PE_SIVIS.A
ALIASES:
Virus:Win32/Sivis.A (Microsoft); W32/Sivis.gen.a (McAfee); Trojan.Gen (Symantec); Virus.Win32.Agent.es (Kaspersky); Virus.Win32.sivis.a (v) (Sunbelt); Worm/Generic2.ATQF (AVG)
PLATFORM:
Windows 2000, Windows XP, Windows Server 2003
OVERALL RISK RATING:
REPORTED INFECTION:
Threat Type: File infector
Destructiveness: No
Encrypted:
In the wild: Yes
OVERVIEW
This file infector arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
TECHNICAL DETAILS
File Size:
234,441 bytes
File Type:
EXE
Memory Resident:
No
Initial Samples Received Date:
07 May 2013
Arrival Details
This file infector arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
Dropping Routine
This file infector drops the following files:
- %System Root%/exp/dducdhn.exe
- %System Root%/{malware file name}
- %System Root%/AUTOEXEC.BAT
- %System Root%/boot.ini
- %System Root%/CONFIG.SYS
- %System Root%/Documents and Settings/All Users/Application Data/Adobe/Acrobat/10.0/Replicate/Security/directories.acrodata
- %System Root%/Documents and Settings/All Users/Application Data/Adobe/Setup/{AC76BA86-7AD7-1033-7B44-AA0000000001}/ABCPY.INI
- %System Root%/Documents and Settings/All Users/Application Data/Adobe/Setup/{AC76BA86-7AD7-1033-7B44-AA0000000001}/AcroRead.msi
- %System Root%/Documents and Settings/All Users/Application Data/Adobe/Setup/{AC76BA86-7AD7-1033-7B44-AA0000000001}/Data1.cab
- %System Root%/Documents and Settings/All Users/Application Data/Adobe/Setup/{AC76BA86-7AD7-1033-7B44-AA0000000001}/setup.exe
- %System Root%/Documents and Settings/All Users/Application Data/Adobe/Setup/{AC76BA86-7AD7-1033-7B44-AA0000000001}/Setup.ini
- %System Root%/Documents and Settings/All Users/Application Data/desktop.ini
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/Crypto/RSA/S-1-5-18/d42cc0c3858a58db2db37658219e6400_6abce574-4afc-42c5-8ab9-5739a84d8a8b
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/Media Player/DefaultStore_59R.bin
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/Media Player/UserMigratedStore_59R.bin
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/Network/Connections/Pbk/rasphone.pbk
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/Network/Connections/Pbk/sharedaccess.ini
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/airplane.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/astronaut.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/ball.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/beach.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/butterfly.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/car.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/cat.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/chess.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/dirt bike.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/dog.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/drip.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/duck.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/fish.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/frog.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/guitar.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/horses.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/kick.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/lift-off.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/palm tree.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/pink flower.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/red flower.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/skater.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/snowflake.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/guest.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Wilbert.bmp
- %System Root%/Documents and Settings/All Users/Documents/desktop.ini
- %System Root%/Documents and Settings/All Users/Documents/My Music/Desktop.ini
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Music/Beethoven's Symphony No. 9 (Scherzo).wma
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Music/desktop.ini
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Music/New Stories (Highway Blues).wma
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst1.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst10.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst11.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst12.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst13.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst14.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst15.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst2.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst3.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst4.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst5.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst6.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst7.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst8.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst9.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Pictures/Desktop.ini
- %System Root%/Documents and Settings/All Users/Documents/My Pictures/Sample Pictures/Blue hills.jpg
- %System Root%/Documents and Settings/All Users/Documents/My Pictures/Sample Pictures/desktop.ini
- %System Root%/Documents and Settings/All Users/Documents/My Pictures/Sample Pictures/Sunset.jpg
- %System Root%/Documents and Settings/All Users/Documents/My Pictures/Sample Pictures/Water lilies.jpg
- %System Root%/Documents and Settings/All Users/Documents/My Pictures/Sample Pictures/Winter.jpg
- %System Root%/Documents and Settings/All Users/Documents/My Videos/Desktop.ini
- %System Root%/Documents and Settings/All Users/DRM/drmv2.lic
- %System Root%/Documents and Settings/All Users/DRM/drmv2.sst
- %System Root%/Documents and Settings/All Users/Start Menu/desktop.ini
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/Accessibility/Accessibility Wizard.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/Accessibility/desktop.ini
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/Calculator.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/Communications/desktop.ini
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/Communications/HyperTerminal.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/Communications/Network Connections.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/Communications/Network Setup Wizard.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/Communications/New Connection Wizard.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/Communications/Remote Desktop Connection.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/Communications/Wireless Network Setup Wizard.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/desktop.ini
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/Entertainment/desktop.ini
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/Entertainment/Sound Recorder.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/Entertainment/Volume Control.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/Paint.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/System Tools/Backup.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/System Tools/Character Map.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/System Tools/desktop.ini
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/System Tools/Disk Cleanup.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/System Tools/Disk Defragmenter.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/System Tools/Files and Settings Transfer Wizard.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/System Tools/Scheduled Tasks.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/System Tools/Security Center.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/System Tools/System Information.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/System Tools/System Restore.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/WordPad.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Administrative Tools/Component Services.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Administrative Tools/Computer Management.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Administrative Tools/Data Sources (ODBC).lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Administrative Tools/desktop.ini
