Technical Information
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 'Stask' = 'c:\Freak.exe'
- Windows Task Manager (Taskmgr)
- Registry Editor (RegEdit)
- System Restore (SR)
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoClose' = '00000001'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoLogOff' = '00000001'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoDrives' = '00000008'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoControlPanel' = '00000001'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] 'NoFolderOptions' = '00000001'
- [<HKLM>\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] 'NoRun' = '00000001'
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] 'NoFind' = '00000001'
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\actionicon-tab.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\appmenu-dropmarker.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\aboutRobots-widget-left.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\aboutSessionRestore-window-icon.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\appmenu-icons.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\Go-arrow.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\identity.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\Geolocation-16.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\Geolocation-64.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\aboutRobots-icon.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\content\branding\about.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\content\branding\icon128.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\content\branding\about-logo.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\content\branding\about-wordmark.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\content\branding\icon16.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\aboutHome-restore-icon-small.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\aboutHome-restore-icon.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\content\branding\icon48.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\content\branding\icon64.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\Privacy-16.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\Privacy-48.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\page-livemarks.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\pageInfo.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\reload-stop-go.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\section_expanded.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\Secure24.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\section_collapsed-rtl.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\section_collapsed.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\monitor_16-10.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\KUI-close.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\livemark-folder.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\Info.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\KUI-background.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\livemark-item.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\menu-forward.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\monitor.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\mainwindow-dropdown-arrow.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\menu-back.png.exe
- %PROGRAM_FILES%\FireFox\xul.dll.exe
- %PROGRAM_FILES%\FireFox\freebl3.dll.exe
- %PROGRAM_FILES%\FireFox\IA2Marshal.dll.exe
- %PROGRAM_FILES%\FireFox\crashreporter.exe.exe
- %PROGRAM_FILES%\FireFox\firefox.exe.exe
- %PROGRAM_FILES%\FireFox\js.exe.exe
- %PROGRAM_FILES%\FireFox\mozjs.dll.exe
- %PROGRAM_FILES%\FireFox\mozsqlite3.dll.exe
- %PROGRAM_FILES%\FireFox\mangle.exe.exe
- %PROGRAM_FILES%\FireFox\mozalloc.dll.exe
- %PROGRAM_FILES%\FireFox\AccessibleMarshal.dll.exe
- %CommonProgramFiles%\System\Ole DB\msdatt.dll.exe
- %CommonProgramFiles%\System\Ole DB\msdaurl.dll.exe
- %CommonProgramFiles%\System\Ole DB\msdasqlr.dll.exe
- %CommonProgramFiles%\System\Ole DB\msdatl3.dll.exe
- %CommonProgramFiles%\System\Ole DB\msxactps.dll.exe
- %CommonProgramFiles%\System\Ole DB\sqloledb.dll.exe
- %CommonProgramFiles%\System\Ole DB\sqlxmlx.dll.exe
- %CommonProgramFiles%\System\Ole DB\oledb32.dll.exe
- %CommonProgramFiles%\System\Ole DB\oledb32r.dll.exe
- %PROGRAM_FILES%\FireFox\ssl3.dll.exe
- %PROGRAM_FILES%\FireFox\updater.exe.exe
- %PROGRAM_FILES%\FireFox\smime3.dll.exe
- %PROGRAM_FILES%\FireFox\softokn3.dll.exe
