848 -c--a-w C:\WINDOWS\system32\dllcache\tsdiscon.exe + 2008-05-19 02:38:50 14,848 -c--a-w C:\WINDOWS\system32\dllcache\tsdiscon.exe - 2001-08-28 12:00:00 16,896 -c--a-w C:\WINDOWS\system32\dllcache\tskill.exe + 2008-05-19 02:38:50 16,896 -c--a-w C:\WINDOWS\system32\dllcache\tskill.exe - 2001-08-28 12:00:00 14,336 -c--a-w C:\WINDOWS\system32\dllcache\tsprof.exe + 2008-05-19 02:38:50 14,336 -c--a-w C:\WINDOWS\system32\dllcache\tsprof.exe - 2001-08-28 12:00:00 17,408 -c--a-w C:\WINDOWS\system32\dllcache\tsshutdn.exe + 2008-05-19 02:38:50 17,408 -c--a-w C:\WINDOWS\system32\dllcache\tsshutdn.exe - 2001-08-28 12:00:00 25,600 -c--a-w C:\WINDOWS\system32\dllcache\twunk_32.exe + 2008-05-19 02:38:50 25,600 -c--a-w C:\WINDOWS\system32\dllcache\twunk_32.exe - 2001-08-28 12:00:00 37,376 -c--a-w C:\WINDOWS\system32\dllcache\typeperf.exe + 2008-05-19 02:38:50 37,376 -c--a-w C:\WINDOWS\system32\dllcache\typeperf.exe - 2001-08-28 12:00:00 4,096 -c--a-w C:\WINDOWS\system32\dllcache\unlodctr.exe + 2008-05-19 02:38:50 4,096 -c--a-w C:\WINDOWS\system32\dllcache\unlodctr.exe - 2001-08-28 12:00:00 229,376 -c--a-w C:\WINDOWS\system32\dllcache\unregmp2.exe + 2008-05-19 02:38:51 229,376 -c--a-w C:\WINDOWS\system32\dllcache\unregmp2.exe - 2001-08-28 12:00:00 16,896 -c--a-w C:\WINDOWS\system32\dllcache\unsecapp.exe + 2008-05-19 02:38:51 16,896 -c--a-w C:\WINDOWS\system32\dllcache\unsecapp.exe - 2001-08-28 12:00:00 139,264 -c--a-w C:\WINDOWS\system32\dllcache\uploadm.exe + 2008-05-19 02:38:51 139,264 -c--a-w C:\WINDOWS\system32\dllcache\uploadm.exe - 2001-08-28 12:00:00 14,848 -c--a-w C:\WINDOWS\system32\dllcache\upnpcont.exe + 2008-05-19 02:38:51 14,848 -c--a-w C:\WINDOWS\system32\dllcache\upnpcont.exe - 2001-08-28 12:00:00 16,384 -c--a-w C:\WINDOWS\system32\dllcache\ups.exe + 2008-05-19 02:38:51 16,384 -c--a-w C:\WINDOWS\system32\dllcache\ups.exe - 2001-08-28 12:00:00 22,016 -c--a-w C:\WINDOWS\system32\dllcache\userinit.exe + 2008-05-19 02:38:51 22,016 -c--a-w C:\WINDOWS\system32\dllcache\userinit.exe - 2001-08-28 12:00:00 46,592 -c--a-w C:\WINDOWS\system32\dllcache\utilman.exe + 2008-05-19 02:38:51 46,592 -c--a-w C:\WINDOWS\system32\dllcache\utilman.exe - 2001-08-28 12:00:00 102,912 -c--a-w C:\WINDOWS\system32\dllcache\verifier.exe + 2008-05-19 02:38:51 102,912 -c--a-w C:\WINDOWS\system32\dllcache\verifier.exe - 2001-08-28 12:00:00 34,304 -c--a-w C:\WINDOWS\system32\dllcache\vssadmin.exe + 2008-05-19 02:38:52 34,304 -c--a-w C:\WINDOWS\system32\dllcache\vssadmin.exe - 2001-08-28 12:00:00 281,088 -c--a-w C:\WINDOWS\system32\dllcache\vssvc.exe + 2008-05-19 02:38:52 281,088 -c--a-w C:\WINDOWS\system32\dllcache\vssvc.exe - 2001-08-28 12:00:00 51,712 -c--a-w C:\WINDOWS\system32\dllcache\w32tm.exe + 2008-05-19 02:38:52 51,712 -c--a-w C:\WINDOWS\system32\dllcache\w32tm.exe - 2001-08-28 12:00:00 43,008 -c--a-w C:\WINDOWS\system32\dllcache\wab.exe + 2008-05-19 02:38:52 43,008 -c--a-w C:\WINDOWS\system32\dllcache\wab.exe - 2001-08-28 12:00:00 27,648 -c--a-w C:\WINDOWS\system32\dllcache\wabmig.exe + 2008-05-19 02:38:52 27,648 -c--a-w C:\WINDOWS\system32\dllcache\wabmig.exe - 2001-08-28 12:00:00 12,288 -c--a-w C:\WINDOWS\system32\dllcache\wb32.exe + 2008-05-19 02:38:52 12,288 -c--a-w C:\WINDOWS\system32\dllcache\wb32.exe - 2001-08-28 12:00:00 161,280 -c--a-w C:\WINDOWS\system32\dllcache\wbemtest.exe + 2008-05-19 02:38:53 161,280 -c--a-w C:\WINDOWS\system32\dllcache\wbemtest.exe - 2001-08-28 12:00:00 61,952 -c--a-w C:\WINDOWS\system32\dllcache\wextract.exe + 2008-05-19 02:38:53 61,952 -c--a-w C:\WINDOWS\system32\dllcache\wextract.exe + 2007-04-10 12:00:52 236,928 -c----w C:\WINDOWS\system32\dllcache\WgaLogon.dll + 2007-04-10 12:01:40 337,280 -c----w C:\WINDOWS\system32\dllcache\WgaTray.exe - 2001-08-28 12:00:00 419,840 -c--a-w C:\WINDOWS\system32\dllcache\wiaacmgr.exe + 2008-05-19 02:38:54 419,840 -c--a-w C:\WINDOWS\system32\dllcache\wiaacmgr.exe - 2001-08-28 12:00:00 271,360 -c--a-w C:\WINDOWS\system32\dllcache\winhlp32.exe + 2008-05-19 02:38:54 271,360 -c--a-w C:\WINDOWS\system32\dllcache\winhlp32.exe - 2001-08-28 12:00:00 8,192 -c--a-w C:\WINDOWS\system32\dllcache\winhstb.exe + 2008-05-19 02:38:54 8,192 -c--a-w C:\WINDOWS\system32\dllcache\winhstb.exe - 2001-08-28 12:00:00 434,176 -c--a-w C:\WINDOWS\system32\dllcache\winlogon.exe + 2008-05-19 02:38:54 434,176 -c--a-w C:\WINDOWS\system32\dllcache\winlogon.exe - 2001-08-28 12:00:00 14,336 -c--a-w C:\WINDOWS\system32\dllcache\winmgmt.exe + 2008-05-19 02:38:54 14,336 -c--a-w C:\WINDOWS\system32\dllcache\winmgmt.exe - 2001-08-28 12:00:00 119,808 -c--a-w C:\WINDOWS\system32\dllcache\winmine.exe + 2008-05-19 02:38:55 119,808 -c--a-w C:\WINDOWS\system32\dllcache\winmine.exe - 2001-08-28 12:00:00 11,776 -c--a-w C:\WINDOWS\system32\dllcache\winmsd.exe + 2008-05-19 02:38:55 11,776 -c--a-w C:\WINDOWS\system32\dllcache\winmsd.exe - 2001-08-28 12:00:00 4,096 -c--a-w C:\WINDOWS\system32\dllcache\winver.exe + 2008-05-19 02:38:55 4,096 -c--a-w C:\WINDOWS\system32\dllcache\winver.exe - 2001-08-28 12:00:00 183,808 -c--a-w C:\WINDOWS\system32\dllcache\wmiadap.exe + 2008-05-19 02:38:55 183,808 -c--a-w C:\WINDOWS\system32\dllcache\wmiadap.exe - 2001-08-28 12:00:00 117,248 -c--a-w C:\WINDOWS\system32\dllcache\wmiapsrv.exe + 2008-05-19 02:38:55 117,248 -c--a-w C:\WINDOWS\system32\dllcache\wmiapsrv.exe - 2001-08-28 12:00:00 341,504 -c--a-w C:\WINDOWS\system32\dllcache\wmic.exe + 2008-05-19 02:38:56 341,504 -c--a-w C:\WINDOWS\system32\dllcache\wmic.exe - 2001-08-28 12:00:00 203,264 -c--a-w C:\WINDOWS\system32\dllcache\wmiprvse.exe + 2008-05-19 02:38:56 203,264 -c--a-w C:\WINDOWS\system32\dllcache\wmiprvse.exe - 2001-08-28 12:00:00 520,192 -c--a-w C:\WINDOWS\system32\dllcache\wmplayer.exe + 2008-05-19 02:38:56 520,192 -c--a-w C:\WINDOWS\system32\dllcache\wmplayer.exe - 2001-08-28 12:00:00 77,824 -c--a-w C:\WINDOWS\system32\dllcache\wmpstub.exe + 2008-05-19 02:38:56 77,824 -c--a-w C:\WINDOWS\system32\dllcache\wmpstub.exe - 2001-08-28 12:00:00 203,776 -c--a-w C:\WINDOWS\system32\dllcache\wordpad.exe + 2008-05-19 02:38:57 203,776 -c--a-w C:\WINDOWS\system32\dllcache\wordpad.exe - 2001-08-28 12:00:00 31,232 -c--a-w C:\WINDOWS\system32\dllcache\wpabaln.exe + 2008-05-19 02:38:57 31,232 -c--a-w C:\WINDOWS\system32\dllcache\wpabaln.exe - 2001-08-28 12:00:00 29,696 -c--a-w C:\WINDOWS\system32\dllcache\wpnpinst.exe + 2008-05-19 02:38:57 29,696 -c--a-w C:\WINDOWS\system32\dllcache\wpnpinst.exe - 2001-08-28 12:00:00 5,632 -c--a-w C:\WINDOWS\system32\dllcache\write.exe + 2008-05-19 02:38:57 5,632 -c--a-w C:\WINDOWS\system32\dllcache\write.exe - 2001-08-28 12:00:00 118,834 -c--a-w C:\WINDOWS\system32\dllcache\wscript.exe + 2008-05-19 02:38:57 118,784 -c--a-w C:\WINDOWS\system32\dllcache\wscript.exe - 2001-08-28 12:00:00 32,256 -c--a-w C:\WINDOWS\system32\dllcache\wupdmgr.exe + 2008-05-19 02:38:57 32,256 -c--a-w C:\WINDOWS\system32\dllcache\wupdmgr.exe - 2001-08-28 12:00:00 28,160 -c--a-w C:\WINDOWS\system32\dllcache\xcopy.exe + 2008-05-19 02:38:57 28,160 -c--a-w C:\WINDOWS\system32\dllcache\xcopy.exe - 2001-08-28 12:00:00 36,937 -c--a-w C:\WINDOWS\system32\dllcache\zclientm.exe + 2008-05-19 02:38:58 36,864 -c--a-w C:\WINDOWS\system32\dllcache\zclientm.exe - 2001-08-28 12:00:00 4,608 ----a-w C:\WINDOWS\system32\dllhost.exe + 2008-05-19 02:35:19 4,608 ----a-w C:\WINDOWS\system32\dllhost.exe - 2001-08-28 12:00:00 4,608 ----a-w C:\WINDOWS\system32\dllhst3g.exe + 2008-05-19 02:37:02 4,608 ----a-w C:\WINDOWS\system32\dllhst3g.exe - 2001-08-28 12:00:00 205,312 ----a-w C:\WINDOWS\system32\dmadmin.exe + 2008-05-19 02:35:19 205,312 ----a-w C:\WINDOWS\system32\dmadmin.exe - 2001-08-28 12:00:00 14,336 ----a-w C:\WINDOWS\system32\dmremote.exe + 2008-05-19 02:37:02 14,336 ----a-w C:\WINDOWS\system32\dmremote.exe - 2001-08-28 12:00:00 10,752 ----a-w C:\WINDOWS\system32\doskey.exe + 2008-05-19 02:37:03 10,752 ----a-w C:\WINDOWS\system32\doskey.exe - 2001-08-28 12:00:00 26,112 ----a-w C:\WINDOWS\system32\dplaysvr.exe + 2008-05-19 02:37:03 26,112 ----a-w C:\WINDOWS\system32\dplaysvr.exe - 2001-08-28 12:00:00 18,944 ----a-w C:\WINDOWS\system32\dpnsvr.exe + 2008-05-19 02:37:03 18,944 ----a-w C:\WINDOWS\system32\dpnsvr.exe - 2001-08-28 12:00:00 59,392 ----a-w C:\WINDOWS\system32\dpvsetup.exe + 2008-05-19 02:37:03 59,392 ----a-w C:\WINDOWS\system32\dpvsetup.exe - 2001-08-28 12:00:00 60,928 ----a-w C:\WINDOWS\system32\driverquery.exe + 2008-05-19 02:37:03 60,928 ----a-w C:\WINDOWS\system32\driverquery.exe + 2007-07-05 12:34:52 134,160 ----a-w C:\WINDOWS\system32\drivers\klif.sys - 2001-08-28 12:00:00 46,464 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys + 2002-10-01 16:43:52 46,208 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys - 2001-08-28 12:00:00 56,832 ----a-w C:\WINDOWS\system32\drwtsn32.exe + 2008-05-19 02:35:00 47,104 ----a-w C:\WINDOWS\system32\drwtsn32.exe - 2001-08-28 12:00:00 39,936 ----a-w C:\WINDOWS\system32\dumprep.exe + 2008-05-19 02:37:03 30,208 ----a-w C:\WINDOWS\system32\dumprep.exe - 2001-08-28 12:00:00 59,392 ----a-w C:\WINDOWS\system32\dvdplay.exe + 2008-05-19 02:37:04 59,392 ----a-w C:\WINDOWS\system32\dvdplay.exe - 2001-08-28 12:00:00 15,872 ----a-w C:\WINDOWS\system32\dvdupgrd.exe + 2008-05-19 02:37:04 15,872 ----a-w C:\WINDOWS\system32\dvdupgrd.exe - 2001-08-28 12:00:00 786,432 ----a-w C:\WINDOWS\system32\dxdiag.exe + 2008-05-19 02:37:04 786,432 ----a-w C:\WINDOWS\system32\dxdiag.exe - 2008-04-27 14:13:39 32,768 ----a-w C:\WINDOWS\system32\epmfnbfe.exe + 2008-05-19 02:37:04 23,040 ----a-w C:\WINDOWS\system32\epmfnbfe.exe - 2001-08-28 12:00:00 39,424 ----a-w C:\WINDOWS\system32\esentutl.exe + 2008-05-19 02:37:04 39,424 ----a-w C:\WINDOWS\system32\esentutl.exe - 2001-08-28 12:00:00 180,736 ----a-w C:\WINDOWS\system32\eudcedit.exe + 2008-05-19 02:37:05 180,736 ----a-w C:\WINDOWS\system32\eudcedit.exe - 2001-08-28 12:00:00 50,176 ----a-w C:\WINDOWS\system32\eventcreate.exe + 2008-05-19 02:37:05 50,176 ----a-w C:\WINDOWS\system32\eventcreate.exe - 2001-08-28 12:00:00 81,408 ----a-w C:\WINDOWS\system32\eventtriggers.exe + 2008-05-19 02:37:05 81,408 ----a-w C:\WINDOWS\system32\eventtriggers.exe - 2001-08-28 12:00:00 9,216 ----a-w C:\WINDOWS\system32\eventvwr.exe + 2008-05-19 02:37:05 9,216 ----a-w C:\WINDOWS\system32\eventvwr.exe - 2001-08-28 12:00:00 16,896 ----a-w C:\WINDOWS\system32\expand.exe + 2008-05-19 02:37:05 16,896 ----a-w C:\WINDOWS\system32\expand.exe - 2001-08-28 12:00:00 40,960 ----a-w C:\WINDOWS\system32\extrac32.exe + 2008-05-19 02:37:05 40,960 ----a-w C:\WINDOWS\system32\extrac32.exe - 2001-08-28 12:00:00 24,576 ----a-w C:\WINDOWS\system32\fc.exe + 2008-05-19 02:37:05 14,848 ----a-w C:\WINDOWS\system32\fc.exe - 2008-05-02 14:36:14 23,040 ----a-w C:\WINDOWS\system32\fgif.exe + 2008-05-19 02:37:05 23,040 ----a-w C:\WINDOWS\system32\fgif.exe - 2001-08-28 12:00:00 18,944 ----a-w C:\WINDOWS\system32\find.exe + 2008-05-19 02:37:05 9,216 ----a-w C:\WINDOWS\system32\find.exe - 2001-08-28 12:00:00 36,864 ----a-w C:\WINDOWS\system32\findstr.exe + 2008-05-19 02:37:06 27,136 ----a-w C:\WINDOWS\system32\findstr.exe - 2001-08-28 12:00:00 10,240 ----a-w C:\WINDOWS\system32\finger.exe + 2008-05-19 02:37:06 10,240 ----a-w C:\WINDOWS\system32\finger.exe - 2001-08-28 12:00:00 3,072 ----a-w C:\WINDOWS\system32\fixmapi.exe + 2008-05-19 02:37:06 3,072 ----a-w C:\WINDOWS\system32\fixmapi.exe - 2001-08-28 12:00:00 7,168 ----a-w C:\WINDOWS\system32\forcedos.exe + 2008-05-19 02:37:06 7,168 ----a-w C:\WINDOWS\system32\forcedos.exe - 2001-08-28 12:00:00 55,808 ----a-w C:\WINDOWS\system32\freecell.exe + 2008-05-19 02:37:06 55,808 ----a-w C:\WINDOWS\system32\freecell.exe - 2001-08-28 12:00:00 61,952 ----a-w C:\WINDOWS\system32\fsutil.exe + 2008-05-19 02:37:06 61,952 ----a-w C:\WINDOWS\system32\fsutil.exe - 2001-08-28 12:00:00 53,760 ----a-w C:\WINDOWS\system32\ftp.exe + 2008-05-19 02:37:07 44,032 ----a-w C:\WINDOWS\system32\ftp.exe - 2001-08-28 12:00:00 57,344 ----a-w C:\WINDOWS\system32\getmac.exe + 2008-05-19 02:37:07 57,344 ----a-w C:\WINDOWS\system32\getmac.exe - 2001-08-28 12:00:00 115,200 ----a-w C:\WINDOWS\system32\gpresult.exe + 2008-05-19 02:37:08 115,200 ----a-w C:\WINDOWS\system32\gpresult.exe - 2001-08-28 12:00:00 59,392 ----a-w C:\WINDOWS\system32\gpupdate.exe + 2008-05-19 02:37:08 59,392 ----a-w C:\WINDOWS\system32\gpupdate.exe - 2001-08-28 12:00:00 47,616 ----a-w C:\WINDOWS\system32\grpconv.exe + 2008-05-19 02:37:08 37,888 ----a-w C:\WINDOWS\system32\grpconv.exe - 2001-08-28 12:00:00 16,384 ----a-w C:\WINDOWS\system32\help.exe + 2008-05-19 02:37:08 16,384 ----a-w C:\WINDOWS\system32\help.exe - 2001-08-28 12:00:00 67,612 ----a-w C:\WINDOWS\system32\hhsetup.dll + 2002-09-23 11:14:20 37,888 ----a-w C:\WINDOWS\system32\hhsetup.dll - 2001-08-28 12:00:00 8,704 ----a-w C:\WINDOWS\system32\hostname.exe + 2008-05-19 02:37:09 8,704 ----a-w C:\WINDOWS\system32\hostname.exe - 2008-04-29 17:20:47 23,040 ----a-w C:\WINDOWS\system32\htlu.exe + 2008-05-19 02:37:09 23,040 ----a-w C:\WINDOWS\system32\htlu.exe - 2001-08-28 12:00:00 28,160 ----a-w C:\WINDOWS\system32\ie4uinit.exe + 2008-05-19 02:35:21 28,160 ----a-w C:\WINDOWS\system32\ie4uinit.exe - 2001-08-28 12:00:00 99,840 ----a-w C:\WINDOWS\system32\iexpress.exe + 2008-05-19 02:37:09 99,840 ----a-w C:\WINDOWS\system32\iexpress.exe - 2008-05-16 04:00:36 26,112 ----a-w C:\WINDOWS\system32\ihqh.exe + 2008-05-19 02:37:10 26,112 ----a-w C:\WINDOWS\system32\ihqh.exe - 2001-08-28 12:00:00 128,512 ----a-w C:\WINDOWS\system32\imapi.exe + 2008-05-19 02:35:19 118,784 ----a-w C:\WINDOWS\system32\imapi.exe - 2001-08-28 12:00:00 52,224 ----a-w C:\WINDOWS\system32\ipconfig.exe + 2008-05-19 02:37:10 52,224 ----a-w C:\WINDOWS\system32\ipconfig.exe - 2001-08-28 12:00:00 46,080 ----a-w C:\WINDOWS\system32\ipsec6.exe + 2008-05-19 02:37:10 46,080 ----a-w C:\WINDOWS\system32\ipsec6.exe - 2001-08-28 12:00:00 60,416 ----a-w C:\WINDOWS\system32\ipv6.exe + 2008-05-19 02:37:10 60,416 ----a-w C:\WINDOWS\system32\ipv6.exe - 2001-08-28 12:00:00 32,768 ----a-w C:\WINDOWS\system32\ipxroute.exe + 2008-05-19 02:37:10 23,040 ----a-w C:\WINDOWS\system32\ipxroute.exe - 2001-08-28 12:00:00 155,552 ----a-w C:\WINDOWS\system32\itircl.dll + 2002-09-23 11:14:20 143,872 ----a-w C:\WINDOWS\system32\itircl.dll - 2001-08-28 12:00:00 138,048 ----a-w C:\WINDOWS\system32\itss.dll + 2002-09-23 11:14:20 122,368 ----a-w C:\WINDOWS\system32\itss.dll - 2008-05-05 15:30:31 2,824 ---ha-w C:\WINDOWS\system32\jgct.exe + 2008-05-05 15:30:31 12,552 ---ha-w C:\WINDOWS\system32\jgct.exe - 2008-04-22 11:24:11 26,882 ---ha-w C:\WINDOWS\system32\jmgodrkc.exe + 2008-04-22 11:24:11 36,610 ---ha-w C:\WINDOWS\system32\jmgodrkc.exe - 2001-08-28 12:00:00 593,948 ----a-w C:\WINDOWS\system32\jscript.dll + 2003-01-13 12:57:58 589,881 ----a-w C:\WINDOWS\system32\jscript.dll - 2008-04-29 15:18:36 23,040 ----a-w C:\WINDOWS\system32\kscf.exe + 2008-05-19 02:37:11 23,040 ----a-w C:\WINDOWS\system32\kscf.exe - 2001-08-28 12:00:00 9,728 ----a-w C:\WINDOWS\system32\label.exe + 2008-05-19 02:37:11 9,728 ----a-w C:\WINDOWS\system32\label.exe - 2008-05-16 04:00:36 23,040 ----a-w C:\WINDOWS\system32\labqbxe.exe + 2008-05-19 02:37:11 23,040 ----a-w C:\WINDOWS\system32\labqbxe.exe - 2001-08-28 12:00:00 30,208 ----a-w C:\WINDOWS\system32\lights.exe + 2008-05-19 02:37:12 30,208 ----a-w C:\WINDOWS\system32\lights.exe - 2008-05-02 14:25:47 23,040 ----a-w C:\WINDOWS\system32\lkqvoli.exe + 2008-05-19 02:37:12 23,040 ----a-w C:\WINDOWS\system32\lkqvoli.exe - 2008-05-02 15:03:54 32,768 ----a-w C:\WINDOWS\system32\lmvbolsz.exe + 2008-05-19 02:37:12 23,040 ----a-w C:\WINDOWS\system32\lmvbolsz.exe - 2001-08-28 12:00:00 26,624 ----a-w C:\WINDOWS\system32\lnkstub.exe + 2008-05-19 02:37:12 26,624 ----a-w C:\WINDOWS\system32\lnkstub.exe - 2001-08-28 12:00:00 68,096 ----a-w C:\WINDOWS\system32\locator.exe + 2008-05-19 02:35:20 68,608 ----a-w C:\WINDOWS\system32\locator.exe - 2001-08-28 12:00:00 5,120 ----a-w C:\WINDOWS\system32\lodctr.exe + 2008-05-19 02:37:12 5,120 ----a-w C:\WINDOWS\system32\lodctr.exe - 2001-08-28 12:00:00 24,576 ----a-w C:\WINDOWS\system32\logagent.exe + 2008-05-19 02:37:12 24,576 ----a-w C:\WINDOWS\system32\logagent.exe - 2001-08-28 12:00:00 57,856 ----a-w C:\WINDOWS\system32\logman.exe + 2008-05-19 02:37:12 57,856 ----a-w C:\WINDOWS\system32\logman.exe - 2001-08-28 12:00:00 15,872 ----a-w C:\WINDOWS\system32\logoff.exe + 2008-05-19 02:37:12 15,872 ----a-w C:\WINDOWS\system32\logoff.exe - 2001-08-28 12:00:00 220,672 ----a-w C:\WINDOWS\system32\logon.scr + 2008-05-19 02:35:21 220,672 ----a-w C:\WINDOWS\system32\logon.scr - 2001-08-28 12:00:00 515,072 ----a-w C:\WINDOWS\system32\logonui.exe + 2008-05-19 02:37:14 505,344 ----a-w C:\WINDOWS\system32\logonui.exe - 2001-08-28 12:00:00 6,144 ----a-w C:\WINDOWS\system32\lpq.exe + 2008-05-19 02:37:14 6,144 ----a-w C:\WINDOWS\system32\lpq.exe - 2001-08-28 12:00:00 9,216 ----a-w C:\WINDOWS\system32\lpr.exe + 2008-05-19 02:37:14 9,216 ----a-w C:\WINDOWS\system32\lpr.exe - 2008-05-13 12:05:21 76,800 ----a-w C:\WINDOWS\system32\lqrodsww.exe + 2008-05-19 02:37:14 76,800 ----a-w C:\WINDOWS\system32\lqrodsww.exe - 2008-05-03 13:30:35 32,768 ----a-w C:\WINDOWS\system32\lxorkyau.exe + 2008-05-19 02:37:14 23,040 ----a-w C:\WINDOWS\system32\lxorkyau.exe - 2001-08-28 12:00:00 68,096 ----a-w C:\WINDOWS\system32\magnify.exe + 2008-05-19 02:37:14 68,096 ----a-w C:\WINDOWS\system32\magnify.exe - 2001-08-28 12:00:00 79,360 ----a-w C:\WINDOWS\system32\makecab.exe + 2008-05-19 02:37:15 79,360 ----a-w C:\WINDOWS\system32\makecab.exe - 2008-05-13 12:24:52 23,040 ----a-w C:\WINDOWS\system32\matgtu.exe + 2008-05-19 02:37:15 23,040 ----a-w C:\WINDOWS\system32\matgtu.exe - 2008-05-05 15:08:34 12,290 ----a-w C:\WINDOWS\system32\mgpcpflb.exe + 2008-05-05 15:08:34 31,746 ----a-w C:\WINDOWS\system32\mgpcpflb.exe - 2001-08-28 12:00:00 52,736 ----a-w C:\WINDOWS\system32\migpwd.exe + 2008-05-19 02:37:15 52,736 ----a-w C:\WINDOWS\system32\migpwd.exe - 2001-08-28 12:00:00 32,768 ----a-w C:\WINDOWS\system32\mnmsrvc.exe + 2008-05-19 02:35:19 32,768 ----a-w C:\WINDOWS\system32\mnmsrvc.exe - 2001-08-28 12:00:00 136,192 ----a-w C:\WINDOWS\system32\mobsync.exe + 2008-05-19 02:37:15 136,192 ----a-w C:\WINDOWS\system32\mobsync.exe - 2001-08-28 12:00:00 8,192 ----a-w C:\WINDOWS\system32\mountvol.exe + 2008-05-19 02:37:15 8,192 ----a-w C:\WINDOWS\system32\mountvol.exe - 2001-08-28 12:00:00 118,272 ----a-w C:\WINDOWS\system32\mplay32.exe + 2008-05-19 02:37:15 118,272 ----a-w C:\WINDOWS\system32\mplay32.exe - 2001-08-28 12:00:00 22,016 ----a-w C:\WINDOWS\system32\mpnotify.exe + 2008-05-19 02:37:15 22,016 ----a-w C:\WINDOWS\system32\mpnotify.exe - 2001-08-28 12:00:00 17,408 ----a-w C:\WINDOWS\system32\mqbkup.exe + 2008-05-19 02:37:15 17,408 ----a-w C:\WINDOWS\system32\mqbkup.exe - 2001-08-28 12:00:00 4,608 ----a-w C:\WINDOWS\system32\mqsvc.exe + 2008-05-19 02:37:15 4,608 ----a-w C:\WINDOWS\system32\mqsvc.exe - 2001-08-28 12:00:00 97,792 ----a-w C:\WINDOWS\system32\mqtgsvc.exe + 2008-05-19 02:37:16 97,792 ----a-w C:\WINDOWS\system32\mqtgsvc.exe - 2001-08-28 12:00:00 14,336 ----a-w C:\WINDOWS\system32\mrinfo.exe + 2008-05-19 02:37:16 14,336 ----a-w C:\WINDOWS\system32\mrinfo.exe + 2008-05-09 12:35:06 16,863,864 ----a-w C:\WINDOWS\system32\MRT.exe - 2001-08-28 12:00:00 6,144 ----a-w C:\WINDOWS\system32\msdtc.exe + 2008-05-19 02:35:19 6,144 ----a-w C:\WINDOWS\system32\msdtc.exe - 2001-08-28 12:00:00 22,528 ----a-w C:\WINDOWS\system32\msg.exe + 2008-05-19 02:37:16 22,528 ----a-w C:\WINDOWS\system32\msg.exe - 2001-08-28 12:00:00 137,728 ----a-w C:\WINDOWS\system32\mshearts.exe + 2008-05-19 02:37:16 128,000 ----a-w C:\WINDOWS\system32\mshearts.exe - 2001-08-28 12:00:00 63,488 ----a-w C:\WINDOWS\system32\msiexec.exe + 2008-05-19 02:35:20 63,488 ----a-w C:\WINDOWS\system32\msiexec.exe - 2008-05-16 12:55:06 448,000 ----a-w C:\WINDOWS\system32\msmsnger.exe + 2008-05-19 02:37:18 438,272 ----a-w C:\WINDOWS\system32\msmsnger.exe - 2001-08-28 12:00:00 344,576 ----a-w C:\WINDOWS\system32\mspaint.exe + 2008-05-19 02:35:32 344,576 ----a-w C:\WINDOWS\system32\mspaint.exe - 2001-08-28 12:00:00 6,656 ----a-w C:\WINDOWS\system32\msswchx.exe + 2008-05-19 02:37:18 6,656 ----a-w C:\WINDOWS\system32\msswchx.exe - 2001-08-28 12:00:00 9,728 ----a-w C:\WINDOWS\system32\mstinit.exe + 2008-05-19 02:37:18 9,728 ----a-w C:\WINDOWS\system32\mstinit.exe - 2001-08-28 12:00:00 399,872 ----a-w C:\WINDOWS\system32\mstsc.exe + 2008-05-19 02:37:19 390,144 ----a-w C:\WINDOWS\system32\mstsc.exe - 2001-08-28 12:00:00 52,736 ----a-w C:\WINDOWS\system32\narrator.exe + 2008-05-19 02:37:20 52,736 ----a-w C:\WINDOWS\system32\narrator.exe - 2001-08-28 12:00:00 21,504 ----a-w C:\WINDOWS\system32\nbtstat.exe + 2008-05-19 02:37:20 21,504 ----a-w C:\WINDOWS\system32\nbtstat.exe - 2001-08-28 12:00:00 4,096 ----a-w C:\WINDOWS\system32\nddeapir.exe + 2008-05-19 02:37:20 4,096 ----a-w C:\WINDOWS\system32\nddeapir.exe - 2008-05-16 12:32:47 23,040 ----a-w C:\WINDOWS\system32\ndnth.exe + 2008-05-19 02:37:20 23,040 ----a-w C:\WINDOWS\system32\ndnth.exe - 2001-08-28 12:00:00 49,152 ----a-w C:\WINDOWS\system32\net.exe + 2008-05-19 02:37:20 39,424 ----a-w C:\WINDOWS\system32\net.exe - 2001-08-28 12:00:00 124,928 ----a-w C:\WINDOWS\system32\net1.exe + 2008-05-19 02:37:20 115,200 ----a-w C:\WINDOWS\system32\net1.exe - 2001-08-28 12:00:00 109,056 ----a-w C:\WINDOWS\system32\netdde.exe + 2008-05-19 02:35:20 109,056 ----a-w C:\WINDOWS\system32\netdde.exe - 2001-08-28 12:00:00 326,144 ----a-w C:\WINDOWS\system32\netsetup.exe + 2008-05-19 02:37:21 326,144 ----a-w C:\WINDOWS\system32\netsetup.exe - 2001-08-28 12:00:00 85,504 ----a-w C:\WINDOWS\system32\netsh.exe + 2008-05-19 02:37:21 85,504 ----a-w C:\WINDOWS\system32\netsh.exe - 2001-08-28 12:00:00 31,744 ----a-w C:\WINDOWS\system32\netstat.exe + 2008-05-19 02:37:21 31,744 ----a-w C:\WINDOWS\system32\netstat.exe - 2001-08-28 12:00:00 13,824 ----a-w C:\WINDOWS\system32\npp\nppagent.exe + 2008-05-19 02:38:58 13,824 ----a-w C:\WINDOWS\system32\npp\nppagent.exe - 2001-08-28 12:00:00 74,240 ----a-w C:\WINDOWS\system32\nslookup.exe + 2008-05-19 02:37:21 74,240 ----a-w C:\WINDOWS\system32\nslookup.exe - 2001-08-28 12:00:00 31,744 ----a-w C:\WINDOWS\system32\ntsd.exe + 2008-05-19 02:35:34 31,744 ----a-w C:\WINDOWS\system32\ntsd.exe - 2001-08-28 12:00:00 406,528 ----a-w C:\WINDOWS\system32\ntvdm.exe + 2008-05-19 02:37:21 396,800 ----a-w C:\WINDOWS\system32\ntvdm.exe - 2001-08-28 12:00:00 129,024 ----a-w C:\WINDOWS\system32\nwscript.exe + 2008-05-19 02:37:22 129,024 ----a-w C:\WINDOWS\system32\nwscript.exe - 2001-08-28 12:00:00 32,768 ----a-w C:\WINDOWS\system32\odbcad32.exe + 2008-05-19 02:37:22 32,768 ----a-w C:\WINDOWS\system32\odbcad32.exe - 2001-08-28 12:00:00 53,248 ----a-w C:\WINDOWS\system32\odbcconf.exe + 2008-05-19 02:37:22 53,248 ----a-w C:\WINDOWS\system32\odbcconf.exe - 2001-08-28 12:00:00 28,160 ----a-w C:\WINDOWS\system32\oobe\msoobe.exe + 2008-05-19 02:38:58 28,160 ----a-w C:\WINDOWS\system32\oobe\msoobe.exe - 2001-08-28 12:00:00 50,176 ----a-w C:\WINDOWS\system32\oobe\oobebaln.exe + 2008-05-19 02:38:58 50,176 ----a-w C:\WINDOWS\system32\oobe\oobebaln.exe - 2001-08-28 12:00:00 65,536 ----a-w C:\WINDOWS\system32\openfiles.exe + 2008-05-19 02:37:22 65,536 ----a-w C:\WINDOWS\system32\openfiles.exe - 2001-08-28 12:00:00 213,504 ----a-w C:\WINDOWS\system32\osk.exe + 2008-05-19 02:37:23 213,504 ----a-w C:\WINDOWS\system32\osk.exe - 2001-08-28 12:00:00 41,984 ----a-w C:\WINDOWS\system32\osuninst.exe + 2008-05-19 02:37:23 41,984 ----a-w C:\WINDOWS\system32\osuninst.exe - 2008-05-13 13:40:14 23,040 ----a-w C:\WINDOWS\system32\otku.exe + 2008-05-19 02:37:23 23,040 ----a-w C:\WINDOWS\system32\otku.exe - 2001-08-28 12:00:00 53,760 ----a-w C:\WINDOWS\system32\packager.exe + 2008-05-19 02:37:23 53,760 ----a-w C:\WINDOWS\system32\packager.exe - 2001-08-28 12:00:00 22,528 ----a-w C:\WINDOWS\system32\pathping.exe + 2008-05-19 02:37:23 22,528 ----a-w C:\WINDOWS\system32\pathping.exe - 2001-08-28 12:00:00 15,360 ----a-w C:\WINDOWS\system32\pentnt.exe + 2008-05-19 02:37:23 15,360 ----a-w C:\WINDOWS\system32\pentnt.exe - 2008-05-16 02:09:17 39,992 ----a-w C:\WINDOWS\system32\perfc009.dat + 2008-05-19 02:55:00 39,992 ----a-w C:\WINDOWS\system32\perfc009.dat - 2008-05-16 02:09:17 48,616 ----a-w C:\WINDOWS\system32\perfc00C.dat + 2008-05-19 02:55:00 48,616 ----a-w C:\WINDOWS\system32\perfc00C.dat - 2008-05-16 02:09:17 311,604 ----a-w C:\WINDOWS\system32\perfh009.dat + 2008-05-19 02:55:00 311,604 ----a-w C:\WINDOWS\system32\perfh009.dat - 2008-05-16 02:09:17 367,658 ----a-w C:\WINDOWS\system32\perfh00C.dat + 2008-05-19 02:55:00 367,658 ----a-w C:\WINDOWS\system32\perfh00C.dat - 2001-08-28 12:00:00 16,384 ----a-w C:\WINDOWS\system32\ping.exe + 2008-05-19 02:37:23 16,384 ----a-w C:\WINDOWS\system32\ping.exe - 2001-08-28 12:00:00 34,304 ----a-w C:\WINDOWS\system32\ping6.exe + 2008-05-19 02:37:23 34,304 ----a-w C:\WINDOWS\system32\ping6.exe - 2001-08-28 12:00:00 9,216 ----a-w C:\WINDOWS\system32\print.exe + 2008-05-19 02:37:24 9,216 ----a-w C:\WINDOWS\system32\print.exe - 2001-08-28 12:00:00 208,896 ----a-w C:\WINDOWS\system32\progman.exe + 2008-05-19 02:35:21 208,896 ----a-w C:\WINDOWS\system32\progman.exe - 2001-08-28 12:00:00 45,568 ----a-w C:\WINDOWS\system32\proquota.exe + 2008-05-19 02:37:24 45,568 ----a-w C:\WINDOWS\system32\proquota.exe - 2001-08-28 12:00:00 32,768 ----a-w C:\WINDOWS\system32\proxycfg.exe + 2008-05-19 02:37:24 23,040 ----a-w C:\WINDOWS\system32\proxycfg.exe - 2008-05-13 12:24:52 76,800 ----a-w C:\WINDOWS\system32\pvcjxv.exe + 2008-05-19 02:37:24 76,800 ----a-w C:\WINDOWS\system32\pvcjxv.exe - 2001-08-28 12:00:00 17,408 ----a-w C:\WINDOWS\system32\qappsrv.exe + 2008-05-19 02:37:25 17,408 ----a-w C:\WINDOWS\system32\qappsrv.exe - 2008-04-29 17:10:34 32,768 ----a-w C:\WINDOWS\system32\qppwvlts.exe + 2008-05-19 02:37:25 23,040 ----a-w C:\WINDOWS\system32\qppwvlts.exe - 2001-08-28 12:00:00 19,456 ----a-w C:\WINDOWS\system32\qprocess.exe + 2008-05-19 02:37:25 19,456 ----a-w C:\WINDOWS\system32\qprocess.exe - 2008-05-13 12:09:00 76,800 ----a-w C:\WINDOWS\system32\qwhfi.exe + 2008-05-19 02:37:25 76,800 ----a-w C:\WINDOWS\system32\qwhfi.exe - 2001-08-28 12:00:00 22,528 ----a-w C:\WINDOWS\system32\qwinsta.exe + 2008-05-19 02:37:25 22,528 ----a-w C:\WINDOWS\system32\qwinsta.exe - 2001-08-28 12:00:00 11,776 ----a-w C:\WINDOWS\system32\rasautou.exe + 2008-05-19 02:37:26 11,776 ----a-w C:\WINDOWS\system32\rasautou.exe - 2001-08-28 12:00:00 11,776 ----a-w C:\WINDOWS\system32\rasdial.exe + 2008-05-19 02:37:26 11,776 ----a-w C:\WINDOWS\system32\rasdial.exe - 2001-08-28 12:00:00 34,304 ----a-w C:\WINDOWS\system32\rcimlby.exe + 2008-05-19 02:37:26 34,304 ----a-w C:\WINDOWS\system32\rcimlby.exe - 2001-08-28 12:00:00 21,504 ----a-w C:\WINDOWS\system32\rcp.exe + 2008-05-19 02:37:26 21,504 ----a-w C:\WINDOWS\system32\rcp.exe - 2001-08-28 12:00:00 41,984 ----a-w C:\WINDOWS\system32\rdpclip.exe + 2008-05-19 02:37:26 41,984 ----a-w C:\WINDOWS\system32\rdpclip.exe - 2001-08-28 12:00:00 12,288 ----a-w C:\WINDOWS\system32\rdsaddin.exe + 2008-05-19 02:37:26 12,288 ----a-w C:\WINDOWS\system32\rdsaddin.exe - 2001-08-28 12:00:00 61,952 ----a-w C:\WINDOWS\system32\rdshost.exe + 2008-05-19 02:37:26 61,952 ----a-w C:\WINDOWS\system32\rdshost.exe - 2001-08-28 12:00:00 7,168 ----a-w C:\WINDOWS\system32\recover.exe + 2008-05-19 02:37:27 7,168 ----a-w C:\WINDOWS\system32\recover.exe - 2001-08-28 12:00:00 51,200 ----a-w C:\WINDOWS\system32\reg.exe + 2008-05-19 02:37:27 51,200 ----a-w C:\WINDOWS\system32\reg.exe - 2001-08-28 12:00:00 3,584 ----a-w C:\WINDOWS\system32\regedt32.exe + 2008-05-19 02:37:27 3,584 ----a-w C:\WINDOWS\system32\regedt32.exe - 2001-08-28 12:00:00 33,792 ----a-w C:\WINDOWS\system32\regini.exe + 2008-05-19 02:37:27 33,792 ----a-w C:\WINDOWS\system32\regini.exe - 2001-08-28 12:00:00 10,240 ----a-w C:\WINDOWS\system32\regsvr32.exe + 2008-05-19 02:35:21 10,240 ----a-w C:\WINDOWS\system32\regsvr32.exe - 2001-08-28 12:00:00 4,608 ----a-w C:\WINDOWS\system32\regwiz.exe + 2008-05-19 02:37:27 4,608 ----a-w C:\WINDOWS\system32\regwiz.exe - 2001-08-28 12:00:00 33,792 ----a-w C:\WINDOWS\system32\relog.exe + 2008-05-19 02:37:27 33,792 ----a-w C:\WINDOWS\system32\relog.exe - 2001-08-28 12:00:00 12,800 ----a-w C:\WINDOWS\system32\replace.exe + 2008-05-19 02:37:27 12,800 ----a-w C:\WINDOWS\system32\replace.exe - 2001-08-28 12:00:00 10,240 ----a-w C:\WINDOWS\system32\reset.exe + 2008-05-19 02:37:27 10,240 ----a-w C:\WINDOWS\system32\reset.exe - 2001-08-28 12:00:00 379,904 ----a-w C:\WINDOWS\system32\Restore\rstrui.exe + 2008-05-19 02:38:59 370,176 ----a-w C:\WINDOWS\system32\Restore\rstrui.exe - 2001-08-28 12:00:00 47,104 ----a-w C:\WINDOWS\system32\Restore\srdiag.exe + 2008-05-19 02:38:59 47,104 ----a-w C:\WINDOWS\system32\Restore\srdiag.exe - 2001-08-28 12:00:00 12,800 ----a-w C:\WINDOWS\system32\rexec.exe + 2008-05-19 02:37:27 12,800 ----a-w C:\WINDOWS\system32\rexec.exe - 2001-08-28 12:00:00 31,232 ----a-w C:\WINDOWS\system32\route.exe + 2008-05-19 02:37:28 21,504 ----a-w C:\WINDOWS\system32\route.exe - 2001-08-28 12:00:00 25,600 ----a-w C:\WINDOWS\system32\routemon.exe + 2008-05-19 02:37:28 25,600 ----a-w C:\WINDOWS\system32\routemon.exe - 2001-08-28 12:00:00 14,336 ----a-w C:\WINDOWS\system32\rsh.exe + 2008-05-19 02:37:28 14,336 ----a-w C:\WINDOWS\system32\rsh.exe - 2001-08-28 12:00:00 53,248 ----a-w C:\WINDOWS\system32\rsm.exe + 2008-05-19 02:37:28 53,248 ----a-w C:\WINDOWS\system32\rsm.exe - 2001-08-28 12:00:00 24,576 ----a-w C:\WINDOWS\system32\rsmsink.exe + 2008-05-19 02:37:28 24,576 ----a-w C:\WINDOWS\system32\rsmsink.exe - 2001-08-28 12:00:00 49,664 ----a-w C:\WINDOWS\system32\rsmui.exe + 2008-05-19 02:37:29 49,664 ----a-w C:\WINDOWS\system32\rsmui.exe - 2001-08-28 12:00:00 103,424 ----a-w C:\WINDOWS\system32\rsnotify.exe + 2008-05-19 02:37:29 103,424 ----a-w C:\WINDOWS\system32\rsnotify.exe - 2001-08-28 12:00:00 62,976 ----a-w C:\WINDOWS\system32\rsopprov.exe + 2008-05-19 02:37:29 62,976 ----a-w C:\WINDOWS\system32\rsopprov.exe - 2001-08-28 12:00:00 132,608 ----a-w C:\WINDOWS\system32\rsvp.exe + 2008-05-19 02:35:20 132,608 ----a-w C:\WINDOWS\system32\rsvp.exe - 2001-08-28 12:00:00 75,264 ----a-w C:\WINDOWS\system32\rtcshare.exe + 2008-05-19 02:37:29 75,264 ----a-w C:\WINDOWS\system32\rtcshare.exe - 2001-08-28 12:00:00 17,408 ----a-w C:\WINDOWS\system32\runas.exe + 2008-05-19 02:37:29 17,408 ----a-w C:\WINDOWS\system32\runas.exe - 2001-08-28 12:00:00 22,016 ----a-w C:\WINDOWS\system32\runonce.exe + 2008-05-19 02:37:29 12,288 ----a-w C:\WINDOWS\system32\runonce.exe - 2001-08-28 12:00:00 16,384 ----a-w C:\WINDOWS\system32\rwinsta.exe + 2008-05-19 02:37:30 16,384 ----a-w C:\WINDOWS\system32\rwinsta.exe - 2001-08-28 12:00:00 19,968 ----a-w C:\WINDOWS\system32\savedump.exe + 2008-05-19 02:37:30 19,968 ----a-w C:\WINDOWS\system32\savedump.exe - 2001-08-28 12:00:00 31,232 ----a-w C:\WINDOWS\system32\sc.exe + 2008-05-19 02:37:30 31,232 ----a-w C:\WINDOWS\system32\sc.exe - 2001-08-28 12:00:00 97,792 ----a-w C:\WINDOWS\system32\scardsvr.exe + 2008-05-19 02:35:20 97,792 ----a-w C:\WINDOWS\system32\scardsvr.exe - 2001-08-28 12:00:00 122,368 ----a-w C:\WINDOWS\system32\schtasks.exe + 2008-05-19 02:37:30 122,368 ----a-w C:\WINDOWS\system32\schtasks.exe - 2001-08-28 12:00:00 8,192 ----a-w C:\WINDOWS\system32\scrnsave.scr + 2008-05-19 02:37:30 8,192 ----a-w C:\WINDOWS\system32\scrnsave.scr - 2001-08-28 12:00:00 17,920 ----a-w C:\WINDOWS\system32\secedit.exe + 2008-05-19 02:37:30 17,920 ----a-w C:\WINDOWS\system32\secedit.exe - 2001-08-28 12:00:00 131,584 ----a-w C:\WINDOWS\system32\sessmgr.exe + 2008-05-19 02:35:20 131,584 ----a-w C:\WINDOWS\system32\sessmgr.exe - 2001-08-28 12:00:00 30,208 ----a-w C:\WINDOWS\system32\sethc.exe + 2008-05-19 02:37:31 30,208 ----a-w C:\WINDOWS\system32\sethc.exe - 2001-08-28 12:00:00 20,992 ----a-w C:\WINDOWS\system32\setup.exe + 2008-05-19 02:37:31 20,992 ----a-w C:\WINDOWS\system32\setup.exe - 2001-08-28 12:00:00 10,240 ----a-w C:\WINDOWS\system32\sfc.exe + 2008-05-19 02:37:31 10,240 ----a-w C:\WINDOWS\system32\sfc.exe - 2001-08-28 12:00:00 15,360 ----a-w C:\WINDOWS\system32\shadow.exe + 2008-05-19 02:37:31 15,360 ----a-w C:\WINDOWS\system32\shadow.exe - 2001-08-28 12:00:00 127,488 ----a-w C:\WINDOWS\system32\shmedia.dll + 2002-09-19 09:28:54 127,488 ----a-w C:\WINDOWS\system32\shmedia.dll - 2001-08-28 12:00:00 21,504 ----a-w C:\WINDOWS\system32\shmgrate.exe + 2008-05-19 02:37:31 21,504 ----a-w C:\WINDOWS\system32\shmgrate.exe - 2001-08-28 12:00:00 70,656 ----a-w C:\WINDOWS\system32\shrpubw.exe + 2008-05-19 02:37:32 70,656 ----a-w C:\WINDOWS\system32\shrpubw.exe - 2001-08-28 12:00:00 18,944 ----a-w C:\WINDOWS\system32\shutdown.exe + 2008-05-19 02:37:32 18,944 ----a-w C:\WINDOWS\system32\shutdown.exe - 2001-08-28 12:00:00 67,072 ----a-w C:\WINDOWS\system32\sigverif.exe + 2008-05-19 02:37:32 67,072 ----a-w C:\WINDOWS\system32\sigverif.exe - 2001-08-28 