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Administrative Tools/Event Viewer.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Administrative Tools/Local Security Policy.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Administrative Tools/Performance.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Administrative Tools/Services.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Adobe Reader X.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/desktop.ini
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Games/desktop.ini
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Games/Freecell.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Games/Hearts.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Games/Internet Backgammon.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Games/Internet Checkers.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Games/Internet Hearts.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Games/Internet Reversi.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Games/Internet Spades.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Games/Minesweeper.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Games/Pinball.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Games/Solitaire.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Games/Spider Solitaire.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/MSN.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Startup/desktop.ini
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Windows Messenger.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Windows Movie Maker.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/WinPcap/Uninstall WinPcap 4.1.2.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/WinPcap/WinPcap Web Site.url
- %System Root%/Documents and Settings/All Users/Start Menu/Set Program Access and Defaults.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Windows Catalog.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Windows Update.lnk
- %System Root%/Documents and Settings/Default User/Application Data/desktop.ini
- %System Root%/Documents and Settings/Default User/Application Data/Microsoft/Internet Explorer/brndlog.bak
- %System Root%/Documents and Settings/Default User/Application Data/Microsoft/Internet Explorer/brndlog.txt
- %System Root%/Documents and Settings/Default User/Cookies/index.dat
- %System Root%/Documents and Settings/Default User/Local Settings/Application Data/Microsoft/Media Player/CurrentDatabase_59R.wmdb
- %System Root%/Documents and Settings/Default User/Local Settings/Application Data/Microsoft/Windows Media/9.0/WMSDKNS.DTD
- %System Root%/Documents and Settings/Default User/Local Settings/Application Data/Microsoft/Windows Media/9.0/WMSDKNS.XML
- %System Root%/Documents and Settings/Default User/Local Settings/desktop.ini
- %System Root%/Documents and Settings/Default User/Local Settings/History/desktop.ini
- %System Root%/Documents and Settings/Default User/Local Settings/History/History.IE5/desktop.ini
- %System Root%/Documents and Settings/Default User/Local Settings/History/History.IE5/index.dat
- %System Root%/Documents and Settings/Default User/Local Settings/Temporary Internet Files/Content.IE5/09RWHJQN/desktop.ini
- %System Root%/Documents and Settings/Default User/Local Settings/Temporary Internet Files/Content.IE5/BVLBNMKH/desktop.ini
- %System Root%/Documents and Settings/Default User/Local Settings/Temporary Internet Files/Content.IE5/desktop.ini
- %System Root%/Documents and Settings/Default User/Local Settings/Temporary Internet Files/Content.IE5/index.dat
- %System Root%/Documents and Settings/Default User/Local Settings/Temporary Internet Files/Content.IE5/ZDGZNKA5/desktop.ini
- %System Root%/Documents and Settings/Default User/Local Settings/Temporary Internet Files/Content.IE5/ZSGKJKO6/desktop.ini
- %System Root%/Documents and Settings/Default User/Local Settings/Temporary Internet Files/desktop.ini
- %System Root%/Documents and Settings/Default User/NTUSER.DAT
- %System Root%/Documents and Settings/Default User/ntuser.dat.LOG
- %System Root%/Documents and Settings/Default User/SendTo/Compressed (zipped) Folder.ZFSendToTarget
- %System Root%/Documents and Settings/Default User/SendTo/Desktop (create shortcut).DeskLink
- %System Root%/Documents and Settings/Default User/SendTo/desktop.ini
- %System Root%/Documents and Settings/Default User/SendTo/Mail Recipient.MAPIMail
- %System Root%/Documents and Settings/Default User/Start Menu/desktop.ini
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Accessories/Accessibility/desktop.ini
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Accessories/Accessibility/Magnifier.lnk
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Accessories/Accessibility/Narrator.lnk
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Accessories/Accessibility/On-Screen Keyboard.lnk
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Accessories/Accessibility/Utility Manager.lnk
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Accessories/Command Prompt.lnk
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Accessories/desktop.ini
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Accessories/Entertainment/desktop.ini
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Accessories/Entertainment/Windows Media Player.lnk
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Accessories/Notepad.lnk
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Accessories/Program Compatibility Wizard.lnk
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Accessories/Synchronize.lnk
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Accessories/Tour Windows XP.lnk
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Accessories/Windows Explorer.lnk
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/desktop.ini
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Remote Assistance.lnk
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Startup/desktop.ini
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Windows Media Player.lnk
- %System Root%/Documents and Settings/Default User/Templates/amipro.sam
- %System Root%/Documents and Settings/Default User/Templates/excel.xls
- %System Root%/Documents and Settings/Default User/Templates/excel4.xls
- %System Root%/Documents and Settings/Default User/Templates/lotus.wk4
- %System Root%/Documents and Settings/Default User/Templates/powerpnt.ppt
- %System Root%/Documents and Settings/Default User/Templates/presenta.shw
- %System Root%/Documents and Settings/Default User/Templates/quattro.wb2
- %System Root%/Documents and Settings/Default User/Templates/sndrec.wav
- %System Root%/Documents and Settings/Default User/Templates/winword.doc
- %System Root%/Documents and Settings/Default User/Templates/winword2.doc
- %System Root%/Documents and Settings/Default User/Templates/wordpfct.wpd
- %System Root%/Documents and Settings/Default User/Templates/wordpfct.wpg
- %System Root%/Documents and Settings/LocalService/Cookies/index.dat
- %System Root%/Documents and Settings/LocalService/Local Settings/Application Data/FontCache3.0.0.0.dat
- %System Root%/Documents and Settings/LocalService/Local Settings/Application Data/Microsoft/Windows/UsrClass.dat
- %System Root%/Documents and Settings/LocalService/Local Settings/Application Data/Microsoft/Windows/UsrClass.dat.LOG
- %System Root%/Documents and Settings/LocalService/Local Settings/desktop.ini
- %System Root%/Documents and Settings/LocalService/Local Settings/History/desktop.ini
- %System Root%/Documents and Settings/LocalService/Local Settings/History/History.IE5/desktop.ini
- %System Root%/Documents and Settings/LocalService/Local Settings/History/History.IE5/index.dat
- %System Root%/Documents and Settings/LocalService/Local Settings/Temporary Internet Files/Content.IE5/246FT6TD/desktop.ini
- %System Root%/Documents and Settings/LocalService/Local Settings/Temporary Internet Files/Content.IE5/9STOYKO4/desktop.ini
- %System Root%/Documents and Settings/LocalService/Local Settings/Temporary Internet Files/Content.IE5/desktop.ini
