[code] WinPFind35 logfile created on: 2008-03-18 00:48:53 WinPFind35U Version 1.0.5.0 Folder = C:\Documents and Settings\Andre\Desktop\WinPFind35u Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.11) Locale: 00000409 | Country: United States | Language: ENU | Date Format: yyyy-MM-dd 255.48 Mb Total Physical Memory | 94.04 Mb Available Physical Memory | 36.81% Memory free 618.38 Mb Paging File | 283.11 Mb Available in Paging File | 45.78% Paging File free Paging file location(s): C:\pagefile.sys 384 768; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 27.95 Gb Total Space | 13.82 Gb Free Space | 49.44% Space Free | Partition Type: NTFS Drive D: | 18.63 Gb Total Space | 5.67 Gb Free Space | 30.43% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: USER-DED34AE92B Current User Name: Andre Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users [Processes - Non-Microsoft Only] guard.exe -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 2007-05-31 00:31:10 | Attr = ] massrv.exe -> %ProgramFiles%\McAfee\McAfee AntiSpyware\MASSrv.exe -> McAfee, Inc. [Ver = 2.1.0.112 | Size = 1003520 bytes | Modified Date = 2005-11-18 19:15:56 | Attr = ] mcdetect.exe -> %ProgramFiles%\McAfee.com\Agent\Mcdetect.exe -> McAfee, Inc [Ver = 6, 0, 0, 19 | Size = 126976 bytes | Modified Date = 2005-10-13 19:56:16 | Attr = ] mctskshd.exe -> %ProgramFiles%\McAfee.com\Agent\McTskshd.exe -> McAfee, Inc [Ver = 6, 0, 0, 13 | Size = 122368 bytes | Modified Date = 2005-08-24 16:01:04 | Attr = ] mpfservice.exe -> %ProgramFiles%\McAfee.com\Personal Firewall\MpfService.exe -> McAfee Corporation [Ver = 7.1.0.113 | Size = 548864 bytes | Modified Date = 2005-11-11 16:43:04 | Attr = ] mpftray.exe -> %ProgramFiles%\McAfee.com\Personal Firewall\MpfTray.exe -> McAfee Security [Ver = 7.1.0.113 | Size = 1005096 bytes | Modified Date = 2005-11-11 17:00:56 | Attr = ] mcagent.exe -> %ProgramFiles%\McAfee.com\Agent\mcagent.exe -> McAfee, Inc [Ver = 6, 0, 0, 16 | Size = 303104 bytes | Modified Date = 2005-09-22 18:29:08 | Attr = ] mpfagent.exe -> %ProgramFiles%\McAfee.com\Personal Firewall\MpfAgent.exe -> McAfee Security [Ver = 7.1.0.113 | Size = 524288 bytes | Modified Date = 2005-11-11 16:42:12 | Attr = ] firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.8.1.12: 2008020121 | Size = 7655024 bytes | Modified Date = 2008-02-10 23:05:08 | Attr = ] ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 492608 bytes | Modified Date = 2006-10-30 08:36:32 | Attr = ] winpfind35u.exe -> %UserProfile%\Desktop\WinPFind35u\WinPFind35U.exe -> OldTimer Tools [Ver = 1.0.5.0 | Size = 310272 bytes | Modified Date = 2008-03-10 02:34:14 | Attr = ] [Win32 Services - Non-Microsoft Only] (Adobe LM Service) Adobe LM Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Adobe Systems Shared\Service\Adobelmsvc.exe -> Adobe Systems [Ver = 2.67.010 | Size = 72704 bytes | Modified Date = 2007-03-04 17:14:35 | Attr = ] (AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 22 | Size = 312880 bytes | Modified Date = 2007-05-31 00:31:10 | Attr = ] (dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 2004-08-05 | Attr = ] (iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 492608 bytes | Modified Date = 2006-10-30 08:36:32 | Attr = ] (McAfee AntiSpyware Service) McAfee AntiSpyware Service [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\McAfee AntiSpyware\MASSrv.exe -> McAfee, Inc. [Ver = 2.1.0.112 | Size = 1003520 bytes | Modified Date = 2005-11-18 19:15:56 | Attr = ] (McDetect.exe) McAfee WSC Integration [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee.com\Agent\Mcdetect.exe -> McAfee, Inc [Ver = 6, 0, 0, 19 | Size = 126976 bytes | Modified Date = 2005-10-13 19:56:16 | Attr = ] (McTskshd.exe) McAfee Task Scheduler [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee.com\Agent\McTskshd.exe -> McAfee, Inc [Ver = 6, 0, 0, 13 | Size = 122368 bytes | Modified Date = 2005-08-24 16:01:04 | Attr = ] (mcupdmgr.exe) McAfee SecurityCenter Update Manager [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\McAfee.com\Agent\mcupdmgr.exe -> McAfee, Inc [Ver = 6, 0, 0, 4 | Size = 245760 bytes | Modified Date = 2005-07-01 19:22:50 | Attr = ] (MpfService) McAfee Personal Firewall Service [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee.com\Personal Firewall\MpfService.exe -> McAfee Corporation [Ver = 7.1.0.113 | Size = 548864 bytes | Modified Date = 2005-11-11 16:43:04 | Attr = ] [Driver Services - Non-Microsoft Only] (Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] -> -> File not found (abp480n5) abp480n5 [Kernel | Disabled | Stopped] -> -> File not found (adpu160m) adpu160m [Kernel | Disabled | Stopped] -> -> File not found (Aha154x) Aha154x [Kernel | Disabled | Stopped] -> -> File not found (aic78u2) aic78u2 [Kernel | Disabled | Stopped] -> -> File not found (aic78xx) aic78xx [Kernel | Disabled | Stopped] -> -> File not found (AliIde) AliIde [Kernel | Disabled | Stopped] -> -> File not found (amsint) amsint [Kernel | Disabled | Stopped] -> -> File not found (asc) asc [Kernel | Disabled | Stopped] -> -> File not found (asc3350p) asc3350p [Kernel | Disabled | Stopped] -> -> File not found (asc3550) asc3550 [Kernel | Disabled | Stopped] -> -> File not found (Atdisk) Atdisk [Kernel | Disabled | Stopped] -> -> File not found (AVG Anti-Spyware Driver) AVG Anti-Spyware Driver [Kernel | System | Running] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.sys -> [Ver = | Size = 11000 bytes | Modified Date = 2007-05-31 00:10:42 | Attr = ] (AvgAsCln) AVG Anti-Spyware Clean Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Modified Date = 2007-05-31 00:10:42 | Attr = ] (cd20xrnt) cd20xrnt [Kernel | Disabled | Stopped] -> -> File not found (Changer) Changer [Kernel | System | Stopped] -> -> File not found (CmdIde) CmdIde [Kernel | Disabled | Stopped] -> -> File not found (Cpqarray) Cpqarray [Kernel | Disabled | Stopped] -> -> File not found (dac960nt) dac960nt [Kernel | Disabled | Stopped] -> -> File not found (dmboot) dmboot [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 799744 bytes | Modified Date = 2004-08-05 | Attr = ] (dmio) dmio [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 153344 bytes | Modified Date = 2004-08-05 | Attr = ] (dmload) dmload [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 2004-08-05 | Attr = ] (dpti2o) dpti2o [Kernel | Disabled | Stopped] -> -> File not found (GEARAspiWDM) GEARAspiWDM [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\GEARAspiWDM.sys -> GEAR Software Inc. [Ver = 2.0.6.1 | Size = 15664 bytes | Modified Date = 2006-09-19 14:44:04 | Attr = ] (hamachi) Hamachi Network Interface [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\hamachi.sys -> LogMeIn, Inc. [Ver = 6.0.0.0 | Size = 17480 bytes | Modified Date = 2007-03-10 21:08:16 | Attr = ] (hpn) hpn [Kernel | Disabled | Stopped] -> -> File not found (i2omgmt) i2omgmt [Kernel | System | Stopped] -> -> File not found (i2omp) i2omp [Kernel | Disabled | Stopped] -> -> File not found (ini910u) ini910u [Kernel | Disabled | Stopped] -> -> File not found (IntelIde) IntelIde [Kernel | Disabled | Stopped] -> -> File not found (lbrtfdc) lbrtfdc [Kernel | System | Stopped] -> -> File not found (ltmodem5) LT Modem Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ltmdmnt.sys -> LT [Ver = 8.28 | Size = 606684 bytes | Modified Date = 2004-08-04 10:41:36 | Attr = ] (Maplom) Maplom [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\maplom.sys -> Jacal Consulting [Ver = 2.0.0.2055 | Size = 28416 bytes | Modified Date = 2006-04-12 08:07:10 | Attr = ] (MPFIREWL) MPFIREWL [Kernel | System | Running] -> %SystemRoot%\system32\drivers\MpFirewall.sys -> McAfee [Ver = 7.1.0.113 | Size = 80640 bytes | Modified Date = 2005-11-11 16:43:52 | Attr = ] (mraid35x) mraid35x [Kernel | Disabled | Stopped] -> -> File not found (nv) nv [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\nv4_mini.sys -> NVIDIA Corporation [Ver = 6.14.10.5673 | Size = 1897408 bytes | Modified Date = 2004-08-04 10:29:56 | Attr = ] (PCIDump) PCIDump [Kernel | System | Stopped] -> -> File not found (PCIIde) PCIIde [Kernel | Disabled | Stopped] -> -> File not found (PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] -> -> File not found (PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] -> -> File not found (PDRELI) PDRELI [Kernel | On_Demand | Stopped] -> -> File not found (PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] -> -> File not found (perc2) perc2 [Kernel | Disabled | Stopped] -> -> File not found (perc2hib) perc2hib [Kernel | Disabled | Stopped] -> -> File not found (pfc) Padus ASPI Shell [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\pfc.sys -> Padus, Inc. [Ver = 2, 5, 0, 202 | Size = 9856 bytes | Modified Date = 2006-08-11 15:52:29 | Attr = ] (Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 2004-08-05 | Attr = ] (PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\pxhelp20.sys -> Sonic Solutions [Ver = 3.00.41a | Size = 36560 bytes | Modified Date = 2006-09-28 09:53:22 | Attr = ] (ql1080) ql1080 [Kernel | Disabled | Stopped] -> -> File not found (Ql10wnt) Ql10wnt [Kernel | Disabled | Stopped] -> -> File not found (ql12160) ql12160 [Kernel | Disabled | Stopped] -> -> File not found (ql1240) ql1240 [Kernel | Disabled | Stopped] -> -> File not found (ql1280) ql1280 [Kernel | Disabled | Stopped] -> -> File not found (rtl8139) Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\RTL8139.sys -> Realtek Semiconductor Corporation [Ver = 5.398.613.2003 built by: WinDDK | Size = 20992 bytes | Modified Date = 2004-08-04 10:31:34 | Attr = ] (SASKUTIL) SASKUTIL [Kernel | System | Stopped] -> %ProgramFiles%\SUPERAntiSpyware\SASKUTIL.sys -> File not found (Secdrv) Secdrv [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\secdrv.sys -> [Ver = | Size = 11376 bytes | Modified Date = 2003-12-02 12:42:14 | Attr = R ] (Simbad) Simbad [Kernel | Disabled | Stopped] -> -> File not found (Sparrow) Sparrow [Kernel | Disabled | Stopped] -> -> File not found (symc810) symc810 [Kernel | Disabled | Stopped] -> -> File not found (symc8xx) symc8xx [Kernel | Disabled | Stopped] -> -> File not found (sym_hi) sym_hi [Kernel | Disabled | Stopped] -> -> File not found (sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> -> File not found (tbhsd) Tunebite High-Speed Dubbing [Kernel | On_Demand | Stopped] -> -> File not found (tmcomm) tmcomm [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\tmcomm.sys -> Trend Micro Inc. [Ver = 1.6.0.1059 | Size = 102664 bytes | Modified Date = 2008-03-10 22:49:24 | Attr = ] (TosIde) TosIde [Kernel | Disabled | Stopped] -> -> File not found (ultra) ultra [Kernel | Disabled | Stopped] -> -> File not found (VIAudio) VIA AC'97 Audio Controller (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ac97via.sys -> VIA Technologies, Inc. [Ver = 5.10.00.3622 built by: WinDDK | Size = 84480 bytes | Modified Date = 2004-08-04 10:32:32 | Attr = ] (wanatw) WAN Miniport (ATW) [Kernel | On_Demand | Stopped] -> -> File not found (WDICA) WDICA [Kernel | On_Demand | Stopped] -> -> File not found (ZSMC302) VIMICRO USB PC Camera [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\usbVM31b.sys -> VM [Ver = 4.2.1010.41 | Size = 90568 bytes | Modified Date = 2004-09-07 20:11:50 | Attr = R ] [Registry - Non-Microsoft Only] < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> !AVG Anti-Spyware -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\avgas.exe -> GRISOFT s.r.o. [Ver = 7, 5, 1, 43 | Size = 6731312 bytes | Modified Date = 2007-06-11 21:25:42 | Attr = ] BMcfac83c8 -> %SystemRoot%\system32\esalcwdd.dll -> [Ver = | Size = 89664 bytes | Modified Date = 2008-03-10 18:53:54 | Attr = ] cc9fb054 -> %SystemRoot%\system32\rfnbkkci.DLL -> File not found KernelFaultCheck -> -> File not found MCAgentExe -> %ProgramFiles%\McAfee.com\Agent\mcagent.exe -> McAfee, Inc [Ver = 6, 0, 0, 16 | Size = 303104 bytes | Modified Date = 2005-09-22 18:29:08 | Attr = ] MCUpdateExe -> %ProgramFiles%\McAfee.com\Agent\mcupdate.exe -> McAfee, Inc [Ver = 6, 0, 0, 21 | Size = 212992 bytes | Modified Date = 2006-01-11 12:05:42 | Attr = ] MPFEXE -> %ProgramFiles%\McAfee.com\Personal Firewall\MpfTray.exe -> McAfee Security [Ver = 7.1.0.113 | Size = 1005096 bytes | Modified Date = 2005-11-11 17:00:56 | Attr = ] Printer -> %SystemRoot%\system32\printer.exe -> File not found < OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ -> IMAIL-> Installed = 1 -> MAPI-> Installed = 1 -> MSFS-> Installed = 1 -> < All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> < Andre Startup Folder > -> C:\Documents and Settings\Andre\Start Menu\Programs\Startup -> < Chloe Startup Folder > -> C:\Documents and Settings\Chloe\Start Menu\Programs\Startup -> < Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> < AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> *AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> C:\WINDOWS\system32\wowfx.dll -> %SystemRoot%\system32\wowfx.dll -> [Ver = | Size = 18944 bytes | Modified Date = 2005-08-08 07:04:47 | Attr = ] *MultiFile Done* -> -> < SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad -> {07f7210c-30b3-4e00-81ee-487aeb2523d9} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\Installer\{07f7210c-30b3-4e00-81ee-487aeb2523d9}\ServiceSetup.dll [ServiceSetup] -> File not found < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> {57B86673-276A-48B2-BAE7-C6DBB3020EB8} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll [AVG Anti-Spyware 7.5] -> GRISOFT s.r.o. [Ver = 7, 5, 1, 36 | Size = 79408 bytes | Modified Date = 2007-05-31 00:29:58 | Attr = ] {6ED63687-EB85-4687-A8D0-17E9792B20CA} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [] -> File not found < SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> *SecurityProviders* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders -> wowfx.dll -> %SystemRoot%\system32\wowfx.dll -> [Ver = | Size = 18944 bytes | Modified Date = 2005-08-08 07:04:47 | Attr = ] xlibgfl254.dll -> -> File not found *MultiFile Done* -> -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> C:\WINDOWS\system32\mgmrwmrv.exe -> %SystemRoot%\system32\mgmrwmrv.exe -> File not found *MultiFile Done* -> -> < Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *UserInit* -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> -> -> File not found C:\WINDOWS\system32\mgmrwmrv.exe -> %SystemRoot%\system32\mgmrwmrv.exe -> File not found *MultiFile Done* -> -> < Winlogon settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *UserInit* -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> -> -> File not found C:\WINDOWS\system32\mgmrwmrv.exe -> %SystemRoot%\system32\mgmrwmrv.exe -> File not found *MultiFile Done* -> -> < Winlogon settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *UserInit* -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> -> -> File not found C:\WINDOWS\system32\mgmrwmrv.exe -> %SystemRoot%\system32\mgmrwmrv.exe -> File not found *MultiFile Done* -> -> < Winlogon settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *UserInit* -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> -> -> File not found C:\WINDOWS\system32\mgmrwmrv.exe -> %SystemRoot%\system32\mgmrwmrv.exe -> File not found *MultiFile Done* -> -> < Winlogon settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *UserInit* -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> -> -> File not found C:\WINDOWS\system32\mgmrwmrv.exe -> %SystemRoot%\system32\mgmrwmrv.exe -> File not found *MultiFile Done* -> -> < Winlogon settings [HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004] > -> HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *UserInit* -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> -> -> File not found C:\WINDOWS\system32\mgmrwmrv.exe -> %SystemRoot%\system32\mgmrwmrv.exe -> File not found *MultiFile Done* -> -> < Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> acfffaeddbcec -> %SystemRoot%\system32\acfffaeddbcec.dll -> [Ver = | Size = 93184 bytes | Modified Date = 2008-03-10 22:25:55 | Attr = ] bdebafab -> %SystemRoot%\system32\bdebafab.dll -> [Ver = | Size = 108562 bytes | Modified Date = 2008-03-04 12:48:44 | Attr = ] opnlkhi -> -> File not found tuvww -> %SystemRoot%\system32\tuvww.dll -> File not found WgaLogon -> -> File not found winvfe32 -> -> File not found wudb -> %SystemRoot%\system32\wudb.dll -> File not found < CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoControlPanel -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\UpdateManager -> C:\Program Files\Common Files\Microsoft Shared\Web Components\vupdman32.exe [C:\Program Files\Common Files\Microsoft Shared\Web Components\vupdman32.exe] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\DisableRegistryTools -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\DisableTaskMgr -> 1 -> < CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ComDlg32\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\Mn@iboddPubswLfov -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\Mn@mlrf -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\MnOndNeg -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\MnQtm -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoControlPanel -> 1 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\Ghp`amfUbrhLds -> 0 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr -> 1 -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\disableregistrytools -> 0 -> < CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> < CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004] > -> HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> -> HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ComDlg32\ -> -> HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> -> HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 -> HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\Mn@iboddPubswLfov -> 0 -> HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\Mn@mlrf -> 0 -> HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\MnOndNeg -> 0 -> HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\MnQtm -> 0 -> HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoControlPanel -> 1 -> HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> -> HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\Ghp`amfUbrhLds -> 0 -> HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableTaskMgr -> 1 -> HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\disableregistrytools -> 0 -> < HOSTS File > (2826 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts -> 10.18.250.4 ad.doubleclick.net -> -> 10.18.250.4 ad.fastclick.net -> -> 10.18.250.4 ads.fastclick.net -> -> 10.18.250.4 ar.atwola.com -> -> 10.18.250.4 atdmt.com -> -> 10.18.250.4 avp.ch -> -> 10.18.250.4 avp.com -> -> 10.18.250.4 avp.ru -> -> 10.18.250.4 awaps.net -> -> 10.18.250.4 banner.fastclick.net -> -> 10.18.250.4 banners.fastclick.net -> -> 10.18.250.4 ca.com -> -> 10.18.250.4 click.atdmt.com -> -> 10.18.250.4 clicks.atdmt.com -> -> 10.18.250.4 customer.symantec.com -> -> 10.18.250.4 dispatch.mcafee.com -> -> 10.18.250.4 download.mcafee.com -> -> 10.18.250.4 downloads1.kaspersky-labs.com -> -> 10.18.250.4 downloads2.kaspersky-labs.com -> -> 10.18.250.4 downloads3.kaspersky-labs.com -> -> 10.18.250.4 downloads4.kaspersky-labs.com -> -> 10.18.250.4 downloads-us1.kaspersky-labs.com -> -> 10.18.250.4 downloads-us2.kaspersky-labs.com -> -> 10.18.250.4 downloads-us3.kaspersky-labs.com -> -> 10.18.250.4 engine.awaps.net -> -> 10.18.250.4 fastclick.net -> -> 10.18.250.4 f-secure.com -> -> 10.18.250.4 ftp.avp.ch -> -> 10.18.250.4 ftp.downloads1.kaspersky-labs.com -> -> 10.18.250.4 ftp.downloads2.kaspersky-labs.com -> -> 10.18.250.4 ftp.downloads3.kaspersky-labs.com -> -> 10.18.250.4 ftp.f-secure.com -> -> 10.18.250.4 ftp.kasperskylab.ru -> -> 10.18.250.4 ftp.sophos.com -> -> 10.18.250.4 ids.kaspersky-labs.com -> -> 10.18.250.4 kaspersky.com -> -> 10.18.250.4 kaspersky-labs.com -> -> 10.18.250.4 liveupdate.symantec.com -> -> 10.18.250.4 liveupdate.symantecliveupdate.com -> -> 10.18.250.4 mast.mcafee.com -> -> 10.18.250.4 mcafee.com -> -> 10.18.250.4 media.fastclick.net -> -> 10.18.250.4 my-etrust.com -> -> 10.18.250.4 nai.com -> -> 10.18.250.4 networkassociates.com -> -> 10.18.250.4 norton.com -> -> 10.18.250.4 phx.corporate-ir.net -> -> 10.18.250.4 rads.mcafee.com -> -> 10.18.250.4 secure.nai.com -> -> 10.18.250.4 securityresponse.symantec.com -> -> 10.18.250.4 service1.symantec.com -> -> 10.18.250.4 sophos.com -> -> 10.18.250.4 spd.atdmt.com -> -> 10.18.250.4 symantec.com -> -> 10.18.250.4 trendmicro.com -> -> 10.18.250.4 update.symantec.com -> -> 10.18.250.4 updates.symantec.com -> -> 10.18.250.4 updates1.kaspersky-labs.com -> -> 10.18.250.4 updates2.kaspersky-labs.com -> -> 10.18.250.4 updates3.kaspersky-labs.com -> -> 10.18.250.4 updates4.kaspersky-labs.com -> -> 10.18.250.4 updates5.kaspersky-labs.com -> -> 10.18.250.4 us.mcafee.com -> -> 10.18.250.4 vil.nai.com -> -> 10.18.250.4 viruslist.com -> -> 10.18.250.4 viruslist.ru -> -> 10.18.250.4 virusscan.jotti.org -> -> 10.18.250.4 virustotal.com -> -> 10.18.250.4 www.avp.ch -> -> 10.18.250.4 www.avp.com -> -> 10.18.250.4 www.avp.ru -> -> 10.18.250.4 www.awaps.net -> -> 10.18.250.4 www.ca.com -> -> 10.18.250.4 www.fastclick.net -> -> 10.18.250.4 www.f-secure.com -> -> 10.18.250.4 www.grisoft.com -> -> 10.18.250.4 www.kaspersky.com -> -> 10.18.250.4 www.kaspersky.ru -> -> 10.18.250.4 www.kaspersky-labs.com -> -> 10.18.250.4 www.mcafee.com -> -> 10.18.250.4 www.my-etrust.com -> -> 10.18.250.4 www.nai.com -> -> 10.18.250.4 www.networkassociates.com -> -> 10.18.250.4 www.sophos.com -> -> 10.18.250.4 www.symantec.com -> -> 10.18.250.4 www.trendmicro.com -> -> 10.18.250.4 www.viruslist.com -> -> 10.18.250.4 www.viruslist.ru -> -> 10.18.250.4 www.virustotal.com -> -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 -> HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://www.google.com/ie -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> HKEY_CURRENT_USER\: Main\\Search Bar -> http://g.xtramsn.co.nz/0SEENNZ/SAOS01?FORM=TOOLBR -> HKEY_CURRENT_USER\: Main\\Search Page -> http://g.xtramsn.co.nz/0SEENNZ/SAOS01?FORM=TOOLBR -> HKEY_CURRENT_USER\: Main\\Start Page -> http://www.google.co.nz/ -> HKEY_CURRENT_USER\: SearchURL\\ -> http://g.xtramsn.co.nz/0SEENNZ/SAOS01?FORM=TOOLBR[Reg Error: Value provider does not exist or could not be read.] -> HKEY_CURRENT_USER\: ProxyEnable -> 0 -> HKEY_CURRENT_USER\: ProxyOverride -> *.local -> < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: ProxyEnable -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\] > -> -> HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm -> HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\: Main\\Search Bar -> http://g.xtramsn.co.nz/0SEENNZ/SAOS01?FORM=TOOLBR -> HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\: Main\\Search Page -> http://g.xtramsn.co.nz/0SEENNZ/SAOS01?FORM=TOOLBR -> HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\: Main\\Start Page -> http://www.google.co.nz/ -> HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\: SearchURL\\ -> http://g.xtramsn.co.nz/0SEENNZ/SAOS01?FORM=TOOLBR[Reg Error: Value provider does not exist or could not be read.] -> HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\: ProxyEnable -> 0 -> HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\: ProxyOverride -> *.local -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 1 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1486 domain(s) found. -> 82 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 43 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1486 domain(s) found. -> 82 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 43 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1486 domain(s) found. -> 82 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 43 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1486 domain(s) found. -> 82 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 43 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1486 domain(s) found. -> 82 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 43 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\] > -> HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1486 domain(s) found. -> 82 domain(s) and sub-domain(s) not assigned to a zone. < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\] > -> HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 43 range(s) found. -> < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [AcroIEHlprObj Class] -> Adobe Systems Incorporated [Ver = 7.0.0.2004121400 | Size = 63136 bytes | Modified Date = 2004-12-14 01:56:50 | Attr = ] {13197ace-6851-45c3-a7ff-c281324d5489} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found {5fa6752a-c4a0-4222-88c2-928ae5ab4966} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found {622cc208-b014-4fe0-801b-874a5e5e403a} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.5.0_06\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 184423 bytes | Modified Date = 2005-11-10 13:22:12 | Attr = ] {7E853D72-626A-48EC-A868-BA8D5E23E045} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found {85DA32C2-9D9B-4DCB-9FBB-35882FC4D2F8} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found {8674aea0-9d3d-11d9-99dc-00600f9a01f1} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found {9c5b2f29-1f46-4639-a6b4-828942301d3e} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found {B4E7CAAB-6535-4243-99BD-F12350B584A2} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Value does not exist or could not be read.] -> File not found {b53875f2-ae1c-4efb-88c6-bc305a3748b4} [HKEY_LOCAL_MACHINE] -> %SystemRoot%\system32\fnluqwgk.dll [Reg Error: Value does not exist or could not be read.] -> File not found {cf021f40-3e14-23a5-cba2-717765728274} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found {F10587E9-0E47-4CBE-ABCD-7DD20B8622FF} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Helper\1205149217.dll [e404mgr Class] -> File not found {fc3a74e5-f281-4f10-ae1e-733078684f3c} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found {ffff0001-0002-101a-a3c9-08002b2f49fb} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [&Yahoo! Toolbar] -> File not found < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\] > -> HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [&Yahoo! Toolbar] -> File not found < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.5.0_06\bin\NPJPI150_06.