12:00:00 24,064 ----a-w C:\WINDOWS\system32\skeys.exe + 2008-05-19 02:37:32 24,064 ----a-w C:\WINDOWS\system32\skeys.exe - 2001-08-28 12:00:00 89,600 ----a-w C:\WINDOWS\system32\smlogsvc.exe + 2008-05-19 02:35:20 89,600 ----a-w C:\WINDOWS\system32\smlogsvc.exe - 2001-08-28 12:00:00 125,952 ----a-w C:\WINDOWS\system32\sndrec32.exe + 2008-05-19 02:37:32 125,952 ----a-w C:\WINDOWS\system32\sndrec32.exe - 2001-08-28 12:00:00 139,264 ----a-w C:\WINDOWS\system32\sndvol32.exe + 2008-05-19 02:37:33 139,264 ----a-w C:\WINDOWS\system32\sndvol32.exe - 2001-08-28 12:00:00 57,344 ----a-w C:\WINDOWS\system32\sol.exe + 2008-05-19 02:37:33 57,344 ----a-w C:\WINDOWS\system32\sol.exe - 2001-08-28 12:00:00 34,816 ----a-w C:\WINDOWS\system32\sort.exe + 2008-05-19 02:37:33 25,088 ----a-w C:\WINDOWS\system32\sort.exe - 2001-08-28 12:00:00 544,256 ----a-w C:\WINDOWS\system32\spider.exe + 2008-05-19 02:37:35 534,528 ----a-w C:\WINDOWS\system32\spider.exe - 2008-03-20 12:41:20 14,640 ------w C:\WINDOWS\system32\spmsg.dll + 2006-12-10 12:10:04 15,664 ------w C:\WINDOWS\system32\spmsg.dll - 2005-06-16 03:03:00 101,888 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\brqikmon.exe + 2008-05-19 02:38:59 101,888 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\brqikmon.exe - 2005-06-16 03:03:00 101,888 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\brotherdcp_750cwc92d\brqikmon.exe + 2008-05-19 02:39:00 101,888 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\brotherdcp_750cwc92d\brqikmon.exe - 2001-08-28 12:00:00 60,928 ----a-w C:\WINDOWS\system32\spoolsv.exe + 2008-05-19 02:35:20 51,200 ----a-w C:\WINDOWS\system32\spoolsv.exe - 2001-08-28 12:00:00 671,744 ----a-w C:\WINDOWS\system32\ss3dfo.scr + 2008-05-19 02:37:35 671,744 ----a-w C:\WINDOWS\system32\ss3dfo.scr - 2001-08-28 12:00:00 18,944 ----a-w C:\WINDOWS\system32\ssbezier.scr + 2008-05-19 02:37:35 18,944 ----a-w C:\WINDOWS\system32\ssbezier.scr - 2001-08-28 12:00:00 364,544 ----a-w C:\WINDOWS\system32\ssflwbox.scr + 2008-05-19 02:37:35 364,544 ----a-w C:\WINDOWS\system32\ssflwbox.scr - 2001-08-28 12:00:00 19,456 ----a-w C:\WINDOWS\system32\ssmarque.scr + 2008-05-19 02:37:35 19,456 ----a-w C:\WINDOWS\system32\ssmarque.scr - 2001-08-28 12:00:00 43,008 ----a-w C:\WINDOWS\system32\ssmypics.scr + 2008-05-19 02:37:35 43,008 ----a-w C:\WINDOWS\system32\ssmypics.scr - 2001-08-28 12:00:00 17,408 ----a-w C:\WINDOWS\system32\ssmyst.scr + 2008-05-19 02:37:36 17,408 ----a-w C:\WINDOWS\system32\ssmyst.scr - 2001-08-28 12:00:00 569,344 ----a-w C:\WINDOWS\system32\sspipes.scr + 2008-05-19 02:37:36 569,344 ----a-w C:\WINDOWS\system32\sspipes.scr - 2001-08-28 12:00:00 13,312 ----a-w C:\WINDOWS\system32\ssstars.scr + 2008-05-19 02:37:36 13,312 ----a-w C:\WINDOWS\system32\ssstars.scr - 2001-08-28 12:00:00 643,072 ----a-w C:\WINDOWS\system32\sstext3d.scr + 2008-05-19 02:37:36 643,072 ----a-w C:\WINDOWS\system32\sstext3d.scr - 2001-08-28 12:00:00 20,992 ----a-w C:\WINDOWS\system32\stimon.exe + 2008-05-19 02:37:36 20,992 ----a-w C:\WINDOWS\system32\stimon.exe - 2001-08-28 12:00:00 9,216 ----a-w C:\WINDOWS\system32\subst.exe + 2008-05-19 02:37:36 9,216 ----a-w C:\WINDOWS\system32\subst.exe - 2008-04-27 13:59:21 23,040 ----a-w C:\WINDOWS\system32\sxtd.exe + 2008-05-19 02:37:37 23,040 ----a-w C:\WINDOWS\system32\sxtd.exe - 2001-08-28 12:00:00 51,200 ----a-w C:\WINDOWS\system32\syncapp.exe + 2008-05-19 02:37:37 51,200 ----a-w C:\WINDOWS\system32\syncapp.exe - 2001-08-28 12:00:00 37,888 ----a-w C:\WINDOWS\system32\syskey.exe + 2008-05-19 02:37:37 37,888 ----a-w C:\WINDOWS\system32\syskey.exe - 2001-08-28 12:00:00 104,960 ----a-w C:\WINDOWS\system32\sysocmgr.exe + 2008-05-19 02:37:37 104,960 ----a-w C:\WINDOWS\system32\sysocmgr.exe - 2001-08-28 12:00:00 70,656 ----a-w C:\WINDOWS\system32\systeminfo.exe + 2008-05-19 02:37:37 70,656 ----a-w C:\WINDOWS\system32\systeminfo.exe - 2001-08-28 12:00:00 3,072 ----a-w C:\WINDOWS\system32\systray.exe + 2008-05-19 02:37:37 3,072 ----a-w C:\WINDOWS\system32\systray.exe - 2001-08-28 12:00:00 74,240 ----a-w C:\WINDOWS\system32\taskkill.exe + 2008-05-19 02:37:37 74,240 ----a-w C:\WINDOWS\system32\taskkill.exe - 2001-08-28 12:00:00 74,240 ----a-w C:\WINDOWS\system32\tasklist.exe + 2008-05-19 02:37:37 74,240 ----a-w C:\WINDOWS\system32\tasklist.exe - 2001-08-28 12:00:00 15,872 ----a-w C:\WINDOWS\system32\taskman.exe + 2008-05-19 02:37:38 15,872 ----a-w C:\WINDOWS\system32\taskman.exe - 2001-08-28 12:00:00 145,920 ----a-w C:\WINDOWS\system32\taskmgr.exe + 2008-05-19 02:37:38 136,192 ----a-w C:\WINDOWS\system32\taskmgr.exe - 2001-08-28 12:00:00 23,040 ----a-w C:\WINDOWS\system32\tcmsetup.exe + 2008-05-19 02:37:38 13,312 ----a-w C:\WINDOWS\system32\tcmsetup.exe - 2001-08-28 12:00:00 19,456 ----a-w C:\WINDOWS\system32\tcpsvcs.exe + 2008-05-19 02:37:38 19,456 ----a-w C:\WINDOWS\system32\tcpsvcs.exe - 2001-08-28 12:00:00 72,704 ----a-w C:\WINDOWS\system32\telnet.exe + 2008-05-19 02:37:38 72,704 ----a-w C:\WINDOWS\system32\telnet.exe - 2001-08-28 12:00:00 27,648 ----a-w C:\WINDOWS\system32\tftp.exe + 2008-05-19 02:37:38 17,920 ----a-w C:\WINDOWS\system32\tftp.exe - 2001-08-28 12:00:00 54,272 ----a-w C:\WINDOWS\system32\tlntadmn.exe + 2008-05-19 02:37:38 54,272 ----a-w C:\WINDOWS\system32\tlntadmn.exe - 2001-08-28 12:00:00 72,704 ----a-w C:\WINDOWS\system32\tlntsess.exe + 2008-05-19 02:37:39 72,704 ----a-w C:\WINDOWS\system32\tlntsess.exe - 2001-08-28 12:00:00 62,976 ----a-w C:\WINDOWS\system32\tlntsvr.exe + 2008-05-19 02:35:20 62,976 ----a-w C:\WINDOWS\system32\tlntsvr.exe - 2001-08-28 12:00:00 356,352 ----a-w C:\WINDOWS\system32\tourstart.exe + 2008-05-19 02:37:40 346,624 ----a-w C:\WINDOWS\system32\tourstart.exe - 2001-08-28 12:00:00 232,448 ----a-w C:\WINDOWS\system32\tracerpt.exe + 2008-05-19 02:37:40 232,448 ----a-w C:\WINDOWS\system32\tracerpt.exe - 2001-08-28 12:00:00 10,752 ----a-w C:\WINDOWS\system32\tracert.exe + 2008-05-19 02:37:40 10,752 ----a-w C:\WINDOWS\system32\tracert.exe - 2001-08-28 12:00:00 32,256 ----a-w C:\WINDOWS\system32\tracert6.exe + 2008-05-19 02:37:41 32,256 ----a-w C:\WINDOWS\system32\tracert6.exe - 2001-08-28 12:00:00 15,360 ----a-w C:\WINDOWS\system32\tscon.exe + 2008-05-19 02:37:41 15,360 ----a-w C:\WINDOWS\system32\tscon.exe - 2001-08-28 12:00:00 40,448 ----a-w C:\WINDOWS\system32\tscupgrd.exe + 2008-05-19 02:37:41 40,448 ----a-w C:\WINDOWS\system32\tscupgrd.exe - 2001-08-28 12:00:00 14,848 ----a-w C:\WINDOWS\system32\tsdiscon.exe + 2008-05-19 02:37:41 14,848 ----a-w C:\WINDOWS\system32\tsdiscon.exe - 2001-08-28 12:00:00 16,896 ----a-w C:\WINDOWS\system32\tskill.exe + 2008-05-19 02:37:41 16,896 ----a-w C:\WINDOWS\system32\tskill.exe - 2001-08-28 12:00:00 17,408 ----a-w C:\WINDOWS\system32\tsshutdn.exe + 2008-05-19 02:37:41 17,408 ----a-w C:\WINDOWS\system32\tsshutdn.exe - 2001-08-28 12:00:00 47,104 ----a-w C:\WINDOWS\system32\typeperf.exe + 2008-05-19 02:37:41 37,376 ----a-w C:\WINDOWS\system32\typeperf.exe - 2008-04-29 16:53:00 23,040 ----a-w C:\WINDOWS\system32\ufgvi.exe + 2008-05-19 02:37:41 23,040 ----a-w C:\WINDOWS\system32\ufgvi.exe - 2001-08-28 12:00:00 4,096 ----a-w C:\WINDOWS\system32\unlodctr.exe + 2008-05-19 02:37:42 4,096 ----a-w C:\WINDOWS\system32\unlodctr.exe - 2001-08-28 12:00:00 14,848 ----a-w C:\WINDOWS\system32\upnpcont.exe + 2008-05-19 02:37:42 14,848 ----a-w C:\WINDOWS\system32\upnpcont.exe - 2001-08-28 12:00:00 16,384 ----a-w C:\WINDOWS\system32\ups.exe + 2008-05-19 02:35:20 16,384 ----a-w C:\WINDOWS\system32\ups.exe - 2001-08-28 12:00:00 31,744 ----a-w C:\WINDOWS\system32\userinit.exe + 2008-05-19 02:35:00 22,016 ----a-w C:\WINDOWS\system32\userinit.exe - 2001-08-28 12:00:00 99,328 ----a-w C:\WINDOWS\system32\usmt\migload.exe + 2008-05-19 02:39:00 99,328 ----a-w C:\WINDOWS\system32\usmt\migload.exe - 2001-08-28 12:00:00 246,784 ----a-w C:\WINDOWS\system32\usmt\migwiz.exe + 2008-05-19 02:35:29 237,056 ----a-w C:\WINDOWS\system32\usmt\migwiz.exe - 2001-08-28 12:00:00 233,472 ----a-w C:\WINDOWS\system32\usmt\migwiz_a.exe + 2008-05-19 02:39:01 233,472 ----a-w C:\WINDOWS\system32\usmt\migwiz_a.exe - 2001-08-28 12:00:00 77,891 ----a-w C:\WINDOWS\system32\usrmlnka.exe + 2008-05-19 02:37:42 77,824 ----a-w C:\WINDOWS\system32\usrmlnka.exe - 2001-08-28 12:00:00 61,508 ----a-w C:\WINDOWS\system32\usrprbda.exe + 2008-05-19 02:37:42 61,440 ----a-w C:\WINDOWS\system32\usrprbda.exe - 2001-08-28 12:00:00 69,700 ----a-w C:\WINDOWS\system32\usrshuta.exe + 2008-05-19 02:37:42 69,632 ----a-w C:\WINDOWS\system32\usrshuta.exe - 2001-08-28 12:00:00 46,592 ----a-w C:\WINDOWS\system32\utilman.exe + 2008-05-19 02:37:42 46,592 ----a-w C:\WINDOWS\system32\utilman.exe - 2008-05-13 13:40:15 76,800 ----a-w C:\WINDOWS\system32\uzozs.exe + 2008-05-19 02:37:43 76,800 ----a-w C:\WINDOWS\system32\uzozs.exe - 2001-08-28 12:00:00 102,912 ----a-w C:\WINDOWS\system32\verifier.exe + 2008-05-19 02:37:43 102,912 ----a-w C:\WINDOWS\system32\verifier.exe - 2008-04-29 16:40:52 32,768 ----a-w C:\WINDOWS\system32\vixwjfqs.exe + 2008-05-19 02:37:43 23,040 ----a-w C:\WINDOWS\system32\vixwjfqs.exe - 2008-05-16 12:32:47 26,112 ----a-w C:\WINDOWS\system32\vqnonjy.exe + 2008-05-19 02:37:44 26,112 ----a-w C:\WINDOWS\system32\vqnonjy.exe - 2001-08-28 12:00:00 34,304 ----a-w C:\WINDOWS\system32\vssadmin.exe + 2008-05-19 02:37:44 34,304 ----a-w C:\WINDOWS\system32\vssadmin.exe - 2001-08-28 12:00:00 281,088 ----a-w C:\WINDOWS\system32\vssvc.exe + 2008-05-19 02:35:21 281,088 ----a-w C:\WINDOWS\system32\vssvc.exe - 2001-08-28 12:00:00 51,712 ----a-w C:\WINDOWS\system32\w32tm.exe + 2008-05-19 02:37:45 51,712 ----a-w C:\WINDOWS\system32\w32tm.exe - 2001-08-28 12:00:00 14,848 ----a-w C:\WINDOWS\system32\wbem\mofcomp.exe + 2008-05-19 02:39:01 14,848 ----a-w C:\WINDOWS\system32\wbem\mofcomp.exe - 2001-08-28 12:00:00 33,792 ----a-w C:\WINDOWS\system32\wbem\scrcons.exe + 2008-05-19 02:39:01 33,792 ----a-w C:\WINDOWS\system32\wbem\scrcons.exe - 2001-08-28 12:00:00 16,896 ----a-w C:\WINDOWS\system32\wbem\unsecapp.exe + 2008-05-19 02:39:01 16,896 ----a-w C:\WINDOWS\system32\wbem\unsecapp.exe - 2001-08-28 12:00:00 161,280 ----a-w C:\WINDOWS\system32\wbem\wbemtest.exe + 2008-05-19 02:39:01 161,280 ----a-w C:\WINDOWS\system32\wbem\wbemtest.exe - 2001-08-28 12:00:00 14,336 ----a-w C:\WINDOWS\system32\wbem\winmgmt.exe + 2008-05-19 02:39:01 14,336 ----a-w C:\WINDOWS\system32\wbem\winmgmt.exe - 2001-08-28 12:00:00 183,808 ----a-w C:\WINDOWS\system32\wbem\wmiadap.exe + 2001-08-28 12:00:00 193,536 ----a-w C:\WINDOWS\system32\wbem\wmiadap.exe - 2001-08-28 12:00:00 117,248 ----a-w C:\WINDOWS\system32\wbem\wmiapsrv.exe + 2001-08-28 12:00:00 126,976 ----a-w C:\WINDOWS\system32\wbem\wmiapsrv.exe - 2001-08-28 12:00:00 341,504 ----a-w C:\WINDOWS\system32\wbem\wmic.exe + 2001-08-28 12:00:00 351,232 ----a-w C:\WINDOWS\system32\wbem\wmic.exe - 2001-08-28 12:00:00 203,264 ----a-w C:\WINDOWS\system32\wbem\wmiprvse.exe + 2001-08-28 12:00:00 212,992 ----a-w C:\WINDOWS\system32\wbem\wmiprvse.exe - 2001-08-28 12:00:00 61,952 ----a-w C:\WINDOWS\system32\wextract.exe + 2001-08-28 12:00:00 71,680 ----a-w C:\WINDOWS\system32\wextract.exe + 2007-04-10 12:00:52 236,928 ------w C:\WINDOWS\system32\WgaLogon.dll + 2007-04-10 12:01:40 337,280 ------w C:\WINDOWS\system32\WgaTray.exe - 2001-08-28 12:00:00 419,840 ----a-w C:\WINDOWS\system32\wiaacmgr.exe + 2001-08-28 12:00:00 429,568 ----a-w C:\WINDOWS\system32\wiaacmgr.exe - 2001-08-28 12:00:00 8,192 ----a-w C:\WINDOWS\system32\winhlp32.exe + 2001-08-28 12:00:00 17,920 ----a-w C:\WINDOWS\system32\winhlp32.exe - 2001-08-28 12:00:00 119,808 ----a-w C:\WINDOWS\system32\winmine.exe + 2001-08-28 12:00:00 129,536 ----a-w C:\WINDOWS\system32\winmine.exe - 2001-08-28 12:00:00 11,776 ----a-w C:\WINDOWS\system32\winmsd.exe + 2001-08-28 12:00:00 21,504 ----a-w C:\WINDOWS\system32\winmsd.exe - 2001-08-28 12:00:00 4,096 ----a-w C:\WINDOWS\system32\winver.exe + 2001-08-28 12:00:00 13,824 ----a-w C:\WINDOWS\system32\winver.exe - 2001-08-28 12:00:00 77,824 ----a-w C:\WINDOWS\system32\wmpstub.exe + 2001-08-28 12:00:00 90,112 ----a-w C:\WINDOWS\system32\wmpstub.exe - 2001-08-28 12:00:00 31,232 ----a-w C:\WINDOWS\system32\wpabaln.exe + 2001-08-28 12:00:00 40,960 ----a-w C:\WINDOWS\system32\wpabaln.exe - 2001-08-28 12:00:00 29,696 ----a-w C:\WINDOWS\system32\wpnpinst.exe + 2001-08-28 12:00:00 39,424 ----a-w C:\WINDOWS\system32\wpnpinst.exe - 2001-08-28 12:00:00 5,632 ----a-w C:\WINDOWS\system32\write.exe + 2001-08-28 12:00:00 15,360 ----a-w C:\WINDOWS\system32\write.exe - 2001-08-28 12:00:00 32,256 ----a-w C:\WINDOWS\system32\wupdmgr.exe + 2001-08-28 12:00:00 41,984 ----a-w C:\WINDOWS\system32\wupdmgr.exe - 2008-04-29 13:00:15 23,040 ----a-w C:\WINDOWS\system32\wwenim.exe + 2008-04-29 13:00:15 32,768 ----a-w C:\WINDOWS\system32\wwenim.exe - 2001-08-28 12:00:00 28,160 ----a-w C:\WINDOWS\system32\xcopy.exe + 2001-08-28 12:00:00 37,888 ----a-w C:\WINDOWS\system32\xcopy.exe - 2008-05-02 14:03:43 23,040 ----a-w C:\WINDOWS\system32\xwsb.exe + 2008-05-02 14:03:43 32,768 ----a-w C:\WINDOWS\system32\xwsb.exe - 2008-05-03 13:34:02 32,768 ----a-w C:\WINDOWS\system32\yvynzexd.exe + 2008-05-19 02:37:48 23,040 ----a-w C:\WINDOWS\system32\yvynzexd.exe - 2001-08-28 12:00:00 15,872 ----a-w C:\WINDOWS\TASKMAN.EXE + 2001-08-28 12:00:00 25,600 ----a-w C:\WINDOWS\TASKMAN.EXE - 2001-08-28 12:00:00 25,600 ----a-w C:\WINDOWS\twunk_32.exe + 2001-08-28 12:00:00 35,328 ----a-w C:\WINDOWS\twunk_32.exe - 2008-04-22 10:27:20 36,864 ----a-w C:\WINDOWS\uinst001.exe + 2008-04-22 10:27:20 49,152 ----a-w C:\WINDOWS\uinst001.exe - 2002-11-21 09:55:22 1,069,056 ------w C:\WINDOWS\UNMRW.exe + 2002-11-21 09:55:22 1,081,344 ------w C:\WINDOWS\UNMRW.exe - 2003-01-16 14:24:50 1,130,496 ------w C:\WINDOWS\UNNMP.exe + 2003-01-16 14:24:50 1,142,784 ------w C:\WINDOWS\UNNMP.exe - 2000-08-31 06:00:00 61,440 ----a-w C:\WINDOWS\VFind.exe + 2008-05-19 02:35:51 49,152 ----a-w C:\WINDOWS\VFind.exe - 2001-08-28 12:00:00 271,360 ----a-w C:\WINDOWS\winhlp32.exe + 2001-08-28 12:00:00 281,088 ----a-w C:\WINDOWS\winhlp32.exe - 2000-08-31 06:00:00 68,096 ----a-w C:\WINDOWS\zip.exe + 2000-08-31 06:00:00 77,824 ----a-w C:\WINDOWS\zip.exe . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F3AE67E7-AC8F-4A58-819E-194EA11FEBC5}] C:\WINDOWS\System32\vtsqqomm.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2008-05-19 04:35 13312] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-05-19 04:35 1077248] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2008-05-19 04:35 1220608] "AVP"="C:\Documents and Settings\All Users\Bureau\Kaspersky Lab Tool\setup_7.0.0.180_18.05.2008_22-36.exe" [2008-05-19 04:35 212992] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-05-19 04:35 13312] R0 avgntmgr;avgntmgr;C:\WINDOWS\System32\DRIVERS\avgntmgr.sys [2008-01-21 18:11] R0 BsStor;InCD Storage Helper Driver;C:\WINDOWS\System32\DRIVERS\bsstor.sys [2002-06-06 01:07] R1 avgntdd;avgntdd;C:\WINDOWS\System32\DRIVERS\avgntdd.sys [2008-01-21 18:12] R1 oreans32;oreans32;C:\WINDOWS\system32\drivers\oreans32.sys [2008-04-21 22:57] R2 Asus Protocol Driver Control;Asus Protocol Driver Control;"C:\WINDOWS\System32\dllcache\wingptd.exe" [2008-05-19 04:35] R2 BsUDF;InCD UDF Driver;C:\WINDOWS\System32\drivers\BsUDF.sys [2003-01-15 20:02] R2 setup_7.0.0.180_18.05.2008_22-36;setup_7.0.0.180_18.05.2008_22-36;"C:\Documents and Settings\All Users\Bureau\Kaspersky Lab Tool\setup_7.0.0.180_18.05.2008_22-36.exe" -r [] R3 Cap7134;MEDION (7134) WDM Video Capture;C:\WINDOWS\System32\DRIVERS\Cap7134.sys [2002-07-29 15:14] R3 PhTVTune;Philips WDM TVTuner;C:\WINDOWS\System32\DRIVERS\PhTVTune.sys [2002-10-23 14:48] S2 Microsoft Windows TCP Protocol;Microsoft Windows TCP Protocol;"C:\WINDOWS\System32\dllcache\wintcps.exe" [] S3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\System32\DRIVERS\BrScnUsb.sys [2004-10-15 05:50] . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-19 19:50:01 Windows 5.1.2600 NTFS detected NTDLL code modification: ZwOpenFile Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\system32\WgaTray.exe . ************************************************************************** . Temps d'accomplissement: 2008-05-19 19:51:51 - machine was rebooted ComboFix-quarantined-files.txt 2008-05-19 17:51:45 ComboFix2.txt 2008-05-17 13:46:33 ComboFix3.txt 2008-05-16 03:25:50 Pre-Run: 24,784,805,888 octets libres Post-Run: 24,850,984,960 octets libres 2052 --- E O F --- 2008-05-19 01:18:35
- le 20 mai 2008
- 51 réponses
grosse infection[résolu]