- %System Root%/Documents and Settings/LocalService/Local Settings/Temporary Internet Files/Content.IE5/index.dat
- %System Root%/Documents and Settings/LocalService/Local Settings/Temporary Internet Files/Content.IE5/NF72HY20/desktop.ini
- %System Root%/Documents and Settings/LocalService/Local Settings/Temporary Internet Files/Content.IE5/PHOM4UYK/desktop.ini
- %System Root%/Documents and Settings/LocalService/Local Settings/Temporary Internet Files/desktop.ini
- %System Root%/Documents and Settings/LocalService/NTUSER.DAT
- %System Root%/Documents and Settings/LocalService/ntuser.dat.LOG
- %System Root%/Documents and Settings/LocalService/ntuser.ini
- %System Root%/Documents and Settings/NetworkService/Local Settings/Application Data/Microsoft/Windows/UsrClass.dat
- %System Root%/Documents and Settings/NetworkService/Local Settings/Application Data/Microsoft/Windows/UsrClass.dat.LOG
- %System Root%/Documents and Settings/NetworkService/Local Settings/desktop.ini
- %System Root%/Documents and Settings/NetworkService/Local Settings/History/desktop.ini
- %System Root%/Documents and Settings/NetworkService/Local Settings/History/History.IE5/desktop.ini
- %System Root%/Documents and Settings/NetworkService/Local Settings/Temporary Internet Files/Content.IE5/09RWHJQN/desktop.ini
- %System Root%/Documents and Settings/NetworkService/Local Settings/Temporary Internet Files/Content.IE5/BVLBNMKH/desktop.ini
- %System Root%/Documents and Settings/NetworkService/Local Settings/Temporary Internet Files/Content.IE5/desktop.ini
- %System Root%/Documents and Settings/NetworkService/Local Settings/Temporary Internet Files/Content.IE5/ZDGZNKA5/desktop.ini
- %System Root%/Documents and Settings/NetworkService/Local Settings/Temporary Internet Files/Content.IE5/ZSGKJKO6/desktop.ini
- %System Root%/Documents and Settings/NetworkService/Local Settings/Temporary Internet Files/desktop.ini
- %System Root%/Documents and Settings/NetworkService/NTUSER.DAT
- %System Root%/Documents and Settings/NetworkService/ntuser.dat.LOG
- %System Root%/Documents and Settings/NetworkService/ntuser.ini
- %System Root%/Documents and Settings/Wilbert/Application Data/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Application Data/Microsoft/Internet Explorer/brndlog.bak
- %System Root%/Documents and Settings/Wilbert/Application Data/Microsoft/Internet Explorer/brndlog.txt
- %System Root%/Documents and Settings/Wilbert/Application Data/Microsoft/Internet Explorer/Desktop.htt
- %System Root%/Documents and Settings/Wilbert/Application Data/Microsoft/Internet Explorer/Quick Launch/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Application Data/Microsoft/Internet Explorer/Quick Launch/Launch Internet Explorer Browser.lnk
- %System Root%/Documents and Settings/Wilbert/Application Data/Microsoft/Internet Explorer/Quick Launch/Show Desktop.scf
- %System Root%/Documents and Settings/Wilbert/Application Data/Microsoft/MMC/secpol
- %System Root%/Documents and Settings/Wilbert/Application Data/Microsoft/Windows/Themes/Custom.theme
- %System Root%/Documents and Settings/Wilbert/Cookies/index.dat
- %System Root%/Documents and Settings/Wilbert/Favorites/Desktop.ini
- %System Root%/Documents and Settings/Wilbert/Favorites/Links/Customize Links.url
- %System Root%/Documents and Settings/Wilbert/Favorites/Links/Free Hotmail.url
- %System Root%/Documents and Settings/Wilbert/Favorites/Links/Windows Marketplace.url
- %System Root%/Documents and Settings/Wilbert/Favorites/Links/Windows Media.url
- %System Root%/Documents and Settings/Wilbert/Favorites/Links/Windows.url
- %System Root%/Documents and Settings/Wilbert/Favorites/MSN.com.url
- %System Root%/Documents and Settings/Wilbert/Favorites/Radio Station Guide.url
- %System Root%/Documents and Settings/Wilbert/Local Settings/Application Data/GDIPFONTCACHEV1.DAT
- %System Root%/Documents and Settings/Wilbert/Local Settings/Application Data/IconCache.db
- %System Root%/Documents and Settings/Wilbert/Local Settings/Application Data/Microsoft/Internet Explorer/MSIMGSIZ.DAT
- %System Root%/Documents and Settings/Wilbert/Local Settings/Application Data/Microsoft/Media Player/CurrentDatabase_59R.wmdb
- %System Root%/Documents and Settings/Wilbert/Local Settings/Application Data/Microsoft/Wallpaper1.bmp
- %System Root%/Documents and Settings/Wilbert/Local Settings/Application Data/Microsoft/Windows/UsrClass.dat
- %System Root%/Documents and Settings/Wilbert/Local Settings/Application Data/Microsoft/Windows/UsrClass.dat.LOG
- %System Root%/Documents and Settings/Wilbert/Local Settings/Application Data/Microsoft/Windows Media/9.0/WMSDKNS.DTD
- %System Root%/Documents and Settings/Wilbert/Local Settings/Application Data/Microsoft/Windows Media/9.0/WMSDKNS.XML
- %System Root%/Documents and Settings/Wilbert/Local Settings/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Local Settings/History/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Local Settings/History/History.IE5/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Local Settings/History/History.IE5/index.dat
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/58e0ef.mst
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/AdobeARM.log
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/AdobeSFX.log
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/ASPNETSetup_00000.log
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/ASPNETSetup_00001.log
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/ASPNETSetup_00002.log
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_depcheck_NETFX_EXP_35.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_dotnetfx35error.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_dotnetfx35install.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_dotNetFx40_Full_x86_x64_decompression_log.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_MSXML6_MSI0686.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_netfx20MSI7F16.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_netfx20UI7F16.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_NET_Framework20_Setup06A7.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_NET_Framework30_Setup0775.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_NET_Framework35_MSI07B9.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_RGB9RAST_x86.msi0683.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_vcredistMSI3CAA.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_vcredistMSI7C21.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_vcredistUI3CAA.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_vcredistUI7C21.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_wcf_CA_smci_20111017_044900_062.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_wcf_retCA29BA.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_WIC.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_XPS.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/Microsoft .NET Framework 4 Setup_20111016_234618578-MSI_netfx_Core_x86.msi.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/Microsoft .NET Framework 4 Setup_20111016_234618578-MSI_netfx_Extended_x86.msi.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/Microsoft .NET Framework 4 Setup_20111016_234618578.html
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/Microsoft Visual C++ 2010 x86 Redistributable Setup_20111020_000954642-MSI_vc_red.msi.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/Microsoft Visual C++ 2010 x86 Redistributable Setup_20111020_000954642.html
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/uxeventlog.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/vminst.log_20111016_212239_Failed.log
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/vminst.log_20130313_012028.log
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/vminst.log_20130313_012352_Failed.log
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/vmmsi.log_20111016_212246_Failed.log
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/vmmsi.log_20130313_012028.log
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/vmmsi.log_20130313_012352_Failed.log
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/WSFF8.tmp