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 69746 bytes | Modified Date = 2005-11-10 13:22:12 | Attr = ] {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.5.0_06\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.60.5 | Size = 184423 bytes | Modified Date = 2005-11-10 13:22:12 | Attr = ] {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [] -> File not found {F4430FE8-2638-42e5-B849-800749B94EED}: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [PartyPoker.net] -> File not found {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D}:Exec -> %ProgramFiles%\PokerStars.NET\PokerStarsUpdate.exe [PokerStars.net] -> PokerStars [Ver = 1.030 | Size = 435088 bytes | Modified Date = 2008-02-29 00:10:52 | Attr = ] < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{39FD89BF-D3F1-45b6-BB56-3582CCF489E1} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} [HKEY_LOCAL_MACHINE] -> [Reg Error: Value MenuText does not exist or could not be read.] -> File not found CmdMapping\\{F4430FE8-2638-42e5-B849-800749B94EED} [HKEY_LOCAL_MACHINE] -> [PartyPoker.net] -> File not found < Internet Explorer Extensions [HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\] > -> HKEY_USERS\S-1-5-21-1491950412-2009852829-4049741679-1004\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\{39FD89BF-D3F1-45b6-BB56-3582CCF489E1} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found CmdMapping\\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} [HKEY_LOCAL_MACHINE] -> [Reg Error: Value MenuText does not exist or could not be read.] -> File not found CmdMapping\\{F4430FE8-2638-42e5-B849-800749B94EED} [HKEY_LOCAL_MACHINE] -> [PartyPoker.net] -> File not found < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {7B2A890B-588D-4B27-AE2F-7F29D2EF04C0} -> 202.27.158.40,202.27.156.72 (Realtek RTL8139 Family PCI Fast Ethernet NIC) -> {87796379-99D7-4FE2-908E-9B1F6EDC1781} -> () -> < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> ipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found msdaipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab[Java Plug-in 1.5.0_06] -> {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab[Reg Error: Key does not exist or could not be opened.] -> {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0}[HKEY_LOCAL_MACHINE] -> http://update.videoegg.com/Install/Windows/Initial/VideoEggPublisher.exe[Reg Error: Key does not exist or could not be opened.] -> {C3F79A2B-B9B4-4A66-B012-3EE46475B072}[HKEY_LOCAL_MACHINE] -> http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab[MessengerStatsClient Class] -> {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab[Java Plug-in 1.5.0_06] -> {D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab[Shockwave Flash Object] -> Microsoft XML Parser for Java[HKEY_LOCAL_MACHINE] -> file:///C:/WINDOWS/Java/classes/xmldso.cab[Reg Error: Key does not exist or could not be opened.] -> [Registry - Additional Scans - Non-Microsoft Only] < BotCheck > -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\DefaultLaunchPermission -> (binary data) -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineLaunchRestriction -> (binary data) -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineAccessRestriction -> (binary data) -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\EnableDCOM -> Y -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{A50398B8-9075-4FBF-A7A1-456BF21937AD} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{AD65A69D-3831-40D7-9629-9B0B50A93843} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{0040D221-54A1-11D1-9DE0-006097042D69} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3} -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 0 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\\DisableMonitoring -> 1 -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\ not found. -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\ not found. -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ -> -> *Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages -> msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 2004-08-05 | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Bounds -> (binary data) -> *Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages -> kerberos -> %SystemRoot%\system32\kerberos.dll -> Microsoft Corporation [Ver = 5.1.2600.2698 (xpsp_sp2_gdr.050614-1522) | Size = 295936 bytes | Modified Date = 2005-06-16 05:49:30 | Attr = ] msv1_0 -> %SystemRoot%\system32\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 2004-08-05 | Attr = ] schannel -> %SystemRoot%\system32\schannel.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 144896 bytes | Modified Date = 2004-08-05 | Attr = ] wdigest -> %SystemRoot%\system32\wdigest.dll -> Microsoft Corporation [Ver = 5.1.2600.2874 (xpsp_sp2_gdr.060323-1516) | Size = 49152 bytes | Modified Date = 2006-03-24 16:37:50 | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\ImpersonatePrivilegeUpgradeToolHasRun -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\LsaPid -> 552 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\SecureBoot -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\auditbaseobjects -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\crashonauditfail -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\disabledomaincreds -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\everyoneincludesanonymous -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fipsalgorithmpolicy -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\forceguest -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fullprivilegeauditing -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\limitblankpassworduse -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\lmcompatibilitylevel -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nodefaultadminowner -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nolmhash -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymous -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymoussam -> 1 -> *Notification Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Notification Packages -> scecli -> %SystemRoot%\system32\scecli.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 180224 bytes | Modified Date = 2004-08-05 | Attr = ] *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\ -> -> *ProviderOrder* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\\ProviderOrder -> Windows NT Access Provider -> -> File not found *MultiFile Done* -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\\ProviderPath -> C:\WINDOWS\system32\ntmarta.dll [%SystemRoot%\system32\ntmarta.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 118784 bytes | Modified Date = 2004-08-05 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\System\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\\Pattern -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\\GrafBlumGroup -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\\Lookup -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Domains\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\SidCache\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\\ntlmminclientsec -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\\ntlmminserversec -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\\SkewMatrix -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\\SSOURL -> http://www.passport.com -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Name -> Digest -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Comment -> Digest SSPI Authentication Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Capabilities -> 16464 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\RpcId -> 65535 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\TokenSize -> 65535 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Name -> DPA -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Comment -> DPA Security Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Capabilities -> 55 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\RpcId -> 17 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\TokenSize -> 768 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Name -> MSN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Comment -> MSN Security Package -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Capabilities -> 55 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\RpcId -> 18 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Version -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\TokenSize -> 768 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Time -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Type -> 49 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Windows Firewall/Internet Connection Sharing (ICS) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%SystemRoot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 2004-08-05 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 12873 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> C:\WINDOWS\system32\ipnathlp.dll [%SystemRoot%\System32\ipnathlp.