loukass a répondu à un(e) sujet de loukass dans Analyses et éradication malwares

Hello Bruce lee. Impossible d'accéder ou de trouver:c:\Windows\ServicePackFiles\i386 malgré plusieurs tentatives. Après avoir baladé sur ce site 2 nvx raccourci sont apparus sur le bureau (des nvx copains à la bestiole?!?) j'ai fait un nv rapport Kav mais par 2 fois je n'ai pas pu te le joindre. à plus tard Mister Lee.
- le 19 mai 2008
- 51 réponses
grosse infection[résolu]

loukass a répondu à un(e) sujet de loukass dans Analyses et éradication malwares

Je ne peus malheuresement pas te joindre un rapport Combofix: "Windows ne trouve pas"'C:\WINDOWS\regedit.exe'. ......" puis: Erreur fatale-Fichier manquant "'C:\WINDOWS\regedit.exe manquant. Copiez le à partir d'une autre machine" Avant le scan Kapersky et "Microsoft victime piratage" Combo fonctionné à vite !!!
- le 19 mai 2008
- 51 réponses
grosse infection[résolu]

loukass a répondu à un(e) sujet de loukass dans Analyses et éradication malwares

Kaspersky: à 99% du scan j'ai du choisir "desinfect" pour 3 fichiers et pour les autres proposés je n'avais le choix qu'entre "delete" ou "skip",j'ai choisi "delete" pour tous. A l'étape "neutralize all" j'ai choisi "desinfect". J'espères ne pas avoir fait d'erreur (ce n'etait pas dans la procédure). voici le rapport: Scan ---- Scanned: 93601 Detected: 1302 Untreated: 0 Start time: 19/05/2008 03:58:04 Duration: 00:40:57 Finish time: 19/05/2008 04:39:01 Detected -------- Status Object ------ ------ will be disinfected when the computer is restarted: virus Virus.Win32.Virut.n File: C:\WINDOWS\Explorer.EXE will be disinfected when the computer is restarted: virus Virus.Win32.Virut.n File: C:\Program Files\Internet Explorer\IEXPLORE.EXE disinfected: virus Virus.Win32.Virut.n File: c:\windows\system32\mshta.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\notepad.exe deleted: virus Virus.Win32.Virut.n File: c:\windows\regedit.exe deleted: virus Virus.Win32.Virut.n File: c:\program files\windows media player\wmplayer.exe deleted: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\sdbinst.exe deleted: virus Virus.Win32.Virut.n File: c:\windows\system32\rundll32.exe deleted: virus Virus.Win32.Virut.n File: c:\program files\outlook express\wab.exe deleted: virus Virus.Win32.Virut.n File: c:\windows\hh.exe disinfected: virus Virus.Win32.Virut.n File: c:\windows\system32\clipbrd.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\fontview.exe disinfected: virus Virus.Win32.Sality.l File: c:\program files\windows nt\hypertrm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\mmc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\rasphone.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\perfmon.exe disinfected: virus Virus.Win32.Virut.n File: c:\program files\windows nt\accessoires\wordpad.exe disinfected: virus Virus.Win32.Virut.n File: c:\windows\notepad.exe disinfected: virus Virus.Win32.Virut.n File: c:\program files\ahead\neromediaplayer\neromediaplayer.exe disinfected: virus Virus.Win32.Virut.n File: c:\windows\system32\drwtsn32.exe disinfected: virus Virus.Win32.Virut.n File: c:\windows\system32\userinit.exe disinfected: virus Virus.Win32.Sality.l File: c:\windows\system32\nerocheck.exe disinfected: virus Virus.Win32.Virut.n File: c:\program files\ahead\incd\incd.exe disinfected: virus Virus.Win32.Sality.l File: c:\program files\avira\antivir personaledition classic\avgnt.exe deleted: Trojan program Backdoor.Win32.Rbot.bqj File: c:\windows\system32\host.exe//PolyCrypt will be disinfected when the computer is restarted: virus Virus.Win32.Virut.n File: c:\documents and settings\all users\bureau\kaspersky lab tool\setup_7.0.0.180_18.05.2008_22-36.exe disinfected: virus Virus.Win32.Virut.n File: c:\windows\system32\ctfmon.exe disinfected: virus Virus.Win32.Virut.n File: c:\program files\messenger\msmsgs.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\alg.exe disinfected: virus Virus.Win32.Virut.n File: c:\program files\avira\antivir personaledition classic\sched.exe disinfected: virus Virus.Win32.Virut.n File: c:\program files\avira\antivir personaledition classic\avguard.exe disinfected: virus Virus.Win32.Virut.n File: c:\windows\system32\dllcache\wingptd.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\cisvc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\clipsrv.exe disinfected: virus Virus.Win32.Virut.n File: c:\windows\system32\dllhost.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dmadmin.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\imapi.exe disinfected: virus Virus.Win32.Virut.n File: c:\windows\system32\mnmsrvc.exe disinfected: virus Virus.Win32.Virut.n File: c:\windows\system32\msdtc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\msiexec.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\netdde.exe disinfected: virus Virus.Win32.Virut.n File: c:\windows\system32\sessmgr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\locator.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\rsvp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\scardsvr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\spoolsv.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\smlogsvc.exe disinfected: virus Virus.Win32.Virut.n File: c:\windows\system32\tlntsvr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\ups.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\vssvc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\regsvr32.exe disinfected: virus Virus.Win32.Virut.n File: C:\Program Files\outlook express\setup50.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\ie4uinit.exe disinfected: virus Virus.Win32.Virut.n File: c:\windows\system32\progman.exe disinfected: virus Virus.Win32.Virut.n File: c:\windows\system32\logon.scr deleted: Trojan program Trojan.Win32.Monder.gen File: c:\windows\system32\kfylmnii.dll disinfected: virus Virus.Win32.Virut.n File: c:\program files\msn gaming zone\windows\bckgzm.exe disinfected: virus Virus.Win32.Virut.n File: c:\program files\msn gaming zone\windows\chkrzm.exe disinfected: virus Virus.Win32.Virut.n File: c:\program files\windows nt\dialer.exe disinfected: virus Virus.Win32.Virut.n File: c:\windows\pchealth\helpctr\binaries\helpctr.exe disinfected: virus Virus.Win32.Virut.n File: c:\program files\trend micro\hijackthis\hijackthis.exe disinfected: virus Virus.Win32.Virut.n File: c:\program files\msn gaming zone\windows\hrtzzm.exe disinfected: virus Virus.Win32.Virut.n File: c:\program files\internet explorer\connection wizard\icwconn1.exe disinfected: virus Virus.Win32.Virut.n File: c:\program files\internet explorer\connection wizard\icwconn2.exe disinfected: virus Virus.Win32.Virut.n File: c:\program files\internet explorer\connection wizard\inetwiz.exe disinfected: virus Virus.Win32.Virut.n File: c:\program files\internet explorer\connection wizard\isignup.exe disinfected: virus Virus.Win32.Virut.n File: c:\program files\malwarebytes' anti-malware\mbam.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\usmt\migwiz.exe disinfected: virus Virus.Win32.Virut.n File: c:\program files\movie maker\moviemk.exe disinfected: virus Virus.Win32.Virut.n File: c:\program files\windows media player\mplayer2.exe disinfected: virus Virus.Win32.Virut.n File: c:\windows\pchealth\helpctr\binaries\msconfig.exe disinfected: virus Virus.Win32.Virut.n File: C:\Program Files\outlook express\msimn.exe disinfected: virus Virus.Win32.Virut.n File: c:\program files\fichiers communs\microsoft shared\msinfo\msinfo32.exe disinfected: virus Virus.Win32.Sality.l File: c:\program files\msn\msncorefiles\msn6.exe disinfected: virus Virus.Win32.Virut.n File: c:\program files\ahead\coverdesigner\coverdes.exe disinfected: virus Virus.Win32.Virut.n File: c:\program files\ahead\nero\nero.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\mspaint.exe disinfected: virus Virus.Win32.Virut.n File: c:\program files\windows nt\pinball\pinball.exe disinfected: virus Virus.Win32.Virut.n File: c:\program files\msn gaming zone\windows\rvsezm.exe disinfected: virus Virus.Win32.Virut.n File: c:\program files\msn gaming zone\windows\shvlzm.exe disinfected: virus Virus.Win32.Virut.n File: c:\windows\soundman.exe disinfected: virus Virus.Win32.Virut.n File: C:\Program Files\outlook express\wabmig.exe disinfected: virus Virus.Win32.Virut.n File: c:\windows\system32\ntsd.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\bdoscandel.exe disinfected: virus Virus.Win32.Virut.n File: C:\Adabas\adabas\setup.exe disinfected: virus Virus.Win32.Virut.n File: C:\Adabas\bin\xtcpupd.exe disinfected: virus Virus.Win32.Sality.l File: C:\cmdcons\autochk.exe disinfected: virus Virus.Win32.Sality.l File: C:\cmdcons\autofmt.exe disinfected: virus Virus.Win32.Virut.n File: C:\Documents and Settings\All Users\Bureau\Kaspersky Lab Tool\minst.exe disinfected: virus Virus.Win32.Virut.n File: C:\Documents and Settings\All Users\Bureau\Kaspersky Lab Tool\drivers\drvins32.exe deleted: Trojan program Backdoor.Win32.IRCBot.bwr File: C:\Documents and Settings\lucas\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine\QUAR1.31882 disinfected: virus Virus.Win32.Virut.n File: C:\Documents and Settings\lucas\Bureau\SDFix\catchme.exe disinfected: virus Virus.Win32.Virut.n File: C:\Documents and Settings\lucas\Bureau\SDFix\apps\cliptext.exe disinfected: virus Virus.Win32.Virut.n File: C:\Documents and Settings\lucas\Bureau\SDFix\apps\download.exe disinfected: virus Virus.Win32.Virut.n File: C:\Documents and Settings\lucas\Bureau\SDFix\apps\ERUNT.EXE disinfected: virus Virus.Win32.Virut.n File: C:\Documents and Settings\lucas\Bureau\SDFix\apps\FixPath.exe disinfected: virus Virus.Win32.Virut.n File: C:\Documents and Settings\lucas\Bureau\SDFix\apps\grep.exe disinfected: virus Virus.Win32.Virut.n File: C:\Documents and Settings\lucas\Bureau\SDFix\apps\isadmin.exe disinfected: virus Virus.Win32.Virut.n File: C:\Documents and Settings\lucas\Bureau\SDFix\apps\LS.exe disinfected: virus Virus.Win32.Virut.n File: C:\Documents and Settings\lucas\Bureau\SDFix\apps\MD5File.exe disinfected: virus Virus.Win32.Virut.n File: C:\Documents and Settings\lucas\Bureau\SDFix\apps\Process.exe disinfected: virus Virus.Win32.Virut.n File: C:\Documents and Settings\lucas\Bureau\SDFix\apps\procs.exe disinfected: virus Virus.Win32.Virut.n File: C:\Documents and Settings\lucas\Bureau\SDFix\apps\psservice.exe disinfected: virus Virus.Win32.Virut.n File: C:\Documents and Settings\lucas\Bureau\SDFix\apps\RestartIt!.exe disinfected: virus Virus.Win32.Virut.n File: C:\Documents and Settings\lucas\Bureau\SDFix\apps\sc.exe disinfected: virus Virus.Win32.Virut.n File: C:\Documents and Settings\lucas\Bureau\SDFix\apps\sed.exe disinfected: virus Virus.Win32.Virut.n File: C:\Documents and Settings\lucas\Bureau\SDFix\apps\SF.exe disinfected: virus Virus.Win32.Virut.n File: C:\Documents and Settings\lucas\Bureau\SDFix\apps\shutdown.exe disinfected: virus Virus.Win32.Virut.n File: C:\Documents and Settings\lucas\Bureau\SDFix\apps\swreg.exe disinfected: virus Virus.Win32.Virut.n File: C:\Documents and Settings\lucas\Bureau\SDFix\apps\swsc.exe disinfected: virus Virus.Win32.Virut.n File: C:\Documents and Settings\lucas\Bureau\SDFix\apps\unzip.exe disinfected: virus Virus.Win32.Virut.n File: C:\Documents and Settings\lucas\Bureau\SDFix\apps\vfind.exe disinfected: virus Virus.Win32.Virut.n File: C:\Documents and Settings\lucas\Bureau\SDFix\apps\WINMSG.EXE disinfected: virus Virus.Win32.Virut.n File: C:\Documents and Settings\lucas\Bureau\SDFix\apps\zip.exe disinfected: virus Virus.Win32.Virut.n File: C:\Documents and Settings\lucas\Bureau\SDFix\apps\Replace\regedit.exe deleted: Trojan program Trojan.Win32.Qhost.aei File: C:\Documents and Settings\lucas\Bureau\SDFix\backups\HOSTS deleted: Trojan program Trojan-Downloader.Win32.Homles.bl File: C:\Documents and Settings\lucas\Local Settings\Temporary Internet Files\Content.IE5\S6EMS6BR\17PHolmes[1].cmt//PE_Patch.Upolyx//PE_Patch.UPX//UPX deleted: adware not-a-virus:AdWare.Win32.Virtumonde.sbz File: C:\Documents and Settings\lucas\Local Settings\Temporary Internet Files\Content.IE5\S6EMS6BR\hctp[1] deleted: Trojan program Trojan.Win32.Monder.gen File: C:\Documents and Settings\lucas\Local Settings\Temporary Internet Files\Content.IE5\TQ2NGM5B\query[1] deleted: adware not-a-virus:AdWare.Win32.Virtumonde.sce File: C:\Documents and Settings\lucas\Local Settings\Temporary Internet Files\Content.IE5\WOJEBTOS\iddqd[1] disinfected: virus Virus.Win32.Virut.n File: C:\Program Files\Ahead\Nero\NeroCmd.exe disinfected: virus Virus.Win32.Virut.n File: C:\Program Files\Ahead\Nero\WaveEditor\WaveEdit.exe disinfected: virus Virus.Win32.Virut.n File: C:\Program Files\Ahead\Nero ToolKit\CDSpeed.exe disinfected: virus Virus.Win32.Virut.n File: C:\Program Files\Ahead\Nero ToolKit\DriveSpeed.exe disinfected: virus Virus.Win32.Virut.n File: C:\Program Files\Ahead\Nero ToolKit\InfoTool.exe disinfected: virus Virus.Win32.Virut.n File: C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe disinfected: virus Virus.Win32.Virut.n File: C:\Program Files\Avira\AntiVir PersonalEdition Classic\avconfig.exe disinfected: virus Virus.Win32.Virut.n File: C:\Program Files\Avira\AntiVir PersonalEdition Classic\avnotify.exe disinfected: virus Virus.Win32.Virut.n File: C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe disinfected: virus Virus.Win32.Virut.n File: C:\Program Files\Avira\AntiVir PersonalEdition Classic\guardgui.exe disinfected: virus Virus.Win32.Sality.l File: C:\Program Files\Avira\AntiVir PersonalEdition Classic\licmgr.exe disinfected: virus Virus.Win32.Sality.l File: C:\Program Files\Avira\AntiVir PersonalEdition Classic\preupd.exe disinfected: virus Virus.Win32.Sality.l File: C:\Program Files\Avira\AntiVir PersonalEdition Classic\setup.exe disinfected: virus Virus.Win32.Sality.l File: C:\Program Files\Avira\AntiVir PersonalEdition Classic\update.exe disinfected: virus Virus.Win32.Sality.l File: C:\Program Files\AvRack\rtlrack.exe disinfected: virus Virus.Win32.Sality.l File: C:\Program Files\Fichiers communs\InstallShield\Driver\7\Intel 32\IDriver.exe disinfected: virus Virus.Win32.Sality.l File: C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe disinfected: virus Virus.Win32.Sality.l File: C:\Program Files\Fichiers communs\InstallShield\engine\6\Intel 32\IKernel.exe disinfected: virus Virus.Win32.Virut.n File: C:\Program Files\Fichiers communs\Microsoft Shared\Speech\sapisvr.exe disinfected: virus Virus.Win32.Sality.l File: C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\Setup.exe disinfected: virus Virus.Win32.Virut.n File: C:\Program Files\Internet Explorer\Connection Wizard\icwrmind.exe disinfected: virus Virus.Win32.Virut.n File: C:\Program Files\Internet Explorer\Connection Wizard\icwtutor.exe disinfected: virus Virus.Win32.Virut.n File: C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe disinfected: virus Virus.Win32.Virut.n File: C:\Program Files\Malwarebytes' Anti-Malware\mbamtrayctrl.exe disinfected: virus Virus.Win32.Sality.l File: C:\Program Files\MSN\MSNCoreFiles\copymar.exe disinfected: virus Virus.Win32.Sality.l File: C:\Program Files\MSN\MSNCoreFiles\update.exe disinfected: virus Virus.Win32.Sality.l File: C:\Program Files\MSN\MSNCoreFiles\Setup\msnunin.exe disinfected: virus Virus.Win32.Virut.n File: C:\Program Files\MSN Gaming Zone\Windows\zClientm.exe disinfected: virus Virus.Win32.Virut.n File: C:\Program Files\NetMeeting\cb32.exe disinfected: virus Virus.Win32.Virut.n File: C:\Program Files\NetMeeting\wb32.exe disinfected: virus Virus.Win32.Virut.n File: C:\Program Files\Outlook Express\oemig50.exe disinfected: virus Virus.Win32.Virut.n File: C:\Program Files\Windows Media Player\dlimport.exe disinfected: virus Virus.Win32.Virut.n File: C:\Program Files\Windows Media Player\setup_wm.exe deleted: Trojan program Trojan-Downloader.Win32.Agent.iyq File: C:\QooBox\Quarantine\C\WINDOWS\system32\35415.exe.vir deleted: adware not-a-virus:AdWare.Win32.Virtumonde.rcq File: C:\QooBox\Quarantine\C\WINDOWS\system32\cbXNGyVn.dll.vir deleted: adware not-a-virus:AdWare.Win32.Virtumonde.rcq File: C:\QooBox\Quarantine\C\WINDOWS\system32\cbXRJARh.dll.vir deleted: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\cgormew.exe.vir deleted: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\cnjia.exe.vir deleted: Trojan program Backdoor.Win32.EggDrop.au File: C:\QooBox\Quarantine\C\WINDOWS\system32\csrs.exe.vir//Execryptor deleted: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\douvli.exe.vir deleted: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\dyuh.exe.vir deleted: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\emll.exe.vir deleted: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\eqvd.exe.vir deleted: Trojan program Backdoor.Win32.IRCBot.cit File: C:\QooBox\Quarantine\C\WINDOWS\system32\firewall.exe.vir deleted: adware not-a-virus:AdWare.Win32.Virtumonde.rsp File: C:\QooBox\Quarantine\C\WINDOWS\system32\gmtvnmws.dll.vir disinfected: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\haqne.exe.vir deleted: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\jbqsstho.exe.vir deleted: adware not-a-virus:AdWare.Win32.Virtumonde.rcq File: C:\QooBox\Quarantine\C\WINDOWS\system32\jkkJdAst.dll.vir deleted: adware not-a-virus:AdWare.Win32.Virtumonde.rcq File: C:\QooBox\Quarantine\C\WINDOWS\system32\jkkJyARk.dll.vir disinfected: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\jopfoxti.exe.vir disinfected: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\jsrejeik.exe.vir deleted: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\letagyrc.exe.vir deleted: adware not-a-virus:AdWare.Win32.Virtumonde.rcq File: C:\QooBox\Quarantine\C\WINDOWS\system32\ljJCspqO.dll.vir deleted: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\lkte.exe.vir deleted: Trojan program Backdoor.Win32.Agent.apf File: C:\QooBox\Quarantine\C\WINDOWS\system32\logon.exe.vir disinfected: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\mjzayy.exe.vir disinfected: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\oalw.exe.vir deleted: adware not-a-virus:AdWare.Win32.Virtumonde.rcq File: C:\QooBox\Quarantine\C\WINDOWS\system32\opnopNfF.dll.vir deleted: adware not-a-virus:AdWare.Win32.Virtumonde.rsp File: C:\QooBox\Quarantine\C\WINDOWS\system32\pgoqkiwa.dll.vir deleted: Trojan program Trojan.Win32.Monder.do File: C:\QooBox\Quarantine\C\WINDOWS\system32\pkpwixxe.dll.vir deleted: adware not-a-virus:AdWare.Win32.Virtumonde.rcq File: C:\QooBox\Quarantine\C\WINDOWS\system32\pmnkLDts.dll.vir deleted: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\pmqvdbmm.exe.vir deleted: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\pqozit.exe.vir disinfected: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\pyhqmo.exe.vir disinfected: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\qgtsldb.exe.vir deleted: adware not-a-virus:AdWare.Win32.Virtumonde.rmi File: C:\QooBox\Quarantine\C\WINDOWS\system32\qhbmfopj.dll.vir deleted: adware not-a-virus:AdWare.Win32.Virtumonde.rcq File: C:\QooBox\Quarantine\C\WINDOWS\system32\qoMggdAp.dll.vir deleted: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\qxdrj.exe.vir deleted: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\rccsohmg.exe.vir deleted: adware not-a-virus:AdWare.Win32.Virtumonde.rcq File: C:\QooBox\Quarantine\C\WINDOWS\system32\rqRJBUlK.dll.vir disinfected: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\sdmsox.exe.vir deleted: adware not-a-virus:AdWare.Win32.Virtumonde.rcq File: C:\QooBox\Quarantine\C\WINDOWS\system32\ssqRLEWq.dll.vir deleted: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\tifchkzp.exe.vir deleted: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\tjmepnuz.exe.vir deleted: adware not-a-virus:AdWare.Win32.Virtumonde.rcq File: C:\QooBox\Quarantine\C\WINDOWS\system32\tuvTlkiH.dll.vir deleted: adware not-a-virus:AdWare.Win32.Virtumonde.rcq File: C:\QooBox\Quarantine\C\WINDOWS\system32\tuvUOIBq.dll.vir disinfected: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\tyqai.exe.vir deleted: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\ungm.exe.vir deleted: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\uqnf.exe.vir deleted: adware not-a-virus:AdWare.Win32.Virtumonde.rcq File: C:\QooBox\Quarantine\C\WINDOWS\system32\vtUkkkKa.dll.vir deleted: adware not-a-virus:AdWare.Win32.Virtumonde.rcq File: C:\QooBox\Quarantine\C\WINDOWS\system32\vtUlKEXP.dll.vir deleted: adware not-a-virus:AdWare.Win32.Virtumonde.rcq File: C:\QooBox\Quarantine\C\WINDOWS\system32\vtUnomkL.dll.vir deleted: adware not-a-virus:AdWare.Win32.Virtumonde.rcq File: C:\QooBox\Quarantine\C\WINDOWS\system32\vtUnonmj.dll.vir deleted: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\vwiheev.exe.vir disinfected: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\ws2_32.exe.vir deleted: adware not-a-virus:AdWare.Win32.Virtumonde.rcq File: C:\QooBox\Quarantine\C\WINDOWS\system32\xxyywxur.dll.vir deleted: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\zwncojn.exe.vir disinfected: virus Virus.Win32.Virut.n File: C:\QooBox\Quarantine\C\WINDOWS\system32\zxqqdw.exe.vir disinfected: virus Virus.Win32.Sality.l File: C:\WINDOWS\alcrmv.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\alcupd.exe disinfected: virus Virus.Win32.Sality.l File: C:\WINDOWS\fdsv.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\grep.exe deleted: Trojan program Trojan-Downloader.Win32.Homles.bl File: C:\WINDOWS\mrofinu1001186.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\Nircmd.exe disinfected: virus Virus.Win32.Sality.l File: C:\WINDOWS\NuNinst.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\sed.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\swreg.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\swsc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\swxcacls.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\VFind.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\$NtUninstallKB823559$\spuninst\spuninst.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\$NtUninstallKB842773$\spuninst\spuninst.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\$NtUninstallQ329115$\spuninst\spuninst.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\$NtUninstallQ329390$\spuninst\spuninst.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\$NtUninstallQ329834$\spuninst\spuninst.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\$NtUninstallQ810833$\locator.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\$NtUninstallQ810833$\locator.exe.000 disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\$NtUninstallQ810833$\spuninst\spuninst.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\$xpsp1hfm$\Q329390\spuninst.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\$xpsp1hfm$\Q329390\update\update.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\$xpsp1hfm$\Q329834\spuninst.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\$xpsp1hfm$\Q329834\update\update.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\$xpsp1hfm$\Q810833\locator.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\$xpsp1hfm$\Q810833\spuninst.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\$xpsp1hfm$\Q810833\update\update.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\erdnt\subs\ERDNT.EXE disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\inf\unregmp2.exe disinfected: virus Virus.Win32.Sality.l File: C:\WINDOWS\Installer\{350C97B8-3D7C-4EE8-BAA9-00BCB3D54227}\places.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\msagent\agentsvr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\HelpHost.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\HelpSvc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\notiflag.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\PCHEALTH\UploadLB\Binaries\UploadM.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\6f217d5e6d4044f32e9bee81e815c6ce\spuninst.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\6f217d5e6d4044f32e9bee81e815c6ce\sp1qfe\bitsinst.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\6f217d5e6d4044f32e9bee81e815c6ce\update\update.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\accwiz.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\actmovie.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\admin.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\agentsvr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ahui.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\alg.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\aspnet_regiis.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\aspnet_wp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\asr_fmt.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\at.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\atmadm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\auditusr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\author.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\blastcln.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\caspol.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\cfgwiz.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\cipher.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\cisvc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\cleanmgr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\cliconfg.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\clipbrd.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\clipsrv.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\cmd.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\cmdl32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\cmmon32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\cmstp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\comrepl.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\conf.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\conime.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\csc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\cscript.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ctfmon.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\davcdata.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ddeshare.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\defrag.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\dfrgfat.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\dfrgntfs.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\dialer.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\diantz.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\diskpart.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\dlimport.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\dllhost.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\dmadmin.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\dmremote.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\dplaysvr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\dpnsvr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\dpvsetup.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\dumprep.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\dvdupgrd.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\dwwin.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\dxdiag.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\eudcedit.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\evcreate.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\evntcmd.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\evntwin.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\explorer.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\extrac32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\faxpatch.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\findstr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\fltmc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\fontview.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\fp98sadm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\fp98swin.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\fpadmcgi.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\fpcount.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\fpremadm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\fpsrvadm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\fsquirt.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ftp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\fxsclnt.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\fxscover.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\fxssvc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\gprslt.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\grpconv.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\helpctr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\helpsvc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\hh.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\hscupd.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\icwconn1.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\icwconn2.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\icwrmind.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ie4uinit.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\iedw.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ieexec.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\iexplore.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\iexpress.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\iisrstas.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ilasm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\imapi.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\inetin51.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\inetwiz.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\installutil.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ipconfig.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ipv6.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ipxroute.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\irftp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\jsc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\locator.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\logagent.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\logman.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\logon.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\logonui.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\lsass.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\magnify.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\makecab.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\migload.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\migrate.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\migregdb.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\migwiz.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\migwiz_a.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\mmc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\mnmsrvc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\mobsync.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\mofcomp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\moviemk.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\mplay32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\mplayer2.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\mqbkup.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\mqsvc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\mqtgsvc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\msconfig.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\msdtc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\mshta.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\msiexec.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\msimn.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\msiregmv.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\msmsgs.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\mspaint.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\mstinit.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\mstsc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\narrator.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\nddeapir.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\net.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\net1.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\netdde.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\netfxupdate.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\netsetup.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\netsh.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\netstat.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ngen.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\notepad.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\nppagent.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\nslookup.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ntbackup.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ntvdm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\odbcad32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\odbcconf.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\oemig50.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\oobebaln.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\opnfiles.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\osk.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\packager.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\perfmon.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\pinball.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ping.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\powercfg.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\progman.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\proquota.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\proxycfg.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\qprocess.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\rasphone.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\rcimlby.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\rcp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\rdpclip.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\rdsaddin.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\rdshost.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\reg.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\regasm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\regedit.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\regsvcs.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\regsvr32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\rexec.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\rsh.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\rsnotify.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\rstrui.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\rtcshare.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\rundll32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\runonce.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\savedump.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\scardsvr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\scrcons.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\scrnsave.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\sctasks.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\sdbinst.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\services.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\sessmgr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\sethc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\setregni.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\setup.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\setup50.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\setup_wm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\shmgrate.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\shrpubw.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\shtml.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\shutdown.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\sigverif.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\skeys.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\slrundll.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\slserv.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\smbinst.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\smi2smir.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\smlogsvc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\sndrec32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\snmp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\snmptrap.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\spdwnwxp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\spider.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\spnpinst.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\spoolsv.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\spuninst.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\spupdsvc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\spupdwxp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ss3dfo.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ssbezier.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ssflwbox.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ssmarque.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ssmypics.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ssmyst.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\sspipes.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ssstars.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\sstext3d.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\stimon.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\stub_fpsrvadm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\stub_fpsrvwin.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\svchost.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\sysocmgr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\taskmgr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\tcptest.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\telnet.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\tlntadmn.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\tlntsess.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\tlntsvr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\togac.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\tourstrt.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\tp4mon.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\tracerpt.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\tracert.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\tscupgrd.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\unregmp2.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\uploadm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\upnpcont.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ups.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\userinit.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\utilman.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\vbc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\vssvc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wab.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wabmig.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wbemtest.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wextract.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wiaacmgr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\winhlp32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\winlogon.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\winver.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wmiadap.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wmiapsrv.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wmic.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wmiprvse.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wmplayer.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wordpad.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wpabaln.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wpnpinst.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wscntfy.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wscript.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wuauclt.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\wuauclt1.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\xcopy.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ip\asr_pfu.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ip\comsdupd.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ip\secedit.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ip\spiisupd.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\lang\cintsetp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\lang\cplexe.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\lang\imjpdct.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\lang\imjpdsvr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\lang\imjpinst.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\lang\imjpmig.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\lang\imjprw.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\lang\imjputy.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\lang\imscinst.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\lang\pintlphr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\lang\tintlphr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\lang\tintsetp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\root\cmpnents\mediactr\i386\medctrro.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\update\fixccs.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\update\nv4prep.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\update\spnpinst.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\update\update.exe deleted: Trojan program Trojan-Downloader.BAT.Ftp.z File: C:\WINDOWS\system32\.pif deleted: Trojan program Trojan-Downloader.Win32.Agent.iyq File: C:\WINDOWS\system32\16cf91.exe deleted: Trojan program Trojan-Downloader.Win32.Agent.iyq File: C:\WINDOWS\system32\ac6f.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\actmovie.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\afbsahfp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\ahui.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\aof.exe deleted: Trojan program Backdoor.Win32.VanBot.ax File: C:\WINDOWS\system32\ardnvoi.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\arp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\arpxbf.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\asr_fmt.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\asr_ldm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\at.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\atmadm.exe deleted: Trojan program Backdoor.Win32.VanBot.ax File: C:\WINDOWS\system32\atpn.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\attrib.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\bknq.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\bofyws.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\bootcfg.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\bootok.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\bootvrfy.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\bpdatkcv.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\brrqss.exe deleted: Trojan program Backdoor.Win32.VanBot.ax File: C:\WINDOWS\system32\bvggyddh.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\bwwflwtt.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\cacls.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\calc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\charmap.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\chkdsk.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\chkntfs.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\cidaemon.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\cipher.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\ckcnv.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\cleanmgr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\cliconfg.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\cmd.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\cmdl32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\cmmon32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\cmstp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\comp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\compact.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\conime.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\control.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\convert.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\cscript.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dcomcnfg.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\ddeshare.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\defrag.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dfrgfat.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dfrgntfs.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\diantz.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\diskpart.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\diskperf.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllhst3g.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dmremote.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\doskey.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dplaysvr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dpnsvr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dpvsetup.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\driverquery.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dske.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dumprep.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dvdplay.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dvdupgrd.