ユーザー向け情報

閉じる

マイライブラリ
マイライブラリ

+ マイライブラリに追加

検索
検索

電話
テクニカルサポート利用方法

問い合わせ

新規お問い合わせ

電話(英語)

+7 (495) 789-45-86

フォーラム(英語)

お問い合わせ履歴

新規お問い合わせ

電話(英語)

+7 (495) 789-45-86

Profile

JP

RU CN DE EN ES FR IT JP KZ UZ PL BY
閉じる
サービス
スキャナー
Dr.Web vxCube
トライアル
ウイルスライブラリ
ナレッジベース

テクノロジー

用語

トレーニングコースおよび啓蒙プロジェクト

アンチウイルスに関する誤解と噂

ニュース

Trojan.AVKill.6682

Added to the Dr.Web virus database: 2011-06-12

Virus description added:

Technical Information

Malicious functions:
To complicate detection of its presence in the operating system,
blocks execution of the following system utilities:
  • Registry Editor (RegEdit)
Executes the following:
  • %WINDIR%\explorer.exe
  • <SYSTEM32>\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 1 /f
  • <SYSTEM32>\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 0 /f
Terminates or attempts to terminate
the following system processes:
  • %WINDIR%\Explorer.EXE
the following user processes:
  • bdagent.exe
  • zlclient.exe
  • AVP.EXE
  • outpost.exe
Modifies file system :
Creates the following files:
  • %ALLUSERSPROFILE%\Application Data\12321gdf5.jpeg
Deletes the following files:
  • <SYSTEM32>\ippromon.dll
  • <SYSTEM32>\iprop.dll
  • <SYSTEM32>\iprtprio.dll
  • <SYSTEM32>\iphlpapi.dll
  • <SYSTEM32>\ipmontr.dll
  • <SYSTEM32>\ipnathlp.dll
  • <SYSTEM32>\ipsecsvc.dll
  • <SYSTEM32>\ipsmsnap.dll
  • <SYSTEM32>\ipv6.exe
  • <SYSTEM32>\iprtrmgr.dll
  • <SYSTEM32>\ipsec6.exe
  • <SYSTEM32>\ipsecsnp.dll
  • <SYSTEM32>\ipconfig.exe
  • <SYSTEM32>\infocardcpl.cpl
  • <SYSTEM32>\infosoft.dll
  • <SYSTEM32>\initpki.dll
  • <SYSTEM32>\inetppui.dll
  • <SYSTEM32>\inetres.dll
  • <SYSTEM32>\infocardapi.dll
  • <SYSTEM32>\intl.cpl
  • <SYSTEM32>\iologmsg.dll
  • <SYSTEM32>\ipconf.tsp
  • <SYSTEM32>\input.dll
  • <SYSTEM32>\inseng.dll
  • <SYSTEM32>\instcat.sql
  • <SYSTEM32>\ipv6mon.dll
  • <SYSTEM32>\isign32.dll
  • <SYSTEM32>\isrdbg32.dll
  • <SYSTEM32>\itircl.dll
  • <SYSTEM32>\ir50_qcx.dll
  • <SYSTEM32>\irclass.dll
  • <SYSTEM32>\irprops.cpl
  • <SYSTEM32>\ixsso.dll
  • <SYSTEM32>\iyuv_32.dll
  • <SYSTEM32>\jet500.dll
  • <SYSTEM32>\itss.dll
  • <SYSTEM32>\iuengine.dll
  • <SYSTEM32>\ivfsrc.ax
  • <SYSTEM32>\ir50_qc.dll
  • <SYSTEM32>\ipxroute.exe
  • <SYSTEM32>\ipxrtmgr.dll
  • <SYSTEM32>\ipxsap.dll
  • <SYSTEM32>\ipxmontr.dll
  • <SYSTEM32>\ipxpromn.dll
  • <SYSTEM32>\ipxrip.dll
  • <SYSTEM32>\ir41_qc.dll
  • <SYSTEM32>\ir41_qcx.dll
  • <SYSTEM32>\ir50_32.dll
  • <SYSTEM32>\ipxwan.dll
  • <SYSTEM32>\ir32_32.dll
  • <SYSTEM32>\ir41_32.ax
  • <SYSTEM32>\icsxml\osinfo.xml
  • <SYSTEM32>\icsxml\potscfg.xml
  • <SYSTEM32>\icsxml\pppcfg.xml
  • <SYSTEM32>\icmui.dll
  • <SYSTEM32>\icsxml\cmnicfg.xml
  • <SYSTEM32>\icsxml\ipcfg.xml
  • <SYSTEM32>\idq.dll
  • <SYSTEM32>\ie4uinit.exe
  • <SYSTEM32>\ieakeng.dll
  • <SYSTEM32>\icwdial.dll
  • <SYSTEM32>\icwphbk.dll
  • <SYSTEM32>\ideograf.uce
  • <SYSTEM32>\icmp.dll
  • <SYSTEM32>\iassdo.dll
  • <SYSTEM32>\iassvcs.dll
  • <SYSTEM32>\icaapi.dll
  • <SYSTEM32>\iasrad.dll
  • <SYSTEM32>\iasrecst.dll
  • <SYSTEM32>\iassam.dll
  • <SYSTEM32>\iccvid.dll
  • <SYSTEM32>\icfgnt5.dll
  • <SYSTEM32>\icm32.dll
  • <SYSTEM32>\icardagt.exe
  • <SYSTEM32>\icardres.dll
  • <SYSTEM32>\icardres.dll.mui
  • <SYSTEM32>\ieaksie.dll
  • <SYSTEM32>\imeshare.dll
  • <SYSTEM32>\imgutil.dll
  • <SYSTEM32>\imm32.dll
  • <SYSTEM32>\imaadp32.acm
  • <SYSTEM32>\imagehlp.dll
  • <SYSTEM32>\imapi.exe
  • <SYSTEM32>\inetcplc.dll
  • <SYSTEM32>\inetmib1.dll
  • <SYSTEM32>\inetpp.dll
  • <SYSTEM32>\inetcfg.dll
  • <SYSTEM32>\inetcomm.dll
  • <SYSTEM32>\inetcpl.cpl
  • <SYSTEM32>\ils.dll
  • <SYSTEM32>\iepeers.dll
  • <SYSTEM32>\iernonce.dll
  • <SYSTEM32>\iesetup.dll
  • <SYSTEM32>\ieakui.dll
  • <SYSTEM32>\iedkcs32.dll
  • <SYSTEM32>\ieencode.dll
  • <SYSTEM32>\ifsutil.dll
  • <SYSTEM32>\igmpagnt.dll
  • <SYSTEM32>\iissuba.dll
  • <SYSTEM32>\ieuinit.inf
  • <SYSTEM32>\iexpress.exe
  • <SYSTEM32>\ifmon.dll
  • <SYSTEM32>\jgaw400.dll
  • <SYSTEM32>\kbdnec.dll
  • <SYSTEM32>\kbdno.dll
  • <SYSTEM32>\kbdno1.dll
  • <SYSTEM32>\kbdmlt48.dll
  • <SYSTEM32>\kbdmon.dll
  • <SYSTEM32>\kbdne.dll
  • <SYSTEM32>\kbdro.dll
  • <SYSTEM32>\kbdru.dll
  • <SYSTEM32>\kbdru1.dll
  • <SYSTEM32>\kbdpl.dll
  • <SYSTEM32>\kbdpl1.dll
  • <SYSTEM32>\kbdpo.dll
  • <SYSTEM32>\kbdmlt47.dll
  • <SYSTEM32>\kbdkaz.dll
  • <SYSTEM32>\kbdkyr.dll
  • <SYSTEM32>\kbdla.dll
  • <SYSTEM32>\kbdir.dll
  • <SYSTEM32>\kbdit.dll
  • <SYSTEM32>\kbdit142.dll
  • <SYSTEM32>\kbdlv1.dll
  • <SYSTEM32>\kbdmac.dll
  • <SYSTEM32>\kbdmaori.dll
  • <SYSTEM32>\kbdlt.dll
  • <SYSTEM32>\kbdlt1.dll
  • <SYSTEM32>\kbdlv.dll
  • <SYSTEM32>\kbdsf.dll
  • <SYSTEM32>\kbdusx.dll
  • <SYSTEM32>\kbduzb.dll
  • <SYSTEM32>\kbdycc.dll
  • <SYSTEM32>\kbdus.dll
  • <SYSTEM32>\kbdusl.dll
  • <SYSTEM32>\kbdusr.dll
  • <SYSTEM32>\kerberos.dll
  • <SYSTEM32>\kernel32.dll
  • <SYSTEM32>\key01.sys
  • <SYSTEM32>\kbdycl.dll
  • <SYSTEM32>\kd1394.dll
  • <SYSTEM32>\kdcom.dll
  • <SYSTEM32>\kbdur.dll
  • <SYSTEM32>\kbdsmsfi.dll
  • <SYSTEM32>\kbdsmsno.dll
  • <SYSTEM32>\kbdsp.dll
  • <SYSTEM32>\kbdsg.dll
  • <SYSTEM32>\kbdsl.dll
  • <SYSTEM32>\kbdsl1.dll
  • <SYSTEM32>\kbdtuq.dll
  • <SYSTEM32>\kbduk.dll
  • <SYSTEM32>\kbdukx.dll
  • <SYSTEM32>\kbdsw.dll
  • <SYSTEM32>\kbdtat.dll
  • <SYSTEM32>\kbdtuf.dll
  • <SYSTEM32>\kbdbene.dll
  • <SYSTEM32>\kbdblr.dll
  • <SYSTEM32>\kbdbr.dll
  • <SYSTEM32>\kbdaze.dll
  • <SYSTEM32>\kbdazel.dll
  • <SYSTEM32>\kbdbe.dll
  • <SYSTEM32>\kbdcr.dll
  • <SYSTEM32>\kbdcz.dll
  • <SYSTEM32>\kbdcz1.dll
  • <SYSTEM32>\kbdbu.dll
  • <SYSTEM32>\kbdca.dll
  • <SYSTEM32>\kbdcan.dll
  • <SYSTEM32>\KBDAL.DLL
  • <SYSTEM32>\jgsd400.dll
  • <SYSTEM32>\jgsh400.dll
  • <SYSTEM32>\jobexec.dll
  • <SYSTEM32>\jgdw400.dll
  • <SYSTEM32>\jgmd400.dll
  • <SYSTEM32>\jgpl400.dll
  • <SYSTEM32>\kanji_1.uce
  • <SYSTEM32>\kanji_2.uce
  • <SYSTEM32>\kb16.com
  • <SYSTEM32>\joy.cpl
  • <SYSTEM32>\jscript.dll
  • <SYSTEM32>\jsproxy.dll
  • <SYSTEM32>\kbdcz2.dll
  • <SYSTEM32>\kbdhela2.dll
  • <SYSTEM32>\kbdhela3.dll
  • <SYSTEM32>\kbdhept.dll
  • <SYSTEM32>\kbdhe.dll
  • <SYSTEM32>\kbdhe220.dll
  • <SYSTEM32>\kbdhe319.dll
  • <SYSTEM32>\kbdinbe1.dll
  • <SYSTEM32>\kbdinben.dll
  • <SYSTEM32>\kbdinmal.dll
  • <SYSTEM32>\kbdhu.dll
  • <SYSTEM32>\kbdhu1.dll
  • <SYSTEM32>\kbdic.dll
  • <SYSTEM32>\kbdgr1.dll
  • <SYSTEM32>\kbdest.dll
  • <SYSTEM32>\kbdfc.dll
  • <SYSTEM32>\kbdfi.dll
  • <SYSTEM32>\kbdda.dll
  • <SYSTEM32>\kbddv.dll
  • <SYSTEM32>\kbdes.dll
  • <SYSTEM32>\kbdgae.dll
  • <SYSTEM32>\kbdgkl.dll
  • <SYSTEM32>\kbdgr.dll
  • <SYSTEM32>\kbdfi1.dll
  • <SYSTEM32>\kbdfo.dll
  • <SYSTEM32>\kbdfr.dll
  • <SYSTEM32>\duser.dll
  • <SYSTEM32>\dvdplay.exe
  • <SYSTEM32>\dvdupgrd.exe
  • <SYSTEM32>\dsuiext.dll
  • <SYSTEM32>\dswave.dll
  • <SYSTEM32>\dumprep.exe
  • <SYSTEM32>\dxdiag.exe
  • <SYSTEM32>\dxdiagn.dll
  • <SYSTEM32>\dxmasf.dll
  • <SYSTEM32>\dwwin.exe
  • <SYSTEM32>\dx7vb.dll
  • <SYSTEM32>\dx8vb.dll
  • <SYSTEM32>\dssenh.dll
  • <SYSTEM32>\dskquoui.dll
  • <SYSTEM32>\dsound.dll
  • <SYSTEM32>\dsound.vxd
  • <SYSTEM32>\dsdmo.dll
  • <SYSTEM32>\dsdmoprp.dll
  • <SYSTEM32>\dskquota.dll
  • <SYSTEM32>\dsquery.dll
  • <SYSTEM32>\dssec.dat
  • <SYSTEM32>\dssec.dll
  • <SYSTEM32>\dsound3d.dll
  • <SYSTEM32>\dsprop.dll
  • <SYSTEM32>\dsprpres.dll
  • <SYSTEM32>\dxtmsft.dll
  • <SYSTEM32>\esent97.dll
  • <SYSTEM32>\esentprf.dll
  • <SYSTEM32>\esentprf.hxx
  • <SYSTEM32>\EqnClass.Dll
  • <SYSTEM32>\ersvc.dll
  • <SYSTEM32>\esent.dll
  • <SYSTEM32>\eula.txt
  • <SYSTEM32>\eventcls.dll
  • <SYSTEM32>\eventcreate.exe
  • <SYSTEM32>\esentprf.ini
  • <SYSTEM32>\esentutl.exe
  • <SYSTEM32>\eudcedit.exe
  • <SYSTEM32>\encdec.dll