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 331264 bytes | Modified Date = 2004-08-05 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 2004-08-05 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> Microsoft Corporation [Ver = 5.1.2600.2946 (xpsp.060706-0011) | Size = 557568 bytes | Modified Date = 2006-07-06 20:49:52 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Windows Live\Messenger\msnmsgr.exe -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> Microsoft Corporation [Ver = 8.5.1302.1018 | Size = 5724184 bytes | Modified Date = 2007-10-18 11:34:02 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Windows Live\Messenger\livecall.exe -> C:\Program Files\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> Microsoft Corporation [Ver = 1.5.204.0 | Size = 304488 bytes | Modified Date = 2007-10-02 17:18:24 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Documents and Settings\Andre\Application Data\printer.exe -> C:\Documents and Settings\Andre\Application Data\printer.exe [C:\Documents and Settings\Andre\Application Data\printer.exe:*:Enabled:@xpsp2res.dll,-22019] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\WINDOWS\system32\printer.exe -> C:\WINDOWS\system32\printer.exe [C:\WINDOWS\system32\printer.exe:*:Enabled:@xpsp2res.dll,-22019] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\WINDOWS\system32\spoolvs.exe -> C:\WINDOWS\system32\spoolvs.exe [C:\WINDOWS\system32\spoolvs.exe:*:Enabled:@xpsp2res.dll,-22019] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\WINDOWS\shell.exe -> C:\WINDOWS\shell.exe [C:\WINDOWS\shell.exe:*:Enabled:@xpsp2res.dll,-22019] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Documents and Settings\Andre\Start Menu\Programs\Startup\findfast.exe -> C:\Documents and Settings\Andre\Start Menu\Programs\Startup\findfast.exe [C:\Documents and Settings\Andre\Start Menu\Programs\Startup\findfast.exe:*:Enabled:@xpsp2res.dll,-22019] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Documents and Settings\All Users\Start Menu\Programs\Startup\autorun.exe -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup\autorun.exe [C:\Documents and Settings\All Users\Start Menu\Programs\Startup\autorun.exe:*:Enabled:@xpsp2res.dll,-22019] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\winav.exe -> C:\WINDOWS\system32\winav.exe [%windir%\system32\winav.exe:*:Enabled:@xpsp2res.dll,-22019] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Documents and Settings\Andre\Application Data\mcrupdate.exe -> C:\Documents and Settings\Andre\Application Data\mcrupdate.exe [C:\Documents and Settings\Andre\Application Data\mcrupdate.exe:*:Enabled:@xpsp2res.dll,-22019] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DisableNotifications -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DoNotAllowExceptions -> 0 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 2004-08-05 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\Network Diagnostic\xpnetdiag.exe -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> Microsoft Corporation [Ver = 5.1.2600.2946 (xpsp.060706-0011) | Size = 557568 bytes | Modified Date = 2006-07-06 20:49:52 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\iTunes\iTunes.exe -> C:\Program Files\iTunes\iTunes.exe [C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes] -> Apple Computer, Inc. [Ver = 7.0.2.16 | Size = 15338560 bytes | Modified Date = 2006-10-30 08:36:32 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MessengerDiscovery\Loader.exe -> C:\Program Files\MessengerDiscovery\Loader.exe [C:\Program Files\MessengerDiscovery\Loader.exe:*:Disabled:Loader] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe -> C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe [C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe:*:Enabled:MessengerDiscovery Live the Windows Live Messenger addon] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\SmartFTP Client 2.0\SmartFTP.exe -> C:\Program Files\SmartFTP Client 2.0\SmartFTP.exe [C:\Program Files\SmartFTP Client 2.0\SmartFTP.exe:*:Enabled:SmartFTP Client 2.0] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Messenger\msmsgs.exe -> C:\Program Files\Messenger\msmsgs.exe [C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger] -> Microsoft Corporation [Ver = 4.7.3001 | Size = 1694208 bytes | Modified Date = 2004-10-14 04:24:37 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Mozilla Firefox\firefox.exe -> C:\Program Files\Mozilla Firefox\firefox.exe [C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox] -> Mozilla Corporation [Ver = 1.8.1.12: 2008020121 | Size = 7655024 bytes | Modified Date = 2008-02-10 23:05:08 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\TEMP\win1B54.tmp.exe -> C:\WINDOWS\TEMP\win1B54.tmp.exe [C:\WINDOWS\TEMP\win1B54.tmp.exe:*:Enabled:win1B54.tmp] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\uTorrent.exe -> C:\Program Files\uTorrent\uTorrent.exe [C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Bonjour\mDNSResponder.exe -> C:\Program Files\Bonjour\mDNSResponder.exe [C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\system32\dhvabtul.exe -> C:\WINDOWS\system32\dhv -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\TEMP\win2C89.tmp.exe -> C:\WINDOWS\TEMP\win2C89.tmp.exe [C:\WINDOWS\TEMP\win2C89.tmp.exe:*:Enabled:win2C89.tmp] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\TEMP\win5E.tmp.exe -> C:\WINDOWS\TEMP\win5E.tmp.exe [C:\WINDOWS\TEMP\win5E.tmp.exe:*:Enabled:win5E.tmp] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\DOCUME~1\Andre\LOCALS~1\Temp\RegMech.exe -> C:\DOCUME~1\Andre\LOCALS~1\Temp\RegMech.exe [C:\DOCUME~1\Andre\LOCALS~1\Temp\RegMech.exe:*:Enabled:Enabled] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\TEMP\winC00.tmp.exe -> C:\WINDOWS\TEMP\winC00.tmp.exe [C:\WINDOWS\TEMP\winC00.tmp.exe:*:Enabled:winC00.tmp] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\LimeWire\LimeWire.exe -> C:\Program Files\LimeWire\LimeWire.exe [C:\Program Files\LimeWire\LimeWire.exe:*:Disabled:LimeWire] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Windows Live\Messenger\msnmsgr.exe -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> Microsoft Corporation [Ver = 8.5.1302.1018 | Size = 5724184 bytes | Modified Date = 2007-10-18 11:34:02 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Windows Live\Messenger\livecall.exe -> C:\Program Files\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> Microsoft Corporation [Ver = 1.5.204.0 | Size = 304488 bytes | Modified Date = 2007-10-02 17:18:24 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\TEMP\win1D.exe -> C:\WINDOWS\TEMP\win1D.exe [C:\WINDOWS\TEMP\win1D.exe:*:Enabled:win1D] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\Andre\Application Data\printer.exe -> C:\Documents and Settings\Andre\Application Data\printer.exe [C:\Documents and Settings\Andre\Application Data\printer.exe:*:Enabled:@xpsp2res.dll,-22019] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\system32\printer.exe -> C:\WINDOWS\system32\printer.exe [C:\WINDOWS\system32\printer.exe:*:Enabled:@xpsp2res.dll,-22019] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\system32\spoolvs.exe -> C:\WINDOWS\system32\spoolvs.exe [C:\WINDOWS\system32\spoolvs.exe:*:Enabled:@xpsp2res.dll,-22019] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\shell.exe -> C:\WINDOWS\shell.exe [C:\WINDOWS\shell.exe:*:Enabled:@xpsp2res.dll,-22019] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\Andre\Start Menu\Programs\Startup\findfast.exe -> C:\Documents and Settings\Andre\Start Menu\Programs\Startup\findfast.exe [C:\Documents and Settings\Andre\Start Menu\Programs\Startup\findfast.exe:*:Enabled:@xpsp2res.dll,-22019] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\All Users\Start Menu\Programs\Startup\autorun.exe -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup\autorun.exe [C:\Documents and Settings\All Users\Start Menu\Programs\Startup\autorun.exe:*:Enabled:@xpsp2res.dll,-22019] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\winav.exe -> C:\WINDOWS\system32\winav.exe [%windir%\system32\winav.exe:*:Enabled:@xpsp2res.dll,-22019] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\Andre\Application Data\mcrupdate.exe -> C:\Documents and Settings\Andre\Application Data\mcrupdate.exe [C:\Documents and Settings\Andre\Application Data\mcrupdate.exe:*:Enabled:@xpsp2res.dll,-22019] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\18969:TCP -> 18969:TCP:*:Enabled:uTorrent -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\18969:UDP -> 18969:UDP:*:Enabled:uTorrent -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\All -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\0 -> Root\LEGACY_SHAREDACCESS\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 272 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%systemroot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 2004-08-05 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Automatic Updates -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site. -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> C:\WINDOWS\system32\wuauserv.dll [C:\WINDOWS\system32\wuauserv.dll] -> Microsoft