- %PROGRAM_FILES%\FireFox\xpcom.dll.exe
- %PROGRAM_FILES%\FireFox\xpt_dump.exe.exe
- %PROGRAM_FILES%\FireFox\xpt_link.exe.exe
- %PROGRAM_FILES%\FireFox\xpcshell.exe.exe
- %PROGRAM_FILES%\FireFox\xpidl.exe.exe
- %PROGRAM_FILES%\FireFox\shlibsign.exe.exe
- %PROGRAM_FILES%\FireFox\nss3.dll.exe
- %PROGRAM_FILES%\FireFox\nssckbi.dll.exe
- %PROGRAM_FILES%\FireFox\nsinstall.exe.exe
- %PROGRAM_FILES%\FireFox\nspr4.dll.exe
- %PROGRAM_FILES%\FireFox\nssdbm3.dll.exe
- %PROGRAM_FILES%\FireFox\plds4.dll.exe
- %PROGRAM_FILES%\FireFox\plugin-container.exe.exe
- %PROGRAM_FILES%\FireFox\nssutil3.dll.exe
- %PROGRAM_FILES%\FireFox\plc4.dll.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\sync-16.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabview\stack-expander.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabview\tabview.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabview\new-tab.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabview\search.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\aboutSessionRestore-window-icon.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\appmenu-icons.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\Geolocation-16.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\actionicon-tab.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\appmenu-dropmarker.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabview\grain.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabbrowser\newtab.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabbrowser\tab-arrow-left.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabbrowser\connecting.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabbrowser\loading.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabbrowser\tab-overflow-border.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabview\close.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabview\edit-light.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabbrowser\tab.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabbrowser\tabDragIndicator.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\monitor_16-10.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\page-livemarks.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\menu-forward.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\monitor.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\pageInfo.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\reload-stop-go.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\section_collapsed-rtl.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\Privacy-16.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\Privacy-48.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\menu-back.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\identity.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\Info.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\Geolocation-64.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\Go-arrow.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\KUI-background.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\livemark-item.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\mainwindow-dropdown-arrow.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\KUI-close.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\livemark-folder.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabbrowser\alltabs.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\feeds\videoFeedIcon.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\feeds\videoFeedIcon16.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\feeds\feedIcon.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\feeds\feedIcon16.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\allBookmarks.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\bookmarksToolbar.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\calendar.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\bookmark.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\bookmarksMenu.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\feeds\audioFeedIcon16.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\sync-desktopIcon.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\sync-mobileIcon.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\sync-32.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\sync-bg.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\sync-throbber.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\urlbar-popup-blocked.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\feeds\audioFeedIcon.