  • <SYSTEM32>\edit.hlp
  • <SYSTEM32>\edlin.exe
  • <SYSTEM32>\efsadu.dll
  • <SYSTEM32>\dxtrans.dll
  • <SYSTEM32>\dxva2.dll
  • <SYSTEM32>\edit.com
  • <SYSTEM32>\en-US\PresentationHost.exe.mui
  • <SYSTEM32>\en-US\UIAutomationCore.dll.mui
  • <SYSTEM32>\encapi.dll
  • <SYSTEM32>\els.dll
  • <SYSTEM32>\emptyregdb.dat
  • <SYSTEM32>\en-US\dfshim.dll.mui
  • <DRIVERS>\srv.sys
  • <DRIVERS>\stream.sys
  • <DRIVERS>\swenum.sys
  • <DRIVERS>\smclib.sys
  • <DRIVERS>\sonydcam.sys
  • <DRIVERS>\sr.sys
  • <DRIVERS>\tdi.sys
  • <DRIVERS>\tdpipe.sys
  • <DRIVERS>\tdtcp.sys
  • <DRIVERS>\tape.sys
  • <DRIVERS>\tcpip.sys
  • <DRIVERS>\tcpip6.sys
  • <DRIVERS>\sfloppy.sys
  • <DRIVERS>\rndismp.sys
  • <DRIVERS>\rootmdm.sys
  • <DRIVERS>\scsiport.sys
  • <DRIVERS>\rio8drv.sys
  • <DRIVERS>\riodrv.sys
  • <DRIVERS>\RMCast.sys
  • <DRIVERS>\serial.sys
  • <DRIVERS>\sffdisk.sys
  • <DRIVERS>\sffp_sd.sys
  • <DRIVERS>\sdbus.sys
  • <DRIVERS>\secdrv.sys
  • <DRIVERS>\serenum.sys
  • <DRIVERS>\termdd.sys
  • <SYSTEM32>\drmclien.dll
  • <SYSTEM32>\drmstor.dll
  • <SYSTEM32>\drmv2clt.dll
  • <DRIVERS>\wanarp.sys
  • <DRIVERS>\wmilib.sys
  • <DRIVERS>\ws2ifsl.sys
  • <SYSTEM32>\ds16gt.dLL
  • <SYSTEM32>\ds32gt.dll
  • <SYSTEM32>\dsauth.dll
  • <SYSTEM32>\drprov.dll
  • <SYSTEM32>\drwatson.exe
  • <SYSTEM32>\drwtsn32.exe
  • <DRIVERS>\volsnap.sys
  • <DRIVERS>\udfs.sys
  • <DRIVERS>\update.sys
  • <DRIVERS>\usb8023.sys
  • <DRIVERS>\tosdvd.sys
  • <DRIVERS>\tsbvcap.sys
  • <DRIVERS>\tunmp.sys
  • <DRIVERS>\vdmindvd.sys
  • <DRIVERS>\vga.sys
  • <DRIVERS>\videoprt.sys
  • <DRIVERS>\usbcamd.sys
  • <DRIVERS>\usbcamd2.sys
  • <DRIVERS>\usbintel.sys
  • <SYSTEM32>\eventlog.dll
  • <SYSTEM32>\GroupPolicy\Adm\wuau.adm
  • <SYSTEM32>\GroupPolicy\gpt.ini
  • <SYSTEM32>\GroupPolicy\User\Registry.pol
  • <SYSTEM32>\GroupPolicy\Adm\inetres.adm
  • <SYSTEM32>\GroupPolicy\Adm\system.adm
  • <SYSTEM32>\GroupPolicy\Adm\wmplayer.adm
  • <SYSTEM32>\h323msp.dll
  • <SYSTEM32>\hal.dll
  • <SYSTEM32>\hdwwiz.cpl
  • <SYSTEM32>\grpconv.exe
  • <SYSTEM32>\h323.tsp
  • <SYSTEM32>\h323log.txt
  • <SYSTEM32>\GroupPolicy\Adm\conf.adm
  • <SYSTEM32>\gpkcsp.dll
  • <SYSTEM32>\gpkrsrc.dll
  • <SYSTEM32>\gpresult.exe
  • <SYSTEM32>\glu32.dll
  • <SYSTEM32>\gpedit.dll
  • <SYSTEM32>\gpedit.msc
  • <SYSTEM32>\graphics.com
  • <SYSTEM32>\graphics.pro
  • <SYSTEM32>\GroupPolicy\Adm\admfiles.ini
  • <SYSTEM32>\gptext.dll
  • <SYSTEM32>\gpupdate.exe
  • <SYSTEM32>\graftabl.com
  • <SYSTEM32>\help.exe
  • <SYSTEM32>\hypertrm.dll
  • <SYSTEM32>\iac25_32.ax
  • <SYSTEM32>\ias\dnary.mdb
  • <SYSTEM32>\html.iec
  • <SYSTEM32>\httpapi.dll
  • <SYSTEM32>\htui.dll
  • <SYSTEM32>\iashlpr.dll
  • <SYSTEM32>\iasnap.dll
  • <SYSTEM32>\iaspolcy.dll
  • <SYSTEM32>\ias\ias.mdb
  • <SYSTEM32>\iasacct.dll
  • <SYSTEM32>\iasads.dll
  • <SYSTEM32>\hticons.dll
  • <SYSTEM32>\hidphone.tsp
  • <SYSTEM32>\himem.sys
  • <SYSTEM32>\hlink.dll
  • <SYSTEM32>\hhctrl.ocx
  • <SYSTEM32>\hhsetup.dll
  • <SYSTEM32>\hid.dll
  • <SYSTEM32>\homepage.inf
  • <SYSTEM32>\hostname.exe
  • <SYSTEM32>\hotplug.dll
  • <SYSTEM32>\hnetcfg.dll
  • <SYSTEM32>\hnetmon.dll
  • <SYSTEM32>\hnetwiz.dll
  • <SYSTEM32>\feclient.dll
  • <SYSTEM32>\filemgmt.dll
  • <SYSTEM32>\find.exe
  • <SYSTEM32>\fc.exe
  • <SYSTEM32>\fde.dll
  • <SYSTEM32>\fdeploy.dll
  • <SYSTEM32>\fixmapi.exe
  • <SYSTEM32>\fldrclnr.dll
  • <SYSTEM32>\fltlib.dll
  • <SYSTEM32>\findstr.exe
  • <SYSTEM32>\finger.exe
  • <SYSTEM32>\firewall.cpl
  • <SYSTEM32>\faultrep.dll
  • <SYSTEM32>\eventvwr.msc
  • <SYSTEM32>\evr.dll
  • <SYSTEM32>\exe2bin.exe
  • <SYSTEM32>\eventquery.vbs
  • <SYSTEM32>\eventtriggers.exe
  • <SYSTEM32>\eventvwr.exe
  • <SYSTEM32>\extrac32.exe
  • <SYSTEM32>\exts.dll
  • <SYSTEM32>\fastopen.exe
  • <SYSTEM32>\expand.exe
  • <SYSTEM32>\expsrv.dll
  • <SYSTEM32>\extmgr.dll
  • <SYSTEM32>\fltMc.exe
  • <SYSTEM32>\g711codc.ax
  • <SYSTEM32>\gb2312.uce
  • <SYSTEM32>\gcdef.dll
  • <SYSTEM32>\ftp.exe
  • <SYSTEM32>\ftsrch.dll
  • <SYSTEM32>\fwcfg.dll
  • <SYSTEM32>\getmac.exe
  • <SYSTEM32>\getuname.dll
  • <SYSTEM32>\glmf32.dll
  • <SYSTEM32>\gdi.exe
  • <SYSTEM32>\gdi32.dll
  • <SYSTEM32>\geo.nls
  • <SYSTEM32>\fsutil.exe
  • <SYSTEM32>\fontsub.dll
  • <SYSTEM32>\fontview.exe
  • <SYSTEM32>\forcedos.exe
  • <SYSTEM32>\fmifs.dll
  • <SYSTEM32>\FNTCACHE.DAT
  • <SYSTEM32>\fontext.dll
  • <SYSTEM32>\fsmgmt.msc
  • <SYSTEM32>\fsquirt.exe
  • <SYSTEM32>\fsusd.dll
  • <SYSTEM32>\format.com
  • <SYSTEM32>\framebuf.dll
  • <SYSTEM32>\freecell.exe
  • <SYSTEM32>\msrle32.dll
  • <SYSTEM32>\mssap.dll
  • <SYSTEM32>\msscds32.ax
  • <SYSTEM32>\msrd3x40.dll
  • <SYSTEM32>\msrecr40.dll
  • <SYSTEM32>\msrepl40.dll
  • <SYSTEM32>\mssip32.dll
  • <SYSTEM32>\msswch.dll
  • <SYSTEM32>\msswchx.exe
  • <SYSTEM32>\msscp.dll
  • <SYSTEM32>\msscript.ocx
  • <SYSTEM32>\mssign32.dll
  • <SYSTEM32>\msrd2x40.dll
  • <SYSTEM32>\mspmsnsv.dll
  • <SYSTEM32>\mspmsp.dll
  • <SYSTEM32>\msports.dll
  • <SYSTEM32>\mspaint.exe
  • <SYSTEM32>\mspatcha.dll
  • <SYSTEM32>\mspbde40.dll
  • <SYSTEM32>\msratelc.dll
  • <SYSTEM32>\msrating.dll
  • <SYSTEM32>\msrclr40.dll
  • <SYSTEM32>\msprivs.dll
  • <SYSTEM32>\msr2c.dll
  • <SYSTEM32>\msr2cenu.dll
  • <SYSTEM32>\mstask.dll
  • <SYSTEM32>\msvcr71.dll
  • <SYSTEM32>\msvcrt.dll
  • <SYSTEM32>\msvcrt20.dll
  • <SYSTEM32>\msvcp60.dll
  • <SYSTEM32>\msvcr100.dll
  • <SYSTEM32>\msvcr100_clr0400.dll
  • <SYSTEM32>\msvidctl.dll
  • <SYSTEM32>\msvideo.dll
  • <SYSTEM32>\msw3prt.dll
  • <SYSTEM32>\msvcrt40.dll
  • <SYSTEM32>\msvfw32.dll
  • <SYSTEM32>\msvidc32.dll
  • <SYSTEM32>\msvcp50.dll
  • <SYSTEM32>\mstlsapi.dll
  • <SYSTEM32>\mstsc.exe
  • <SYSTEM32>\mstscax.dll
  • <SYSTEM32>\mstext40.dll
  • <SYSTEM32>\mstime.dll
  • <SYSTEM32>\mstinit.exe
  • <SYSTEM32>\msvbvm60.dll
  • <SYSTEM32>\msvcirt.dll
  • <SYSTEM32>\msvcp100.dll
  • <SYSTEM32>\msutb.dll
  • <SYSTEM32>\msv1_0.dll
  • <SYSTEM32>\msvbvm50.dll
  • <SYSTEM32>\msgsvc.dll
  • <SYSTEM32>\msh261.drv
  • <SYSTEM32>\msh263.drv
  • <SYSTEM32>\msg723.acm
  • <SYSTEM32>\msgina.dll
  • <SYSTEM32>\msgsm32.acm
  • <SYSTEM32>\mshtml.tlb
  • <SYSTEM32>\mshtmled.dll
  • <SYSTEM32>\mshtmler.dll
  • <SYSTEM32>\mshearts.exe
  • <SYSTEM32>\mshta.exe
  • <SYSTEM32>\mshtml.dll
  • <SYSTEM32>\msg711.acm
  • <SYSTEM32>\msdtctm.dll
  • <SYSTEM32>\msdtcuiu.dll
  • <SYSTEM32>\msdxm.ocx
  • <SYSTEM32>\msdtcprf.h
  • <SYSTEM32>\msdtcprf.ini
  • <SYSTEM32>\msdtcprx.dll
  • <SYSTEM32>\msexcl40.dll
  • <SYSTEM32>\msftedit.dll
  • <SYSTEM32>\msg.exe
  • <SYSTEM32>\msdxmlc.dll
  • <SYSTEM32>\msencode.dll
  • <SYSTEM32>\msexch40.dll
  • <SYSTEM32>\msi.dll
  • <SYSTEM32>\msls31.dll
  • <SYSTEM32>\msltus40.dll
  • <SYSTEM32>\msnetobj.dll
  • <SYSTEM32>\msjter40.dll
  • <SYSTEM32>\msjtes40.dll
  • <SYSTEM32>\mslbui.dll
  • <SYSTEM32>\msoert2.dll
  • <SYSTEM32>\msorc32r.dll
  • <SYSTEM32>\msorcl32.dll
  • <SYSTEM32>\msnsspc.dll
  • <SYSTEM32>\msobjs.dll
  • <SYSTEM32>\msoeacct.dll
  • <SYSTEM32>\msjint40.dll
  • <SYSTEM32>\msieftp.dll
  • <SYSTEM32>\msiexec.exe
  • <SYSTEM32>\msihnd.dll
  • <SYSTEM32>\msident.dll
  • <SYSTEM32>\msidle.dll
  • <SYSTEM32>\msidntld.dll
  • <SYSTEM32>\msisip.dll
  • <SYSTEM32>\msjet40.dll
  • <SYSTEM32>\msjetoledb40.dll
  • <SYSTEM32>\msimg32.dll
  • <SYSTEM32>\msimsg.dll
  • <SYSTEM32>\MSIMTF.dll
  • <SYSTEM32>\mswdat10.dll
  • <SYSTEM32>\mui\0414\xpsp2res.dll
  • <SYSTEM32>\mui\0415\xpob2res.dll
  • <SYSTEM32>\mui\0415\xpsp1res.dll
  • <SYSTEM32>\mui\0413\xpsp2res.dll
  • <SYSTEM32>\mui\0414\xpob2res.dll
  • <SYSTEM32>\mui\0414\xpsp1res.dll
  • <SYSTEM32>\mui\0416\xpsp2res.dll
  • <SYSTEM32>\mui\0418\xpsp1res.dll
  • <SYSTEM32>\mui\0419\xpob2res.dll