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/WSFF9.tmp
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/{835818DD-220C-4ABD-946E-0D8660B95E29}/SourcePath.bat
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/09RWHJQN/bottom_left3[1].png
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/09RWHJQN/bottom_right3[1].png
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/09RWHJQN/box02[1].gif
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/09RWHJQN/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/09RWHJQN/top_left3[1].png
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/BVLBNMKH/box04[1].gif
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/BVLBNMKH/box08[1].gif
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/BVLBNMKH/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/BVLBNMKH/header00b[1].gif
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/BVLBNMKH/table_bottom3[1].png
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/index.dat
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/ZDGZNKA5/background[1].gif
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/ZDGZNKA5/box06[1].gif
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/ZDGZNKA5/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/ZDGZNKA5/table_right3[1].png
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/ZDGZNKA5/top_right3[1].png
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/ZSGKJKO6/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/ZSGKJKO6/footer00[1].gif
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/ZSGKJKO6/table_left3[1].png
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/ZSGKJKO6/table_top3[1].png
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/desktop.ini
- %System Root%/Documents and Settings/Wilbert/My Documents/desktop.ini
- %System Root%/Documents and Settings/Wilbert/My Documents/My Music/Desktop.ini
- %System Root%/Documents and Settings/Wilbert/My Documents/My Music/Sample Music.lnk
- %System Root%/Documents and Settings/Wilbert/My Documents/My Pictures/Desktop.ini
- %System Root%/Documents and Settings/Wilbert/My Documents/My Pictures/Sample Pictures.lnk
- %System Root%/Documents and Settings/Wilbert/NTUSER.DAT
- %System Root%/Documents and Settings/Wilbert/ntuser.dat.LOG
- %System Root%/Documents and Settings/Wilbert/ntuser.ini
- %System Root%/Documents and Settings/Wilbert/Recent/Desktop.ini
- %System Root%/Documents and Settings/Wilbert/SendTo/Compressed (zipped) Folder.ZFSendToTarget
- %System Root%/Documents and Settings/Wilbert/SendTo/Desktop (create shortcut).DeskLink
- %System Root%/Documents and Settings/Wilbert/SendTo/desktop.ini
- %System Root%/Documents and Settings/Wilbert/SendTo/Mail Recipient.MAPIMail
- %System Root%/Documents and Settings/Wilbert/SendTo/My Documents.mydocs
- %System Root%/Documents and Settings/Wilbert/Start Menu/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/Accessibility/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/Accessibility/Magnifier.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/Accessibility/Narrator.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/Accessibility/On-Screen Keyboard.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/Accessibility/Utility Manager.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/Address Book.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/Command Prompt.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/Entertainment/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/Entertainment/Windows Media Player.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/Notepad.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/Program Compatibility Wizard.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/Synchronize.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/Tour Windows XP.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/Windows Explorer.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Administrative Tools/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Internet Explorer.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Outlook Express.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Remote Assistance.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Startup/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Windows Media Player.lnk
- %System Root%/Documents and Settings/Wilbert/Templates/amipro.sam
- %System Root%/Documents and Settings/Wilbert/Templates/excel.xls
- %System Root%/Documents and Settings/Wilbert/Templates/excel4.xls
- %System Root%/Documents and Settings/Wilbert/Templates/lotus.wk4
- %System Root%/Documents and Settings/Wilbert/Templates/powerpnt.ppt
- %System Root%/Documents and Settings/Wilbert/Templates/presenta.shw
- %System Root%/Documents and Settings/Wilbert/Templates/quattro.wb2
- %System Root%/Documents and Settings/Wilbert/Templates/sndrec.wav
- %System Root%/Documents and Settings/Wilbert/Templates/winword.doc
- %System Root%/Documents and Settings/Wilbert/Templates/winword2.doc
- %System Root%/Documents and Settings/Wilbert/Templates/wordpfct.wpd
- %System Root%/Documents and Settings/Wilbert/Templates/wordpfct.wpg
- %System Root%/IO.SYS
- %System Root%/MSDOS.SYS
- %System Root%/NTDETECT.COM
- %System Root%/ntldr
- %System Root%/pagefile.sys
- %System Root%/Program Files/Adobe/Reader 10.0/Esl/AiodLite.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/A3DUtils.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/ACE.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/AcroBroker.exe
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/Acrofx32.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/AcroRd32.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/AcroRd32.exe
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/AcroRd32Info.exe
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/AcroTextExtractor.exe
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/Adobe.Reader.Dependencies.manifest
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/AdobeCollabSync.exe
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/AdobeLinguistic.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/adoberfp.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/AdobeXMP.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/AGM.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/AGMGPUOptIn.ini
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/ahclient.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/AIR/nppdf32.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/authplay.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/AXE8SharedExpat.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/AXSLE.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/BIB.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/BIBUtils.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/Browser/nppdf32.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/ccme_base.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/CoolType.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/cryptocme2.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/cryptocme2.sig
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/Eula.exe
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/ExtendScript.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/icucnv40.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/icudt40.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/IDTemplates/ENU/AdobeID.pdf
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/IDTemplates/ENU/DefaultID.pdf
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/Javascripts/JSByteCodeWin.bin
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/JP2KLib.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/Legal/ENU/eula.ini
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/Legal/ENU/license.html
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/logsession.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/LogTransport2.exe
This report is generated via an automated analysis system.
SOLUTION
Minimum Scan Engine:
9.300
Step 1
Before doing any scans, Windows XP, Windows Vista, and Windows 7 users must disable System Restore to allow full scanning of their computers.