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dxdiag.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\epmfnbfe.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\erlxsw.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\esentutl.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\eudcedit.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\eventcreate.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\eventtriggers.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\eventvwr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\expand.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\extrac32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\fc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\fgif.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\find.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\findstr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\finger.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\fiwcr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\fixmapi.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\forcedos.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\freecell.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\fsciefz.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\fsutil.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\ftp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\gcypfpbs.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\getmac.exe deleted: Trojan program Backdoor.Win32.VanBot.ax File: C:\WINDOWS\system32\ggkfco.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\gjmcozr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\gpresult.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\gpupdate.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\grpconv.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\help.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\hggq.exe deleted: Trojan program Backdoor.Win32.VanBot.ax File: C:\WINDOWS\system32\hgmrfisf.exe deleted: adware not-a-virus:AdWare.Win32.Virtumonde.rsp File: C:\WINDOWS\system32\hincooob.dll disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\hmihy.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\hostname.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\hpqagbu.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\htlu.exe deleted: Trojan program Trojan.Win32.Monder.gen File: C:\WINDOWS\system32\ibcvjbtf.dll disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\idtubyyh.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\iexpress.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\ifny.exe deleted: Trojan program Backdoor.Win32.IRCBot.cit File: C:\WINDOWS\system32\ihaasg.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\ihqh.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\ipconfig.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\ipsec6.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\ipv6.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\ipxroute.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\iwfdhxar.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\jgfb.exe deleted: Trojan program Backdoor.Win32.VanBot.ax File: C:\WINDOWS\system32\jlcicn.exe deleted: virus Net-Worm.Win32.Kolabc.ajx File: C:\WINDOWS\system32\jquvbqnw.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\jrpjb.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\jstmc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\kscf.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\label.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\labqbxe.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\lbxux.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\lights.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\lkqvoli.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\llidsxkn.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\lmvbolsz.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\lnkstub.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\lodctr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\logagent.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\logman.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\logoff.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\logonui.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\lpq.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\lpr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\lqrodsww.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\lxorkyau.exe deleted: Trojan program Backdoor.Win32.IRCBot.cit File: C:\WINDOWS\system32\lzlf.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\magnify.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\makecab.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\matgtu.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\migpwd.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\mobsync.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\mountvol.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\mplay32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\mpnotify.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\mqbkup.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\mqsvc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\mqtgsvc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\mrinfo.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\msg.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\mshearts.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\msmsnger.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\msswchx.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\mstinit.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\mstsc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\muoa.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\mxfohaga.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\mxoae.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\mzadj.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\narrator.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\nbtstat.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\nddeapir.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\ndnth.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\net.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\net1.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\netsetup.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\netsh.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\netstat.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\nmqucv.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\nslookup.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\ntvdm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\nwscript.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\odbcad32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\odbcconf.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\oekcd.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\ohskkd.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\olykuq.exe deleted: Trojan program Backdoor.Win32.IRCBot.cit File: C:\WINDOWS\system32\omdzw.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\oolw.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\openfiles.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\opluoht.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\osk.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\osuninst.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\otku.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\packager.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\pathping.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\pentnt.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\ping.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\ping6.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\pjsgnyfz.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\pnmfp.exe deleted: Trojan program Backdoor.Win32.Small.pk File: C:\WINDOWS\system32\po.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\pqbht.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\print.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\proquota.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\proxycfg.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\pvcjxv.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\pygc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\qappsrv.exe deleted: Trojan program Trojan-Downloader.Win32.Zlob.mtu File: C:\WINDOWS\system32\qpcdyol.exe//PE_Patch//UPack disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\qpow.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\qppwvlts.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\qprocess.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\qwhfi.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\qwinsta.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\rasautou.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\rasdial.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\rcimlby.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\rcp.exe deleted: Trojan program Backdoor.Win32.VanBot.ax File: C:\WINDOWS\system32\rcrewhrw.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\rdpclip.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\rdsaddin.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\rdshost.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\recover.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\reg.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\regedt32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\regini.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\regwiz.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\relog.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\replace.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\reset.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\rexec.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\route.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\routemon.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\rsh.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\rsm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\rsmsink.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\rsmui.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\rsnotify.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\rsopprov.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\rtcshare.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\runas.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\runonce.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\rwinsta.exe deleted: Trojan program Trojan.Win32.Monder.gen File: C:\WINDOWS\system32\saeryqfu.dll disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\savedump.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\sc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\schtasks.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\scrnsave.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\secedit.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\sethc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\setup.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\sfc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\shadow.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\shmgrate.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\shrpubw.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\shutdown.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\sigverif.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\skeys.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\sndrec32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\sndvol32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\snou.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\sol.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\sort.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\spider.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\ss3dfo.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\ssbezier.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\ssflwbox.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\ssmarque.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\ssmypics.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\ssmyst.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\sspipes.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\ssstars.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\sstext3d.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\stimon.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\subst.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\supxnqbj.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\swgxue.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\sxtd.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\syncapp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\syskey.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\sysocmgr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\systeminfo.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\systray.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\taskkill.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\tasklist.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\taskman.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\taskmgr.exe deleted: adware not-a-virus:AdWare.Win32.Virtumonde.sbz File: C:\WINDOWS\system32\tbyjblps.dll disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\tcmsetup.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\tcpsvcs.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\tefwyfks.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\telnet.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\tftp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\tlntadmn.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\tlntsess.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\tourstart.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\tracerpt.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\tracert.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\tracert6.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\tscon.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\tscupgrd.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\tsdiscon.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\tskill.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\tsshutdn.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\typeperf.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\ufgvi.exe deleted: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\ugmmzxbz.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\ukfeuwfy.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\unlodctr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\upnpcont.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\usggnf.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\usrmlnka.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\usrprbda.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\usrshuta.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\utilman.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\uzozs.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\verifier.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\vixwjfqs.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\vjboq.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\vjltud.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\vlssmsop.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\vqnonjy.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\vssadmin.exe deleted: adware not-a-virus:AdWare.Win32.Virtumonde.rcq File: C:\WINDOWS\system32\vtUopMGw.dll disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\vunfm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\vvurq.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\vxdyocf.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\vxxzts.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\w32tm.exe deleted: Trojan program Trojan.Win32.Pakes.cvf File: C:\WINDOWS\system32\wbhq.exe deleted: Trojan program Backdoor.Win32.Rbot.hof File: C:\WINDOWS\system32\WinTcpips.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\xcmhlvh.exe deleted: Trojan program Backdoor.Win32.VanBot.ax File: C:\WINDOWS\system32\xnegah.exe//Execryptor//RLPack//PE-Crypt.Scrypt disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\xomnd.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\xpsp1hfm.exe deleted: virus Heur.Backdoor.Generic File: C:\WINDOWS\system32\xsli.exe deleted: Trojan program Trojan.Win32.Pakes.cvf File: C:\WINDOWS\system32\xyso.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\yhpahsk.exe deleted: Trojan program Trojan.Win32.Pakes.cvf File: C:\WINDOWS\system32\yoineyf.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\yvynzexd.exe deleted: adware not-a-virus:AdWare.Win32.Virtumonde.sce File: C:\WINDOWS\system32\ywxkmctp.dll disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\zalm.exe deleted: Trojan program Backdoor.Win32.VanBot.ax File: C:\WINDOWS\system32\zfugm.exe//Execryptor//RLPack//PE-Crypt.Scrypt deleted: Trojan program Trojan.Win32.Pakes.cvf File: C:\WINDOWS\system32\zjjw.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\zmnh.exe deleted: Trojan program Trojan.Win32.Pakes.cvf File: C:\WINDOWS\system32\zvdexc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\Com\comrepl.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\Com\comrereg.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\IJ212PAB\84785_winsgh[1].exe deleted: Trojan program Backdoor.Win32.IRCBot.bad File: C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\O5M5GBIP\84785_redworld[1].exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\O5M5GBIP\84785_winhtb[1].exe deleted: Trojan program Trojan-Dropper.Win32.Small.bkz File: C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\Y5GZEPKF\unpr[1].exe deleted: Trojan program Trojan-Dropper.Win32.Small.bkz File: C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\Y5GZEPKF\unpr[2].exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\accwiz.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\actmovie.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\admin.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\agentsvr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\ahui.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\alg.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\arp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\asr_fmt.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\asr_ldm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\at.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\atmadm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\attrib.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\author.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\bckgzm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\bootcfg.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\bootok.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\bootvrfy.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\cacls.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\calc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\cb32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\cfgwiz.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\change.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\charmap.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\chglogon.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\chgport.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\chgusr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\chkdsk.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\chkntfs.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\chkrzm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\cidaemon.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\cintsetp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\cipher.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\cisvc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\ckcnv.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\cleanmgr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\clipbrd.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\clipsrv.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\cmd.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\cmdl32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\cmmon32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\cmstp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\comp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\compact.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\comrepl.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\comrereg.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\conf.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\conime.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\control.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\convert.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\convlog.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\cplexe.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\cprofile.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\cscript.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\ctfmon.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\davcdata.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\dcomcnfg.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\ddeshare.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\defrag.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\dfrgfat.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\dfrgntfs.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\dialer.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\diantz.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\diskpart.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\diskperf.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\dlimport.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\dllhost.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\dllhst3g.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\dmadmin.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\dmremote.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\doskey.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\dplaysvr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\dpnsvr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\dpvsetup.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\drvqry.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\drwtsn32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\dumprep.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\dvdupgrd.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\dxdiag.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\esentutl.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\eudcedit.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\evcreate.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\eventvwr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\evntcmd.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\evntwin.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\evtrig.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\EXCH_regtrace.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\expand.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\explorer.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\extrac32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\fc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\find.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\findstr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\finger.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\fixmapi.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\flattemp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\fontview.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\forcedos.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\fp98sadm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\fp98swin.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\fpadmcgi.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\fpcount.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\fpremadm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\freecell.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\fsutil.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\ftp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\fxsclnt.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\fxscover.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\fxssend.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\fxssvc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\getmac.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\gprslt.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\gpupdate.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\grpconv.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\help.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\helpctr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\helphost.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\helpsvc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\hh.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\hostname.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\hrtzzm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\icwconn1.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\icwconn2.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\icwrmind.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\icwtutor.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\ie4uinit.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\iexplore.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\iexpress.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\iisreset.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\iisrstas.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\iissync.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\imapi.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\imekrmig.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\imepadsv.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\imjpdadm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\imjpdct.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\imjpdsvr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\imjpinst.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\imjpmig.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\imjprw.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\imjpuex.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\imjputy.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\imkrinst.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\imscinst.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\inetin51.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\inetmgr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\inetwiz.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\ipconfig.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\ipsec6.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\ipv6.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\ipxroute.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\isignup.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\label.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\lights.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\lnkstub.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\locator.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\lodctr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\logagent.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\logman.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\logoff.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\logon.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\logonui.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\lpq.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\lpr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\lsass.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\magnify.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\makecab.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\migisol.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\migload.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\migregdb.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\migwiz.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\migwiz_a.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\mmc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\mnmsrvc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\mobsync.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\mofcomp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\mountvol.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\moviemk.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\mplay32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\mplayer2.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\mpnotify.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\mqbkup.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\mqsvc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\mqtgsvc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\mrinfo.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\msconfig.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\msdtc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\msg.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\mshearts.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\mshta.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\msiexec.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\msimn.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\msinfo32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\msiregmv.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\msoobe.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\mspaint.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\msswchx.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\mstinit.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\mstsc.exe deleted: Trojan program Backdoor.Win32.IRCBot.bad File: C:\WINDOWS\system32\dllcache\mswords.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\mtstocom.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\muisetup.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\narrator.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\nbtstat.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\nddeapir.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\net.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\net1.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\netdde.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\netsh.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\netstat.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\notepad.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\notiflag.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\nppagent.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\nslookup.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\ntbackup.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\ntsd.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\ntvdm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\nwscript.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\odbcad32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\odbcconf.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\oemig50.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\oobebaln.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\opnfiles.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\osk.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\osuninst.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\packager.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\pathping.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\pentnt.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\perfmon.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\pinball.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\ping.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\ping6.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\pintlphr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\print.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\progman.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\proquota.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\proxycfg.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\qappsrv.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\qprocess.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\query.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\quser.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\qwinsta.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\rasautou.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\rasdial.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\rasphone.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\rcimlby.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\rcp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\rdpclip.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\rdsaddin.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\rdshost.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\recover.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\reg.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\regedit.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\regedt32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\regini.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\register.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\regsvr32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\regwiz.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\relog.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\replace.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\reset.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\rexec.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\route.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\routemon.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\rsh.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\rsm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\rsmsink.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\rsmui.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\rsnotify.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\rsopprov.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\rstrui.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\rsvp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\rtcshare.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\runas.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\rundll32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\runonce.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\rvsezm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\rwinsta.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\sapisvr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\savedump.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\sc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\scardsvr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\scrcons.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\scrnsave.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\sctasks.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\sdbinst.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\secedit.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\services.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\sessmgr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\sethc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\setup.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\setup50.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\setup_wm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\sfc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\shadow.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\shmgrate.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\shrpubw.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\shtml.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\shutdown.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\shvlzm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\sigverif.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\skeys.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\smi2smir.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\smlogsvc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\sndrec32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\sndvol32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\snmp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\snmptrap.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\sol.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\sort.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\spider.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\spoolsv.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\srdiag.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\ss3dfo.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\ssbezier.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\ssflwbox.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\ssmarque.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\ssmypics.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\ssmyst.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\sspipes.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\ssstars.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\sstext3d.scr disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\stimon.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\subst.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\svchost.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\syncapp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\sysinfo.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\syskey.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\sysocmgr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\systray.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\taskkill.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\tasklist.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\taskman.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\taskmgr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\tcmsetup.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\tcpsvcs.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\tcptest.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\telnet.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\tftp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\tintlphr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\tintsetp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\tlntadmn.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\tlntsess.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\tlntsvr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\tourstrt.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\tracerpt.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\tracert.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\tracert6.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\tscon.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\tscupgrd.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\tsdiscon.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\tskill.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\tsprof.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\tsshutdn.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\twunk_32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\typeperf.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\unlodctr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\unregmp2.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\unsecapp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\uploadm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\upnpcont.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\ups.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\userinit.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\utilman.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\verifier.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\vssadmin.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\vssvc.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\w32tm.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\wab.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\wabmig.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\wb32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\wbemtest.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\wextract.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\wiaacmgr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\winhlp32.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\winhstb.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\winlogon.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\winmgmt.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\winmine.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\winmsd.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\winver.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\wmiadap.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\wmiapsrv.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\wmic.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\wmiprvse.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\wmplayer.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\wmpstub.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\wordpad.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\wpabaln.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\wpnpinst.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\write.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\wscript.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\wupdmgr.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\xcopy.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\dllcache\zclientm.exe disinfected: Trojan program Trojan.Win32.Qhost.akg File: C:\WINDOWS\system32\drivers\etc\HOSTS disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\npp\nppagent.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\oobe\msoobe.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\oobe\oobebaln.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\Restore\rstrui.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\Restore\srdiag.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\spool\drivers\w32x86\3\brqikmon.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\spool\drivers\w32x86\brotherdcp_750cwc92d\brqikmon.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\usmt\migload.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\usmt\migwiz_a.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\wbem\mofcomp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\wbem\scrcons.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\wbem\unsecapp.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\wbem\wbemtest.exe disinfected: virus Virus.Win32.Virut.n File: C:\WINDOWS\system32\wbem\winmgmt.exe deleted: Trojan program Trojan.Win32.Iframer.e File: C:\WINDOWS\TEMP\DIL8.tmp//PE_Patch.UPX//UPX deleted: Trojan program Backdoor.Win32.IRCBot.bwr File: c:\documents and settings\lucas\application data\malwarebytes\malwarebytes' anti-malware\quarantine\quar1.31882//Execryptor deleted: Trojan program Trojan-Downloader.Win32.Agent.iyq File: c:\qoobox\quarantine\c\windows\system32\35415.exe.vir//PE_Patch.UPX//UPX deleted: Trojan program Trojan-Downloader.Win32.Homles.bl File: c:\windows\mrofinu1001186.exe//PE_Patch.Upolyx//PE_Patch.UPX//UPX deleted: Trojan program Trojan-Downloader.Win32.Agent.iyq File: c:\windows\system32\16cf91.exe//PE_Patch.UPX//UPX deleted: Trojan program Trojan-Downloader.Win32.Agent.iyq File: c:\windows\system32\ac6f.exe//PE_Patch.UPX//UPX deleted: Trojan program Backdoor.Win32.VanBot.ax File: c:\windows\system32\ardnvoi.exe//Execryptor//RLPack//PE-Crypt.Scrypt deleted: Trojan program Backdoor.Win32.VanBot.ax File: c:\windows\system32\atpn.exe//Execryptor//RLPack//PE-Crypt.Scrypt deleted: Trojan program Backdoor.Win32.VanBot.ax File: c:\windows\system32\bvggyddh.exe//Execryptor//RLPack//PE-Crypt.Scrypt deleted: Trojan program Backdoor.Win32.VanBot.ax File: c:\windows\system32\ggkfco.exe//Execryptor//RLPack//PE-Crypt.Scrypt deleted: Trojan program Backdoor.Win32.VanBot.ax File: c:\windows\system32\hgmrfisf.exe//Execryptor//RLPack//PE-Crypt.Scrypt deleted: Trojan program Backdoor.Win32.VanBot.ax File: c:\windows\system32\jlcicn.exe//Execryptor//RLPack//PE-Crypt.Scrypt deleted: Trojan program Backdoor.Win32.VanBot.ax File: c:\windows\system32\rcrewhrw.exe//Execryptor//RLPack//PE-Crypt.Scrypt Events ------ Time Name Status Reason ---- ---- ------ ------ Statistics ---------- Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted ------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ --------- Settings -------- Parameter Value --------- ----- Security Level Recommended Action Prompt for action when the scan is complete Run mode Manually File types Scan all files Scan only new and changed files No Scan archives All Scan embedded OLE objects All Skip if object is larger than No Skip if scan takes longer than No Parse email formats No Scan password-protected archives No Enable iChecker technology No Enable iSwift technology No Show detected threats on "Detected" tab Yes Quarantine ---------- Status Object Size Added ------ ------ ---- ----- Backup ------ Status Object Size ------ ------ ----
- le 19 mai 2008
- 51 réponses
grosse infection[résolu]