  • <SYSTEM32>\mui\0415\xpsp2res.dll
  • <SYSTEM32>\mui\0416\xpob2res.dll
  • <SYSTEM32>\mui\0416\xpsp1res.dll
  • <SYSTEM32>\mui\0413\xpsp1res.dll
  • <SYSTEM32>\mui\0410\xpsp1res.dll
  • <SYSTEM32>\mui\0410\xpsp2res.dll
  • <SYSTEM32>\mui\0411\xpob2res.dll
  • <SYSTEM32>\mui\040e\xpsp1res.dll
  • <SYSTEM32>\mui\040e\xpsp2res.dll
  • <SYSTEM32>\mui\0410\xpob2res.dll
  • <SYSTEM32>\mui\0412\xpsp1res.dll
  • <SYSTEM32>\mui\0412\xpsp2res.dll
  • <SYSTEM32>\mui\0413\xpob2res.dll
  • <SYSTEM32>\mui\0411\xpsp1res.dll
  • <SYSTEM32>\mui\0411\xpsp2res.dll
  • <SYSTEM32>\mui\0412\xpob2res.dll
  • <SYSTEM32>\mui\0419\xpsp1res.dll
  • <SYSTEM32>\mui\0426\xpsp1res.dll
  • <SYSTEM32>\mui\0427\xpsp1res.dll
  • <SYSTEM32>\mui\0804\xpob2res.dll
  • <SYSTEM32>\mui\0424\xpsp1res.dll
  • <SYSTEM32>\mui\0424\xpsp2res.dll
  • <SYSTEM32>\mui\0425\xpsp1res.dll
  • <SYSTEM32>\mui\0816\xpsp1res.dll
  • <SYSTEM32>\mui\0816\xpsp2res.dll
  • <SYSTEM32>\mui\0C0A\xpob2res.dll
  • <SYSTEM32>\mui\0804\xpsp1res.dll
  • <SYSTEM32>\mui\0804\xpsp2res.dll
  • <SYSTEM32>\mui\0816\xpob2res.dll
  • <SYSTEM32>\mui\0424\xpob2res.dll
  • <SYSTEM32>\mui\041b\xpsp1res.dll
  • <SYSTEM32>\mui\041b\xpsp2res.dll
  • <SYSTEM32>\mui\041D\xpob2res.dll
  • <SYSTEM32>\mui\0419\xpsp2res.dll
  • <SYSTEM32>\mui\041a\xpsp1res.dll
  • <SYSTEM32>\mui\041b\xpob2res.dll
  • <SYSTEM32>\mui\041f\xpob2res.dll
  • <SYSTEM32>\mui\041f\xpsp1res.dll
  • <SYSTEM32>\mui\041f\xpsp2res.dll
  • <SYSTEM32>\mui\041D\xpsp1res.dll
  • <SYSTEM32>\mui\041D\xpsp2res.dll
  • <SYSTEM32>\mui\041e\xpsp1res.dll
  • <SYSTEM32>\mtxex.dll
  • <SYSTEM32>\mtxlegih.dll
  • <SYSTEM32>\mtxoci.dll
  • <SYSTEM32>\msyuv.dll
  • <SYSTEM32>\mtxclu.dll
  • <SYSTEM32>\mtxdm.dll
  • <SYSTEM32>\mui\0401\xpsp2res.dll
  • <SYSTEM32>\mui\0402\xpsp1res.dll
  • <SYSTEM32>\mui\0404\xpob2res.dll
  • <SYSTEM32>\mui\0009\hhctrlui.dll
  • <SYSTEM32>\mui\0401\xpob2res.dll
  • <SYSTEM32>\mui\0401\xpsp1res.dll
  • <SYSTEM32>\msxmlr.dll
  • <SYSTEM32>\mswstr10.dll
  • <SYSTEM32>\msxbde40.dll
  • <SYSTEM32>\msxml.dll
  • <SYSTEM32>\mswebdvd.dll
  • <SYSTEM32>\mswmdm.dll
  • <SYSTEM32>\mswsock.dll
  • <SYSTEM32>\msxml3r.dll
  • <SYSTEM32>\msxml6.dll
  • <SYSTEM32>\msxml6r.dll
  • <SYSTEM32>\msxml2.dll
  • <SYSTEM32>\msxml2r.dll
  • <SYSTEM32>\msxml3.dll
  • <SYSTEM32>\mui\0404\xpsp1res.dll
  • <SYSTEM32>\mui\040b\xpsp1res.dll
  • <SYSTEM32>\mui\040b\xpsp2res.dll
  • <SYSTEM32>\mui\040C\xpob2res.dll
  • <SYSTEM32>\mui\0409\icardres.dll.mui
  • <SYSTEM32>\mui\0409\mscorees.dll
  • <SYSTEM32>\mui\040b\xpob2res.dll
  • <SYSTEM32>\mui\040D\xpsp1res.dll
  • <SYSTEM32>\mui\040D\xpsp2res.dll
  • <SYSTEM32>\mui\040e\xpob2res.dll
  • <SYSTEM32>\mui\040C\xpsp1res.dll
  • <SYSTEM32>\mui\040C\xpsp2res.dll
  • <SYSTEM32>\mui\040D\xpob2res.dll
  • <SYSTEM32>\mui\0408\xpsp2res.dll
  • <SYSTEM32>\mui\0405\xpsp2res.dll
  • <SYSTEM32>\mui\0406\xpob2res.dll
  • <SYSTEM32>\mui\0406\xpsp1res.dll
  • <SYSTEM32>\mui\0404\xpsp2res.dll
  • <SYSTEM32>\mui\0405\xpob2res.dll
  • <SYSTEM32>\mui\0405\xpsp1res.dll
  • <SYSTEM32>\mui\0407\xpsp2res.dll
  • <SYSTEM32>\mui\0408\xpob2res.dll
  • <SYSTEM32>\mui\0408\xpsp1res.dll
  • <SYSTEM32>\mui\0406\xpsp2res.dll
  • <SYSTEM32>\mui\0407\xpob2res.dll
  • <SYSTEM32>\mui\0407\xpsp1res.dll
  • <SYSTEM32>\mciwave.dll
  • <SYSTEM32>\mciwave.drv
  • <SYSTEM32>\mdhcp.dll
  • <SYSTEM32>\mciqtz32.dll
  • <SYSTEM32>\mciseq.dll
  • <SYSTEM32>\mciseq.drv
  • <SYSTEM32>\mf3216.dll
  • <SYSTEM32>\mfc100.dll
  • <SYSTEM32>\mfc100chs.dll
  • <SYSTEM32>\mdminst.dll
  • <SYSTEM32>\mdwmdmsp.dll
  • <SYSTEM32>\mem.exe
  • <SYSTEM32>\mciole32.dll
  • <SYSTEM32>\mapistub.dll
  • <SYSTEM32>\mcastmib.dll
  • <SYSTEM32>\mcd32.dll
  • <SYSTEM32>\main.cpl
  • <SYSTEM32>\makecab.exe
  • <SYSTEM32>\mapi32.dll
  • <SYSTEM32>\mciavi32.dll
  • <SYSTEM32>\mcicda.dll
  • <SYSTEM32>\mciole16.dll
  • <SYSTEM32>\mcdsrv32.dll
  • <SYSTEM32>\mchgrcoi.dll
  • <SYSTEM32>\mciavi.drv
  • <SYSTEM32>\mfc100cht.dll
  • <SYSTEM32>\mgmtapi.dll
  • <SYSTEM32>\mib.bin
  • <SYSTEM32>\Microsoft\Protect\S-1-5-18\User\1770a895-ce54-4a22-b7b5-a97ff8f00992
  • <SYSTEM32>\mfcm100.dll
  • <SYSTEM32>\mfcm100u.dll
  • <SYSTEM32>\mfcsubs.dll
  • <SYSTEM32>\Microsoft\Protect\S-1-5-18\User\87414c4f-96f1-41e1-8379-32456d5fb55a
  • <SYSTEM32>\Microsoft\Protect\S-1-5-18\User\97ea5d46-ace7-49ae-84f0-61ed78e255db
  • <SYSTEM32>\Microsoft\Protect\S-1-5-18\User\Preferred
  • <SYSTEM32>\Microsoft\Protect\S-1-5-18\User\5040c04b-87c8-4653-ad75-c3bc4370444a
  • <SYSTEM32>\Microsoft\Protect\S-1-5-18\User\67cdced6-3096-4e7b-b880-ac1fbf9507d9
  • <SYSTEM32>\Microsoft\Protect\S-1-5-18\User\683c3f7e-417b-44b7-a5e0-8a5797ca437e
  • <SYSTEM32>\mfc42u.dll
  • <SYSTEM32>\mfc100fra.dll
  • <SYSTEM32>\mfc100ita.dll
  • <SYSTEM32>\mfc100jpn.dll
  • <SYSTEM32>\mfc100deu.dll
  • <SYSTEM32>\mfc100enu.dll
  • <SYSTEM32>\mfc100esn.dll
  • <SYSTEM32>\mfc40.dll
  • <SYSTEM32>\mfc40u.dll
  • <SYSTEM32>\mfc42.dll
  • <SYSTEM32>\mfc100kor.dll
  • <SYSTEM32>\mfc100rus.dll
  • <SYSTEM32>\mfc100u.dll
  • <SYSTEM32>\linkinfo.dll
  • <SYSTEM32>\lmhsvc.dll
  • <SYSTEM32>\lmrt.dll
  • <SYSTEM32>\licmgr10.dll
  • <SYSTEM32>\licwmi.dll
  • <SYSTEM32>\lights.exe
  • <SYSTEM32>\locale.nls
  • <SYSTEM32>\localsec.dll
  • <SYSTEM32>\localspl.dll
  • <SYSTEM32>\lnkstub.exe
  • <SYSTEM32>\loadfix.com
  • <SYSTEM32>\loadperf.dll
  • <SYSTEM32>\licdll.dll
  • <SYSTEM32>\kmddsp.tsp
  • <SYSTEM32>\korean.uce
  • <SYSTEM32>\krnl386.exe
  • <SYSTEM32>\keyboard.drv
  • <SYSTEM32>\keyboard.sys
  • <SYSTEM32>\keymgr.dll
  • <SYSTEM32>\langwrbk.dll
  • <SYSTEM32>\lanman.drv
  • <SYSTEM32>\laprxy.dll
  • <SYSTEM32>\l3codeca.acm
  • <SYSTEM32>\l3codecx.ax
  • <SYSTEM32>\label.exe
  • <SYSTEM32>\localui.dll
  • <SYSTEM32>\lsass.exe
  • <SYSTEM32>\lusrmgr.msc
  • <SYSTEM32>\lz32.dll
  • <SYSTEM32>\lprhelp.dll
  • <SYSTEM32>\lprmonui.dll
  • <SYSTEM32>\lsasrv.dll
  • <SYSTEM32>\Macromed\Flash\flash.ocx
  • <SYSTEM32>\magnify.exe
  • <SYSTEM32>\mag_hook.dll
  • <SYSTEM32>\lzexpand.dll
  • <SYSTEM32>\l_except.nls
  • <SYSTEM32>\l_intl.nls
  • <SYSTEM32>\lpr.exe
  • <SYSTEM32>\loghours.dll
  • <SYSTEM32>\login.cmd
  • <SYSTEM32>\logman.exe
  • <SYSTEM32>\locator.exe
  • <SYSTEM32>\lodctr.exe
  • <SYSTEM32>\logagent.exe
  • <SYSTEM32>\logonui.exe.manifest
  • <SYSTEM32>\lpk.dll
  • <SYSTEM32>\lpq.exe
  • <SYSTEM32>\logoff.exe
  • <SYSTEM32>\logon.scr
  • <SYSTEM32>\logonui.exe
  • <SYSTEM32>\midimap.dll
  • <SYSTEM32>\mqutil.dll
  • <SYSTEM32>\mrinfo.exe
  • <SYSTEM32>\msaatext.dll
  • <SYSTEM32>\mqtgsvc.exe
  • <SYSTEM32>\mqtrig.dll
  • <SYSTEM32>\mqupgrd.dll
  • <SYSTEM32>\msadds32.ax
  • <SYSTEM32>\msadp32.acm
  • <SYSTEM32>\msafd.dll
  • <SYSTEM32>\msacm.dll
  • <SYSTEM32>\msacm32.dll
  • <SYSTEM32>\msacm32.drv
  • <SYSTEM32>\mqsvc.exe
  • <SYSTEM32>\mqoa20.tlb
  • <SYSTEM32>\mqperf.dll
  • <SYSTEM32>\mqperf.ini
  • <SYSTEM32>\mqoa.dll
  • <SYSTEM32>\mqoa.tlb
  • <SYSTEM32>\mqoa10.tlb
  • <SYSTEM32>\mqrtdep.dll
  • <SYSTEM32>\mqsec.dll
  • <SYSTEM32>\mqsnap.dll
  • <SYSTEM32>\mqprfsym.h
  • <SYSTEM32>\mqqm.dll
  • <SYSTEM32>\mqrt.dll
  • <SYSTEM32>\msapsspc.dll
  • <SYSTEM32>\msdart.dll
  • <SYSTEM32>\msdatsrc.tlb
  • <SYSTEM32>\msdmo.dll
  • <SYSTEM32>\MSCTFIME.IME
  • <SYSTEM32>\MSCTFP.dll
  • <SYSTEM32>\msdadiag.dll
  • <SYSTEM32>\MsDtc\Trace\msdtcvtr.bat
  • <SYSTEM32>\msdtc.exe
  • <SYSTEM32>\msdtclog.dll
  • <SYSTEM32>\MsDtc\MSDTC.LOG
  • <SYSTEM32>\MsDtc\Trace\dtctrace.log
  • <SYSTEM32>\MsDtc\Trace\msdtctr.mof
  • <SYSTEM32>\MSCTF.dll
  • <SYSTEM32>\mscat32.dll
  • <SYSTEM32>\mscdexnt.exe
  • <SYSTEM32>\mscms.dll
  • <SYSTEM32>\msasn1.dll
  • <SYSTEM32>\msaud32.acm
  • <SYSTEM32>\msaudite.dll
  • <SYSTEM32>\mscories.dll