Step 2
Search and delete these components
[ Learn More ]
There may be some components that are hidden. Please make sure you check the Search Hidden Files and Folders checkbox in the "More advanced options" option to include all hidden files and folders in the search result. - %System Root%/exp/dducdhn.exe
- %System Root%/{malware file name}
- %System Root%/AUTOEXEC.BAT
- %System Root%/boot.ini
- %System Root%/CONFIG.SYS
- %System Root%/Documents and Settings/All Users/Application Data/Adobe/Acrobat/10.0/Replicate/Security/directories.acrodata
- %System Root%/Documents and Settings/All Users/Application Data/Adobe/Setup/{AC76BA86-7AD7-1033-7B44-AA0000000001}/ABCPY.INI
- %System Root%/Documents and Settings/All Users/Application Data/Adobe/Setup/{AC76BA86-7AD7-1033-7B44-AA0000000001}/AcroRead.msi
- %System Root%/Documents and Settings/All Users/Application Data/Adobe/Setup/{AC76BA86-7AD7-1033-7B44-AA0000000001}/Data1.cab
- %System Root%/Documents and Settings/All Users/Application Data/Adobe/Setup/{AC76BA86-7AD7-1033-7B44-AA0000000001}/setup.exe
- %System Root%/Documents and Settings/All Users/Application Data/Adobe/Setup/{AC76BA86-7AD7-1033-7B44-AA0000000001}/Setup.ini
- %System Root%/Documents and Settings/All Users/Application Data/desktop.ini
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/Crypto/RSA/S-1-5-18/d42cc0c3858a58db2db37658219e6400_6abce574-4afc-42c5-8ab9-5739a84d8a8b
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/Media Player/DefaultStore_59R.bin
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/Media Player/UserMigratedStore_59R.bin
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/Network/Connections/Pbk/rasphone.pbk
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/Network/Connections/Pbk/sharedaccess.ini
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/airplane.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/astronaut.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/ball.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/beach.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/butterfly.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/car.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/cat.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/chess.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/dirt bike.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/dog.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/drip.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/duck.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/fish.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/frog.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/guitar.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/horses.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/kick.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/lift-off.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/palm tree.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/pink flower.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/red flower.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/skater.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Default Pictures/snowflake.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/guest.bmp
- %System Root%/Documents and Settings/All Users/Application Data/Microsoft/User Account Pictures/Wilbert.bmp
- %System Root%/Documents and Settings/All Users/Documents/desktop.ini
- %System Root%/Documents and Settings/All Users/Documents/My Music/Desktop.ini
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Music/Beethoven's Symphony No. 9 (Scherzo).wma
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Music/desktop.ini
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Music/New Stories (Highway Blues).wma
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst1.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst10.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst11.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst12.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst13.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst14.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst15.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst2.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst3.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst4.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst5.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst6.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst7.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst8.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Music/Sample Playlists/0008044E/Plylst9.wpl
- %System Root%/Documents and Settings/All Users/Documents/My Pictures/Desktop.ini
- %System Root%/Documents and Settings/All Users/Documents/My Pictures/Sample Pictures/Blue hills.jpg
- %System Root%/Documents and Settings/All Users/Documents/My Pictures/Sample Pictures/desktop.ini
- %System Root%/Documents and Settings/All Users/Documents/My Pictures/Sample Pictures/Sunset.jpg
- %System Root%/Documents and Settings/All Users/Documents/My Pictures/Sample Pictures/Water lilies.jpg
- %System Root%/Documents and Settings/All Users/Documents/My Pictures/Sample Pictures/Winter.jpg
- %System Root%/Documents and Settings/All Users/Documents/My Videos/Desktop.ini
- %System Root%/Documents and Settings/All Users/DRM/drmv2.lic
- %System Root%/Documents and Settings/All Users/DRM/drmv2.sst
- %System Root%/Documents and Settings/All Users/Start Menu/desktop.ini
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/Accessibility/Accessibility Wizard.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/Accessibility/desktop.ini
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/Calculator.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/Communications/desktop.ini
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/Communications/HyperTerminal.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/Communications/Network Connections.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/Communications/Network Setup Wizard.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/Communications/New Connection Wizard.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/Communications/Remote Desktop Connection.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/Communications/Wireless Network Setup Wizard.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/desktop.ini
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/Entertainment/desktop.ini
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/Entertainment/Sound Recorder.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/Entertainment/Volume Control.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/Paint.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/System Tools/Backup.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/System Tools/Character Map.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/System Tools/desktop.ini
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/System Tools/Disk Cleanup.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/System Tools/Disk Defragmenter.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/System Tools/Files and Settings Transfer Wizard.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/System Tools/Scheduled Tasks.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/System Tools/Security Center.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/System Tools/System Information.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/System Tools/System Restore.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Accessories/WordPad.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Administrative Tools/Component Services.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Administrative Tools/Computer Management.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Administrative Tools/Data Sources (ODBC).lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Administrative Tools/desktop.ini