Corporation [Ver = 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158) | Size = 6656 bytes | Modified Date = 2004-08-05 | Attr = ] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security -> (binary data) -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\0 -> Root\LEGACY_WUAUSERV\0000 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 -> Reg Error: Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\ not found. -> -> Reg Error: Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\ not found. -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\\ProxyEnable -> 0 -> < Disabled MSConfig Folder Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\ -> C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> Adobe Systems Incorporated [Ver = 7.0.0.0 | Size = 29696 bytes | Modified Date = 2004-12-14 04:44:06 | Attr = ] C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office OneNote 2003 Quick Launch.lnk -> -> File not found C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MightyFAX Controller.lnk -> -> File not found C:^Documents and Settings^Andre^Start Menu^Programs^Startup^Thoosje Vista Sidebar.lnk -> -> File not found < Disabled MSConfig Registry Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ -> avp hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> %SystemRoot%\TEMP\win33A.exe -> File not found build delete remote idol hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> -> File not found cc9fb054 hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> %SystemRoot%\system32\vpkqdywl.DLL -> File not found CTDrive hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> %SystemRoot%\system32\drvkuj.DLL -> File not found [Files/Folders - Created Within 90 days] Deckard -> %SystemDrive%\Deckard -> [Folder | Created Date = 2008-03-12 17:17:32 | Attr = ] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 267964416 bytes | Created Date = 2008-03-13 12:06:51 | Attr = HS] VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Created Date = 2008-03-13 12:16:54 | Attr = ] AvgAsCln.sys -> %SystemRoot%\System32\drivers\AvgAsCln.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 10872 bytes | Created Date = 2008-03-11 00:53:12 | Attr = ] aakbgmdi.dll -> %SystemRoot%\System32\aakbgmdi.dll -> [Ver = | Size = 91712 bytes | Created Date = 2008-03-05 14:42:30 | Attr = ] aanfdldq.dll -> %SystemRoot%\System32\aanfdldq.dll -> [Ver = | Size = 92224 bytes | Created Date = 2008-02-07 16:04:43 | Attr = ] acfotmix.ini -> %SystemRoot%\System32\acfotmix.ini -> [Ver = | Size = 1307434 bytes | Created Date = 2008-03-06 12:44:01 | Attr = HS] afabfbpx.ini -> %SystemRoot%\System32\afabfbpx.ini -> [Ver = | Size = 1031859 bytes | Created Date = 2008-01-01 10:25:27 | Attr = HS] agchuxlt.dll -> %SystemRoot%\System32\agchuxlt.dll -> [Ver = | Size = 87104 bytes | Created Date = 2007-12-26 12:18:19 | Attr = ] aigphkbe.dll -> %SystemRoot%\System32\aigphkbe.dll -> [Ver = | Size = 92736 bytes | Created Date = 2008-01-31 12:39:22 | Attr = ] albinkab.dll -> %SystemRoot%\System32\albinkab.dll -> [Ver = | Size = 91200 bytes | Created Date = 2008-03-10 12:38:52 | Attr = ] aldtvvtr.dll -> %SystemRoot%\System32\aldtvvtr.dll -> [Ver = | Size = 91712 bytes | Created Date = 2008-03-01 16:12:19 | Attr = ] alupvwre.ini -> %SystemRoot%\System32\alupvwre.ini -> [Ver = | Size = 1286141 bytes | Created Date = 2008-03-02 15:08:56 | Attr = HS] appwbpun.ini -> %SystemRoot%\System32\appwbpun.ini -> [Ver = | Size = 990093 bytes | Created Date = 2007-12-19 19:03:13 | Attr = HS] audornpy.dll -> %SystemRoot%\System32\audornpy.dll -> [Ver = | Size = 90176 bytes | Created Date = 2008-01-05 19:02:21 | Attr = ] awkyeqnk.dll -> %SystemRoot%\System32\awkyeqnk.dll -> [Ver = | Size = 95808 bytes | Created Date = 2008-02-08 12:53:13 | Attr = ] axeykeup.dll -> %SystemRoot%\System32\axeykeup.dll -> [Ver = | Size = 79424 bytes | Created Date = 2008-01-11 11:41:12 | Attr = ] aytexrku.dll -> %SystemRoot%\System32\aytexrku.dll -> [Ver = | Size = 87104 bytes | Created Date = 2007-12-23 12:45:25 | Attr = ] bchnvvrw.ini -> %SystemRoot%\System32\bchnvvrw.ini -> [Ver = | Size = 1060442 bytes | Created Date = 2008-01-11 23:27:40 | Attr = HS] bdobqtqk.dll -> %SystemRoot%\System32\bdobqtqk.dll -> [Ver = | Size = 89664 bytes | Created Date = 2008-03-05 12:07:50 | Attr = ] bdwdlmyd.ini -> %SystemRoot%\System32\bdwdlmyd.ini -> [Ver = | Size = 1043975 bytes | Created Date = 2008-01-08 14:06:35 | Attr = HS] beemjvxu.ini -> %SystemRoot%\System32\beemjvxu.ini -> [Ver = | Size = 1302838 bytes | Created Date = 2008-03-05 14:45:41 | Attr = HS] bevkahlo.ini -> %SystemRoot%\System32\bevkahlo.ini -> [Ver = | Size = 1090285 bytes | Created Date = 2008-02-24 00:16:51 | Attr = HS] bgrvqljv.ini -> %SystemRoot%\System32\bgrvqljv.ini -> [Ver = | Size = 1031199 bytes | Created Date = 2007-12-28 13:27:32 | Attr = HS] bieirygr.ini -> %SystemRoot%\System32\bieirygr.ini -> [Ver = | Size = 1060682 bytes | Created Date = 2008-01-13 12:07:39 | Attr = HS] birxlcju.ini -> %SystemRoot%\System32\birxlcju.ini -> [Ver = | Size = 1043915 bytes | Created Date = 2008-01-07 23:07:09 | Attr = HS] blhdevry.dll -> %SystemRoot%\System32\blhdevry.dll -> [Ver = | Size = 91712 bytes | Created Date = 2008-03-04 12:17:06 | Attr = ] boglqofr.ini -> %SystemRoot%\System32\boglqofr.ini -> [Ver = | Size = 1089376 bytes | Created Date = 2008-01-22 22:58:14 | Attr = HS] bqkfpkqs.ini -> %SystemRoot%\System32\bqkfpkqs.ini -> [Ver = | Size = 1237531 bytes | Created Date = 2008-02-18 14:07:15 | Attr = HS] btgouucl.ini -> %SystemRoot%\System32\btgouucl.ini -> [Ver = | Size = 990750 bytes | Created Date = 2007-12-24 12:54:17 | Attr = HS] bvddhavv.dll -> %SystemRoot%\System32\bvddhavv.dll -> [Ver = | Size = 80448 bytes | Created Date = 2008-01-25 17:55:39 | Attr = ] bycvqalq.exe -> %SystemRoot%\System32\bycvqalq.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-28 19:35:29 | Attr = ] cbpdslhj.ini -> %SystemRoot%\System32\cbpdslhj.ini -> [Ver = | Size = 1253834 bytes | Created Date = 2008-02-24 21:59:18 | Attr = HS] cdimyxxf.exe -> %SystemRoot%\System32\cdimyxxf.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-11 23:24:17 | Attr = ] ceayoewi.dll -> %SystemRoot%\System32\ceayoewi.dll -> [Ver = | Size = 79424 bytes | Created Date = 2008-01-10 18:30:03 | Attr = ] cescurvb.exe -> %SystemRoot%\System32\cescurvb.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2007-12-30 18:14:17 | Attr = ] cibpunoy.dll -> %SystemRoot%\System32\cibpunoy.dll -> [Ver = | Size = 64 bytes | Created Date = 2008-03-01 13:50:39 | Attr = ] cmaqrrem.ini -> %SystemRoot%\System32\cmaqrrem.ini -> [Ver = | Size = 1200173 bytes | Created Date = 2008-02-08 00:03:28 | Attr = HS] cpmmqdse.ini -> %SystemRoot%\System32\cpmmqdse.ini -> [Ver = | Size = 1279221 bytes | Created Date = 2008-03-10 12:41:15 | Attr = HS] creyptxc.exe -> %SystemRoot%\System32\creyptxc.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-22 20:45:51 | Attr = ] csijxxyw.exe -> %SystemRoot%\System32\csijxxyw.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-22 14:10:17 | Attr = ] cvpmjoxc.ini -> %SystemRoot%\System32\cvpmjoxc.ini -> [Ver = | Size = 990213 bytes | Created Date = 2007-12-20 19:57:52 | Attr = HS] cxdlkxio.dll -> %SystemRoot%\System32\cxdlkxio.dll -> [Ver = | Size = 64 bytes | Created Date = 2008-03-01 13:50:45 | Attr = ] cxrvxsax.exe -> %SystemRoot%\System32\cxrvxsax.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-23 21:56:40 | Attr = ] davdshgt.ini -> %SystemRoot%\System32\davdshgt.ini -> [Ver = | Size = 1262168 bytes | Created Date = 2008-02-27 13:46:26 | Attr = HS] ddanimhy.ini -> %SystemRoot%\System32\ddanimhy.ini -> [Ver = | Size = 1109185 bytes | Created Date = 2008-01-23 12:19:38 | Attr = HS] dgqjmamm.dll -> %SystemRoot%\System32\dgqjmamm.dll -> [Ver = | Size = 89664 bytes | Created Date = 2008-02-29 13:23:29 | Attr = ] dhlrqabp.dll -> %SystemRoot%\System32\dhlrqabp.dll -> [Ver = | Size = 90176 bytes | Created Date = 2008-02-28 16:02:50 | Attr = ] dktregij.ini -> %SystemRoot%\System32\dktregij.ini -> [Ver = | Size = 1307203 bytes | Created Date = 2008-03-06 12:52:30 | Attr = HS] dmvvxpnp.dll -> %SystemRoot%\System32\dmvvxpnp.dll -> [Ver = | Size = 91712 bytes | Created Date = 2008-03-06 12:49:29 | Attr = ] dpfnllrl.exe -> %SystemRoot%\System32\dpfnllrl.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-16 12:04:08 | Attr = ] dsqxtuhe.exe -> %SystemRoot%\System32\dsqxtuhe.