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\Toolbar.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\urlbar-favicon-glow.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\preferences\alwaysAsk.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\preferences\application.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\unsortedBookmarks.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\unstarred48.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\preferences\mail.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\preferences\plugin.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\preferences\saveFile.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\preferences\Options-sync.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\preferences\Options.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\toolbarDropMarker.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\history.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\libraryNavigation.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\dropDown.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\editBookmark.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\libraryToolbar.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\starred48.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\tag.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\query.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\searching_16.png.exe
- C:\Far2\FExcept\ExcDump.dll.exe
- C:\Far2\FExcept\FExcept.dll.exe
- C:\Far2\Far.exe.exe
- C:\Far2\FExcept\demangle32.dll.exe
- C:\Far2\Plugins\7-Zip\7-ZipFar.dll.exe
- C:\Far2\Plugins\Align\Align.dll.exe
- C:\Far2\Plugins\arclite\7z.dll.exe
- C:\Far2\Plugins\7-Zip\7-ZipFar64.dll.exe
- C:\Far2\Plugins\7-Zip\7z.dll.exe
- %HOMEPATH%\Templates\winword2.doc.exe
- %ALLUSERSPROFILE%\Documents\My Pictures\Sample Pictures\Water lilies.jpg.exe
- %ALLUSERSPROFILE%\Documents\My Pictures\Sample Pictures\Winter.jpg.exe
- %ALLUSERSPROFILE%\Documents\My Pictures\Sample Pictures\Blue hills.jpg.exe
- %ALLUSERSPROFILE%\Documents\My Pictures\Sample Pictures\Sunset.jpg.exe
- C:\Documents and Settings\Default User\Templates\sndrec.wav.exe
- %HOMEPATH%\Templates\sndrec.wav.exe
- %HOMEPATH%\Templates\winword.doc.exe
- C:\Documents and Settings\Default User\Templates\winword.doc.exe
- C:\Documents and Settings\Default User\Templates\winword2.doc.exe
- C:\Far2\Plugins\HlfViewer\HlfViewer.dll.exe
- C:\Far2\Plugins\MacroView\MacroView.dll.exe
- C:\Far2\Plugins\FileCase\FileCase.dll.exe
- C:\Far2\Plugins\FTP\FarFtp.dll.exe
- C:\Far2\Plugins\Network\Network.dll.exe
- C:\Far2\Plugins\WinSCP\WinSCP.dll.exe
- %CommonProgramFiles%\Microsoft Shared\DAO\dao360.dll.exe
- C:\Far2\Plugins\ProcList\Proclist.dll.exe
- C:\Far2\Plugins\TmpPanel\TmpPanel.dll.exe
- C:\Far2\Plugins\FarCmds\FARCmds.dll.exe
- C:\Far2\Plugins\Brackets\Brackets.dll.exe
- C:\Far2\Plugins\Colorer\bin\colorer.dll.exe
- C:\Far2\Plugins\arclite\arclite.dll.exe
- C:\Far2\Plugins\AutoWrap\AutoWrap.dll.exe
- C:\Far2\Plugins\Compare\Compare.dll.exe
- C:\Far2\Plugins\EMenu\EMenu.dll.exe
- C:\Far2\Plugins\ExtSearch\esearch.dll.exe
- C:\Far2\Plugins\DrawLine\DrawLine.dll.exe
- C:\Far2\Plugins\EditCase\EditCase.dll.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\snowflake.bmp.exe
- C:\version.sys.exe
- <Full path to virus>.exe
- C:\MSDOS.SYS.exe
- C:\pagefile.sys.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\guest.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\astronaut.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\ball.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\%USERNAME%.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\airplane.bmp.exe
- C:\IO.SYS.exe
- C:\Freak.EXE
- C:\Freak.txt
- %WINDIR%\Freak.txt.EXE
- %WINDIR%\Freak.txt
- C:\CONFIG.SYS.exe
- C:\Freak.EXE.exe
- <SYSTEM32>\Freak.txt
- C:\version.sys
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\horses.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\kick.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\frog.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\guitar.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\lift-off.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\red flower.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\skater.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\palm tree.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\pink flower.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\fish.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\car.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\cat.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\beach.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\butterfly.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\chess.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\drip.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\duck.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\dirt bike.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\dog.bmp.exe