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Administrative Tools/Event Viewer.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Administrative Tools/Local Security Policy.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Administrative Tools/Performance.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Administrative Tools/Services.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Adobe Reader X.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/desktop.ini
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Games/desktop.ini
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Games/Freecell.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Games/Hearts.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Games/Internet Backgammon.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Games/Internet Checkers.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Games/Internet Hearts.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Games/Internet Reversi.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Games/Internet Spades.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Games/Minesweeper.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Games/Pinball.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Games/Solitaire.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Games/Spider Solitaire.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/MSN.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Startup/desktop.ini
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Windows Messenger.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/Windows Movie Maker.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/WinPcap/Uninstall WinPcap 4.1.2.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Programs/WinPcap/WinPcap Web Site.url
- %System Root%/Documents and Settings/All Users/Start Menu/Set Program Access and Defaults.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Windows Catalog.lnk
- %System Root%/Documents and Settings/All Users/Start Menu/Windows Update.lnk
- %System Root%/Documents and Settings/Default User/Application Data/desktop.ini
- %System Root%/Documents and Settings/Default User/Application Data/Microsoft/Internet Explorer/brndlog.bak
- %System Root%/Documents and Settings/Default User/Application Data/Microsoft/Internet Explorer/brndlog.txt
- %System Root%/Documents and Settings/Default User/Cookies/index.dat
- %System Root%/Documents and Settings/Default User/Local Settings/Application Data/Microsoft/Media Player/CurrentDatabase_59R.wmdb
- %System Root%/Documents and Settings/Default User/Local Settings/Application Data/Microsoft/Windows Media/9.0/WMSDKNS.DTD
- %System Root%/Documents and Settings/Default User/Local Settings/Application Data/Microsoft/Windows Media/9.0/WMSDKNS.XML
- %System Root%/Documents and Settings/Default User/Local Settings/desktop.ini
- %System Root%/Documents and Settings/Default User/Local Settings/History/desktop.ini
- %System Root%/Documents and Settings/Default User/Local Settings/History/History.IE5/desktop.ini
- %System Root%/Documents and Settings/Default User/Local Settings/History/History.IE5/index.dat
- %System Root%/Documents and Settings/Default User/Local Settings/Temporary Internet Files/Content.IE5/09RWHJQN/desktop.ini
- %System Root%/Documents and Settings/Default User/Local Settings/Temporary Internet Files/Content.IE5/BVLBNMKH/desktop.ini
- %System Root%/Documents and Settings/Default User/Local Settings/Temporary Internet Files/Content.IE5/desktop.ini
- %System Root%/Documents and Settings/Default User/Local Settings/Temporary Internet Files/Content.IE5/index.dat
- %System Root%/Documents and Settings/Default User/Local Settings/Temporary Internet Files/Content.IE5/ZDGZNKA5/desktop.ini
- %System Root%/Documents and Settings/Default User/Local Settings/Temporary Internet Files/Content.IE5/ZSGKJKO6/desktop.ini
- %System Root%/Documents and Settings/Default User/Local Settings/Temporary Internet Files/desktop.ini
- %System Root%/Documents and Settings/Default User/NTUSER.DAT
- %System Root%/Documents and Settings/Default User/ntuser.dat.LOG
- %System Root%/Documents and Settings/Default User/SendTo/Compressed (zipped) Folder.ZFSendToTarget
- %System Root%/Documents and Settings/Default User/SendTo/Desktop (create shortcut).DeskLink
- %System Root%/Documents and Settings/Default User/SendTo/desktop.ini
- %System Root%/Documents and Settings/Default User/SendTo/Mail Recipient.MAPIMail
- %System Root%/Documents and Settings/Default User/Start Menu/desktop.ini
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Accessories/Accessibility/desktop.ini
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Accessories/Accessibility/Magnifier.lnk
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Accessories/Accessibility/Narrator.lnk
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Accessories/Accessibility/On-Screen Keyboard.lnk
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Accessories/Accessibility/Utility Manager.lnk
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Accessories/Command Prompt.lnk
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Accessories/desktop.ini
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Accessories/Entertainment/desktop.ini
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Accessories/Entertainment/Windows Media Player.lnk
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Accessories/Notepad.lnk
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Accessories/Program Compatibility Wizard.lnk
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Accessories/Synchronize.lnk
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Accessories/Tour Windows XP.lnk
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Accessories/Windows Explorer.lnk
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/desktop.ini
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Remote Assistance.lnk
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Startup/desktop.ini
- %System Root%/Documents and Settings/Default User/Start Menu/Programs/Windows Media Player.lnk
- %System Root%/Documents and Settings/Default User/Templates/amipro.sam
- %System Root%/Documents and Settings/Default User/Templates/excel.xls
- %System Root%/Documents and Settings/Default User/Templates/excel4.xls
- %System Root%/Documents and Settings/Default User/Templates/lotus.wk4
- %System Root%/Documents and Settings/Default User/Templates/powerpnt.ppt
- %System Root%/Documents and Settings/Default User/Templates/presenta.shw
- %System Root%/Documents and Settings/Default User/Templates/quattro.wb2
- %System Root%/Documents and Settings/Default User/Templates/sndrec.wav
- %System Root%/Documents and Settings/Default User/Templates/winword.doc
- %System Root%/Documents and Settings/Default User/Templates/winword2.doc
- %System Root%/Documents and Settings/Default User/Templates/wordpfct.wpd
- %System Root%/Documents and Settings/Default User/Templates/wordpfct.wpg
- %System Root%/Documents and Settings/LocalService/Cookies/index.dat
- %System Root%/Documents and Settings/LocalService/Local Settings/Application Data/FontCache3.0.0.0.dat
- %System Root%/Documents and Settings/LocalService/Local Settings/Application Data/Microsoft/Windows/UsrClass.dat
- %System Root%/Documents and Settings/LocalService/Local Settings/Application Data/Microsoft/Windows/UsrClass.dat.LOG
- %System Root%/Documents and Settings/LocalService/Local Settings/desktop.ini
- %System Root%/Documents and Settings/LocalService/Local Settings/History/desktop.ini
- %System Root%/Documents and Settings/LocalService/Local Settings/History/History.IE5/desktop.ini
- %System Root%/Documents and Settings/LocalService/Local Settings/History/History.IE5/index.dat
- %System Root%/Documents and Settings/LocalService/Local Settings/Temporary Internet Files/Content.IE5/246FT6TD/desktop.ini
- %System Root%/Documents and Settings/LocalService/Local Settings/Temporary Internet Files/Content.IE5/9STOYKO4/desktop.ini
- %System Root%/Documents and Settings/LocalService/Local Settings/Temporary Internet Files/Content.IE5/desktop.ini
- %System Root%/Documents and Settings/LocalService/Local Settings/Temporary Internet Files/Content.IE5/index.dat
- %System Root%/Documents and Settings/LocalService/Local Settings/Temporary Internet Files/Content.IE5/NF72HY20/desktop.ini