  • <SYSTEM32>\mscpx32r.dLL
  • <SYSTEM32>\mscpxl32.dLL
  • <SYSTEM32>\msconf.dll
  • <SYSTEM32>\mscoree.dll
  • <SYSTEM32>\mscorier.dll
  • <SYSTEM32>\mmsystem.dll
  • <SYSTEM32>\mmtask.tsk
  • <SYSTEM32>\mmutilse.dll
  • <SYSTEM32>\mmdrv.dll
  • <SYSTEM32>\mmfutil.dll
  • <SYSTEM32>\mmsys.cpl
  • <SYSTEM32>\mobsync.exe
  • <SYSTEM32>\mode.com
  • <SYSTEM32>\modemui.dll
  • <SYSTEM32>\mnmdd.dll
  • <SYSTEM32>\mnmsrvc.exe
  • <SYSTEM32>\mobsync.dll
  • <SYSTEM32>\mmdriver.inf
  • <SYSTEM32>\mlang.dat
  • <SYSTEM32>\mlang.dll
  • <SYSTEM32>\mll_hp.dll
  • <SYSTEM32>\miglibnt.dll
  • <SYSTEM32>\migpwd.exe
  • <SYSTEM32>\mimefilt.dll
  • <SYSTEM32>\mmcbase.dll
  • <SYSTEM32>\mmcndmgr.dll
  • <SYSTEM32>\mmcshext.dll
  • <SYSTEM32>\mll_mtf.dll
  • <SYSTEM32>\mll_qic.dll
  • <SYSTEM32>\mmc.exe
  • <SYSTEM32>\modex.dll
  • <SYSTEM32>\mprmsg.dll
  • <SYSTEM32>\mprui.dll
  • <SYSTEM32>\mqad.dll
  • <SYSTEM32>\mprapi.dll
  • <SYSTEM32>\mprddm.dll
  • <SYSTEM32>\mprdim.dll
  • <SYSTEM32>\mqgentr.dll
  • <SYSTEM32>\mqise.dll
  • <SYSTEM32>\mqlogmgr.dll
  • <SYSTEM32>\mqbkup.exe
  • <SYSTEM32>\mqcertui.dll
  • <SYSTEM32>\mqdscli.dll
  • <SYSTEM32>\mpr.dll
  • <SYSTEM32>\mouse.drv
  • <SYSTEM32>\mp43dmod.dll
  • <SYSTEM32>\mp4sdmod.dll
  • <SYSTEM32>\more.com
  • <SYSTEM32>\moricons.dll
  • <SYSTEM32>\mountvol.exe
  • <SYSTEM32>\mpg4ds32.ax
  • <SYSTEM32>\mplay32.exe
  • <SYSTEM32>\mpnotify.exe
  • <SYSTEM32>\mpeg2data.ax
  • <SYSTEM32>\mpg2splt.ax
  • <SYSTEM32>\mpg4dmod.dll
  • <SYSTEM32>\config\systemprofile\Start Menu\Programs\Accessories\Command Prompt.lnk
  • <SYSTEM32>\config\systemprofile\Start Menu\Programs\Accessories\desktop.ini
  • <SYSTEM32>\config\systemprofile\Start Menu\Programs\Accessories\Entertainment\desktop.ini
  • <SYSTEM32>\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk
  • <SYSTEM32>\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk
  • <SYSTEM32>\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\Utility Manager.lnk
  • <SYSTEM32>\config\systemprofile\Start Menu\Programs\Accessories\Synchronize.lnk
  • <SYSTEM32>\config\systemprofile\Start Menu\Programs\Accessories\Tour Windows XP.lnk
  • <SYSTEM32>\config\systemprofile\Start Menu\Programs\Accessories\Windows Explorer.lnk
  • <SYSTEM32>\config\systemprofile\Start Menu\Programs\Accessories\Entertainment\Windows Media Player.lnk
  • <SYSTEM32>\config\systemprofile\Start Menu\Programs\Accessories\Notepad.lnk
  • <SYSTEM32>\config\systemprofile\Start Menu\Programs\Accessories\Program Compatibility Wizard.lnk
  • <SYSTEM32>\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\Magnifier.lnk
  • <SYSTEM32>\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\desktop.ini
  • <SYSTEM32>\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\desktop.ini
  • <SYSTEM32>\config\systemprofile\Local Settings\Temporary Internet Files\desktop.ini
  • <SYSTEM32>\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\desktop.ini
  • <SYSTEM32>\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini
  • <SYSTEM32>\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
  • <SYSTEM32>\config\systemprofile\SendTo\Mail Recipient.MAPIMail
  • <SYSTEM32>\config\systemprofile\Start Menu\desktop.ini
  • <SYSTEM32>\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\desktop.ini
  • <SYSTEM32>\config\systemprofile\SendTo\Compressed (zipped) Folder.ZFSendToTarget
  • <SYSTEM32>\config\systemprofile\SendTo\Desktop (create shortcut).DeskLink
  • <SYSTEM32>\config\systemprofile\SendTo\desktop.ini
  • <SYSTEM32>\config\systemprofile\Start Menu\Programs\desktop.ini
  • <SYSTEM32>\config\userdiff
  • <SYSTEM32>\config\userdiff.LOG
  • <SYSTEM32>\CONFIG.NT
  • <SYSTEM32>\config\systemprofile\Templates\wordpfct.wpd
  • <SYSTEM32>\config\systemprofile\Templates\wordpfct.wpg
  • <SYSTEM32>\config\TempKey.LOG
  • <SYSTEM32>\console.dll
  • <SYSTEM32>\control.exe
  • <SYSTEM32>\convert.exe
  • <SYSTEM32>\CONFIG.TMP
  • <SYSTEM32>\confmsp.dll
  • <SYSTEM32>\conime.exe
  • <SYSTEM32>\config\systemprofile\Templates\winword2.doc
  • <SYSTEM32>\config\systemprofile\Templates\amipro.sam
  • <SYSTEM32>\config\systemprofile\Templates\excel.xls
  • <SYSTEM32>\config\systemprofile\Templates\excel4.xls
  • <SYSTEM32>\config\systemprofile\Start Menu\Programs\Remote Assistance.lnk
  • <SYSTEM32>\config\systemprofile\Start Menu\Programs\Startup\desktop.ini
  • <SYSTEM32>\config\systemprofile\Start Menu\Programs\Windows Media Player.lnk
  • <SYSTEM32>\config\systemprofile\Templates\quattro.wb2
  • <SYSTEM32>\config\systemprofile\Templates\sndrec.wav
  • <SYSTEM32>\config\systemprofile\Templates\winword.doc
  • <SYSTEM32>\config\systemprofile\Templates\lotus.wk4
  • <SYSTEM32>\config\systemprofile\Templates\powerpnt.ppt
  • <SYSTEM32>\config\systemprofile\Templates\presenta.shw
  • <SYSTEM32>\comdlg32.dll
  • <SYSTEM32>\comm.drv
  • <SYSTEM32>\command.com
  • <SYSTEM32>\comaddin.dll
  • <SYSTEM32>\comcat.dll
  • <SYSTEM32>\comctl32.dll
  • <SYSTEM32>\compatUI.dll
  • <SYSTEM32>\compmgmt.msc
  • <SYSTEM32>\compobj.dll
  • <SYSTEM32>\commdlg.dll
  • <SYSTEM32>\comp.exe
  • <SYSTEM32>\compact.exe
  • <SYSTEM32>\Com\mtsadmin.tlb
  • <SYSTEM32>\cnbjmon.dll
  • <SYSTEM32>\cnetcfg.dll
  • <SYSTEM32>\cnvfat.dll
  • <SYSTEM32>\cmsetACL.dll
  • <SYSTEM32>\cmstp.exe
  • <SYSTEM32>\cmutil.dll
  • <SYSTEM32>\Com\comexp.msc
  • <SYSTEM32>\Com\comrepl.exe
  • <SYSTEM32>\Com\comrereg.exe
  • <SYSTEM32>\colbact.dll
  • <SYSTEM32>\Com\comadmin.dll
  • <SYSTEM32>\Com\comempty.dat
  • <SYSTEM32>\compstui.dll
  • <SYSTEM32>\config\systemprofile\Cookies\index.dat
  • <SYSTEM32>\config\systemprofile\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_59R.wmdb
  • <SYSTEM32>\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.DTD
  • <SYSTEM32>\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\7B2238AACCEDC3F1FFE8E7EB5F575EC9
  • <SYSTEM32>\config\systemprofile\Application Data\Microsoft\Internet Explorer\brndlog.bak
  • <SYSTEM32>\config\systemprofile\Application Data\Microsoft\Internet Explorer\brndlog.txt
  • <SYSTEM32>\config\systemprofile\Local Settings\History\History.IE5\desktop.ini
  • <SYSTEM32>\config\systemprofile\Local Settings\History\History.IE5\index.dat
  • <SYSTEM32>\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\desktop.ini
  • <SYSTEM32>\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.XML
  • <SYSTEM32>\config\systemprofile\Local Settings\desktop.ini
  • <SYSTEM32>\config\systemprofile\Local Settings\History\desktop.ini
  • <SYSTEM32>\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\7B2238AACCEDC3F1FFE8E7EB5F575EC9
  • <SYSTEM32>\comsvcs.dll
  • <SYSTEM32>\comuid.dll
  • <SYSTEM32>\config\AppEvent.Evt
  • <SYSTEM32>\comrepl.dll
  • <SYSTEM32>\comres.dll
  • <SYSTEM32>\comsnap.dll
  • <SYSTEM32>\config\SysEvent.Evt
  • <SYSTEM32>\config\system.sav
  • <SYSTEM32>\config\systemprofile\Application Data\desktop.ini
  • <SYSTEM32>\config\default.sav
  • <SYSTEM32>\config\SecEvent.Evt
  • <SYSTEM32>\config\software.sav
  • <SYSTEM32>\corpol.dll
  • <SYSTEM32>\c_869.nls
  • <SYSTEM32>\c_874.nls
  • <SYSTEM32>\c_875.nls
  • <SYSTEM32>\c_863.nls
  • <SYSTEM32>\c_865.nls
  • <SYSTEM32>\c_866.nls
  • <SYSTEM32>\c_950.nls
  • <SYSTEM32>\d3d8.dll
  • <SYSTEM32>\d3d8thk.dll
  • <SYSTEM32>\c_932.nls
  • <SYSTEM32>\c_936.nls
  • <SYSTEM32>\c_949.nls
  • <SYSTEM32>\c_861.nls
  • <SYSTEM32>\c_437.nls
  • <SYSTEM32>\c_500.nls
  • <SYSTEM32>\c_737.nls
  • <SYSTEM32>\c_28599.nls
  • <SYSTEM32>\c_28603.nls
  • <SYSTEM32>\c_28605.nls
  • <SYSTEM32>\c_855.nls
  • <SYSTEM32>\c_857.nls
  • <SYSTEM32>\c_860.nls
  • <SYSTEM32>\c_775.nls
  • <SYSTEM32>\c_850.nls
  • <SYSTEM32>\c_852.nls