- %CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE.exe
- %CommonProgramFiles%\System\ado\msjro.dll.exe
- %CommonProgramFiles%\System\msadc\msadce.dll.exe
- %CommonProgramFiles%\System\ado\msadox.dll.exe
- %CommonProgramFiles%\System\ado\msadrh15.dll.exe
- %CommonProgramFiles%\System\msadc\msadcer.dll.exe
- %CommonProgramFiles%\System\msadc\msadco.dll.exe
- %CommonProgramFiles%\System\msadc\msadcor.dll.exe
- %CommonProgramFiles%\System\msadc\msadcf.dll.exe
- %CommonProgramFiles%\System\msadc\msadcfr.dll.exe
- %CommonProgramFiles%\System\ado\msador15.dll.exe
- %CommonProgramFiles%\SpeechEngines\Microsoft\TTS\1033\spttseng.dll.exe
- %CommonProgramFiles%\System\directdb.dll.exe
- %CommonProgramFiles%\Services\whowhere.bmp.exe
- %CommonProgramFiles%\SpeechEngines\Microsoft\spcommon.dll.exe
- %CommonProgramFiles%\System\wab32.dll.exe
- %CommonProgramFiles%\System\ado\msado15.dll.exe
- %CommonProgramFiles%\System\ado\msadomd.dll.exe
- %CommonProgramFiles%\System\wab32res.dll.exe
- %CommonProgramFiles%\System\ado\msader15.dll.exe
- %CommonProgramFiles%\System\Ole DB\msdaora.dll.exe
- %CommonProgramFiles%\System\Ole DB\msdaorar.dll.exe
- %CommonProgramFiles%\System\Ole DB\msdaer.dll.exe
- %CommonProgramFiles%\System\Ole DB\MSDAIPP.DLL.exe
- %CommonProgramFiles%\System\Ole DB\msdaosp.dll.exe
- %CommonProgramFiles%\System\Ole DB\msdasc.dll.exe
- %CommonProgramFiles%\System\Ole DB\msdasql.dll.exe
- %CommonProgramFiles%\System\Ole DB\MSDAPML.DLL.exe
- %CommonProgramFiles%\System\Ole DB\msdaps.dll.exe
- %CommonProgramFiles%\System\Ole DB\msdaenum.dll.exe
- %CommonProgramFiles%\System\msadc\msaddsr.dll.exe
- %CommonProgramFiles%\System\msadc\msdaprsr.dll.exe
- %CommonProgramFiles%\System\msadc\msadcs.dll.exe
- %CommonProgramFiles%\System\msadc\msadds.dll.exe
- %CommonProgramFiles%\System\msadc\msdaprst.dll.exe
- %CommonProgramFiles%\System\msadc\msdfmap.dll.exe
- %CommonProgramFiles%\System\Ole DB\msdadc.dll.exe
- %CommonProgramFiles%\System\msadc\msdarem.dll.exe
- %CommonProgramFiles%\System\msadc\msdaremr.dll.exe
- %CommonProgramFiles%\Services\verisign.bmp.exe
- %CommonProgramFiles%\Microsoft Shared\MSInfo\msinfo32.exe.exe
- %CommonProgramFiles%\Microsoft Shared\Speech\sapi.dll.exe
- %CommonProgramFiles%\Microsoft Shared\DW\2052\DWINTL20.DLL.exe
- %CommonProgramFiles%\Microsoft Shared\DW\3082\DWINTL20.DLL.exe
- %CommonProgramFiles%\Microsoft Shared\Speech\sapisvr.exe.exe
- %CommonProgramFiles%\Microsoft Shared\Stationery\Fiesta Bkgrd.jpg.exe
- %CommonProgramFiles%\Microsoft Shared\Stationery\Glacier Bkgrd.jpg.exe
- %CommonProgramFiles%\Microsoft Shared\Speech\1033\spcplui.dll.exe
- %CommonProgramFiles%\Microsoft Shared\Stationery\Clear Day Bkgrd.jpg.exe
- %CommonProgramFiles%\Microsoft Shared\DW\1042\DWINTL20.DLL.exe
- %CommonProgramFiles%\Microsoft Shared\DW\1025\DWINTL20.DLL.exe
- %CommonProgramFiles%\Microsoft Shared\DW\1028\DWINTL20.DLL.exe
- %CommonProgramFiles%\Microsoft Shared\DW\DWDCW20.DLL.exe
- %CommonProgramFiles%\Microsoft Shared\DW\DWTRIG20.EXE.exe
- %CommonProgramFiles%\Microsoft Shared\DW\1031\DWINTL20.DLL.exe
- %CommonProgramFiles%\Microsoft Shared\DW\1040\DWINTL20.DLL.exe
- %CommonProgramFiles%\Microsoft Shared\DW\1041\DWINTL20.DLL.exe
- %CommonProgramFiles%\Microsoft Shared\DW\1033\DWINTL20.DLL.exe
- %CommonProgramFiles%\Microsoft Shared\DW\1036\DWINTL20.DLL.exe
- %CommonProgramFiles%\Microsoft Shared\Web Folders\MSOWS409.DLL.exe
- %CommonProgramFiles%\Microsoft Shared\web server extensions\40\bin\fp4autl.dll.exe
- %CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll.exe
- %CommonProgramFiles%\Microsoft Shared\Web Folders\MSONSEXT.DLL.exe
- %CommonProgramFiles%\Microsoft Shared\web server extensions\40\bin\FP4AWEC.DLL.exe
- %CommonProgramFiles%\MSSoap\Binaries\Resources\1033\mssoapr.dll.exe
- %CommonProgramFiles%\Services\bigfoot.bmp.exe
- %CommonProgramFiles%\MSSoap\Binaries\mssoap1.dll.exe
- %CommonProgramFiles%\MSSoap\Binaries\wisc10.dll.exe
- %CommonProgramFiles%\Microsoft Shared\VC\msdia90.dll.exe
- %CommonProgramFiles%\Microsoft Shared\Stationery\Nature Bkgrd.jpg.exe
- %CommonProgramFiles%\Microsoft Shared\Stationery\Pie Charts Bkgrd.jpg.exe