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-30 17:06:29 | Attr = ] duhqbidv.dll -> %SystemRoot%\System32\duhqbidv.dll -> [Ver = | Size = 90176 bytes | Created Date = 2008-01-14 12:37:02 | Attr = ] dumphive.exe -> %SystemRoot%\System32\dumphive.exe -> [Ver = | Size = 51200 bytes | Created Date = 2008-03-11 01:03:34 | Attr = ] dvdryuct.dll -> %SystemRoot%\System32\dvdryuct.dll -> [Ver = | Size = 78912 bytes | Created Date = 2008-01-28 19:33:15 | Attr = ] dwxrroxs.ini -> %SystemRoot%\System32\dwxrroxs.ini -> [Ver = | Size = 1089496 bytes | Created Date = 2008-01-22 16:08:16 | Attr = HS] dwyjrvdq.dll -> %SystemRoot%\System32\dwyjrvdq.dll -> [Ver = | Size = 91712 bytes | Created Date = 2008-02-28 22:59:50 | Attr = ] dymldwdb.dll -> %SystemRoot%\System32\dymldwdb.dll -> [Ver = | Size = 90176 bytes | Created Date = 2008-01-08 14:06:32 | Attr = ] eamfsdfd.dll -> %SystemRoot%\System32\eamfsdfd.dll -> [Ver = | Size = 96832 bytes | Created Date = 2008-03-05 12:05:03 | Attr = ] earagtsj.dll -> %SystemRoot%\System32\earagtsj.dll -> [Ver = | Size = 93248 bytes | Created Date = 2008-02-05 11:43:12 | Attr = ] eavlpffp.ini -> %SystemRoot%\System32\eavlpffp.ini -> [Ver = | Size = 1109305 bytes | Created Date = 2008-01-23 15:25:23 | Attr = HS] ebienjfs.ini -> %SystemRoot%\System32\ebienjfs.ini -> [Ver = | Size = 1057895 bytes | Created Date = 2008-01-11 21:42:24 | Attr = HS] ebsvnsoe.dll -> %SystemRoot%\System32\ebsvnsoe.dll -> [Ver = | Size = 97344 bytes | Created Date = 2008-02-18 14:03:24 | Attr = ] ebtcuser.dll -> %SystemRoot%\System32\ebtcuser.dll -> [Ver = | Size = 77888 bytes | Created Date = 2008-01-09 11:47:41 | Attr = ] edanavmo.dll -> %SystemRoot%\System32\edanavmo.dll -> [Ver = | Size = 87104 bytes | Created Date = 2008-01-04 13:33:00 | Attr = ] edxlgcit.ini -> %SystemRoot%\System32\edxlgcit.ini -> [Ver = | Size = 1060562 bytes | Created Date = 2008-01-14 21:24:27 | Attr = HS] eeaffsvh.dll -> %SystemRoot%\System32\eeaffsvh.dll -> [Ver = | Size = 77376 bytes | Created Date = 2008-01-23 19:36:43 | Attr = ] ehogavek.exe -> %SystemRoot%\System32\ehogavek.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-24 19:13:26 | Attr = ] eimdltak.ini -> %SystemRoot%\System32\eimdltak.ini -> [Ver = | Size = 1038424 bytes | Created Date = 2008-01-04 21:38:30 | Attr = HS] ejolvgji.dll -> %SystemRoot%\System32\ejolvgji.dll -> [Ver = | Size = 96832 bytes | Created Date = 2008-02-03 21:08:47 | Attr = ] ektnacrs.dll -> %SystemRoot%\System32\ektnacrs.dll -> [Ver = | Size = 76864 bytes | Created Date = 2008-01-12 14:33:41 | Attr = ] elegmspq.ini -> %SystemRoot%\System32\elegmspq.ini -> [Ver = | Size = 1130338 bytes | Created Date = 2008-01-25 18:05:52 | Attr = HS] emnwuibn.dll -> %SystemRoot%\System32\emnwuibn.dll -> [Ver = | Size = 76864 bytes | Created Date = 2008-01-11 22:07:39 | Attr = ] enqmlsgb.dll -> %SystemRoot%\System32\enqmlsgb.dll -> [Ver = | Size = 76864 bytes | Created Date = 2008-01-14 21:21:14 | Attr = ] erbnbcng.dll -> %SystemRoot%\System32\erbnbcng.dll -> [Ver = | Size = 76864 bytes | Created Date = 2008-01-13 12:04:21 | Attr = ] esalcwdd.dll -> %SystemRoot%\System32\esalcwdd.dll -> [Ver = | Size = 89664 bytes | Created Date = 2008-03-10 18:53:53 | Attr = ] estmqdrr.dll -> %SystemRoot%\System32\estmqdrr.dll -> [Ver = | Size = 75840 bytes | Created Date = 2008-01-06 18:50:43 | Attr = ] etloqrqo.dll -> %SystemRoot%\System32\etloqrqo.dll -> [Ver = | Size = 78912 bytes | Created Date = 2008-01-22 17:31:39 | Attr = ] eyjrhpjv.ini -> %SystemRoot%\System32\eyjrhpjv.ini -> [Ver = | Size = 1058250 bytes | Created Date = 2008-01-11 11:44:55 | Attr = HS] eykantal.ini -> %SystemRoot%\System32\eykantal.ini -> [Ver = | Size = 1242480 bytes | Created Date = 2008-02-13 21:46:55 | Attr = HS] fdigjsjr.dll -> %SystemRoot%\System32\fdigjsjr.dll -> [Ver = | Size = 77376 bytes | Created Date = 2008-01-23 21:59:41 | Attr = ] fdsv.exe -> %SystemRoot%\System32\fdsv.exe -> Smallfrogs Studio [Ver = 1.0.0.10 | Size = 73728 bytes | Created Date = 2008-03-11 20:04:33 | Attr = ] fhcbwets.exe -> %SystemRoot%\System32\fhcbwets.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-14 12:34:18 | Attr = ] fhuxheni.exe -> %SystemRoot%\System32\fhuxheni.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-16 18:52:07 | Attr = ] fjmhqrdp.ini -> %SystemRoot%\System32\fjmhqrdp.ini -> [Ver = | Size = 1066463 bytes | Created Date = 2008-01-17 10:01:40 | Attr = HS] fpdtlmjl.dll -> %SystemRoot%\System32\fpdtlmjl.dll -> [Ver = | Size = 93248 bytes | Created Date = 2008-02-05 17:52:43 | Attr = ] fvjbxjaw.exe -> %SystemRoot%\System32\fvjbxjaw.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-28 13:25:55 | Attr = ] fxjshkry.dll -> %SystemRoot%\System32\fxjshkry.dll -> [Ver = | Size = 84544 bytes | Created Date = 2008-02-29 13:26:28 | Attr = ] fyhtufkn.dll -> %SystemRoot%\System32\fyhtufkn.dll -> [Ver = | Size = 89664 bytes | Created Date = 2008-01-23 22:02:42 | Attr = ] gbsnljyx.ini -> %SystemRoot%\System32\gbsnljyx.ini -> [Ver = | Size = 1286021 bytes | Created Date = 2008-03-01 16:18:58 | Attr = HS] gdwvuwto.ini -> %SystemRoot%\System32\gdwvuwto.ini -> [Ver = | Size = 1286021 bytes | Created Date = 2008-02-29 18:39:33 | Attr = HS] gefvhsff.dll -> %SystemRoot%\System32\gefvhsff.dll -> [Ver = | Size = 78400 bytes | Created Date = 2008-01-20 17:09:29 | Attr = ] ghuvqued.dll -> %SystemRoot%\System32\ghuvqued.dll -> [Ver = | Size = 93248 bytes | Created Date = 2008-02-12 19:15:49 | Attr = ] gjnkeuhu.dll -> %SystemRoot%\System32\gjnkeuhu.dll -> [Ver = | Size = 86592 bytes | Created Date = 2008-01-18 11:53:21 | Attr = ] gqjnhynr.dll -> %SystemRoot%\System32\gqjnhynr.dll -> [Ver = | Size = 96832 bytes | Created Date = 2008-02-03 22:14:59 | Attr = ] gqreuuvh.dll -> %SystemRoot%\System32\gqreuuvh.dll -> [Ver = | Size = 77376 bytes | Created Date = 2008-01-18 11:47:31 | Attr = ] grdspycw.dll -> %SystemRoot%\System32\grdspycw.dll -> [Ver = | Size = 89664 bytes | Created Date = 2008-03-10 12:37:14 | Attr = ] grep.exe -> %SystemRoot%\System32\grep.exe -> [Ver = | Size = 80412 bytes | Created Date = 2008-03-11 20:04:33 | Attr = ] gtckmary.exe -> %SystemRoot%\System32\gtckmary.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-24 16:07:28 | Attr = ] gtgmodmg.exe -> %SystemRoot%\System32\gtgmodmg.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2007-12-23 12:42:21 | Attr = ] gxdawtna.ini -> %SystemRoot%\System32\gxdawtna.ini -> [Ver = | Size = 1217534 bytes | Created Date = 2008-02-12 11:46:35 | Attr = HS] hdcqsaxy.dll -> %SystemRoot%\System32\hdcqsaxy.dll -> [Ver = | Size = 79936 bytes | Created Date = 2008-01-16 12:04:11 | Attr = ] hltlludy.dll -> %SystemRoot%\System32\hltlludy.dll -> [Ver = | Size = 77376 bytes | Created Date = 2008-01-23 12:16:25 | Attr = ] hnoriino.ini -> %SystemRoot%\System32\hnoriino.ini -> [Ver = | Size = 1117554 bytes | Created Date = 2008-01-24 16:16:27 | Attr = HS] htkkdaep.exe -> %SystemRoot%\System32\htkkdaep.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-22 22:49:34 | Attr = ] hvgquuhu.ini -> %SystemRoot%\System32\hvgquuhu.ini -> [Ver = | Size = 1199993 bytes | Created Date = 2008-02-07 16:07:57 | Attr = HS] hvhtisbq.exe -> %SystemRoot%\System32\hvhtisbq.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-21 16:30:34 | Attr = ] hxiqgwhk.dll -> %SystemRoot%\System32\hxiqgwhk.dll -> [Ver = | Size = 95808 bytes | Created Date = 2008-02-08 00:00:26 | Attr = ] iaurcuef.dll -> %SystemRoot%\System32\iaurcuef.dll -> [Ver = | Size = 80448 bytes | Created Date = 2008-01-25 16:29:56 | Attr = ] ickkbnfr.ini -> %SystemRoot%\System32\ickkbnfr.ini -> [Ver = | Size = 1284831 bytes | Created Date = 2008-03-10 18:55:57 | Attr = HS] IEDFix.exe -> %SystemRoot%\System32\IEDFix.exe -> S!Ri.URZ [Ver = | Size = 82432 bytes | Created Date = 2008-03-11 01:03:34 | Attr = ] iggivrif.ini -> %SystemRoot%\System32\iggivrif.ini -> [Ver = | Size = 1073352 bytes | Created Date = 2008-01-20 17:15:02 | Attr = HS] igqbasgq.dll -> %SystemRoot%\System32\igqbasgq.dll -> [Ver = | Size = 78912 bytes | Created Date = 2008-01-06 18:09:50 | Attr = ] ihrthapa.dll -> %SystemRoot%\System32\ihrthapa.dll -> [Ver = | Size = 64 bytes | Created Date = 2008-01-18 20:53:16 | Attr = ] ihvhymsi.ini -> %SystemRoot%\System32\ihvhymsi.ini -> [Ver = | Size = 1044032 bytes | Created Date = 2008-01-06 18:13:45 | Attr = HS] ijgcahcp.ini -> %SystemRoot%\System32\ijgcahcp.ini -> [Ver = | Size = 1031679 bytes | Created Date = 2007-12-31 18:30:58 | Attr = HS] iluephmi.dll -> %SystemRoot%\System32\iluephmi.dll -> [Ver = | Size = 77888 bytes | Created Date = 2008-01-15 16:30:38 | Attr = ] injlwarn.dll -> %SystemRoot%\System32\injlwarn.dll -> [Ver = | Size = 78912 bytes | Created Date = 2008-01-22 16:02:07 | Attr = ] iosotltj.ini -> %SystemRoot%\System32\iosotltj.ini -> [Ver = | Size = 1192298 bytes | Created Date = 2008-02-05 11:46:20 | Attr = HS] ismyhvhi.dll -> %SystemRoot%\System32\ismyhvhi.dll -> [Ver = | Size = 90176 bytes | Created Date = 2008-01-06 18:13:38 | Attr = ] isvfgkvm.dll -> %SystemRoot%\System32\isvfgkvm.dll -> [Ver = | Size = 84544 bytes | Created Date = 2008-02-28 23:05:52 | Attr = ] itahkyxp.exe -> %SystemRoot%\System32\itahkyxp.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-17 09:58:30 | Attr = ] iuhwxjvj.ini -> %SystemRoot%\System32\iuhwxjvj.ini -> [Ver = | Size = 1302143 bytes | Created Date = 2008-03-04 19:19:20 | Attr = HS] javmqxts.dll -> %SystemRoot%\System32\javmqxts.dll -> [Ver = | Size = 89152 bytes | Created Date = 2008-02-24 00:16:54 | Attr = ] jbwomhjx.ini -> %SystemRoot%\System32\jbwomhjx.ini -> [Ver = | Size = 1214864 bytes | Created Date = 2008-02-09 18:56:48 | Attr = HS] jdyahqbj.ini -> %SystemRoot%\System32\jdyahqbj.ini -> [Ver = | Size = 1260406 bytes | Created Date = 2008-02-25 11:07:31 | Attr = HS] jectcjuk.exe -> %SystemRoot%\System32\jectcjuk.