  • <SYSTEM32>\d3d9.dll
  • <SYSTEM32>\Dcache.bin
  • <SYSTEM32>\dciman32.dll
  • <SYSTEM32>\dcomcnfg.exe
  • <SYSTEM32>\dbmsrpcn.dll
  • <SYSTEM32>\dbnetlib.dll
  • <SYSTEM32>\dbnmpntw.dll
  • <SYSTEM32>\ddrawex.dll
  • <SYSTEM32>\debug.exe
  • <SYSTEM32>\defrag.exe
  • <SYSTEM32>\ddeml.dll
  • <SYSTEM32>\ddeshare.exe
  • <SYSTEM32>\ddraw.dll
  • <SYSTEM32>\dbghelp.dll
  • <SYSTEM32>\d3dramp.dll
  • <SYSTEM32>\d3drm.dll
  • <SYSTEM32>\d3dxof.dll
  • <SYSTEM32>\d3dim.dll
  • <SYSTEM32>\d3dim700.dll
  • <SYSTEM32>\d3dpmesh.dll
  • <SYSTEM32>\davclnt.dll
  • <SYSTEM32>\daxctle.ocx
  • <SYSTEM32>\dbgeng.dll
  • <SYSTEM32>\danim.dll
  • <SYSTEM32>\dataclen.dll
  • <SYSTEM32>\datime.dll
  • <SYSTEM32>\ctl3d32.dll
  • <SYSTEM32>\ctl3dv2.dll
  • <SYSTEM32>\ctype.nls
  • <SYSTEM32>\csrss.exe
  • <SYSTEM32>\csseqchk.dll
  • <SYSTEM32>\ctfmon.exe
  • <SYSTEM32>\c_10007.nls
  • <SYSTEM32>\c_10010.nls
  • <SYSTEM32>\c_10017.nls
  • <SYSTEM32>\c_037.nls
  • <SYSTEM32>\c_10000.nls
  • <SYSTEM32>\c_10006.nls
  • <SYSTEM32>\csrsrv.dll
  • <SYSTEM32>\crypt32.dll
  • <SYSTEM32>\cryptdlg.dll
  • <SYSTEM32>\cryptdll.dll
  • <SYSTEM32>\country.sys
  • <SYSTEM32>\credui.dll
  • <SYSTEM32>\crtdll.dll
  • <SYSTEM32>\cryptui.dll
  • <SYSTEM32>\cscdll.dll
  • <SYSTEM32>\cscui.dll
  • <SYSTEM32>\cryptext.dll
  • <SYSTEM32>\cryptnet.dll
  • <SYSTEM32>\cryptsvc.dll
  • <SYSTEM32>\c_10029.nls
  • <SYSTEM32>\c_20905.nls
  • <SYSTEM32>\c_21866.nls
  • <SYSTEM32>\c_28591.nls
  • <SYSTEM32>\c_20127.nls
  • <SYSTEM32>\c_20261.nls
  • <SYSTEM32>\c_20866.nls
  • <SYSTEM32>\C_28595.NLS
  • <SYSTEM32>\C_28597.NLS
  • <SYSTEM32>\c_28598.nls
  • <SYSTEM32>\c_28592.nls
  • <SYSTEM32>\c_28593.nls
  • <SYSTEM32>\C_28594.NLS
  • <SYSTEM32>\c_1258.nls
  • <SYSTEM32>\c_1026.nls
  • <SYSTEM32>\c_1250.nls
  • <SYSTEM32>\c_1251.nls
  • <SYSTEM32>\c_10079.nls
  • <SYSTEM32>\c_10081.nls
  • <SYSTEM32>\c_10082.nls
  • <SYSTEM32>\c_1255.nls
  • <SYSTEM32>\c_1256.nls
  • <SYSTEM32>\c_1257.nls
  • <SYSTEM32>\c_1252.nls
  • <SYSTEM32>\c_1253.nls
  • <SYSTEM32>\c_1254.nls
  • <SYSTEM32>\avicap32.dll
  • <SYSTEM32>\avifil32.dll
  • <SYSTEM32>\avifile.dll
  • <SYSTEM32>\autofmt.exe
  • <SYSTEM32>\autolfn.exe
  • <SYSTEM32>\avicap.dll
  • <SYSTEM32>\basesrv.dll
  • <SYSTEM32>\batmeter.dll
  • <SYSTEM32>\batt.dll
  • <SYSTEM32>\avmeter.dll
  • <SYSTEM32>\avtapi.dll
  • <SYSTEM32>\avwav.dll
  • <SYSTEM32>\AUTOEXEC.NT
  • <SYSTEM32>\atmpvcno.dll
  • <SYSTEM32>\atrace.dll
  • <SYSTEM32>\attrib.exe
  • <SYSTEM32>\atmadm.exe
  • <SYSTEM32>\atmfd.dll
  • <SYSTEM32>\atmlib.dll
  • <SYSTEM32>\autochk.exe
  • <SYSTEM32>\autoconv.exe
  • <SYSTEM32>\autodisc.dll
  • <SYSTEM32>\audiosrv.dll
  • <SYSTEM32>\auditusr.exe
  • <SYSTEM32>\authz.dll
  • <SYSTEM32>\bidispl.dll
  • <SYSTEM32>\bthprops.cpl
  • <SYSTEM32>\bthserv.dll
  • <SYSTEM32>\btpanui.dll
  • <SYSTEM32>\browseui.dll
  • <SYSTEM32>\browsewm.dll
  • <SYSTEM32>\bthci.dll
  • <SYSTEM32>\calc.exe
  • <SYSTEM32>\camocx.dll
  • <SYSTEM32>\capesnpn.dll
  • <SYSTEM32>\cabinet.dll
  • <SYSTEM32>\cabview.dll
  • <SYSTEM32>\cacls.exe
  • <SYSTEM32>\browser.dll
  • <SYSTEM32>\bitsprx3.dll
  • <SYSTEM32>\blackbox.dll
  • <SYSTEM32>\blastcln.exe
  • <SYSTEM32>\bios1.rom
  • <SYSTEM32>\bios4.rom
  • <SYSTEM32>\bitsprx2.dll
  • <SYSTEM32>\bootvrfy.exe
  • <SYSTEM32>\bopomofo.uce
  • <SYSTEM32>\browselc.dll
  • <SYSTEM32>\bootcfg.exe
  • <SYSTEM32>\bootok.exe
  • <SYSTEM32>\bootvid.dll
  • <SYSTEM32>\actxprxy.dll
  • <SYSTEM32>\admparse.dll
  • <SYSTEM32>\adptif.dll
  • <SYSTEM32>\activeds.dll
  • <SYSTEM32>\activeds.tlb
  • <SYSTEM32>\actmovie.exe
  • <SYSTEM32>\adsnds.dll
  • <SYSTEM32>\adsnt.dll
  • <SYSTEM32>\adsnw.dll
  • <SYSTEM32>\adsldp.dll
  • <SYSTEM32>\adsldpc.dll
  • <SYSTEM32>\adsmsext.dll
  • <SYSTEM32>\aclui.dll
  • <SYSTEM32>\12520437.cpx
  • <SYSTEM32>\12520850.cpx
  • <SYSTEM32>\6to4svc.dll
  • <SYSTEM32>\$winnt$.inf
  • <SYSTEM32>\-1
  • <SYSTEM32>\1033\dwintl.dll
  • <SYSTEM32>\accwiz.exe
  • <SYSTEM32>\acelpdec.ax
  • <SYSTEM32>\acledit.dll
  • <SYSTEM32>\aaaamon.dll
  • <SYSTEM32>\access.cpl
  • <SYSTEM32>\acctres.dll
  • <SYSTEM32>\advapi32.dll
  • <SYSTEM32>\aspnet_counters.dll
  • <SYSTEM32>\asr_fmt.exe
  • <SYSTEM32>\asr_ldm.exe
  • <SYSTEM32>\arp.exe
  • <SYSTEM32>\asctrls.ocx
  • <SYSTEM32>\asferror.dll
  • <SYSTEM32>\atkctrs.dll
  • <SYSTEM32>\atl.dll
  • <SYSTEM32>\atl100.dll
  • <SYSTEM32>\asr_pfu.exe
  • <SYSTEM32>\asycfilt.dll
  • <SYSTEM32>\at.exe
  • <SYSTEM32>\appwiz.cpl
  • <SYSTEM32>\alrsvc.dll
  • <SYSTEM32>\amcompat.tlb
  • <SYSTEM32>\amstream.dll
  • <SYSTEM32>\advpack.dll
  • <SYSTEM32>\ahui.exe
  • <SYSTEM32>\alg.exe
  • <SYSTEM32>\apphelp.dll
  • <SYSTEM32>\appmgmts.dll
  • <SYSTEM32>\appmgr.dll
  • <SYSTEM32>\ansi.sys
  • <SYSTEM32>\apcups.dll
  • <SYSTEM32>\append.exe
  • <SYSTEM32>\cards.dll
  • <SYSTEM32>\cfgbkend.dll
  • <SYSTEM32>\cfgmgr32.dll
  • <SYSTEM32>\charmap.exe
  • <SYSTEM32>\certmgr.dll
  • <SYSTEM32>\certmgr.msc
  • <SYSTEM32>\cewmdm.dll
  • <SYSTEM32>\ciadmin.dll
  • <SYSTEM32>\ciadv.msc
  • <SYSTEM32>\cic.dll
  • <SYSTEM32>\chcp.com
  • <SYSTEM32>\chkdsk.exe
  • <SYSTEM32>\chkntfs.exe
  • <SYSTEM32>\certcli.dll
  • <SYSTEM32>\catsrv.dll
  • <SYSTEM32>\catsrvps.dll
  • <SYSTEM32>\catsrvut.dll
  • <SYSTEM32>\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\TimeStamp
  • <SYSTEM32>\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
  • <SYSTEM32>\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\TimeStamp
  • <SYSTEM32>\cdmodem.dll
  • <SYSTEM32>\cdosys.dll
  • <SYSTEM32>\cdplayer.exe.manifest
  • <SYSTEM32>\ccfgnt.dll
  • <SYSTEM32>\cdfview.dll
  • <SYSTEM32>\cdm.dll
  • <SYSTEM32>\cidaemon.exe
  • <SYSTEM32>\cmd.exe
  • <SYSTEM32>\cmdial32.dll
  • <SYSTEM32>\cmdl32.exe
  • <SYSTEM32>\clipsrv.exe
  • <SYSTEM32>\clusapi.dll
  • <SYSTEM32>\cmcfg32.dll
  • <SYSTEM32>\cmos.ram
  • <SYSTEM32>\cmpbk32.dll
  • <SYSTEM32>\cmprops.dll
  • <SYSTEM32>\cmdlib.wsc
  • <SYSTEM32>\cmmgr32.hlp
  • <SYSTEM32>\cmmon32.exe
  • <SYSTEM32>\clipbrd.exe
  • <SYSTEM32>\ckcnv.exe
  • <SYSTEM32>\clb.dll
  • <SYSTEM32>\clbcatex.dll
  • <SYSTEM32>\ciodm.dll
  • <SYSTEM32>\cipher.exe
  • <SYSTEM32>\cisvc.exe
  • <SYSTEM32>\cliconfg.dll
  • <SYSTEM32>\cliconfg.exe
  • <SYSTEM32>\cliconfg.rll
  • <SYSTEM32>\clbcatq.dll
  • <SYSTEM32>\cleanmgr.exe
  • <SYSTEM32>\cliconf.chm
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5.CAT
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5IIS.CAT
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5INF.CAT
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\msxpsdrv.CAT
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MW770.CAT
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\netfx.cat
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem2.CAT
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem3.CAT
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem4.CAT
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NTPRINT.CAT
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem0.CAT
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem1.CAT
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MSTSWEB.CAT
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\IASNT4.CAT
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\IMS.CAT
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB893803v2_wxp.cat
  • <SYSTEM32>\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\TimeStamp
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\FP4.CAT
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\HPCRDP.CAT
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MSMSGS.CAT
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\msn7.cat