- %CommonProgramFiles%\Microsoft Shared\Stationery\Leaves Bkgrd.jpg.exe
- %CommonProgramFiles%\Microsoft Shared\Stationery\Maize Bkgrd.jpg.exe
- %CommonProgramFiles%\Microsoft Shared\Stationery\Sunflower Bkgrd.jpg.exe
- %CommonProgramFiles%\Microsoft Shared\VC\msdia100.dll.exe
- %CommonProgramFiles%\Microsoft Shared\VC\msdia80.dll.exe
- %CommonProgramFiles%\Microsoft Shared\TextConv\msconv97.dll.exe
- %CommonProgramFiles%\Microsoft Shared\Triedit\TRIEDIT.DLL.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\Geolocation-16.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\Geolocation-64.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\appmenu-dropmarker.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\appmenu-icons.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\Go-arrow.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\KUI-background.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\KUI-close.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\identity.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\Info.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\content\branding\icon64.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\aboutHome-restore-icon-small.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\content\branding\icon16.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\content\branding\icon48.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\aboutHome-restore-icon.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\aboutSessionRestore-window-icon.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\actionicon-tab.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\aboutRobots-icon.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\content\browser\aboutRobots-widget-left.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\livemark-folder.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\section_collapsed-rtl.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\section_collapsed.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\Privacy-48.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\reload-stop-go.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\section_expanded.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\sync-32.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\sync-bg.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\Secure24.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\sync-16.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\menu-back.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\menu-forward.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\livemark-item.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\mainwindow-dropdown-arrow.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\monitor.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\pageInfo.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\Privacy-16.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\monitor_16-10.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\page-livemarks.png.exe
- %PROGRAM_FILES%\FireFox\mozjs.dll.exe
- %PROGRAM_FILES%\FireFox\mozsqlite3.dll.exe
- %PROGRAM_FILES%\FireFox\mangle.exe.exe
- %PROGRAM_FILES%\FireFox\mozalloc.dll.exe
- %PROGRAM_FILES%\FireFox\nsinstall.exe.exe
- %PROGRAM_FILES%\FireFox\nssckbi.dll.exe
- %PROGRAM_FILES%\FireFox\nssdbm3.dll.exe
- %PROGRAM_FILES%\FireFox\nspr4.dll.exe
- %PROGRAM_FILES%\FireFox\nss3.dll.exe
- %CommonProgramFiles%\System\Ole DB\sqlxmlx.dll.exe
- %PROGRAM_FILES%\FireFox\AccessibleMarshal.dll.exe
- %CommonProgramFiles%\System\Ole DB\oledb32r.dll.exe
- %CommonProgramFiles%\System\Ole DB\sqloledb.dll.exe
- %PROGRAM_FILES%\FireFox\crashreporter.exe.exe
- %PROGRAM_FILES%\FireFox\IA2Marshal.dll.exe
- %PROGRAM_FILES%\FireFox\js.exe.exe
- %PROGRAM_FILES%\FireFox\firefox.exe.exe
- %PROGRAM_FILES%\FireFox\freebl3.dll.exe
- %PROGRAM_FILES%\FireFox\nssutil3.dll.exe
- %PROGRAM_FILES%\FireFox\xpt_dump.exe.exe
- %PROGRAM_FILES%\FireFox\xpt_link.exe.exe
- %PROGRAM_FILES%\FireFox\xpcshell.exe.exe
- %PROGRAM_FILES%\FireFox\xpidl.exe.exe
- %PROGRAM_FILES%\FireFox\xul.dll.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\content\branding\about.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\content\branding\icon128.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\content\branding\about-logo.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\content\branding\about-wordmark.png.exe
- %PROGRAM_FILES%\FireFox\plugin-container.exe.exe
- %PROGRAM_FILES%\FireFox\shlibsign.exe.exe
- %PROGRAM_FILES%\FireFox\plc4.dll.exe