loukass a répondu à un(e) sujet de loukass dans Analyses et éradication malwares

Salut, je n'ai pas pu executer:http://www.microsoft.com/france/windows/xp....xml&rang=6 car:We’re sorry, but we were unable to service your request. You may wish to choose from the links below for information about Microsoft products and services. Explications: Avant de découvrir Zébulon et donc de faire appel à tes services, j'ai vraiment galéré pour essayé d'arreter cette infection.Par dépit j'ai formater et donc réinstalé XP pro avec une copie (je n'ai plus l'original). Donc je n'ai plus acces aux updates,j'ai telechargé des patch correctifs SP 1/2 mais ils ne passent pas. Pourtant avant le formatage je tourné avec la mm instal' XP pro et je n'avait pas ces problèmes. Maintenant Microsoft me reconnait comme victime d'un logiciel piraté(pas cool). De plus je ne peus toujours pas installer Avira antivir ,je tourne donc sans protectionS, et je limite au max mes connections réseau de crainte de nouveaux virus.(et registrycleaner me poursuit tt les 2mn) Si tu avait des solutions ,STP, ça m'arrangeré un rien en attendant je continue ta procédure. merci à+
- le 19 mai 2008
- 51 réponses
grosse infection[résolu]

loukass a répondu à un(e) sujet de loukass dans Analyses et éradication malwares

Ok donc pour commencer mon rapport combofix: ComboFix 08-05-12.1 - lucas 2008-05-17 15:42:46.4 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.0.1252.1.1036.18.300 [GMT 2:00] Endroit: C:\Documents and Settings\lucas\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\lucas\Bureau\CFScript.txt * Création d'un nouveau point de restauration FILE :: C:\adware.exe C:\WINDOWS\system32\atvzqodj.exe C:\WINDOWS\system32\bbat.exe C:\WINDOWS\system32\bbtpmnmt.exe C:\WINDOWS\system32\bhhyllwg.exe C:\WINDOWS\system32\brxg.exe C:\WINDOWS\system32\byod.exe C:\WINDOWS\system32\cbXNGyVn.dll C:\WINDOWS\system32\cbXRJARh.dll C:\WINDOWS\system32\cdqu.exe C:\WINDOWS\system32\cgormew.exe C:\WINDOWS\system32\cnjia.exe C:\WINDOWS\system32\djtftd.exe C:\WINDOWS\system32\douvli.exe C:\WINDOWS\system32\duqtuk.exe C:\WINDOWS\system32\dwcymwxk.exe C:\WINDOWS\system32\dwlmmub.exe C:\WINDOWS\system32\dyuh.exe C:\WINDOWS\system32\dzkvuvky.exe C:\WINDOWS\system32\eahtiab.exe C:\WINDOWS\system32\ebmdgzl.exe C:\WINDOWS\system32\ecbwillt.exe C:\WINDOWS\system32\emkujfs.exe C:\WINDOWS\system32\emll.exe C:\WINDOWS\system32\eqvd.exe C:\WINDOWS\system32\fgmrydsn.exe C:\WINDOWS\system32\fmtgd.exe C:\WINDOWS\system32\fsfbwch.exe C:\WINDOWS\system32\fsjxffi.exe C:\WINDOWS\system32\fuidocm.exe C:\WINDOWS\system32\fwcrz.exe C:\WINDOWS\system32\fzsz.exe C:\WINDOWS\system32\gfqktjz.exe C:\WINDOWS\system32\gmtvnmws.dll C:\WINDOWS\system32\gqtpb.exe C:\WINDOWS\system32\haqne.exe C:\WINDOWS\system32\hhskjhd.exe C:\WINDOWS\system32\hotjtmqg.ini C:\WINDOWS\system32\iiqqasvw.dll C:\WINDOWS\system32\jbqsstho.exe C:\WINDOWS\system32\jfewrlqs.ini C:\WINDOWS\system32\jfxpqctk.exe C:\WINDOWS\system32\jkkJdAst.dll C:\WINDOWS\system32\jkkJyARk.dll C:\WINDOWS\system32\jopfoxti.exe C:\WINDOWS\system32\jpvj.exe C:\WINDOWS\system32\jsrejeik.exe C:\WINDOWS\system32\juundt.exe C:\WINDOWS\system32\ksst.exe C:\WINDOWS\system32\kusnd.exe C:\WINDOWS\system32\letagyrc.exe C:\WINDOWS\system32\lfusufla.exe C:\WINDOWS\system32\ljJCspqO.dll C:\WINDOWS\system32\lkte.exe C:\WINDOWS\system32\lsihib.exe C:\WINDOWS\system32\lwhnw.exe C:\WINDOWS\system32\lzfmrtgf.exe C:\WINDOWS\system32\lzjmx.exe C:\WINDOWS\system32\mjzayy.exe C:\WINDOWS\system32\mmaivk.exe C:\WINDOWS\system32\mqlh.exe C:\WINDOWS\system32\msmnger.exe C:\WINDOWS\system32\nbyc.exe C:\WINDOWS\system32\nnnnOfdE.dll C:\WINDOWS\system32\nyuawsqp.exe C:\WINDOWS\system32\oalw.exe C:\WINDOWS\system32\oayhapkm.dll C:\WINDOWS\system32\opnopNfF.dll C:\WINDOWS\system32\pgoqkiwa.dll C:\WINDOWS\system32\pjqlfseh.exe C:\WINDOWS\system32\plpewra.exe C:\WINDOWS\system32\pmnkLDts.dll C:\WINDOWS\system32\pmqvdbmm.exe C:\WINDOWS\system32\pqozit.exe C:\WINDOWS\system32\pyhqmo.exe C:\WINDOWS\system32\qccnmup.exe C:\WINDOWS\system32\qgtsldb.exe C:\WINDOWS\system32\qhbmfopj.dll C:\WINDOWS\system32\qoMggdAp.dll C:\WINDOWS\system32\qxdrj.exe C:\WINDOWS\system32\rccsohmg.exe C:\WINDOWS\system32\rnarc.exe C:\WINDOWS\system32\rngli.exe C:\WINDOWS\system32\rqRJBUlK.dll C:\WINDOWS\system32\sdmsox.exe C:\WINDOWS\system32\simley.exe C:\WINDOWS\system32\sqlrwefj.dll C:\WINDOWS\system32\ssqRLEWq.dll C:\WINDOWS\system32\svoykmry.exe C:\WINDOWS\system32\tifchkzp.exe C:\WINDOWS\system32\tjmepnuz.exe C:\WINDOWS\system32\tsqhfh.exe C:\WINDOWS\system32\tuvTlkiH.dll C:\WINDOWS\system32\tuvUOIBq.dll C:\WINDOWS\system32\tyqai.exe C:\WINDOWS\system32\uaooyr.exe C:\WINDOWS\system32\ungm.exe C:\WINDOWS\system32\uqnf.exe C:\WINDOWS\system32\uvgszj.exe C:\WINDOWS\system32\vkilru.exe C:\WINDOWS\system32\vrfovxq.exe c:\WINDOWS\System32\vtsqqomm.dll C:\WINDOWS\system32\vtUkkkKa.dll C:\WINDOWS\system32\vtUlKEXP.dll C:\WINDOWS\system32\vtUnomkL.dll C:\WINDOWS\system32\vtUnonmj.dll C:\WINDOWS\system32\vwiheev.exe C:\WINDOWS\system32\wdykss.exe C:\WINDOWS\System32\ws2_32.exe C:\WINDOWS\system32\wwtamll.exe C:\WINDOWS\system32\xcckrc.exe C:\WINDOWS\system32\xlyczjo.exe C:\WINDOWS\system32\xxyywxur.dll C:\WINDOWS\system32\ydkpgf.exe C:\WINDOWS\system32\yffcuz.exe C:\WINDOWS\system32\yqbuspmp.dll C:\WINDOWS\system32\ytjon.exe C:\WINDOWS\system32\yudymt.exe C:\WINDOWS\system32\zbys.exe C:\WINDOWS\system32\zwncojn.exe C:\WINDOWS\system32\zxqqdw.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\pskt.ini C:\WINDOWS\system32\35415.exe C:\WINDOWS\system32\36018.exe C:\WINDOWS\system32\EdfOnnnn.ini C:\WINDOWS\system32\EdfOnnnn.ini2 C:\WINDOWS\system32\mnfrxxry.ini C:\WINDOWS\system32\nnnnOfdE.dll C:\WINDOWS\system32\splbjybt.ini . ---- Previous Run ------- . C:\adware.exe C:\WINDOWS\cookies.ini C:\WINDOWS\pskt.ini C:\WINDOWS\system32\atvzqodj.exe C:\WINDOWS\system32\bbtpmnmt.exe C:\WINDOWS\system32\bhhyllwg.exe C:\WINDOWS\system32\brxg.exe C:\WINDOWS\system32\byod.exe C:\WINDOWS\system32\cbXNGyVn.dll C:\WINDOWS\system32\cbXRJARh.dll C:\WINDOWS\system32\cdqu.exe C:\WINDOWS\system32\cgormew.exe C:\WINDOWS\system32\cnjia.exe C:\WINDOWS\system32\douvli.exe C:\WINDOWS\system32\dwcymwxk.exe C:\WINDOWS\system32\dwlmmub.exe C:\WINDOWS\system32\dyuh.exe C:\WINDOWS\system32\ebmdgzl.exe C:\WINDOWS\system32\emkujfs.exe C:\WINDOWS\system32\emll.exe C:\WINDOWS\system32\eqvd.exe C:\WINDOWS\system32\fgmrydsn.exe C:\WINDOWS\system32\firewall.exe C:\WINDOWS\system32\fsjxffi.exe C:\WINDOWS\system32\fuidocm.exe C:\WINDOWS\system32\fwcrz.exe C:\WINDOWS\system32\gfqktjz.exe C:\WINDOWS\system32\gmtvnmws.dll C:\WINDOWS\system32\haqne.exe C:\WINDOWS\system32\hotjtmqg.ini C:\WINDOWS\system32\iiqqasvw.dll C:\WINDOWS\system32\jbqsstho.exe C:\WINDOWS\system32\jfewrlqs.ini C:\WINDOWS\system32\jfxpqctk.exe C:\WINDOWS\system32\jkkJdAst.dll C:\WINDOWS\system32\jkkJyARk.dll C:\WINDOWS\system32\jopfoxti.exe C:\WINDOWS\system32\jsrejeik.exe C:\WINDOWS\system32\kusnd.exe C:\WINDOWS\system32\letagyrc.exe C:\WINDOWS\system32\ljJCspqO.dll C:\WINDOWS\system32\lkte.exe C:\WINDOWS\system32\logon.exe C:\WINDOWS\system32\lsihib.exe C:\WINDOWS\system32\lwhnw.exe C:\WINDOWS\system32\lzfmrtgf.exe C:\WINDOWS\system32\lzjmx.exe C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\mjzayy.exe C:\WINDOWS\system32\mmaivk.exe C:\WINDOWS\system32\mqlh.exe C:\WINDOWS\system32\msmnger.exe C:\WINDOWS\system32\nbyc.exe C:\WINDOWS\system32\nyuawsqp.exe C:\WINDOWS\system32\oalw.exe C:\WINDOWS\system32\oayhapkm.dll C:\WINDOWS\system32\opnopNfF.dll C:\WINDOWS\system32\pgoqkiwa.dll C:\WINDOWS\system32\plpewra.exe C:\WINDOWS\system32\pmnkLDts.dll C:\WINDOWS\system32\pmqvdbmm.exe C:\WINDOWS\system32\pqozit.exe C:\WINDOWS\system32\pyhqmo.exe C:\WINDOWS\system32\qccnmup.exe C:\WINDOWS\system32\qgtsldb.exe C:\WINDOWS\system32\qhbmfopj.dll C:\WINDOWS\system32\qoMggdAp.dll C:\WINDOWS\system32\qxdrj.exe C:\WINDOWS\system32\rccsohmg.exe C:\WINDOWS\system32\rnarc.exe C:\WINDOWS\system32\rngli.exe C:\WINDOWS\system32\rqRJBUlK.dll C:\WINDOWS\system32\sdmsox.exe C:\WINDOWS\system32\ssqRLEWq.dll C:\WINDOWS\system32\tifchkzp.exe C:\WINDOWS\system32\tjmepnuz.exe C:\WINDOWS\system32\tsqhfh.exe C:\WINDOWS\system32\tuvTlkiH.dll C:\WINDOWS\system32\tuvUOIBq.dll C:\WINDOWS\system32\tyqai.exe C:\WINDOWS\system32\uaooyr.exe C:\WINDOWS\system32\ungm.exe C:\WINDOWS\system32\uqnf.exe C:\WINDOWS\system32\uvgszj.exe C:\WINDOWS\system32\vkilru.exe C:\WINDOWS\system32\vtUkkkKa.dll C:\WINDOWS\system32\vtUlKEXP.dll C:\WINDOWS\system32\vtUnomkL.dll C:\WINDOWS\system32\vtUnonmj.dll C:\WINDOWS\system32\vwiheev.exe C:\WINDOWS\system32\wdykss.exe C:\WINDOWS\System32\ws2_32.exe C:\WINDOWS\system32\wwtamll.exe C:\WINDOWS\system32\xlyczjo.exe C:\WINDOWS\system32\xxyywxur.dll C:\WINDOWS\system32\ydkpgf.exe C:\WINDOWS\system32\yqbuspmp.dll C:\WINDOWS\system32\ytjon.exe C:\WINDOWS\system32\yudymt.exe C:\WINDOWS\system32\zwncojn.exe C:\WINDOWS\system32\zxqqdw.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_WS2_32 -------\Service_ws2_32 ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-17 to 2008-05-17 )))))))))))))))))))))))))))))))))))) . 2008-05-17 15:39 . 2008-05-17 15:40 149,504 -r-hs---- C:\WINDOWS\system32\ssms.exe 2008-05-17 15:32 . 2008-05-17 15:32 37,888 --a------ C:\WINDOWS\system32\ac6f.exe 2008-05-17 15:32 . 2008-05-17 15:32 0 --a------ C:\WINDOWS\system32\d654.exe 2008-05-17 15:32 . 2008-05-17 15:32 0 --a------ C:\WINDOWS\system32\cf40.exe 2008-05-17 15:32 . 2008-05-17 15:32 0 --a------ C:\WINDOWS\system32\b9a8.exe 2008-05-17 15:31 . 2008-05-17 15:31 102,400 --a------ C:\WINDOWS\system32\vjltud.exe 2008-05-17 15:31 . 2008-05-17 15:31 35,840 --a------ C:\WINDOWS\system32\vxdyocf.exe 2008-05-17 15:31 . 2008-05-17 15:31 32,768 --a------ C:\WINDOWS\system32\jstmc.exe 2008-05-17 15:31 . 2008-05-17 15:31 18,944 --a------ C:\WINDOWS\system32\xcmhlvh.exe 2008-05-17 15:31 . 2008-05-17 15:31 1,635 --a------ C:\WINDOWS\system32\hpvuyjd.exe 2008-05-17 15:31 . 2008-05-17 15:31 1,635 --a------ C:\WINDOWS\system32\fmcn.exe 2008-05-17 15:29 . 2008-05-17 15:29 37,888 --a------ C:\WINDOWS\system32\16cf91.exe 2008-05-17 15:29 . 2008-05-17 15:29 0 --a------ C:\WINDOWS\system32\16eafd.exe 2008-05-17 15:29 . 2008-05-17 15:29 0 --a------ C:\WINDOWS\system32\16e38e.exe 2008-05-17 15:29 . 2008-05-17 15:29 0 --a------ C:\WINDOWS\system32\16da49.exe 2008-05-17 15:26 . 2008-05-17 15:26 55,808 --a------ C:\WINDOWS\system32\llidsxkn.exe 2008-05-17 15:25 . 2008-05-17 15:27 4,608 --ah----- C:\WINDOWS\system32\hfzmv.exe 2008-05-17 15:20 . 2008-05-17 15:20 491,520 --a------ C:\wingptd.exe 2008-05-17 15:16 . 2008-05-17 15:16 104,960 -r-hsc--- C:\WINDOWS\system32\dllcache\mswords.exe 2008-05-17 15:15 . 2008-05-17 15:15 84 --a------ C:\WINDOWS\system32\c.bat 2008-05-17 15:15 . 2008-05-17 15:15 67 --a------ C:\WINDOWS\system32\.pif 2008-05-17 15:11 . 2008-05-17 15:11 134,208 --a------ C:\WINDOWS\system32\saeryqfu.dll 2008-05-17 15:10 . 2008-05-17 15:10 52,979 --a------ C:\WINDOWS\system32\lzlf.exe 2008-05-17 15:08 . 2008-05-17 15:08 134,208 --a------ C:\WINDOWS\system32\ibcvjbtf.dll 2008-05-17 15:08 . 2008-05-17 15:08 116,288 --a------ C:\WINDOWS\system32\tbyjblps.dll 2008-05-17 15:08 . 2008-05-17 15:08 0 --a------ C:\WINDOWS\system32\371e4.exe 2008-05-17 15:08 . 2008-05-17 15:08 0 --a------ C:\WINDOWS\system32\36a89.exe 2008-05-17 15:06 . 2008-05-17 15:06 126,016 --a------ C:\WINDOWS\system32\ywxkmctp.dll 2008-05-17 15:06 . 2008-05-17 15:06 11,584 --a------ C:\WINDOWS\system32\hdxdibvn.exe 2008-05-17 15:05 . 2008-05-17 15:05 57,344 --a------ C:\WINDOWS\system32\khfCrPiG.dll 2008-05-17 15:05 . 2008-05-17 15:05 46,080 --a------ C:\WINDOWS\system32\pjsgnyfz.exe 2008-05-17 15:05 . 2008-05-17 15:05 26,112 --a------ C:\WINDOWS\system32\dske.exe 2008-05-17 15:05 . 2008-05-17 15:05 23,040 --a------ C:\WINDOWS\system32\wbhq.exe 2008-05-17 15:05 . 2008-05-17 15:05 9,216 --a------ C:\WINDOWS\system32\brrqss.exe 2008-05-17 15:05 . 2008-05-17 15:05 1,635 --a------ C:\WINDOWS\system32\ukadogu.exe 2008-05-17 15:05 . 2008-05-17 15:05 1,635 --a------ C:\WINDOWS\system32\skemf.exe 2008-05-17 15:04 . 2008-05-17 15:04 23,552 --a------ C:\WINDOWS\system32\wmimgr32.dll 2008-05-16 17:58 . 2008-05-16 17:58 102,400 --a------ C:\WINDOWS\system32\erlxsw.exe 2008-05-16 17:58 . 2008-05-16 17:58 46,080 --a------ C:\WINDOWS\system32\zmturno.exe 2008-05-16 17:58 . 2008-05-16 17:58 32,768 --a------ C:\WINDOWS\system32\olykuq.exe 2008-05-16 17:58 . 2008-05-16 17:58 26,112 --a------ C:\WINDOWS\system32\nmqucv.exe 2008-05-16 17:58 . 2008-05-16 17:58 1,635 --a------ C:\WINDOWS\system32\sgis.exe 2008-05-16 17:58 . 2008-05-16 17:58 1,635 --a------ C:\WINDOWS\system32\dagw.exe 2008-05-16 17:55 . 2008-05-16 17:55 52,979 --a------ C:\WINDOWS\system32\omdzw.exe 2008-05-16 17:53 . 2008-05-16 17:53 57,344 --a------ C:\WINDOWS\system32\rqRJApmn.dll 2008-05-16 17:53 . 2008-05-16 17:53 46,080 --a------ C:\WINDOWS\system32\vunfm.exe 2008-05-16 17:53 . 2008-05-16 17:53 32,768 --a------ C:\WINDOWS\system32\idtubyyh.exe 2008-05-16 17:53 . 2008-05-16 17:53 26,112 --a------ C:\WINDOWS\system32\ifny.exe 2008-05-16 17:53 . 2008-05-16 17:53 1,635 --a------ C:\WINDOWS\system32\jqda.exe 2008-05-16 17:53 . 2008-05-16 17:53 1,635 --a------ C:\WINDOWS\system32\imot.exe 2008-05-16 17:50 . 2008-05-16 17:50 401,408 -r-hsc--- C:\WINDOWS\system32\dllcache\wintcps.exe 2008-05-16 17:50 . 2008-05-17 15:39 60 --a------ C:\WINDOWS\system32\i 2008-05-16 17:47 . 2008-05-16 17:47 503,808 -r-hsc--- C:\WINDOWS\system32\dllcache\wingptd.exe 2008-05-16 17:43 . 2008-05-16 17:43 102,400 --a------ C:\WINDOWS\system32\lbxux.exe 2008-05-16 17:43 . 2008-05-16 17:43 55,808 --a------ C:\WINDOWS\system32\usggnf.exe 2008-05-16 17:43 . 2008-05-16 17:43 35,840 --a------ C:\WINDOWS\system32\gjmcozr.exe 2008-05-16 17:43 . 2008-05-16 17:43 32,768 --a------ C:\WINDOWS\system32\vvurq.exe 2008-05-16 17:43 . 2008-05-16 17:43 1,635 --a------ C:\WINDOWS\system32\zmxrwqb.exe 2008-05-16 17:43 . 2008-05-16 17:43 1,635 --a------ C:\WINDOWS\system32\rdtmcw.exe 2008-05-16 17:40 . 2008-05-16 17:40 52,979 --a------ C:\WINDOWS\system32\ihaasg.exe 2008-05-16 17:36 . 2008-05-16 17:41 27,648 --ah----- C:\WINDOWS\system32\jquvbqnw.exe 2008-05-16 17:34 . 2008-05-16 17:34 55,808 --a------ C:\WINDOWS\system32\arpxbf.exe 2008-05-16 17:25 . 2008-05-16 17:25 59,904 --a------ C:\WINDOWS\system32\pygc.exe 2008-05-16 17:22 . 2008-05-16 17:22 57,344 --a------ C:\WINDOWS\system32\vtUopMGw.dll 2008-05-16 17:22 . 2008-05-16 17:22 26,112 --a------ C:\WINDOWS\system32\vlssmsop.exe 2008-05-16 17:22 . 2008-05-16 17:22 23,040 --a------ C:\WINDOWS\system32\qpow.exe 2008-05-16 17:22 . 2008-05-16 17:22 1,635 --a------ C:\WINDOWS\system32\qwlzzrk.exe 2008-05-16 17:22 . 2008-05-16 17:22 1,635 --a------ C:\WINDOWS\system32\eqnryzh.exe 2008-05-16 17:17 . 2008-05-16 17:17 102,400 --a------ C:\WINDOWS\system32\gcypfpbs.exe 2008-05-16 17:17 . 2008-05-16 17:17 35,840 --a------ C:\WINDOWS\system32\ukfeuwfy.exe 2008-05-16 17:17 . 2008-05-16 17:17 32,768 --a------ C:\WINDOWS\system32\zmnh.exe 2008-05-16 17:17 . 2008-05-16 17:17 1,635 --a------ C:\WINDOWS\system32\tevilf.exe 2008-05-16 17:17 . 2008-05-16 17:17 1,635 --a------ C:\WINDOWS\system32\fsvyvb.exe 2008-05-16 16:57 . 2008-05-16 16:58 32,768 --a------ C:\WINDOWS\system32\gzq.exe 2008-05-16 16:55 . 2008-05-16 16:55 115,200 -r-hsc--- C:\WINDOWS\system32\dllcache\sxch0st.exe 2008-05-16 16:49 . 2008-05-16 16:49 57,344 --a------ C:\WINDOWS\system32\ddcBRklK.dll 2008-05-16 16:49 . 2008-05-16 16:49 32,768 --a------ C:\WINDOWS\system32\ugmmzxbz.exe 2008-05-16 16:49 . 2008-05-16 16:49 26,112 --a------ C:\WINDOWS\system32\xcbi.exe 2008-05-16 16:49 . 2008-05-16 16:49 1,635 --a------ C:\WINDOWS\system32\zgpw.exe 2008-05-16 16:49 . 2008-05-16 16:49 1,635 --a------ C:\WINDOWS\system32\pnxewdo.exe 2008-05-16 16:47 . 2008-05-16 16:47 <REP> d-------- C:\Program Files\Avira 2008-05-16 16:46 . 2008-05-17 15:45 56,368 d-------- C:\WINDOWS\system32\. 2008-05-16 16:34 . 2008-05-16 16:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-05-16 16:17 . 2008-05-16 16:17 1,024 --ah----- C:\WINDOWS\system32\config\systemprofile\NtUser.dat.LOG 2008-05-16 16:14 . 2008-05-16 16:14 57,344 --a------ C:\WINDOWS\system32\wvUoOGxX.dll 2008-05-16 16:14 . 2008-05-16 16:14 26,112 --a------ C:\WINDOWS\system32\afbsahfp.exe 2008-05-16 16:14 . 2008-05-16 16:14 23,040 --a------ C:\WINDOWS\system32\pnmfp.exe 2008-05-16 16:14 . 2008-05-16 16:14 1,635 --a------ C:\WINDOWS\system32\qtvot.exe 2008-05-16 16:14 . 2008-05-16 16:14 1,635 --a------ C:\WINDOWS\system32\ohadods.exe 2008-05-16 16:08 . 2008-05-16 16:10 71,896 --a------ C:\WINDOWS\system32\po.exe 2008-05-16 16:03 . 2008-05-16 16:03 57,344 --a------ C:\WINDOWS\system32\opnkliIB.dll 2008-05-16 16:03 . 2008-05-16 16:03 26,112 --a------ C:\WINDOWS\system32\iwfdhxar.exe 2008-05-16 16:03 . 2008-05-16 16:03 23,040 --a------ C:\WINDOWS\system32\hmihy.exe 2008-05-16 16:03 . 2008-05-16 16:03 1,635 --a------ C:\WINDOWS\system32\mzud.exe 2008-05-16 16:03 . 2008-05-16 16:03 1,635 --a------ C:\WINDOWS\system32\hdcbn.exe 2008-05-16 15:36 . 2008-05-16 15:39 483,328 --a------ C:\WINDOWS\system32\WinTcpips.exe 2008-05-16 15:21 . 2008-05-16 15:21 57,344 --a------ C:\WINDOWS\system32\wvUoLcdE.dll 2008-05-16 15:21 . 2008-05-16 15:21 26,112 --a------ C:\WINDOWS\system32\bofyws.exe 2008-05-16 15:21 . 