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\msn9.cat
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB954550-v5.cat
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MAPIMIG.CAT
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\mediactr.cat
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem5.CAT
  • <SYSTEM32>\CatRoot2\edb00014.log
  • <SYSTEM32>\CatRoot2\edb00015.log
  • <SYSTEM32>\CatRoot2\edb00016.log
  • <SYSTEM32>\CatRoot2\edb00011.log
  • <SYSTEM32>\CatRoot2\edb00012.log
  • <SYSTEM32>\CatRoot2\edb00013.log
  • <SYSTEM32>\CatRoot2\res2.log
  • <SYSTEM32>\CatRoot2\tmp.edb
  • <SYSTEM32>\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
  • <SYSTEM32>\CatRoot2\edb00017.log
  • <SYSTEM32>\CatRoot2\edb00018.log
  • <SYSTEM32>\CatRoot2\res1.log
  • <SYSTEM32>\CatRoot2\edb00010.log
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\SP2.CAT
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\tabletpc.cat
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\TimeStamp
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem6.CAT
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem7.CAT
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\OEMBIOS.CAT
  • <SYSTEM32>\CatRoot2\edb.chk
  • <SYSTEM32>\CatRoot2\edb0000E.log
  • <SYSTEM32>\CatRoot2\edb0000F.log
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WIC.cat
  • <SYSTEM32>\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\wmerrenu.cat
  • <SYSTEM32>\CatRoot2\dberr.txt
  • <SYSTEM32>\dpmodemx.dll
  • <SYSTEM32>\dpnaddr.dll
  • <SYSTEM32>\dpnet.dll
  • <SYSTEM32>\dplay.dll
  • <SYSTEM32>\dplaysvr.exe
  • <SYSTEM32>\dplayx.dll
  • <SYSTEM32>\dpnmodem.dll
  • <SYSTEM32>\dpnsvr.exe
  • <SYSTEM32>\dpnwsock.dll
  • <SYSTEM32>\dpnhpast.dll
  • <SYSTEM32>\dpnhupnp.dll
  • <SYSTEM32>\dpnlobby.dll
  • <SYSTEM32>\dpcdll.dll
  • <SYSTEM32>\dmusic.dll
  • <SYSTEM32>\dmutil.dll
  • <SYSTEM32>\dmview.ocx
  • <SYSTEM32>\dmserver.dll
  • <SYSTEM32>\dmstyle.dll
  • <SYSTEM32>\dmsynth.dll
  • <SYSTEM32>\docprop2.dll
  • <SYSTEM32>\doskey.exe
  • <SYSTEM32>\dosx.exe
  • <SYSTEM32>\dnsapi.dll
  • <SYSTEM32>\dnsrslvr.dll
  • <SYSTEM32>\docprop.dll
  • <SYSTEM32>\dpserial.dll
  • <DRIVERS>\atmarpc.sys
  • <DRIVERS>\atmepvc.sys
  • <DRIVERS>\atmlane.sys
  • <DRIVERS>\arp1394.sys
  • <DRIVERS>\asyncmac.sys
  • <DRIVERS>\atapi.sys
  • <DRIVERS>\beep.sys
  • <DRIVERS>\bridge.sys
  • <DRIVERS>\cbidf2k.sys
  • <DRIVERS>\atmuni.sys
  • <DRIVERS>\audstub.sys
  • <DRIVERS>\battc.sys
  • <DRIVERS>\amdk7.sys
  • <SYSTEM32>\dpvvox.dll
  • <SYSTEM32>\dpwsock.dll
  • <SYSTEM32>\dpwsockx.dll
  • <SYSTEM32>\dpvacm.dll
  • <SYSTEM32>\dpvoice.dll
  • <SYSTEM32>\dpvsetup.exe
  • <DRIVERS>\afd.sys
  • <DRIVERS>\AGP440.SYS
  • <DRIVERS>\amdk6.sys
  • <SYSTEM32>\driverquery.exe
  • <DRIVERS>\acpi.sys
  • <DRIVERS>\acpiec.sys
  • <SYSTEM32>\dllcache\MAPIMIG.CAT
  • <SYSTEM32>\dllcache\mediactr.cat
  • <SYSTEM32>\dllcache\mouclass.sys
  • <SYSTEM32>\dllcache\i8042prt.sys
  • <SYSTEM32>\dllcache\IASNT4.CAT
  • <SYSTEM32>\dllcache\IMS.CAT
  • <SYSTEM32>\dllcache\MSTSWEB.CAT
  • <SYSTEM32>\dllcache\MW770.CAT
  • <SYSTEM32>\dllcache\netfx.cat
  • <SYSTEM32>\dllcache\MSMSGS.CAT
  • <SYSTEM32>\dllcache\msn7.cat
  • <SYSTEM32>\dllcache\msn9.cat
  • <SYSTEM32>\dllcache\HPCRDP.CAT
  • <SYSTEM32>\diskcomp.com
  • <SYSTEM32>\diskcopy.com
  • <SYSTEM32>\diskcopy.dll
  • <SYSTEM32>\DirectX\Dinput\SV-262e4.png
  • <SYSTEM32>\DirectX\Dinput\sv2511.png
  • <SYSTEM32>\DirectX\Dinput\sv2512.png
  • <SYSTEM32>\dispex.dll
  • <SYSTEM32>\dllcache\filterpipelineprintproc.dll
  • <SYSTEM32>\dllcache\FP4.CAT
  • <SYSTEM32>\diskmgmt.msc
  • <SYSTEM32>\diskpart.exe
  • <SYSTEM32>\diskperf.exe
  • <SYSTEM32>\dllcache\NT5.CAT
  • <SYSTEM32>\dmdlgs.dll
  • <SYSTEM32>\dmdskmgr.dll
  • <SYSTEM32>\dmdskres.dll
  • <SYSTEM32>\dmband.dll
  • <SYSTEM32>\dmcompos.dll
  • <SYSTEM32>\dmconfig.dll
  • <SYSTEM32>\dmocx.dll
  • <SYSTEM32>\dmremote.exe
  • <SYSTEM32>\dmscript.dll
  • <SYSTEM32>\dmime.dll
  • <SYSTEM32>\dmintf.dll
  • <SYSTEM32>\dmloader.dll
  • <SYSTEM32>\dmadmin.exe
  • <SYSTEM32>\dllcache\OEMBIOS.CAT
  • <SYSTEM32>\dllcache\printfilterpipelinesvc.exe
  • <SYSTEM32>\dllcache\SP2.CAT
  • <SYSTEM32>\dllcache\NT5IIS.CAT
  • <SYSTEM32>\dllcache\NT5INF.CAT
  • <SYSTEM32>\dllcache\NTPRINT.CAT
  • <SYSTEM32>\dllcache\xpssvcs.dll
  • <SYSTEM32>\dllhost.exe
  • <SYSTEM32>\dllhst3g.exe
  • <SYSTEM32>\dllcache\tabletpc.cat
  • <SYSTEM32>\dllcache\wmerrenu.cat
  • <SYSTEM32>\dllcache\xpsshhdr.dll
  • <DRIVERS>\cdaudio.sys
  • <DRIVERS>\nic1394.sys
  • <DRIVERS>\nikedrv.sys
  • <DRIVERS>\nmnt.sys
  • <DRIVERS>\ndproxy.sys
  • <DRIVERS>\netbios.sys
  • <DRIVERS>\netbt.sys
  • <DRIVERS>\nwlnkflt.sys
  • <DRIVERS>\nwlnkfwd.sys
  • <DRIVERS>\nwlnkipx.sys
  • <DRIVERS>\npfs.sys
  • <DRIVERS>\ntfs.sys
  • <DRIVERS>\null.sys
  • <DRIVERS>\ndiswan.sys
  • <DRIVERS>\mrxdav.sys
  • <DRIVERS>\mrxsmb.sys
  • <DRIVERS>\msfs.sys
  • <DRIVERS>\mouclass.sys
  • <DRIVERS>\mountmgr.sys
  • <DRIVERS>\mqac.sys
  • <DRIVERS>\ndis.sys
  • <DRIVERS>\ndistapi.sys
  • <DRIVERS>\ndisuio.sys
  • <DRIVERS>\msgpc.sys
  • <DRIVERS>\mssmbios.sys
  • <DRIVERS>\mup.sys
  • <DRIVERS>\nwlnknb.sys
  • <DRIVERS>\raspppoe.sys
  • <DRIVERS>\raspptp.sys
  • <DRIVERS>\raspti.sys
  • <DRIVERS>\ptilink.sys
  • <DRIVERS>\rasacd.sys
  • <DRIVERS>\rasl2tp.sys
  • <DRIVERS>\rdpdr.sys
  • <DRIVERS>\rdpwd.sys
  • <DRIVERS>\redbook.sys
  • <DRIVERS>\rawwan.sys
  • <DRIVERS>\rdbss.sys
  • <DRIVERS>\rdpcdd.sys
  • <DRIVERS>\psched.sys
  • <DRIVERS>\p3.sys
  • <DRIVERS>\parport.sys
  • <DRIVERS>\partmgr.sys
  • <DRIVERS>\nwlnkspx.sys
  • <DRIVERS>\nwrdr.sys
  • <DRIVERS>\oprghdlr.sys
  • <DRIVERS>\pcmcia.sys
  • <DRIVERS>\pcntpci5.sys
  • <DRIVERS>\processr.sys
  • <DRIVERS>\parvdm.sys
  • <DRIVERS>\pci.sys
  • <DRIVERS>\pciidex.sys
  • <DRIVERS>\etc\hosts
  • <DRIVERS>\etc\lmhosts.sam
  • <DRIVERS>\etc\networks
  • <DRIVERS>\dxapi.sys
  • <DRIVERS>\dxg.sys
  • <DRIVERS>\dxgthk.sys
  • <DRIVERS>\fastfat.sys
  • <DRIVERS>\fdc.sys
  • <DRIVERS>\fips.sys
  • <DRIVERS>\etc\protocol
  • <DRIVERS>\etc\services
  • <DRIVERS>\<Auxiliary name>.sys
  • <DRIVERS>\dmload.sys
  • <DRIVERS>\classpnp.sys
  • <DRIVERS>\CmBatt.sys
  • <DRIVERS>\compbatt.sys
  • <DRIVERS>\cdfs.sys
  • <DRIVERS>\cdrom.sys
  • <DRIVERS>\cinemst2.sys
  • <DRIVERS>\dis<Auxiliary name>.sys
  • <DRIVERS>\dmboot.sys
  • <DRIVERS>\dmio.sys
  • <DRIVERS>\cpqdap01.sys
  • <DRIVERS>\crusoe.sys
  • <DRIVERS>\disk.sys
  • <DRIVERS>\flpydisk.sys
  • <DRIVERS>\irenum.sys
  • <DRIVERS>\isapnp.sys
  • <DRIVERS>\kbdclass.sys
  • <DRIVERS>\ipinip.sys
  • <DRIVERS>\ipnat.sys
  • <DRIVERS>\ipsec.sys
  • <DRIVERS>\mf.sys
  • <DRIVERS>\mnmdd.sys
  • <DRIVERS>\modem.sys
  • <DRIVERS>\ks.sys
  • <DRIVERS>\ksecdd.sys
  • <DRIVERS>\mcd.sys
  • <DRIVERS>\ipfltdrv.sys
  • <DRIVERS>\ftdisk.sys
  • <DRIVERS>\gm.dls
  • <DRIVERS>\gmreadme.txt
  • <DRIVERS>\fltMgr.sys
  • <DRIVERS>\fsvga.sys
  • <DRIVERS>\fs_rec.sys
  • <DRIVERS>\intelide.sys
  • <DRIVERS>\intelppm.sys
  • <DRIVERS>\ip6fw.sys
  • <DRIVERS>\http.sys
  • <DRIVERS>\i8042prt.sys
  • <DRIVERS>\imapi.sys
  • <SYSTEM32>\DirectX\Dinput\ms1b_07.png
  • <SYSTEM32>\DirectX\Dinput\ms1b_08.png
  • <SYSTEM32>\DirectX\Dinput\ms1b_09.png
  • <SYSTEM32>\DirectX\Dinput\ms1b_04.png
  • <SYSTEM32>\DirectX\Dinput\ms1b_05.png
  • <SYSTEM32>\DirectX\Dinput\ms1b_06.png
  • <SYSTEM32>\DirectX\Dinput\ms26_01.png
  • <SYSTEM32>\DirectX\Dinput\ms26_02.png
  • <SYSTEM32>\DirectX\Dinput\ms26_03.png
  • <SYSTEM32>\DirectX\Dinput\ms1b_10.png
  • <SYSTEM32>\DirectX\Dinput\ms26.ini
  • <SYSTEM32>\DirectX\Dinput\ms26.png
  • <SYSTEM32>\DirectX\Dinput\ms1b_03.png