- %PROGRAM_FILES%\FireFox\plds4.dll.exe
- %PROGRAM_FILES%\FireFox\smime3.dll.exe
- %PROGRAM_FILES%\FireFox\updater.exe.exe
- %PROGRAM_FILES%\FireFox\xpcom.dll.exe
- %PROGRAM_FILES%\FireFox\softokn3.dll.exe
- %PROGRAM_FILES%\FireFox\ssl3.dll.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\sync-desktopIcon.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabview\stack-expander.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabview\tabview.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabview\new-tab.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabview\search.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\aboutSessionRestore-window-icon.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\appmenu-icons.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\Geolocation-16.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\actionicon-tab.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\appmenu-dropmarker.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabbrowser\tab-arrow-left.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabbrowser\tab-overflow-border.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabbrowser\loading.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabbrowser\newtab.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabbrowser\tab.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabview\edit-light.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabview\grain.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabbrowser\tabDragIndicator.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabview\close.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\Geolocation-64.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\monitor_16-10.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\page-livemarks.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\menu-forward.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\monitor.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\pageInfo.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\reload-stop-go.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\section_collapsed-rtl.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\Privacy-16.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\Privacy-48.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\Info.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\KUI-background.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\Go-arrow.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\identity.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\KUI-close.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\mainwindow-dropdown-arrow.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\menu-back.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\livemark-folder.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\browser\livemark-item.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\allBookmarks.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\bookmark.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\feeds\videoFeedIcon.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\feeds\videoFeedIcon16.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\bookmarksMenu.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\dropDown.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\editBookmark.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\bookmarksToolbar.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\calendar.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\Toolbar.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\urlbar-favicon-glow.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\sync-mobileIcon.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\sync-throbber.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\urlbar-popup-blocked.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\feeds\feedIcon.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\feeds\feedIcon16.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\feeds\audioFeedIcon.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\feeds\audioFeedIcon16.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\history.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\preferences\mail.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\preferences\Options-sync.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\preferences\alwaysAsk.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\preferences\application.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\preferences\Options.