- %System Root%/Documents and Settings/LocalService/Local Settings/Temporary Internet Files/Content.IE5/PHOM4UYK/desktop.ini
- %System Root%/Documents and Settings/LocalService/Local Settings/Temporary Internet Files/desktop.ini
- %System Root%/Documents and Settings/LocalService/NTUSER.DAT
- %System Root%/Documents and Settings/LocalService/ntuser.dat.LOG
- %System Root%/Documents and Settings/LocalService/ntuser.ini
- %System Root%/Documents and Settings/NetworkService/Local Settings/Application Data/Microsoft/Windows/UsrClass.dat
- %System Root%/Documents and Settings/NetworkService/Local Settings/Application Data/Microsoft/Windows/UsrClass.dat.LOG
- %System Root%/Documents and Settings/NetworkService/Local Settings/desktop.ini
- %System Root%/Documents and Settings/NetworkService/Local Settings/History/desktop.ini
- %System Root%/Documents and Settings/NetworkService/Local Settings/History/History.IE5/desktop.ini
- %System Root%/Documents and Settings/NetworkService/Local Settings/Temporary Internet Files/Content.IE5/09RWHJQN/desktop.ini
- %System Root%/Documents and Settings/NetworkService/Local Settings/Temporary Internet Files/Content.IE5/BVLBNMKH/desktop.ini
- %System Root%/Documents and Settings/NetworkService/Local Settings/Temporary Internet Files/Content.IE5/desktop.ini
- %System Root%/Documents and Settings/NetworkService/Local Settings/Temporary Internet Files/Content.IE5/ZDGZNKA5/desktop.ini
- %System Root%/Documents and Settings/NetworkService/Local Settings/Temporary Internet Files/Content.IE5/ZSGKJKO6/desktop.ini
- %System Root%/Documents and Settings/NetworkService/Local Settings/Temporary Internet Files/desktop.ini
- %System Root%/Documents and Settings/NetworkService/NTUSER.DAT
- %System Root%/Documents and Settings/NetworkService/ntuser.dat.LOG
- %System Root%/Documents and Settings/NetworkService/ntuser.ini
- %System Root%/Documents and Settings/Wilbert/Application Data/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Application Data/Microsoft/Internet Explorer/brndlog.bak
- %System Root%/Documents and Settings/Wilbert/Application Data/Microsoft/Internet Explorer/brndlog.txt
- %System Root%/Documents and Settings/Wilbert/Application Data/Microsoft/Internet Explorer/Desktop.htt
- %System Root%/Documents and Settings/Wilbert/Application Data/Microsoft/Internet Explorer/Quick Launch/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Application Data/Microsoft/Internet Explorer/Quick Launch/Launch Internet Explorer Browser.lnk
- %System Root%/Documents and Settings/Wilbert/Application Data/Microsoft/Internet Explorer/Quick Launch/Show Desktop.scf
- %System Root%/Documents and Settings/Wilbert/Application Data/Microsoft/MMC/secpol
- %System Root%/Documents and Settings/Wilbert/Application Data/Microsoft/Windows/Themes/Custom.theme
- %System Root%/Documents and Settings/Wilbert/Cookies/index.dat
- %System Root%/Documents and Settings/Wilbert/Favorites/Desktop.ini
- %System Root%/Documents and Settings/Wilbert/Favorites/Links/Customize Links.url
- %System Root%/Documents and Settings/Wilbert/Favorites/Links/Free Hotmail.url
- %System Root%/Documents and Settings/Wilbert/Favorites/Links/Windows Marketplace.url
- %System Root%/Documents and Settings/Wilbert/Favorites/Links/Windows Media.url
- %System Root%/Documents and Settings/Wilbert/Favorites/Links/Windows.url
- %System Root%/Documents and Settings/Wilbert/Favorites/MSN.com.url
- %System Root%/Documents and Settings/Wilbert/Favorites/Radio Station Guide.url
- %System Root%/Documents and Settings/Wilbert/Local Settings/Application Data/GDIPFONTCACHEV1.DAT
- %System Root%/Documents and Settings/Wilbert/Local Settings/Application Data/IconCache.db
- %System Root%/Documents and Settings/Wilbert/Local Settings/Application Data/Microsoft/Internet Explorer/MSIMGSIZ.DAT
- %System Root%/Documents and Settings/Wilbert/Local Settings/Application Data/Microsoft/Media Player/CurrentDatabase_59R.wmdb
- %System Root%/Documents and Settings/Wilbert/Local Settings/Application Data/Microsoft/Wallpaper1.bmp
- %System Root%/Documents and Settings/Wilbert/Local Settings/Application Data/Microsoft/Windows/UsrClass.dat
- %System Root%/Documents and Settings/Wilbert/Local Settings/Application Data/Microsoft/Windows/UsrClass.dat.LOG
- %System Root%/Documents and Settings/Wilbert/Local Settings/Application Data/Microsoft/Windows Media/9.0/WMSDKNS.DTD
- %System Root%/Documents and Settings/Wilbert/Local Settings/Application Data/Microsoft/Windows Media/9.0/WMSDKNS.XML
- %System Root%/Documents and Settings/Wilbert/Local Settings/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Local Settings/History/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Local Settings/History/History.IE5/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Local Settings/History/History.IE5/index.dat
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/58e0ef.mst
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/AdobeARM.log
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/AdobeSFX.log
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/ASPNETSetup_00000.log
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/ASPNETSetup_00001.log
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/ASPNETSetup_00002.log
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_depcheck_NETFX_EXP_35.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_dotnetfx35error.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_dotnetfx35install.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_dotNetFx40_Full_x86_x64_decompression_log.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_MSXML6_MSI0686.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_netfx20MSI7F16.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_netfx20UI7F16.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_NET_Framework20_Setup06A7.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_NET_Framework30_Setup0775.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_NET_Framework35_MSI07B9.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_RGB9RAST_x86.msi0683.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_vcredistMSI3CAA.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_vcredistMSI7C21.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_vcredistUI3CAA.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_vcredistUI7C21.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_wcf_CA_smci_20111017_044900_062.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_wcf_retCA29BA.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_WIC.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/dd_XPS.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/Microsoft .NET Framework 4 Setup_20111016_234618578-MSI_netfx_Core_x86.msi.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/Microsoft .NET Framework 4 Setup_20111016_234618578-MSI_netfx_Extended_x86.msi.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/Microsoft .NET Framework 4 Setup_20111016_234618578.html
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/Microsoft Visual C++ 2010 x86 Redistributable Setup_20111020_000954642-MSI_vc_red.msi.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/Microsoft Visual C++ 2010 x86 Redistributable Setup_20111020_000954642.html
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/uxeventlog.txt
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/vminst.log_20111016_212239_Failed.log
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/vminst.log_20130313_012028.log
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/vminst.log_20130313_012352_Failed.log
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/vmmsi.log_20111016_212246_Failed.log
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/vmmsi.log_20130313_012028.log
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/vmmsi.log_20130313_012352_Failed.log
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/WSFF8.tmp
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/WSFF9.tmp
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temp/{835818DD-220C-4ABD-946E-0D8660B95E29}/SourcePath.bat
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/09RWHJQN/bottom_left3[1].png