  • <SYSTEM32>\DirectX\Dinput\lgc209.png
  • <SYSTEM32>\DirectX\Dinput\lgc20a.ini
  • <SYSTEM32>\DirectX\Dinput\lgc20a.png
  • <SYSTEM32>\DirectX\Dinput\lgc207.ini
  • <SYSTEM32>\DirectX\Dinput\lgc207.png
  • <SYSTEM32>\DirectX\Dinput\lgc209.ini
  • <SYSTEM32>\DirectX\Dinput\ms1b.png
  • <SYSTEM32>\DirectX\Dinput\ms1b_01.png
  • <SYSTEM32>\DirectX\Dinput\ms1b_02.png
  • <SYSTEM32>\DirectX\Dinput\lgc291.ini
  • <SYSTEM32>\DirectX\Dinput\lgc291.png
  • <SYSTEM32>\DirectX\Dinput\ms1b.ini
  • <SYSTEM32>\DirectX\Dinput\ms26_04.png
  • <SYSTEM32>\DirectX\Dinput\ms28_4.png
  • <SYSTEM32>\DirectX\Dinput\ms28_5.png
  • <SYSTEM32>\DirectX\Dinput\ms28_6.png
  • <SYSTEM32>\DirectX\Dinput\ms28_1.png
  • <SYSTEM32>\DirectX\Dinput\ms28_2.png
  • <SYSTEM32>\DirectX\Dinput\ms28_3.png
  • <SYSTEM32>\DirectX\Dinput\ms34.png
  • <SYSTEM32>\DirectX\Dinput\ms34_01.png
  • <SYSTEM32>\DirectX\Dinput\ms34_02.png
  • <SYSTEM32>\DirectX\Dinput\ms28_7.png
  • <SYSTEM32>\DirectX\Dinput\ms28_8.png
  • <SYSTEM32>\DirectX\Dinput\ms34.ini
  • <SYSTEM32>\DirectX\Dinput\ms28.png
  • <SYSTEM32>\DirectX\Dinput\ms26_08.png
  • <SYSTEM32>\DirectX\Dinput\ms27.ini
  • <SYSTEM32>\DirectX\Dinput\ms27.png
  • <SYSTEM32>\DirectX\Dinput\ms26_05.png
  • <SYSTEM32>\DirectX\Dinput\ms26_06.png
  • <SYSTEM32>\DirectX\Dinput\ms26_07.png
  • <SYSTEM32>\DirectX\Dinput\ms27_4.png
  • <SYSTEM32>\DirectX\Dinput\ms27_5.png
  • <SYSTEM32>\DirectX\Dinput\ms28.ini
  • <SYSTEM32>\DirectX\Dinput\ms27_1.png
  • <SYSTEM32>\DirectX\Dinput\ms27_2.png
  • <SYSTEM32>\DirectX\Dinput\ms27_3.png
  • <SYSTEM32>\dgnet.dll
  • <SYSTEM32>\dgrpsetu.dll
  • <SYSTEM32>\dgsetup.dll
  • <SYSTEM32>\dfrgui.dll
  • <SYSTEM32>\dfshim.dll
  • <SYSTEM32>\dfsshlex.dll
  • <SYSTEM32>\diactfrm.dll
  • <SYSTEM32>\diantz.exe
  • <SYSTEM32>\digest.dll
  • <SYSTEM32>\dhcpcsvc.dll
  • <SYSTEM32>\dhcpmon.dll
  • <SYSTEM32>\dhcpsapi.dll
  • <SYSTEM32>\dfrgsnap.dll
  • <SYSTEM32>\deskperf.dll
  • <SYSTEM32>\desktop.ini
  • <SYSTEM32>\devenum.dll
  • <SYSTEM32>\desk.cpl
  • <SYSTEM32>\deskadp.dll
  • <SYSTEM32>\deskmon.dll
  • <SYSTEM32>\dfrgfat.exe
  • <SYSTEM32>\dfrgntfs.exe
  • <SYSTEM32>\dfrgres.dll
  • <SYSTEM32>\devmgmt.msc
  • <SYSTEM32>\devmgr.dll
  • <SYSTEM32>\dfrg.msc
  • <SYSTEM32>\dimap.dll
  • <SYSTEM32>\DirectX\Dinput\gr4003.png
  • <SYSTEM32>\DirectX\Dinput\gr4005.ini
  • <SYSTEM32>\DirectX\Dinput\gr4005.png
  • <SYSTEM32>\DirectX\Dinput\gr4001_g.ini
  • <SYSTEM32>\DirectX\Dinput\gr4001_g.png
  • <SYSTEM32>\DirectX\Dinput\gr4003.ini
  • <SYSTEM32>\DirectX\Dinput\ia3002_2.png
  • <SYSTEM32>\DirectX\Dinput\lgc202.ini
  • <SYSTEM32>\DirectX\Dinput\lgc202.png
  • <SYSTEM32>\DirectX\Dinput\hammer.ini
  • <SYSTEM32>\DirectX\Dinput\ia3002.ini
  • <SYSTEM32>\DirectX\Dinput\ia3002_1.png
  • <SYSTEM32>\DirectX\Dinput\gr4001.png
  • <SYSTEM32>\DirectX\Dinput\act_rs.png
  • <SYSTEM32>\DirectX\Dinput\glmda.ini
  • <SYSTEM32>\DirectX\Dinput\glmda.png
  • <SYSTEM32>\dinput.dll
  • <SYSTEM32>\dinput8.dll
  • <SYSTEM32>\DirectX\Dinput\actc094.ini
  • <SYSTEM32>\DirectX\Dinput\gr3001.png
  • <SYSTEM32>\DirectX\Dinput\gr3001_g.ini
  • <SYSTEM32>\DirectX\Dinput\gr4001.ini
  • <SYSTEM32>\DirectX\Dinput\glmdiggp.ini
  • <SYSTEM32>\DirectX\Dinput\glmdiggp.png
  • <SYSTEM32>\DirectX\Dinput\gr3001.ini
  • <SYSTEM32>\DirectX\Dinput\ms34_03.png
  • <SYSTEM32>\DirectX\Dinput\mse_10.png
  • <SYSTEM32>\DirectX\Dinput\mse_2.png
  • <SYSTEM32>\DirectX\Dinput\mse_3.png
  • <SYSTEM32>\DirectX\Dinput\mse.ini
  • <SYSTEM32>\DirectX\Dinput\mse.png
  • <SYSTEM32>\DirectX\Dinput\mse_1.png
  • <SYSTEM32>\DirectX\Dinput\mse_7.png
  • <SYSTEM32>\DirectX\Dinput\mse_8.png
  • <SYSTEM32>\DirectX\Dinput\mse_9.png
  • <SYSTEM32>\DirectX\Dinput\mse_4.png
  • <SYSTEM32>\DirectX\Dinput\mse_5.png
  • <SYSTEM32>\DirectX\Dinput\mse_6.png
  • <SYSTEM32>\DirectX\Dinput\ms8_g.ini
  • <SYSTEM32>\DirectX\Dinput\ms8_10.png
  • <SYSTEM32>\DirectX\Dinput\ms8_2.png
  • <SYSTEM32>\DirectX\Dinput\ms8_3.png
  • <SYSTEM32>\DirectX\Dinput\ms8.ini
  • <SYSTEM32>\DirectX\Dinput\ms8.png
  • <SYSTEM32>\DirectX\Dinput\ms8_1.png
  • <SYSTEM32>\DirectX\Dinput\ms8_7.png
  • <SYSTEM32>\DirectX\Dinput\ms8_8.png
  • <SYSTEM32>\DirectX\Dinput\ms8_9.png
  • <SYSTEM32>\DirectX\Dinput\ms8_4.png
  • <SYSTEM32>\DirectX\Dinput\ms8_5.png
  • <SYSTEM32>\DirectX\Dinput\ms8_6.png
  • <SYSTEM32>\DirectX\Dinput\mse_g.ini
  • <SYSTEM32>\DirectX\Dinput\msprw_3.png
  • <SYSTEM32>\DirectX\Dinput\msprw_4.png
  • <SYSTEM32>\DirectX\Dinput\msprw_5.png
  • <SYSTEM32>\DirectX\Dinput\msprw.png
  • <SYSTEM32>\DirectX\Dinput\msprw_1.png
  • <SYSTEM32>\DirectX\Dinput\msprw_2.png
  • <SYSTEM32>\DirectX\Dinput\raiderpd.ini
  • <SYSTEM32>\DirectX\Dinput\SV-262e1.png
  • <SYSTEM32>\DirectX\Dinput\SV-262e3.png
  • <SYSTEM32>\DirectX\Dinput\msprw_6.png
  • <SYSTEM32>\DirectX\Dinput\msprw_7.png
  • <SYSTEM32>\DirectX\Dinput\msprw_8.png
  • <SYSTEM32>\DirectX\Dinput\msprw.ini
  • <SYSTEM32>\DirectX\Dinput\msf1f_10.png
  • <SYSTEM32>\DirectX\Dinput\msf1f_2.png
  • <SYSTEM32>\DirectX\Dinput\msf1f_3.png
  • <SYSTEM32>\DirectX\Dinput\msf1f.ini
  • <SYSTEM32>\DirectX\Dinput\msf1f.png
  • <SYSTEM32>\DirectX\Dinput\msf1f_1.png
  • <SYSTEM32>\DirectX\Dinput\msf1f_7.png
  • <SYSTEM32>\DirectX\Dinput\msf1f_8.png
  • <SYSTEM32>\DirectX\Dinput\msf1f_9.png
  • <SYSTEM32>\DirectX\Dinput\msf1f_4.png
  • <SYSTEM32>\DirectX\Dinput\msf1f_5.png
  • <SYSTEM32>\DirectX\Dinput\msf1f_6.png
  • <SYSTEM32>\DirectX\Dinput\ms56.png
  • <SYSTEM32>\DirectX\Dinput\ms56_1.png
  • <SYSTEM32>\DirectX\Dinput\ms56_10.png
  • <SYSTEM32>\DirectX\Dinput\ms3b_m.png
  • <SYSTEM32>\DirectX\Dinput\ms3b_t.png
  • <SYSTEM32>\DirectX\Dinput\ms56.ini
  • <SYSTEM32>\DirectX\Dinput\ms56_5.png
  • <SYSTEM32>\DirectX\Dinput\ms56_6.png
  • <SYSTEM32>\DirectX\Dinput\ms56_7.png
  • <SYSTEM32>\DirectX\Dinput\ms56_2.png
  • <SYSTEM32>\DirectX\Dinput\ms56_3.png
  • <SYSTEM32>\DirectX\Dinput\ms56_4.png
  • <SYSTEM32>\DirectX\Dinput\ms3b_c.png
  • <SYSTEM32>\DirectX\Dinput\ms34_07.png
  • <SYSTEM32>\DirectX\Dinput\ms34_08.png
  • <SYSTEM32>\DirectX\Dinput\ms3b.ini
  • <SYSTEM32>\DirectX\Dinput\ms34_04.png
  • <SYSTEM32>\DirectX\Dinput\ms34_05.png
  • <SYSTEM32>\DirectX\Dinput\ms34_06.png
  • <SYSTEM32>\DirectX\Dinput\ms3b_3.png
  • <SYSTEM32>\DirectX\Dinput\ms3b_4.png
  • <SYSTEM32>\DirectX\Dinput\ms3b_a.png
  • <SYSTEM32>\DirectX\Dinput\ms3b.png
  • <SYSTEM32>\DirectX\Dinput\ms3b_1.png
  • <SYSTEM32>\DirectX\Dinput\ms3b_2.png
  • <SYSTEM32>\DirectX\Dinput\ms56_8.png
  • <SYSTEM32>\DirectX\Dinput\ms7_2.png
  • <SYSTEM32>\DirectX\Dinput\ms7_3.png
  • <SYSTEM32>\DirectX\Dinput\ms7_4.png
  • <SYSTEM32>\DirectX\Dinput\ms7.ini
  • <SYSTEM32>\DirectX\Dinput\ms7.png
  • <SYSTEM32>\DirectX\Dinput\ms7_1.png
  • <SYSTEM32>\DirectX\Dinput\ms7_8.png
  • <SYSTEM32>\DirectX\Dinput\ms7_9.png
  • <SYSTEM32>\DirectX\Dinput\ms7_g.ini
  • <SYSTEM32>\DirectX\Dinput\ms7_5.png
  • <SYSTEM32>\DirectX\Dinput\ms7_6.png
  • <SYSTEM32>\DirectX\Dinput\ms7_7.png
  • <SYSTEM32>\DirectX\Dinput\ms6_9.png
  • <SYSTEM32>\DirectX\Dinput\ms6_1.png
  • <SYSTEM32>\DirectX\Dinput\ms6_10.png
  • <SYSTEM32>\DirectX\Dinput\ms6_2.png
  • <SYSTEM32>\DirectX\Dinput\ms56_9.png
  • <SYSTEM32>\DirectX\Dinput\ms6.ini
  • <SYSTEM32>\DirectX\Dinput\ms6.png
  • <SYSTEM32>\DirectX\Dinput\ms6_6.png
  • <SYSTEM32>\DirectX\Dinput\ms6_7.png
  • <SYSTEM32>\DirectX\Dinput\ms6_8.png
  • <SYSTEM32>\DirectX\Dinput\ms6_3.png
  • <SYSTEM32>\DirectX\Dinput\ms6_4.png
  • <SYSTEM32>\DirectX\Dinput\ms6_5.png
Moves the following system files:
  • from <SYSTEM32>\CatRoot2\edb.log to <SYSTEM32>\CatRoot2\edb00019.log
Network activity:
Connects to:
  • 'sm##.gmail.com':587
UDP:
  • DNS ASK sm##.gmail.com