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabbrowser\alltabs.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\tabbrowser\connecting.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\preferences\plugin.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\preferences\saveFile.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\query.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\searching_16.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\libraryNavigation.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\libraryToolbar.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\starred48.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\unsortedBookmarks.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\unstarred48.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\tag.png.exe
- %PROGRAM_FILES%\FireFox\chrome\browser\skin\classic\aero\browser\places\toolbarDropMarker.png.exe
- %CommonProgramFiles%\System\Ole DB\oledb32.dll.exe
- C:\Far2\Plugins\AutoWrap\AutoWrap.dll.exe
- C:\Far2\Plugins\Brackets\Brackets.dll.exe
- C:\Far2\Plugins\arclite\7z.dll.exe
- C:\Far2\Plugins\arclite\arclite.dll.exe
- C:\Far2\Plugins\Colorer\bin\colorer.dll.exe
- C:\Far2\Plugins\EditCase\EditCase.dll.exe
- C:\Far2\Plugins\EMenu\EMenu.dll.exe
- C:\Far2\Plugins\Compare\Compare.dll.exe
- C:\Far2\Plugins\DrawLine\DrawLine.dll.exe
- C:\Far2\FExcept\demangle32.dll.exe
- C:\Far2\FExcept\ExcDump.dll.exe
- %HOMEPATH%\Templates\sndrec.wav.exe
- C:\Far2\Far.exe.exe
- C:\Far2\FExcept\FExcept.dll.exe
- C:\Far2\Plugins\7-Zip\7z.dll.exe
- C:\Far2\Plugins\Align\Align.dll.exe
- C:\Far2\Plugins\7-Zip\7-ZipFar.dll.exe
- C:\Far2\Plugins\7-Zip\7-ZipFar64.dll.exe
- C:\Far2\Plugins\ExtSearch\esearch.dll.exe
- %CommonProgramFiles%\Microsoft Shared\DW\DWDCW20.DLL.exe
- %CommonProgramFiles%\Microsoft Shared\DW\DWTRIG20.EXE.exe
- %CommonProgramFiles%\Microsoft Shared\DAO\dao360.dll.exe
- %CommonProgramFiles%\Microsoft Shared\DW\DW20.EXE.exe
- %CommonProgramFiles%\Microsoft Shared\DW\1025\DWINTL20.DLL.exe
- %CommonProgramFiles%\Microsoft Shared\DW\1033\DWINTL20.DLL.exe
- %CommonProgramFiles%\Microsoft Shared\DW\1036\DWINTL20.DLL.exe
- %CommonProgramFiles%\Microsoft Shared\DW\1028\DWINTL20.DLL.exe
- %CommonProgramFiles%\Microsoft Shared\DW\1031\DWINTL20.DLL.exe
- C:\Far2\Plugins\FTP\FarFtp.dll.exe
- C:\Far2\Plugins\HlfViewer\HlfViewer.dll.exe
- C:\Far2\Plugins\FarCmds\FARCmds.dll.exe
- C:\Far2\Plugins\FileCase\FileCase.dll.exe
- C:\Far2\Plugins\MacroView\MacroView.dll.exe
- C:\Far2\Plugins\TmpPanel\TmpPanel.dll.exe
- C:\Far2\Plugins\WinSCP\WinSCP.dll.exe
- C:\Far2\Plugins\Network\Network.dll.exe
- C:\Far2\Plugins\ProcList\Proclist.dll.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\ball.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\beach.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\airplane.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\astronaut.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\butterfly.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\chess.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\dirt bike.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\car.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\cat.bmp.exe
- C:\IO.SYS.exe
- C:\MSDOS.SYS.exe
- C:\CONFIG.SYS.exe
- C:\Freak.EXE.exe
- C:\pagefile.sys.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\guest.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\%USERNAME%.bmp.exe
- C:\version.sys.exe
- <Full path to virus>.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\dog.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\skater.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\snowflake.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\pink flower.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\red flower.bmp.exe
- %ALLUSERSPROFILE%\Documents\My Pictures\Sample Pictures\Blue hills.jpg.exe
- %ALLUSERSPROFILE%\Documents\My Pictures\Sample Pictures\Winter.jpg.exe
- C:\Documents and Settings\Default User\Templates\sndrec.wav.exe
- %ALLUSERSPROFILE%\Documents\My Pictures\Sample Pictures\Sunset.jpg.exe
- %ALLUSERSPROFILE%\Documents\My Pictures\Sample Pictures\Water lilies.jpg.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\fish.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\frog.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\drip.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\duck.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\guitar.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\lift-off.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\palm tree.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\horses.bmp.exe