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/09RWHJQN/bottom_right3[1].png
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/09RWHJQN/box02[1].gif
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/09RWHJQN/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/09RWHJQN/top_left3[1].png
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/BVLBNMKH/box04[1].gif
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/BVLBNMKH/box08[1].gif
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/BVLBNMKH/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/BVLBNMKH/header00b[1].gif
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/BVLBNMKH/table_bottom3[1].png
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/index.dat
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/ZDGZNKA5/background[1].gif
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/ZDGZNKA5/box06[1].gif
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/ZDGZNKA5/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/ZDGZNKA5/table_right3[1].png
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/ZDGZNKA5/top_right3[1].png
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/ZSGKJKO6/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/ZSGKJKO6/footer00[1].gif
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/ZSGKJKO6/table_left3[1].png
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/Content.IE5/ZSGKJKO6/table_top3[1].png
- %System Root%/Documents and Settings/Wilbert/Local Settings/Temporary Internet Files/desktop.ini
- %System Root%/Documents and Settings/Wilbert/My Documents/desktop.ini
- %System Root%/Documents and Settings/Wilbert/My Documents/My Music/Desktop.ini
- %System Root%/Documents and Settings/Wilbert/My Documents/My Music/Sample Music.lnk
- %System Root%/Documents and Settings/Wilbert/My Documents/My Pictures/Desktop.ini
- %System Root%/Documents and Settings/Wilbert/My Documents/My Pictures/Sample Pictures.lnk
- %System Root%/Documents and Settings/Wilbert/NTUSER.DAT
- %System Root%/Documents and Settings/Wilbert/ntuser.dat.LOG
- %System Root%/Documents and Settings/Wilbert/ntuser.ini
- %System Root%/Documents and Settings/Wilbert/Recent/Desktop.ini
- %System Root%/Documents and Settings/Wilbert/SendTo/Compressed (zipped) Folder.ZFSendToTarget
- %System Root%/Documents and Settings/Wilbert/SendTo/Desktop (create shortcut).DeskLink
- %System Root%/Documents and Settings/Wilbert/SendTo/desktop.ini
- %System Root%/Documents and Settings/Wilbert/SendTo/Mail Recipient.MAPIMail
- %System Root%/Documents and Settings/Wilbert/SendTo/My Documents.mydocs
- %System Root%/Documents and Settings/Wilbert/Start Menu/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/Accessibility/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/Accessibility/Magnifier.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/Accessibility/Narrator.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/Accessibility/On-Screen Keyboard.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/Accessibility/Utility Manager.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/Address Book.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/Command Prompt.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/Entertainment/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/Entertainment/Windows Media Player.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/Notepad.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/Program Compatibility Wizard.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/Synchronize.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/Tour Windows XP.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Accessories/Windows Explorer.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Administrative Tools/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Internet Explorer.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Outlook Express.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Remote Assistance.lnk
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Startup/desktop.ini
- %System Root%/Documents and Settings/Wilbert/Start Menu/Programs/Windows Media Player.lnk
- %System Root%/Documents and Settings/Wilbert/Templates/amipro.sam
- %System Root%/Documents and Settings/Wilbert/Templates/excel.xls
- %System Root%/Documents and Settings/Wilbert/Templates/excel4.xls
- %System Root%/Documents and Settings/Wilbert/Templates/lotus.wk4
- %System Root%/Documents and Settings/Wilbert/Templates/powerpnt.ppt
- %System Root%/Documents and Settings/Wilbert/Templates/presenta.shw
- %System Root%/Documents and Settings/Wilbert/Templates/quattro.wb2
- %System Root%/Documents and Settings/Wilbert/Templates/sndrec.wav
- %System Root%/Documents and Settings/Wilbert/Templates/winword.doc
- %System Root%/Documents and Settings/Wilbert/Templates/winword2.doc
- %System Root%/Documents and Settings/Wilbert/Templates/wordpfct.wpd
- %System Root%/Documents and Settings/Wilbert/Templates/wordpfct.wpg
- %System Root%/IO.SYS
- %System Root%/MSDOS.SYS
- %System Root%/NTDETECT.COM
- %System Root%/ntldr
- %System Root%/pagefile.sys
- %System Root%/Program Files/Adobe/Reader 10.0/Esl/AiodLite.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/A3DUtils.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/ACE.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/AcroBroker.exe
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/Acrofx32.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/AcroRd32.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/AcroRd32.exe
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/AcroRd32Info.exe
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/AcroTextExtractor.exe
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/Adobe.Reader.Dependencies.manifest
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/AdobeCollabSync.exe
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/AdobeLinguistic.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/adoberfp.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/AdobeXMP.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/AGM.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/AGMGPUOptIn.ini
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/ahclient.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/AIR/nppdf32.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/authplay.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/AXE8SharedExpat.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/AXSLE.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/BIB.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/BIBUtils.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/Browser/nppdf32.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/ccme_base.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/CoolType.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/cryptocme2.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/cryptocme2.sig
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/Eula.exe
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/ExtendScript.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/icucnv40.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/icudt40.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/IDTemplates/ENU/AdobeID.pdf
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/IDTemplates/ENU/DefaultID.pdf
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/Javascripts/JSByteCodeWin.bin
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/JP2KLib.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/Legal/ENU/eula.ini
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/Legal/ENU/license.html
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/logsession.dll
- %System Root%/Program Files/Adobe/Reader 10.0/Reader/LogTransport2.exe
Step 3
Scan your computer with your Trend Micro product to clean files detected as PE_SIVIS.A. If the detected files have already been cleaned, deleted, or quarantined by your Trend Micro product, no further step is required. You may opt to simply delete the quarantined files. Please check this Knowledge Base page for more information.
Did this description help? Tell us how we did.