Curing recommendations

  1. If the operating system (OS) can be loaded (either normally or in safe mode), download Dr.Web Security Space and run a full scan of your computer and removable media you use. More about Dr.Web Security Space.
  2. If you cannot boot the OS, change the BIOS settings to boot your system from a CD or USB drive. Download the image of the emergency system repair disk Dr.Web® LiveDisk , mount it on a USB drive or burn it to a CD/DVD. After booting up with this media, run a full scan and cure all the detected threats.
Free trial

 

Download Dr.Web

Download by serial number

Use Dr.Web Anti-virus for macOS to run a full scan of your Mac.

Free trial

 

Download Dr.Web

Download by serial number

Download on App Store

After booting up, run a full scan of all disk partitions with Dr.Web Anti-virus for Linux.

Free trial

 

Download Dr.Web

Download by serial number

  1. If the mobile device is operating normally, download and install Dr.Web for Android. Run a full system scan and follow recommendations to neutralize the detected threats.
  2. If the mobile device has been locked by Android.Locker ransomware (the message on the screen tells you that you have broken some law or demands a set ransom amount; or you will see some other announcement that prevents you from using the handheld normally), do the following:
    • Load your smartphone or tablet in the safe mode (depending on the operating system version and specifications of the particular mobile device involved, this procedure can be performed in various ways; seek clarification from the user guide that was shipped with the device, or contact its manufacturer);
    • Once you have activated safe mode, install the Dr.Web for Android onto the infected handheld and run a full scan of the system; follow the steps recommended for neutralizing the threats that have been detected;
    • Switch off your device and turn it on as normal.

Find out more about Dr.Web for Android

Free trial

14 days

Download now
Get it on Google Play