- %ALLUSERSPROFILE%\Application Data\Microsoft\User Account Pictures\Default Pictures\kick.bmp.exe
- %CommonProgramFiles%\Microsoft Shared\DW\1040\DWINTL20.DLL.exe
- %CommonProgramFiles%\System\msadc\msadco.dll.exe
- %CommonProgramFiles%\System\msadc\msadcor.dll.exe
- %CommonProgramFiles%\System\msadc\msadcf.dll.exe
- %CommonProgramFiles%\System\msadc\msadcfr.dll.exe
- %CommonProgramFiles%\System\msadc\msadcs.dll.exe
- %CommonProgramFiles%\System\msadc\msdaprsr.dll.exe
- %CommonProgramFiles%\System\msadc\msdaprst.dll.exe
- %CommonProgramFiles%\System\msadc\msadds.dll.exe
- %CommonProgramFiles%\System\msadc\msaddsr.dll.exe
- %CommonProgramFiles%\System\ado\msadomd.dll.exe
- %CommonProgramFiles%\System\ado\msador15.dll.exe
- %CommonProgramFiles%\System\ado\msader15.dll.exe
- %CommonProgramFiles%\System\ado\msado15.dll.exe
- %CommonProgramFiles%\System\ado\msadox.dll.exe
- %CommonProgramFiles%\System\msadc\msadce.dll.exe
- %CommonProgramFiles%\System\msadc\msadcer.dll.exe
- %CommonProgramFiles%\System\ado\msadrh15.dll.exe
- %CommonProgramFiles%\System\ado\msjro.dll.exe
- %CommonProgramFiles%\System\msadc\msdarem.dll.exe
- %CommonProgramFiles%\System\Ole DB\msdasc.dll.exe
- %CommonProgramFiles%\System\Ole DB\msdasql.dll.exe
- %CommonProgramFiles%\System\Ole DB\MSDAPML.DLL.exe
- %CommonProgramFiles%\System\Ole DB\msdaps.dll.exe
- %CommonProgramFiles%\System\Ole DB\msdasqlr.dll.exe
- %CommonProgramFiles%\System\Ole DB\msdaurl.dll.exe
- %CommonProgramFiles%\System\Ole DB\msxactps.dll.exe
- %CommonProgramFiles%\System\Ole DB\msdatl3.dll.exe
- %CommonProgramFiles%\System\Ole DB\msdatt.dll.exe
- %CommonProgramFiles%\System\Ole DB\msdadc.dll.exe
- %CommonProgramFiles%\System\Ole DB\msdaenum.dll.exe
- %CommonProgramFiles%\System\msadc\msdaremr.dll.exe
- %CommonProgramFiles%\System\msadc\msdfmap.dll.exe
- %CommonProgramFiles%\System\Ole DB\msdaer.dll.exe
- %CommonProgramFiles%\System\Ole DB\msdaorar.dll.exe
- %CommonProgramFiles%\System\Ole DB\msdaosp.dll.exe
- %CommonProgramFiles%\System\Ole DB\MSDAIPP.DLL.exe
- %CommonProgramFiles%\System\Ole DB\msdaora.dll.exe
- %CommonProgramFiles%\Microsoft Shared\Stationery\Leaves Bkgrd.jpg.exe
- %CommonProgramFiles%\Microsoft Shared\Stationery\Maize Bkgrd.jpg.exe
- %CommonProgramFiles%\Microsoft Shared\Stationery\Fiesta Bkgrd.jpg.exe
- %CommonProgramFiles%\Microsoft Shared\Stationery\Glacier Bkgrd.jpg.exe
- %CommonProgramFiles%\Microsoft Shared\Stationery\Nature Bkgrd.jpg.exe
- %CommonProgramFiles%\Microsoft Shared\TextConv\msconv97.dll.exe
- %CommonProgramFiles%\Microsoft Shared\Triedit\TRIEDIT.DLL.exe
- %CommonProgramFiles%\Microsoft Shared\Stationery\Pie Charts Bkgrd.jpg.exe
- %CommonProgramFiles%\Microsoft Shared\Stationery\Sunflower Bkgrd.jpg.exe
- %CommonProgramFiles%\Microsoft Shared\DW\2052\DWINTL20.DLL.exe
- %CommonProgramFiles%\Microsoft Shared\DW\3082\DWINTL20.DLL.exe
- %CommonProgramFiles%\Microsoft Shared\DW\1041\DWINTL20.DLL.exe
- %CommonProgramFiles%\Microsoft Shared\DW\1042\DWINTL20.DLL.exe
- %CommonProgramFiles%\Microsoft Shared\MSInfo\msinfo32.exe.exe
- %CommonProgramFiles%\Microsoft Shared\Speech\1033\spcplui.dll.exe
- %CommonProgramFiles%\Microsoft Shared\Stationery\Clear Day Bkgrd.jpg.exe
- %CommonProgramFiles%\Microsoft Shared\Speech\sapi.dll.exe
- %CommonProgramFiles%\Microsoft Shared\Speech\sapisvr.exe.exe
- %CommonProgramFiles%\Microsoft Shared\VC\msdia100.dll.exe
- %CommonProgramFiles%\Services\verisign.bmp.exe
- %CommonProgramFiles%\Services\whowhere.bmp.exe
- %CommonProgramFiles%\MSSoap\Binaries\Resources\1033\mssoapr.dll.exe
- %CommonProgramFiles%\Services\bigfoot.bmp.exe
- %CommonProgramFiles%\SpeechEngines\Microsoft\spcommon.dll.exe
- %CommonProgramFiles%\System\wab32.dll.exe
- %CommonProgramFiles%\System\wab32res.dll.exe
- %CommonProgramFiles%\SpeechEngines\Microsoft\TTS\1033\spttseng.dll.exe
- %CommonProgramFiles%\System\directdb.dll.exe
- %CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll.exe
- %CommonProgramFiles%\Microsoft Shared\Web Folders\MSONSEXT.DLL.exe
- %CommonProgramFiles%\Microsoft Shared\VC\msdia80.dll.exe
- %CommonProgramFiles%\Microsoft Shared\VC\msdia90.dll.exe
- %CommonProgramFiles%\Microsoft Shared\Web Folders\MSOWS409.DLL.exe
- %CommonProgramFiles%\MSSoap\Binaries\mssoap1.dll.exe
- %CommonProgramFiles%\MSSoap\Binaries\wisc10.dll.exe
- %CommonProgramFiles%\Microsoft Shared\web server extensions\40\bin\fp4autl.dll.exe
- %CommonProgramFiles%\Microsoft Shared\web server extensions\40\bin\FP4AWEC.DLL.exe