2008-05-16 15:21 23,040 --a------ C:\WINDOWS\system32\zvdexc.exe 2008-05-16 15:21 . 2008-05-16 15:21 1,635 --a------ C:\WINDOWS\system32\qltcvoeo.exe 2008-05-16 15:21 . 2008-05-16 15:21 1,635 --a------ C:\WINDOWS\system32\kxnqfq.exe 2008-05-16 15:09 . 2008-05-16 15:09 57,344 --a------ C:\WINDOWS\system32\hgGwVPIY.dll 2008-05-16 15:08 . 2008-05-16 15:08 26,112 --a------ C:\WINDOWS\system32\vjboq.exe 2008-05-16 15:08 . 2008-05-16 15:08 23,040 --a------ C:\WINDOWS\system32\xyso.exe 2008-05-16 15:08 . 2008-05-16 15:08 1,635 --a------ C:\WINDOWS\system32\dhwjw.exe 2008-05-16 15:08 . 2008-05-16 15:08 1,635 --a------ C:\WINDOWS\system32\bkdod.exe 2008-05-16 14:38 . 2008-05-16 14:38 11,584 --a------ C:\WINDOWS\system32\tefwyfks.exe 2008-05-16 14:35 . 2008-05-16 14:55 448,000 --a------ C:\WINDOWS\system32\msmsnger.exe 2008-05-16 14:32 . 2008-05-16 14:32 57,344 --a------ C:\WINDOWS\system32\jkkLBtSL.dll 2008-05-16 14:32 . 2008-05-16 14:32 26,112 --a------ C:\WINDOWS\system32\vqnonjy.exe 2008-05-16 14:32 . 2008-05-16 14:32 23,040 --a------ C:\WINDOWS\system32\ndnth.exe 2008-05-16 14:32 . 2008-05-16 14:32 1,635 --a------ C:\WINDOWS\system32\urcym.exe 2008-05-16 14:32 . 2008-05-16 14:32 1,635 --a------ C:\WINDOWS\system32\pjzmmf.exe 2008-05-16 06:31 . 2008-05-16 06:31 126,016 --a------ C:\WINDOWS\system32\hincooob.dll 2008-05-16 06:00 . 2008-05-16 06:00 57,344 --a------ C:\WINDOWS\system32\fcccaaXo.dll 2008-05-16 06:00 . 2008-05-16 06:00 26,112 --a------ C:\WINDOWS\system32\ihqh.exe 2008-05-16 06:00 . 2008-05-16 06:00 23,040 --a------ C:\WINDOWS\system32\labqbxe.exe 2008-05-16 06:00 . 2008-05-16 06:00 1,635 --a------ C:\WINDOWS\system32\uwbqktr.exe 2008-05-16 06:00 . 2008-05-16 06:00 1,635 --a------ C:\WINDOWS\system32\sxzqm.exe 2008-05-16 05:31 . 2008-05-16 05:31 <REP> d-------- C:\Program Files\Trend Micro 2008-05-13 16:44 . 2007-07-30 19:19 549,720 --a------ C:\WINDOWS\system32\wuapi.dll 2008-05-13 16:44 . 2007-07-30 19:19 325,976 --a------ C:\WINDOWS\system32\wucltui.dll 2008-05-13 16:44 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\system32\wuaucpl.cpl 2008-05-13 16:44 . 2007-07-30 19:19 43,352 --a------ C:\WINDOWS\system32\wups2.dll 2008-05-13 16:44 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-04-21 20:57 33,952 ----a-w C:\WINDOWS\system32\drivers\oreans32.sys 2008-04-21 20:44 --------- d-----w C:\Program Files\microsoft frontpage 2008-04-21 20:42 --------- d-----w C:\Program Files\Services en ligne . ------- Sigcheck ------- 2004-08-04 08:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ip6fw.sys 2001-08-28 14:00 1014784 a13db50e5f4ce8b35c721df8d49325b2 C:\WINDOWS\explorer.exe 2004-08-20 01:09 1046016 ad8ac5a73532681a644dbdc4d164f3fc C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\explorer.exe 2001-08-28 14:00 1014784 6c8a0068736b0e2187a4f6d0860af0fa C:\WINDOWS\system32\dllcache\explorer.exe 2004-08-20 01:09 25088 4dc3463ec3ed80488aea7cedfbb360c2 C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ctfmon.exe 2001-08-28 14:00 23040 f2732eac7896234eb671bb01c29e9b2c C:\WINDOWS\system32\ctfmon.exe 2001-08-28 14:00 23040 3ee16eb1a623d72a120a5382ed410256 C:\WINDOWS\system32\dllcache\ctfmon.exe . ((((((((((((((((((((((((((((( snapshot@2008-05-15_18.32.40.96 ))))))))))))))))))))))))))))))))))))))))) . - 2004-05-17 22:38:25 159,744 -c----w C:\WINDOWS\$NtUninstallKB842773$\spuninst\spuninst.exe - 2002-10-28 06:37:58 131,072 ------w C:\WINDOWS\alcrmv.exe + 2002-10-28 06:37:58 163,840 ------w C:\WINDOWS\alcrmv.exe - 2002-10-28 06:37:58 208,896 ------w C:\WINDOWS\alcupd.exe + 2002-10-28 06:37:58 241,664 ------w C:\WINDOWS\alcupd.exe - 2008-05-15 15:54:57 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-05-17 13:45:17 2,048 --s-a-w C:\WINDOWS\bootstat.dat - 2005-10-20 18:02:28 163,328 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE + 2005-10-20 18:02:28 173,056 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE - 2005-10-20 18:02:28 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE + 2005-10-20 18:02:28 173,056 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE - 2000-08-31 06:00:00 73,728 ----a-w C:\WINDOWS\fdsv.exe + 2000-08-31 06:00:00 106,496 ----a-w C:\WINDOWS\fdsv.exe - 2000-08-31 06:00:00 80,412 ----a-w C:\WINDOWS\grep.exe + 2000-08-31 06:00:00 110,592 ----a-w C:\WINDOWS\grep.exe - 2001-08-28 12:00:00 229,376 ----a-w C:\WINDOWS\inf\unregmp2.exe + 2001-08-28 12:00:00 241,664 ----a-w C:\WINDOWS\inf\unregmp2.exe - 2008-04-21 20:48:42 166,912 ----a-r C:\WINDOWS\Installer\{350C97B8-3D7C-4EE8-BAA9-00BCB3D54227}\places.exe + 2008-04-21 20:48:42 196,608 ----a-r C:\WINDOWS\Installer\{350C97B8-3D7C-4EE8-BAA9-00BCB3D54227}\places.exe - 2000-08-31 06:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe + 2000-08-31 06:00:00 37,888 ----a-w C:\WINDOWS\Nircmd.exe - 2001-08-28 12:00:00 67,584 ----a-w C:\WINDOWS\NOTEPAD.EXE + 2001-08-28 12:00:00 77,312 ----a-w C:\WINDOWS\NOTEPAD.EXE - 2003-01-07 15:31:36 1,122,304 ------w C:\WINDOWS\NuNinst.exe + 2003-01-07 15:31:36 1,155,072 ------w C:\WINDOWS\NuNinst.exe - 2001-08-28 12:00:00 140,800 ----a-w C:\WINDOWS\regedit.exe + 2001-08-28 12:00:00 150,528 ----a-w C:\WINDOWS\regedit.exe + 2001-07-14 15:32:24 69,632 ----a-w C:\WINDOWS\setup.pss\setupupd\temp\wsdueng.dll - 2000-08-31 06:00:00 161,792 ----a-w C:\WINDOWS\swreg.exe + 2000-08-31 06:00:00 171,520 ----a-w C:\WINDOWS\swreg.exe - 2001-08-28 12:00:00 185,344 ----a-w C:\WINDOWS\system32\accwiz.exe + 2001-08-28 12:00:00 195,072 ----a-w C:\WINDOWS\system32\accwiz.exe - 2001-08-28 12:00:00 11,264 ----a-w C:\WINDOWS\system32\attrib.exe + 2001-08-28 12:00:00 20,992 ----a-w C:\WINDOWS\system32\attrib.exe - 2008-04-29 16:07:36 23,040 ----a-w C:\WINDOWS\system32\bpdatkcv.exe + 2008-04-29 16:07:36 32,768 ----a-w C:\WINDOWS\system32\bpdatkcv.exe - 2001-08-28 12:00:00 388,096 ----a-w C:\WINDOWS\system32\cmd.exe + 2001-08-28 12:00:00 397,824 ----a-w C:\WINDOWS\system32\cmd.exe - 2008-05-15 15:41:02 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat + 2008-05-17 13:45:18 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat - 2008-05-15 15:41:02 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat + 2008-05-17 13:45:18 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat + 2008-05-16 15:47:33 503,808 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\IJ212PAB\84785_winsgh[1].exe + 2008-05-17 13:20:44 491,520 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\IJ212PAB\84785_winsgh[2].exe - 2008-05-15 15:41:02 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2008-05-17 13:45:18 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2008-05-17 13:32:45 104,960 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\O5M5GBIP\84785_redworld[1].exe + 2008-05-16 15:50:02 389,120 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\O5M5GBIP\84785_winhtb[1].exe + 2008-05-16 14:17:32 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\NtUser.dat - 2001-08-28 12:00:00 102,450 ----a-w C:\WINDOWS\system32\cscript.exe + 2001-08-28 12:00:00 114,738 ----a-w C:\WINDOWS\system32\cscript.exe + 2008-01-21 16:12:56 41,792 ----a-w C:\WINDOWS\system32\drivers\avgntdd.sys + 2008-01-21 16:11:28 22,336 ----a-w C:\WINDOWS\system32\drivers\avgntmgr.sys + 2008-03-04 11:28:53 79,424 ----a-w C:\WINDOWS\system32\drivers\avipbb.sys + 2007-03-01 08:34:22 28,352 ----a-w C:\WINDOWS\system32\drivers\ssmdrv.sys - 2001-08-28 12:00:00 47,104 ----a-w C:\WINDOWS\system32\drwtsn32.exe + 2001-08-28 12:00:00 56,832 ----a-w C:\WINDOWS\system32\drwtsn32.exe - 2001-08-28 12:00:00 30,208 ----a-w C:\WINDOWS\system32\dumprep.exe + 2001-08-28 12:00:00 39,936 ----a-w C:\WINDOWS\system32\dumprep.exe - 2008-04-27 14:13:39 23,040 ----a-w C:\WINDOWS\system32\epmfnbfe.exe + 2008-04-27 14:13:39 32,768 ----a-w C:\WINDOWS\system32\epmfnbfe.exe - 2001-08-28 12:00:00 14,848 ----a-w C:\WINDOWS\system32\fc.exe + 2001-08-28 12:00:00 24,576 ----a-w C:\WINDOWS\system32\fc.exe - 2001-08-28 12:00:00 9,216 ----a-w C:\WINDOWS\system32\find.exe + 2001-08-28 12:00:00 18,944 ----a-w C:\WINDOWS\system32\find.exe - 2001-08-28 12:00:00 27,136 ----a-w C:\WINDOWS\system32\findstr.exe + 2001-08-28 12:00:00 36,864 ----a-w C:\WINDOWS\system32\findstr.exe - 2001-08-28 12:00:00 44,032 ----a-w C:\WINDOWS\system32\ftp.exe + 2001-08-28 12:00:00 53,760 ----a-w C:\WINDOWS\system32\ftp.exe - 2001-08-28 12:00:00 37,888 ----a-w C:\WINDOWS\system32\grpconv.exe + 2001-08-28 12:00:00 47,616 ----a-w C:\WINDOWS\system32\grpconv.exe - 2001-08-28 12:00:00 118,784 ----a-w C:\WINDOWS\system32\imapi.exe + 2001-08-28 12:00:00 128,512 ----a-w C:\WINDOWS\system32\imapi.exe - 2001-08-28 12:00:00 23,040 ----a-w C:\WINDOWS\system32\ipxroute.exe + 2001-08-28 12:00:00 32,768 ----a-w C:\WINDOWS\system32\ipxroute.exe - 2008-05-02 15:03:54 23,040 ----a-w C:\WINDOWS\system32\lmvbolsz.exe + 2008-05-02 15:03:54 32,768 ----a-w C:\WINDOWS\system32\lmvbolsz.exe - 2001-08-28 12:00:00 505,344 ----a-w C:\WINDOWS\system32\logonui.exe + 2001-08-28 12:00:00 515,072 ----a-w C:\WINDOWS\system32\logonui.exe - 2001-08-28 12:00:00 116,736 ---h--w C:\WINDOWS\system32\lssas.exe + 2001-08-28 12:00:00 126,464 ---h--w C:\WINDOWS\system32\lssas.exe - 2008-05-03 13:30:35 23,040 ----a-w C:\WINDOWS\system32\lxorkyau.exe + 2008-05-03 13:30:35 32,768 ----a-w C:\WINDOWS\system32\lxorkyau.exe - 2008-05-05 15:08:34 2,562 ----a-w C:\WINDOWS\system32\mgpcpflb.exe + 2008-05-05 15:08:34 12,290 ----a-w C:\WINDOWS\system32\mgpcpflb.exe - 2001-08-28 12:00:00 775,168 ----a-w C:\WINDOWS\system32\mmc.exe + 2001-08-28 12:00:00 784,896 ----a-w C:\WINDOWS\system32\mmc.exe - 2001-08-28 12:00:00 128,000 ----a-w C:\WINDOWS\system32\mshearts.exe + 2001-08-28 12:00:00 137,728 ----a-w C:\WINDOWS\system32\mshearts.exe - 2001-08-28 12:00:00 390,144 ----a-w C:\WINDOWS\system32\mstsc.exe + 2001-08-28 12:00:00 399,872 ----a-w C:\WINDOWS\system32\mstsc.exe - 2001-07-09 10:50:42 155,648 ----a-r C:\WINDOWS\system32\NeroCheck.exe + 2001-07-09 10:50:42 188,416 ----a-r C:\WINDOWS\system32\NeroCheck.exe - 2001-08-28 12:00:00 39,424 ----a-w C:\WINDOWS\system32\net.exe + 2001-08-28 12:00:00 49,152 ----a-w C:\WINDOWS\system32\net.exe - 2001-08-28 12:00:00 115,200 ----a-w C:\WINDOWS\system32\net1.exe + 2001-08-28 12:00:00 124,928 ----a-w C:\WINDOWS\system32\net1.exe - 2001-08-28 12:00:00 67,584 ----a-w C:\WINDOWS\system32\notepad.exe + 2001-08-28 12:00:00 77,312 ----a-w C:\WINDOWS\system32\notepad.exe - 2001-08-28 12:00:00 1,166,336 ----a-w C:\WINDOWS\system32\ntbackup.exe + 2001-08-28 12:00:00 1,176,064 ----a-w C:\WINDOWS\system32\ntbackup.exe - 2001-08-28 12:00:00 396,800 ----a-w C:\WINDOWS\system32\ntvdm.exe + 2001-08-28 12:00:00 406,528 ----a-w C:\WINDOWS\system32\ntvdm.exe - 2008-04-21 22:02:58 39,992 ----a-w C:\WINDOWS\system32\perfc009.dat + 2008-05-16 02:09:17 39,992 ----a-w C:\WINDOWS\system32\perfc009.dat - 2008-04-21 22:02:58 48,616 ----a-w C:\WINDOWS\system32\perfc00C.dat + 2008-05-16 02:09:17 48,616 ----a-w C:\WINDOWS\system32\perfc00C.dat - 2008-04-21 22:02:58 311,604 ----a-w C:\WINDOWS\system32\perfh009.dat + 2008-05-16 02:09:17 311,604 ----a-w C:\WINDOWS\system32\perfh009.dat - 2008-04-21 22:02:58 367,658 ----a-w C:\WINDOWS\system32\perfh00C.dat + 2008-05-16 02:09:17 367,658 ----a-w C:\WINDOWS\system32\perfh00C.dat - 2001-08-28 12:00:00 23,040 ----a-w C:\WINDOWS\system32\proxycfg.exe + 2001-08-28 12:00:00 32,768 ----a-w C:\WINDOWS\system32\proxycfg.exe - 2008-04-29 17:10:34 23,040 ----a-w C:\WINDOWS\system32\qppwvlts.exe + 2008-04-29 17:10:34 32,768 ----a-w C:\WINDOWS\system32\qppwvlts.exe - 2001-08-28 12:00:00 370,176 ----a-w C:\WINDOWS\system32\Restore\rstrui.exe + 2001-08-28 12:00:00 379,904 ----a-w C:\WINDOWS\system32\Restore\rstrui.exe - 2001-08-28 12:00:00 21,504 ----a-w C:\WINDOWS\system32\route.exe + 2001-08-28 12:00:00 31,232 ----a-w C:\WINDOWS\system32\route.exe - 2001-08-28 12:00:00 32,256 ----a-w C:\WINDOWS\system32\rundll32.exe + 2001-08-28 12:00:00 41,984 ----a-w C:\WINDOWS\system32\rundll32.exe - 2001-08-28 12:00:00 12,288 ----a-w C:\WINDOWS\system32\runonce.exe + 2001-08-28 12:00:00 22,016 ----a-w C:\WINDOWS\system32\runonce.exe - 2001-08-28 12:00:00 25,088 ----a-w C:\WINDOWS\system32\sort.exe + 2001-08-28 12:00:00 34,816 ----a-w C:\WINDOWS\system32\sort.exe - 2001-08-28 12:00:00 534,528 ----a-w C:\WINDOWS\system32\spider.exe + 2001-08-28 12:00:00 544,256 ----a-w C:\WINDOWS\system32\spider.exe - 2001-08-28 12:00:00 51,200 ----a-w C:\WINDOWS\system32\spoolsv.exe + 2001-08-28 12:00:00 60,928 ----a-w C:\WINDOWS\system32\spoolsv.exe - 2001-08-28 12:00:00 136,192 ----a-w C:\WINDOWS\system32\taskmgr.exe + 2001-08-28 12:00:00 145,920 ----a-w C:\WINDOWS\system32\taskmgr.exe - 2001-08-28 12:00:00 13,312 ----a-w C:\WINDOWS\system32\tcmsetup.exe + 2001-08-28 12:00:00 23,040 ----a-w C:\WINDOWS\system32\tcmsetup.exe - 2001-08-28 12:00:00 17,920 ----a-w C:\WINDOWS\system32\tftp.exe + 2001-08-28 12:00:00 27,648 ----a-w C:\WINDOWS\system32\tftp.exe - 2001-08-28 12:00:00 346,624 ----a-w C:\WINDOWS\system32\tourstart.exe + 2001-08-28 12:00:00 356,352 ----a-w C:\WINDOWS\system32\tourstart.exe - 2001-08-28 12:00:00 37,376 ----a-w C:\WINDOWS\system32\typeperf.exe + 2001-08-28 12:00:00 47,104 ----a-w C:\WINDOWS\system32\typeperf.exe - 2001-08-28 12:00:00 22,016 ----a-w C:\WINDOWS\system32\userinit.exe + 2001-08-28 12:00:00 31,744 ----a-w C:\WINDOWS\system32\userinit.exe - 2001-08-28 12:00:00 237,056 ----a-w C:\WINDOWS\system32\usmt\migwiz.exe + 2001-08-28 12:00:00 246,784 ----a-w C:\WINDOWS\system32\usmt\migwiz.exe - 2008-04-29 16:40:52 23,040 ----a-w C:\WINDOWS\system32\vixwjfqs.exe + 2008-04-29 16:40:52 32,768 ----a-w C:\WINDOWS\system32\vixwjfqs.exe - 2001-08-28 12:00:00 118,834 ----a-w C:\WINDOWS\system32\wscript.exe + 2001-08-28 12:00:00 131,122 ----a-w C:\WINDOWS\system32\wscript.exe - 2008-05-03 13:34:02 23,040 ----a-w C:\WINDOWS\system32\yvynzexd.exe + 2008-05-03 13:34:02 32,768 ----a-w C:\WINDOWS\system32\yvynzexd.exe - 2000-08-31 06:00:00 49,152 ----a-w C:\WINDOWS\VFind.exe + 2000-08-31 06:00:00 61,440 ----a-w C:\WINDOWS\VFind.exe . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{187ea6bf-a41a-412c-93a7-a1ab392cccd6}] 2008-05-17 15:11 134208 --a------ C:\WINDOWS\System32\saeryqfu.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F3AE67E7-AC8F-4A58-819E-194EA11FEBC5}] C:\WINDOWS\System32\vtsqqomm.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2001-08-28 14:00 23040] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2001-08-02 07:14 1089565] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Local Security Authority Service"="C:\WINDOWS\System32\lssas.exe" [2001-08-28 14:00 126464] "Client Server Runtime Process"="C:\WINDOWS\System32\csrs.exe" [ ] "NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 188416] "InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2003-01-15 19:29 1232896] "Windows Logon Application"="C:\WINDOWS\System32\logon.exe" [ ] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 294912] "Windows Network Firewall"="C:\WINDOWS\System32\firewall.exe" [ ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] "Windows Update"="ssms.exe" [2008-05-17 15:40 149504 C:\WINDOWS\system32\ssms.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2001-08-28 14:00 23040] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\WINDOWS\\system32\\16cf91.exe"= "C:\\WINDOWS\\system32\\ac6f.exe"= R0 avgntmgr;avgntmgr;C:\WINDOWS\System32\DRIVERS\avgntmgr.sys [2008-01-21 18:11] R0 BsStor;InCD Storage Helper Driver;C:\WINDOWS\System32\DRIVERS\bsstor.sys [2002-06-06 01:07] R1 avgntdd;avgntdd;C:\WINDOWS\System32\DRIVERS\avgntdd.sys [2008-01-21 18:12] R1 oreans32;oreans32;C:\WINDOWS\system32\drivers\oreans32.sys [2008-04-21 22:57] R2 Asus Protocol Driver Control;Asus Protocol Driver Control;"C:\WINDOWS\System32\dllcache\wingptd.exe" [2008-05-16 17:47] R2 BsUDF;InCD UDF Driver;C:\WINDOWS\System32\drivers\BsUDF.sys [2003-01-15 20:02] R2 Micr0s0ft Agent;Micr0s0ft Agent;"C:\WINDOWS\System32\dllcache\sxch0st.exe" [2008-05-16 16:55] R2 Microsoft Agent;Microsoft Agent;"C:\WINDOWS\System32\dllcache\mswords.exe" [2008-05-17 15:16] R2 Microsoft Windows TCP Protocol;Microsoft Windows TCP Protocol;"C:\WINDOWS\System32\dllcache\wintcps.exe" [2008-05-16 17:50] R3 Cap7134;MEDION (7134) WDM Video Capture;C:\WINDOWS\System32\DRIVERS\Cap7134.sys [2002-07-29 15:14] R3 PhTVTune;Philips WDM TVTuner;C:\WINDOWS\System32\DRIVERS\PhTVTune.sys [2002-10-23 14:48] S3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\System32\DRIVERS\BrScnUsb.sys [2004-10-15 05:50] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{28ABC5C0-4FCB-11CF-AAX5-81CX1C635612}] c:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-17 15:45:32 Windows 5.1.2600 NTFS detected NTDLL code modification: ZwOpenFile Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP.NEW 3672 bytes Scan termin‚ avec succŠs Les fichiers cach‚s: 1 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\system32\savedump.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe . ************************************************************************** . Temps d'accomplissement: 2008-05-17 15:46:32 - machine was rebooted [lucas] ComboFix-quarantined-files.txt 2008-05-17 13:46:28 ComboFix2.txt 2008-05-16 03:25:50 Pre-Run: 27,622,715,392 octets libres Post-Run: 27,677,921,280 octets libres 614 je passes à la suite de ta procédure . merci, à bientot
- le 17 mai 2008
- 51 réponses
grosse infection[résolu]

loukass a répondu à un(e) sujet de loukass dans Analyses et éradication malwares

merci mr Lee. entre temps j'ai essayé d'installer antivir Avira mais je ne peus pas l'installer ni desinstaller pour cause virus apparement. donc Gros danger.
- le 16 mai 2008
- 51 réponses
grosse infection[résolu]

loukass a posté un sujet dans Analyses et éradication malwares

bonjour à tous, ça devient infernal. a l'aide s'il vous plait. ci-joint rapport hijackthis et combofix: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 05:35:09, on 16/05/2008 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\ws2_32.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\System32\lssas.exe C:\Program Files\Ahead\InCD\InCD.exe C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\explorer.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [Local Security Authority Service] C:\WINDOWS\System32\lssas.exe O4 - HKLM\..\Run: [Client Server Runtime Process] C:\WINDOWS\System32\csrs.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [Windows Logon Application] C:\WINDOWS\System32\winIogon.exe O4 - HKLM\..\Run: [a88ae0d2] rundll32.exe "C:\WINDOWS\System32\sqlrwefj.dll",b O4 - HKLM\..\Run: [bMabb9d34e] Rundll32.exe "C:\WINDOWS\System32\gmtvnmws.dll",s O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Windows hes Layers] tlvqmw.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1210689816508 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: ws2_32 - Unknown owner - C:\WINDOWS\System32\ws2_32.exe -- End of file - 3954 bytes ComboFix 08-05-12.1 - lucas 2008-05-16 5:21:12.2 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.0.1252.1.1036.18.329 [GMT 2:00] Endroit: C:\Documents and Settings\lucas\Bureau\ComboFix.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\pskt.ini C:\WINDOWS\system32\EdfOnnnn.ini C:\WINDOWS\system32\EdfOnnnn.ini2 C:\WINDOWS\system32\jfewrlqs.ini . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-16 to 2008-05-16 )))))))))))))))))))))))))))))))))))) . 2008-05-16 05:24 . 2008-05-16 05:24 294 ---hs---- C:\WINDOWS\system32\jfewrlqs.ini 2008-05-16 05:11 . 2008-05-16 05:11 57,344 --a------ C:\WINDOWS\system32\qoMggdAp.dll 2008-05-16 05:11 . 2008-05-16 05:11 26,112 --a------ C:\WINDOWS\system32\duqtuk.exe 2008-05-16 05:11 . 2008-05-16 05:11 23,040 --a------ C:\WINDOWS\system32\cnjia.exe 2008-05-16 05:11 . 2008-05-16 05:11 1,635 --a------ C:\WINDOWS\system32\plpewra.exe 2008-05-16 05:11 . 2008-05-16 05:11 1,635 --a------ C:\WINDOWS\system32\fuidocm.exe 2008-05-16 05:06 . 2008-05-16 05:06 57,344 --a------ C:\WINDOWS\system32\vtUkkkKa.dll 2008-05-16 05:06 . 2008-05-16 05:06 26,112 --a------ C:\WINDOWS\system32\gqtpb.exe 2008-05-16 05:06 . 2008-05-16 05:06 23,040 --a------ C:\WINDOWS\system32\letagyrc.exe 2008-05-16 05:06 . 2008-05-16 05:06 1,635 --a------ C:\WINDOWS\system32\wwtamll.exe 2008-05-16 05:06 . 2008-05-16 05:06 1,635 --a------ C:\WINDOWS\system32\bbtpmnmt.exe 2008-05-16 05:01 . 2008-05-16 05:01 116,800 --a------ C:\WINDOWS\system32\sqlrwefj.dll 2008-05-16 05:01 . 2008-05-16 05:01 2,112 --a------ C:\WINDOWS\system32\ecbwillt.exe 2008-05-16 04:58 . 2008-05-16 04:58 133,184 --a------ C:\WINDOWS\system32\oayhapkm.dll 2008-05-16 04:55 . 2008-05-16 04:55 126,016 --a------ C:\WINDOWS\system32\gmtvnmws.dll 2008-05-16 04:46 . 2008-05-16 04:46 57,344 --a------ C:\WINDOWS\system32\cbXNGyVn.dll 2008-05-16 04:46 . 2008-05-16 04:46 26,112 --a------ C:\WINDOWS\system32\xcckrc.exe 2008-05-16 04:46 . 2008-05-16 04:46 23,040 --a------ C:\WINDOWS\system32\cgormew.exe 2008-05-16 04:46 . 2008-05-16 04:46 1,635 --a------ C:\WINDOWS\system32\nyuawsqp.exe 2008-05-16 04:46 . 2008-05-16 04:46 1,635 --a------ C:\WINDOWS\system32\nbyc.exe 2008-05-16 04:21 . 2008-05-16 04:21 57,344 --a------ C:\WINDOWS\system32\jkkJyARk.dll 2008-05-16 04:20 . 2008-05-16 04:20 26,112 --a------ C:\WINDOWS\system32\vrfovxq.exe 2008-05-16 04:20 . 2008-05-16 04:20 23,040 --a------ C:\WINDOWS\system32\rccsohmg.exe 2008-05-16 04:20 . 2008-05-16 04:20 1,635 --a------ C:\WINDOWS\system32\rnarc.exe 2008-05-16 04:20 . 2008-05-16 04:20 1,635 --a------ C:\WINDOWS\system32\byod.exe 2008-05-16 04:10 . 2008-05-16 04:10 57,344 --a------ C:\WINDOWS\system32\ssqRLEWq.dll 2008-05-16 04:10 . 2008-05-16 04:10 26,112 --a------ C:\WINDOWS\system32\juundt.exe 2008-05-16 04:10 . 2008-05-16 04:10 23,040 --a------ C:\WINDOWS\system32\douvli.exe 2008-05-16 04:10 . 2008-05-16 04:10 1,635 --a------ C:\WINDOWS\system32\mmaivk.exe 2008-05-16 04:10 . 2008-05-16 04:10 1,635 --a------ C:\WINDOWS\system32\jfxpqctk.exe 2008-05-15 19:15 . 2008-05-16 04:46 474 ---hs---- C:\WINDOWS\system32\hotjtmqg.ini 2008-05-15 17:46 . 2008-05-15 17:46 57,344 --a------ C:\WINDOWS\system32\vtUlKEXP.dll 2008-05-15 17:46 . 2008-05-15 17:46 23,040 --a------ C:\WINDOWS\system32\emll.exe 2008-05-15 17:46 . 2008-05-15 17:46 1,635 --a------ C:\WINDOWS\system32\lzfmrtgf.exe 2008-05-15 17:46 . 2008-05-15 17:46 1,635 --a------ C:\WINDOWS\system32\emkujfs.exe 2008-05-15 17:30 . 2008-05-15 17:30 57,344 --a------ C:\WINDOWS\system32\tuvTlkiH.dll 2008-05-15 17:30 . 2008-05-15 17:30 26,112 --a------ C:\WINDOWS\system32\eahtiab.exe 2008-05-15 17:30 . 2008-05-15 17:30 23,040 --a------ C:\WINDOWS\system32\zwncojn.exe 2008-05-15 17:30 . 2008-05-15 17:30 1,635 --a------ C:\WINDOWS\system32\ebmdgzl.exe 2008-05-15 17:30 . 2008-05-15 17:30 1,635 --a------ C:\WINDOWS\system32\cdqu.exe 2008-05-15 17:20 . 2008-05-15 17:20 208 --a------ C:\WINDOWS\system32\mqlh.exe 2008-05-15 17:19 . 2008-05-15 17:19 92,672 --a------ C:\WINDOWS\system32\pyhqmo.exe 2008-05-15 17:19 . 2008-05-15 17:19 26,112 --a------ C:\WINDOWS\system32\dzkvuvky.exe 2008-05-15 17:19 . 2008-05-15 17:19 23,040 --a------ C:\WINDOWS\system32\uqnf.exe 2008-05-15 17:19 . 2008-05-15 17:19 1,635 --a------ C:\WINDOWS\system32\lwhnw.exe 2008-05-15 17:19 . 2008-05-15 17:19 1,635 --a------ C:\WINDOWS\system32\brxg.exe 2008-05-15 17:16 . 2008-05-15 17:16 92,672 --------- C:\WINDOWS\system32\oalw.exe 2008-05-15 17:16 . 2008-05-15 17:16 57,344 --a------ C:\WINDOWS\system32\ljJCspqO.dll 2008-05-15 17:16 . 2008-05-15 17:16 26,112 --a------ C:\WINDOWS\system32\zbys.exe 2008-05-15 17:16 . 2008-05-15 17:16 23,040 --a------ C:\WINDOWS\system32\tifchkzp.exe 2008-05-15 17:16 . 2008-05-15 17:16 1,635 --a------ C:\WINDOWS\system32\yudymt.exe 2008-05-15 17:16 . 2008-05-15 17:16 1,635 --a------ C:\WINDOWS\system32\vkilru.exe 2008-05-15 17:13 . 2008-05-15 17:13 92,672 --------- C:\WINDOWS\system32\mjzayy.exe 2008-05-15 17:13 . 2008-05-15 17:13 57,344 --a------ C:\WINDOWS\system32\vtUnonmj.dll 2008-05-15 17:13 . 2008-05-15 17:13 26,112 --a------ C:\WINDOWS\system32\pjqlfseh.exe 2008-05-15 17:13 . 2008-05-15 17:13 23,040 --a------ C:\WINDOWS\system32\qxdrj.exe 2008-05-15 17:13 . 2008-05-15 17:13 1,635 --a------ C:\WINDOWS\system32\ytjon.exe 2008-05-15 17:13 . 2008-05-15 17:13 1,635 --a------ C:\WINDOWS\system32\fsjxffi.exe 2008-05-15 17:11 . 2008-05-15 17:11 57,344 --a------ C:\WINDOWS\system32\pmnkLDts.dll 2008-05-15 17:10 . 2008-05-15 17:10 92,672 --------- C:\WINDOWS\system32\sdmsox.exe 2008-05-15 17:10 . 2008-05-15 17:10 26,112 --a------ C:\WINDOWS\system32\jpvj.exe 2008-05-15 17:10 . 2008-05-15 17:10 23,040 --a------ C:\WINDOWS\system32\lkte.exe 2008-05-15 17:10 . 2008-05-15 17:10 1,635 --a------ C:\WINDOWS\system32\xlyczjo.exe 2008-05-15 17:10 . 2008-05-15 17:10 1,635 --a------ C:\WINDOWS\system32\wdykss.exe 2008-05-15 17:08 . 2008-05-15 17:08 92,672 --a------ C:\WINDOWS\system32\jsrejeik.exe 2008-05-15 17:08 . 2008-05-15 17:08 26,112 --a------ C:\WINDOWS\system32\bbat.exe 2008-05-15 17:08 . 2008-05-15 17:08 23,040 --a------ C:\WINDOWS\system32\ungm.exe 2008-05-15 17:08 . 2008-05-15 17:08 1,635 --a------ C:\WINDOWS\system32\gfqktjz.exe 2008-05-15 17:08 . 2008-05-15 17:08 1,635 --a------ C:\WINDOWS\system32\fwcrz.exe 2008-05-15 16:53 . 2008-05-15 16:53 57,344 --a------ C:\WINDOWS\system32\vtUnomkL.dll 2008-05-15 16:53 . 2008-05-15 16:53 23,040 --a------ C:\WINDOWS\system32\eqvd.exe 2008-05-15 16:53 . 2008-05-15 16:53 1,635 --a------ C:\WINDOWS\system32\qccnmup.exe 2008-05-15 16:53 . 2008-05-15 16:53 1,635 --a------ C:\WINDOWS\system32\bhhyllwg.exe 2008-05-15 16:33 . 2008-05-15 16:33 57,344 --a------ C:\WINDOWS\system32\rqRJBUlK.dll 2008-05-15 16:32 . 2008-05-15 16:32 23,040 --a------ C:\WINDOWS\system32\pqozit.exe 2008-05-15 16:32 . 2008-05-15 16:32 1,635 --a------ C:\WINDOWS\system32\tsqhfh.exe 2008-05-15 16:32 . 2008-05-15 16:32 1,635 --a------ C:\WINDOWS\system32\fgmrydsn.exe 2008-05-15 16:29 . 2008-05-15 16:29 92,672 --a------ C:\WINDOWS\system32\jopfoxti.exe 2008-05-15 16:29 . 2008-05-15 16:29 26,112 --a------ C:\WINDOWS\system32\fzsz.exe 2008-05-15 16:29 . 2008-05-15 16:29 23,040 --a------ C:\WINDOWS\system32\pmqvdbmm.exe 2008-05-15 16:29 . 2008-05-15 16:29 1,635 --a------ C:\WINDOWS\system32\rngli.exe 2008-05-15 16:29 . 2008-05-15 16:29 1,635 --a------ C:\WINDOWS\system32\dwcymwxk.exe 2008-05-15 16:21 . 2008-05-15 16:21 133,184 --a------ C:\WINDOWS\system32\yqbuspmp.dll 2008-05-15 16:19 . 2008-05-15 16:19 126,016 --a------ C:\WINDOWS\system32\pgoqkiwa.dll 2008-05-15 16:18 . 2008-05-15 16:18 57,344 --a------ C:\WINDOWS\system32\cbXRJARh.dll 2008-05-15 16:18 . 2008-05-15 16:18 26,112 --a------ C:\WINDOWS\system32\yffcuz.exe 2008-05-15 16:18 . 2008-05-15 16:18 23,040 --a------ C:\WINDOWS\system32\dyuh.exe 2008-05-15 16:18 . 2008-05-15 16:18 1,635 --a------ C:\WINDOWS\system32\ydkpgf.exe 2008-05-15 16:18 . 2008-05-15 16:18 1,635 --a------ C:\WINDOWS\system32\lsihib.exe 2008-05-15 16:15 . 2008-05-15 16:15 57,344 --a------ C:\WINDOWS\system32\opnopNfF.dll 2008-05-15 16:15 . 2008-05-15 16:15 26,112 --a------ C:\WINDOWS\system32\ksst.exe 2008-05-15 16:15 . 2008-05-15 16:15 23,040 --a------ C:\WINDOWS\system32\jbqsstho.exe 2008-05-15 16:15 . 2008-05-15 16:15 1,635 --a------ C:\WINDOWS\system32\uaooyr.exe 2008-05-15 16:15 . 2008-05-15 16:15 1,635 --a------ C:\WINDOWS\system32\lzjmx.exe 2008-05-13 18:20 . 2008-05-13 18:20 76,800 --a------ C:\WINDOWS\system32\zxqqdw.exe 2008-05-13 18:20 . 2008-05-13 18:20 57,344 --a------ C:\WINDOWS\system32\jkkJdAst.dll 2008-05-13 18:20 . 2008-05-13 18:20 26,112 --a------ C:\WINDOWS\system32\fsfbwch.exe 2008-05-13 18:20 . 2008-05-13 18:20 23,040 --a------ C:\WINDOWS\system32\tjmepnuz.exe 2008-05-13 18:20 . 2008-05-13 18:20 1,635 --a------ C:\WINDOWS\system32\uvgszj.exe 2008-05-13 18:20 . 2008-05-13 18:20 1,635 --a------ C:\WINDOWS\system32\atvzqodj.exe 2008-05-13 17:53 . 2008-05-13 17:53 545,792 --a------ C:\WINDOWS\system32\simley.exe 2008-05-13 17:36 . 2008-05-13 17:36 131,648 --a------ C:\WINDOWS\system32\iiqqasvw.dll 2008-05-13 17:30 . 2008-05-13 17:30 2,112 --a------ C:\WINDOWS\system32\lfusufla.exe 2008-05-13 17:28 . 2008-05-13 17:28 126,016 --a------ C:\WINDOWS\system32\qhbmfopj.dll 2008-05-13 17:27 . 2008-05-13 17:27 370,176 --a------ C:\WINDOWS\system32\nnnnOfdE.dll 2008-05-13 16:44 . 2007-07-30 19:19 549,720 --a------ C:\WINDOWS\system32\wuapi.dll 2008-05-13 16:44 . 2007-07-30 19:19 325,976 --a------ C:\WINDOWS\system32\wucltui.dll 2008-05-13 16:44 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\system32\wuaucpl.cpl 2008-05-13 16:44 . 2007-07-30 19:19 43,352 --a------ C:\WINDOWS\system32\wups2.dll 2008-05-13 16:44 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui 2008-05-13 16:44 . 2007-07-30 19:18 33,624 --a------ C:\WINDOWS\system32\wups.dll 2008-05-13 16:44 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui 2008-05-13 16:44 . 2007-07-30 19:19 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui 2008-05-13 16:44 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui 2008-05-13 16:41 . 2008-05-13 16:41 69,120 --a------ C:\WINDOWS\system32\qgtsldb.exe 2008-05-13 16:41 . 2008-05-13 16:41 26,112 --a------ C:\WINDOWS\system32\hhskjhd.exe 2008-05-13 16:11 . 2008-05-13 16:15 29,652 --a------ C:\WINDOWS\system32\msmnger.exe 2008-05-13 16:10 . 2008-05-13 16:10 76,800 --a------ C:\WINDOWS\system32\haqne.exe 2008-05-13 16:10 . 2008-05-13 16:10 69,120 --a------ C:\WINDOWS\system32\tyqai.exe 2008-05-13 16:10 . 2008-05-13 16:10 57,344 --a------ C:\WINDOWS\system32\tuvUOIBq.dll 2008-05-13 16:10 . 2008-05-13 16:10 26,112 --a------ C:\WINDOWS\system32\svoykmry.exe 2008-05-13 16:10 . 2008-05-13 16:10 26,112 --a------ C:\WINDOWS\system32\fmtgd.exe 2008-05-13 16:10 . 2008-05-13 16:10 23,040 --a------ C:\WINDOWS\system32\vwiheev.exe 2008-05-13 16:10 . 2008-05-13 16:10 1,635 --a------ C:\WINDOWS\system32\kusnd.exe 2008-05-13 16:10 . 2008-05-13 16:10 1,635 --a------ C:\WINDOWS\system32\dwlmmub.exe . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-04-29 16:52 0 ----a-w C:\adware.exe 2008-04-21 22:00 5,848 ----a-w C:\WINDOWS\system32\djtftd.exe 2008-04-21 20:57 33,952 ----a-w C:\WINDOWS\system32\drivers\oreans32.sys 2008-04-21 20:44 --------- d-----w C:\Program Files\microsoft frontpage 2008-04-21 20:42 --------- d-----w C:\Program Files\Services en ligne . ------- Sigcheck ------- 2004-08-04 08:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\SoftwareDistribution\Download\70ccc3de7e94865059fbcf2f809c03b1\ip6fw.sys . ((((((((((((((((((((((((((((( snapshot@2008-05-15_18.32.40.96 ))))))))))))))))))))))))))))))))))))))))) . - 2008-05-15 15:54:57 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-05-16 03:24:00 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2001-07-14 15:32:24 69,632 ----a-w C:\WINDOWS\setup.pss\setupupd\temp\wsdueng.dll - 2008-05-15 15:41:02 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat + 2008-05-16 02:43:31 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat - 2008-05-15 15:41:02 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat + 2008-05-16 02:43:31 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat - 2008-05-15 15:41:02 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2008-05-16 02:43:31 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - 2008-04-21 22:02:58 39,992 ----a-w C:\WINDOWS\system32\perfc009.dat + 2008-05-16 02:09:17 39,992 ----a-w C:\WINDOWS\system32\perfc009.dat - 2008-04-21 22:02:58 48,616 ----a-w C:\WINDOWS\system32\perfc00C.dat + 2008-05-16 02:09:17 48,616 ----a-w C:\WINDOWS\system32\perfc00C.dat - 2008-04-21 22:02:58 311,604 ----a-w C:\WINDOWS\system32\perfh009.dat + 2008-05-16 02:09:17 311,604 ----a-w C:\WINDOWS\system32\perfh009.dat - 2008-04-21 22:02:58 367,658 ----a-w C:\WINDOWS\system32\perfh00C.dat + 2008-05-16 02:09:17 367,658 ----a-w C:\WINDOWS\system32\perfh00C.dat + 2008-05-16 03:24:08 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_530.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6C23AB0C-0244-4B01-8253-BEE724D0D2EC}] 2008-05-13 14:05 57344 --a------ C:\WINDOWS\system32\xxyywxur.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{dfaf3fed-f572-45ca-b212-b93f148a8f18}] 2008-05-16 04:58 133184 --a------ C:\WINDOWS\System32\oayhapkm.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F3AE67E7-AC8F-4A58-819E-194EA11FEBC5}] C:\WINDOWS\System32\vtsqqomm.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F3FA1313-68CA-46C0-A3B8-1B389132C2E3}] 2008-05-13 17:27 370176 --a------ C:\WINDOWS\System32\nnnnOfdE.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2001-08-28 14:00 13312] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2001-08-02 07:14 1077277] "Windows hes Layers"="tlvqmw.exe" [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Local Security Authority Service"="C:\WINDOWS\System32\lssas.exe" [2001-08-28 14:00 116736] "Client Server Runtime Process"="C:\WINDOWS\System32\csrs.exe" [ ] "NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648] "InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2003-01-15 19:29 1220608] "Windows Logon Application"="C:\WINDOWS\System32\winIogon.exe" [ ] "a88ae0d2"="C:\WINDOWS\System32\sqlrwefj.dll" [2008-05-16 05:01 116800] "BMabb9d34e"="C:\WINDOWS\System32\gmtvnmws.dll" [2008-05-16 04:55 126016] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2001-08-28 14:00 13312] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{6C23AB0C-0244-4B01-8253-BEE724D0D2EC}"= C:\WINDOWS\system32\xxyywxur.dll [2008-05-13 14:05 57344] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\fcyayvwu] fcyayvwu.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\xxyywxur] xxyywxur.dll 2008-05-13 14:05 57344 C:\WINDOWS\system32\xxyywxur.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ws2_32] @="Service" R0 BsStor;InCD Storage Helper Driver;C:\WINDOWS\System32\DRIVERS\bsstor.sys [2002-06-06 01:07] R1 aswSP;avast! Self Protection;C:\WINDOWS\System32\drivers\aswSP.sys [2008-05-12 18:36] R1 oreans32;oreans32;C:\WINDOWS\system32\drivers\oreans32.sys [2008-04-21 22:57] R2 BsUDF;InCD UDF Driver;C:\WINDOWS\System32\drivers\BsUDF.sys [2003-01-15 20:02] R3 Cap7134;MEDION (7134) WDM Video Capture;C:\WINDOWS\System32\DRIVERS\Cap7134.sys [2002-07-29 15:14] R3 PhTVTune;Philips WDM TVTuner;C:\WINDOWS\System32\DRIVERS\PhTVTune.sys [2002-10-23 14:48] S2 ws2_32;ws2_32;C:\WINDOWS\System32\ws2_32.exe [2008-05-05 17:04] S3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\System32\DRIVERS\BrScnUsb.sys [2004-10-15 05:50] . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-16 05:24:37 Windows 5.1.2600 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... C:\WINDOWS\system32\jfewrlqs.ini 294 bytes Scan termin‚ avec succŠs Les fichiers cach‚s: 1 ************************************************************************** . --------------------- DLLs a charg‚ sous des processus courants --------------------- PROCESS: C:\WINDOWS\system32\winlogon.exe -> C:\WINDOWS\system32\xxyywxur.dll PROCESS: C:\WINDOWS\explorer.exe -> C:\WINDOWS\System32\sqlrwefj.dll -> C:\WINDOWS\System32\gmtvnmws.dll . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\rundll32.exe . ************************************************************************** . Temps d'accomplissement: 2008-05-16 5:25:49 - machine was rebooted ComboFix-quarantined-files.txt 2008-05-16 03:25:42 Pre-Run: 28,386,279,424 octets libres Post-Run: 28,392,734,720 octets libres 249 j'ai fait des imprim' écran pour décrire mes soucis récurants y'a t'il moyen de vous les envoyer? merci d'avance
- le 16 mai 2008
- 51 réponses

Connexion

loukass

Compteur de contenus

Inscription

Dernière visite

Type de contenu

Profils

Forums

Blogs

Tout ce qui a été posté par loukass

grosse infection[résolu]

grosse infection[résolu]

grosse infection[résolu]

grosse infection[résolu]

grosse infection[résolu]

grosse infection[résolu]

grosse infection[résolu]

grosse infection[résolu]

Zebulon

Outils en ligne

Naviguer