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-02 16:13:35 | Attr = ] jfhdeywe.dll -> %SystemRoot%\System32\jfhdeywe.dll -> [Ver = | Size = 93248 bytes | Created Date = 2008-02-12 00:54:18 | Attr = ] jgledbcx.dll -> %SystemRoot%\System32\jgledbcx.dll -> [Ver = | Size = 90176 bytes | Created Date = 2008-01-11 22:13:38 | Attr = ] jglughgb.dll -> %SystemRoot%\System32\jglughgb.dll -> [Ver = | Size = 91712 bytes | Created Date = 2008-03-06 12:37:49 | Attr = ] jgwjhqqr.dll -> %SystemRoot%\System32\jgwjhqqr.dll -> [Ver = | Size = 78912 bytes | Created Date = 2008-01-22 20:43:41 | Attr = ] jhkhgydh.ini -> %SystemRoot%\System32\jhkhgydh.ini -> [Ver = | Size = 1031319 bytes | Created Date = 2007-12-28 21:27:09 | Attr = HS] jilcgmbs.ini -> %SystemRoot%\System32\jilcgmbs.ini -> [Ver = | Size = 1188732 bytes | Created Date = 2008-02-04 18:31:50 | Attr = HS] jjvarbag.dll -> %SystemRoot%\System32\jjvarbag.dll -> [Ver = | Size = 89664 bytes | Created Date = 2008-03-10 01:52:31 | Attr = ] jkwwmrqo.exe -> %SystemRoot%\System32\jkwwmrqo.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-10 14:13:12 | Attr = ] jmrvwyli.exe -> %SystemRoot%\System32\jmrvwyli.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-05 20:15:30 | Attr = ] jpbuqoth.dll -> %SystemRoot%\System32\jpbuqoth.dll -> [Ver = | Size = 93248 bytes | Created Date = 2008-02-10 23:56:43 | Attr = ] jpjifblo.dll -> %SystemRoot%\System32\jpjifblo.dll -> [Ver = | Size = 78912 bytes | Created Date = 2008-01-28 13:25:32 | Attr = ] jqgyrolp.ini -> %SystemRoot%\System32\jqgyrolp.ini -> [Ver = | Size = 1057028 bytes | Created Date = 2008-01-15 11:21:41 | Attr = HS] jxxlsamr.exe -> %SystemRoot%\System32\jxxlsamr.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-01 00:53:52 | Attr = ] kbrybqus.ini -> %SystemRoot%\System32\kbrybqus.ini -> [Ver = | Size = 1018622 bytes | Created Date = 2007-12-26 20:50:33 | Attr = HS] kdmjddhu.ini -> %SystemRoot%\System32\kdmjddhu.ini -> [Ver = | Size = 1194517 bytes | Created Date = 2008-02-06 12:26:05 | Attr = HS] kjhemjhj.ini -> %SystemRoot%\System32\kjhemjhj.ini -> [Ver = | Size = 1185612 bytes | Created Date = 2008-01-31 12:42:25 | Attr = HS] kjxtbmsd.ini -> %SystemRoot%\System32\kjxtbmsd.ini -> [Ver = | Size = 1214984 bytes | Created Date = 2008-02-10 14:59:03 | Attr = HS] kmpbdgcs.ini -> %SystemRoot%\System32\kmpbdgcs.ini -> [Ver = | Size = 990690 bytes | Created Date = 2007-12-23 18:50:09 | Attr = HS] kmuducbj.dll -> %SystemRoot%\System32\kmuducbj.dll -> [Ver = | Size = 91712 bytes | Created Date = 2008-02-27 13:43:25 | Attr = ] knhfypop.dll -> %SystemRoot%\System32\knhfypop.dll -> [Ver = | Size = 95296 bytes | Created Date = 2008-03-04 19:22:18 | Attr = ] knqeiyan.dll -> %SystemRoot%\System32\knqeiyan.dll -> [Ver = | Size = 89152 bytes | Created Date = 2008-02-20 10:55:11 | Attr = ] kqgcwbcj.dll -> %SystemRoot%\System32\kqgcwbcj.dll -> [Ver = | Size = 96832 bytes | Created Date = 2008-02-03 15:51:58 | Attr = ] kqtqbodb.ini -> %SystemRoot%\System32\kqtqbodb.ini -> [Ver = | Size = 1304091 bytes | Created Date = 2008-03-05 12:07:52 | Attr = HS] krcenjvm.exe -> %SystemRoot%\System32\krcenjvm.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2007-12-19 18:59:51 | Attr = ] kulncpam.ini -> %SystemRoot%\System32\kulncpam.ini -> [Ver = | Size = 1044275 bytes | Created Date = 2008-01-07 21:31:05 | Attr = HS] kvldlrvn.exe -> %SystemRoot%\System32\kvldlrvn.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-03 12:44:29 | Attr = ] kwugubsv.ini -> %SystemRoot%\System32\kwugubsv.ini -> [Ver = | Size = 1038544 bytes | Created Date = 2008-01-03 12:47:33 | Attr = HS] kyvoeilk.exe -> %SystemRoot%\System32\kyvoeilk.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-20 17:10:34 | Attr = ] latnakye.dll -> %SystemRoot%\System32\latnakye.dll -> [Ver = | Size = 86080 bytes | Created Date = 2008-02-13 21:45:59 | Attr = ] lbvfgnjw.ini -> %SystemRoot%\System32\lbvfgnjw.ini -> [Ver = | Size = 1031559 bytes | Created Date = 2007-12-30 18:17:21 | Attr = HS] lcuuogtb.dll -> %SystemRoot%\System32\lcuuogtb.dll -> [Ver = | Size = 87104 bytes | Created Date = 2007-12-24 12:54:04 | Attr = ] lelftaan.dll -> %SystemRoot%\System32\lelftaan.dll -> [Ver = | Size = 93760 bytes | Created Date = 2008-02-10 16:26:36 | Attr = ] lgquuguf.dll -> %SystemRoot%\System32\lgquuguf.dll -> [Ver = | Size = 76864 bytes | Created Date = 2008-01-08 14:03:34 | Attr = ] liprvnnr.ini -> %SystemRoot%\System32\liprvnnr.ini -> [Ver = | Size = 294 bytes | Created Date = 2008-02-24 18:54:22 | Attr = HS] ljhdyfbq.dll -> %SystemRoot%\System32\ljhdyfbq.dll -> [Ver = | Size = 76864 bytes | Created Date = 2008-01-07 23:03:49 | Attr = ] lkqiimtm.dll -> %SystemRoot%\System32\lkqiimtm.dll -> [Ver = | Size = 93760 bytes | Created Date = 2008-02-22 11:44:11 | Attr = ] llmuemna.exe -> %SystemRoot%\System32\llmuemna.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2007-12-21 12:33:56 | Attr = ] lnmuywqw.ini -> %SystemRoot%\System32\lnmuywqw.ini -> [Ver = | Size = 1049629 bytes | Created Date = 2008-01-10 14:16:16 | Attr = HS] lolchhbw.dll -> %SystemRoot%\System32\lolchhbw.dll -> [Ver = | Size = 89664 bytes | Created Date = 2008-03-03 12:34:41 | Attr = ] loovqjit.dll -> %SystemRoot%\System32\loovqjit.dll -> [Ver = | Size = 78400 bytes | Created Date = 2008-01-04 14:36:23 | Attr = ] loulrtqf.ini -> %SystemRoot%\System32\loulrtqf.ini -> [Ver = | Size = 1031799 bytes | Created Date = 2008-01-01 00:55:49 | Attr = HS] lsjutftt.ini -> %SystemRoot%\System32\lsjutftt.ini -> [Ver = | Size = 1061556 bytes | Created Date = 2008-01-16 12:07:29 | Attr = HS] lwdnoiwl.dll -> %SystemRoot%\System32\lwdnoiwl.dll -> [Ver = | Size = 96832 bytes | Created Date = 2008-03-06 12:40:49 | Attr = ] lwydqkpv.ini -> %SystemRoot%\System32\lwydqkpv.ini -> [Ver = | Size = 1215344 bytes | Created Date = 2008-02-11 14:11:22 | Attr = HS] lxdrmeyh.exe -> %SystemRoot%\System32\lxdrmeyh.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-22 17:35:40 | Attr = ] lxhgbarp.ini -> %SystemRoot%\System32\lxhgbarp.ini -> [Ver = | Size = 1213785 bytes | Created Date = 2008-02-12 01:00:26 | Attr = HS] lyirdbfo.ini -> %SystemRoot%\System32\lyirdbfo.ini -> [Ver = | Size = 1090345 bytes | Created Date = 2008-02-24 12:18:05 | Attr = HS] lyynwagx.exe -> %SystemRoot%\System32\lyynwagx.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-05 19:02:04 | Attr = ] mahwyfis.dll -> %SystemRoot%\System32\mahwyfis.dll -> [Ver = | Size = 78400 bytes | Created Date = 2008-01-04 11:02:20 | Attr = ] mapcnluk.dll -> %SystemRoot%\System32\mapcnluk.dll -> [Ver = | Size = 90176 bytes | Created Date = 2008-01-07 21:30:55 | Attr = ] mbwuyhdb.dll -> %SystemRoot%\System32\mbwuyhdb.dll -> [Ver = | Size = 92736 bytes | Created Date = 2008-02-04 11:59:38 | Attr = ] mcfysdih.dll -> %SystemRoot%\System32\mcfysdih.dll -> [Ver = | Size = 79936 bytes | Created Date = 2008-01-14 18:08:43 | Attr = ] mfonngxb.ini -> %SystemRoot%\System32\mfonngxb.ini -> [Ver = | Size = 1248407 bytes | Created Date = 2008-02-17 15:39:38 | Attr = HS] mhwvneov.ini -> %SystemRoot%\System32\mhwvneov.ini -> [Ver = | Size = 991602 bytes | Created Date = 2007-12-22 21:47:50 | Attr = HS] mjnirgsr.dll -> %SystemRoot%\System32\mjnirgsr.dll -> [Ver = | Size = 95296 bytes | Created Date = 2008-03-04 12:17:17 | Attr = ] mntvafhs.dll -> %SystemRoot%\System32\mntvafhs.dll -> [Ver = | Size = 79936 bytes | Created Date = 2008-01-14 12:34:01 | Attr = ] mopoq.ini -> %SystemRoot%\System32\mopoq.ini -> [Ver = | Size = 166689 bytes | Created Date = 2008-03-10 18:52:53 | Attr = HS] mopoq.ini2 -> %SystemRoot%\System32\mopoq.ini2 -> [Ver = | Size = 166689 bytes | Created Date = 2008-03-10 18:52:54 | Attr = HS] mqhajueh.dll -> %SystemRoot%\System32\mqhajueh.dll -> [Ver = | Size = 93248 bytes | Created Date = 2008-02-13 21:40:00 | Attr = ] mrsydspu.ini -> %SystemRoot%\System32\mrsydspu.ini -> [Ver = | Size = 1130278 bytes | Created Date = 2008-01-25 16:33:08 | Attr = HS] msanlmqk.dll -> %SystemRoot%\System32\msanlmqk.dll -> [Ver = | Size = 91712 bytes | Created Date = 2008-03-04 12:51:52 | Attr = ] MSNSA32.dll -> %SystemRoot%\System32\MSNSA32.dll -> [Ver = | Size = 24320 bytes | Created Date = 2008-03-10 00:51:58 | Attr = ] mucumsnb.ini -> %SystemRoot%\System32\mucumsnb.ini -> [Ver = | Size = 1167065 bytes | Created Date = 2008-01-30 17:12:40 | Attr = HS] mufidfxh.ini -> %SystemRoot%\System32\mufidfxh.ini -> [Ver = | Size = 1279101 bytes | Created Date = 2008-03-10 01:57:52 | Attr = HS] mvkgfvsi.ini -> %SystemRoot%\System32\mvkgfvsi.ini -> [Ver = | Size = 1244215 bytes | Created Date = 2008-02-28 23:05:57 | Attr = HS] mxntotbj.exe -> %SystemRoot%\System32\mxntotbj.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-12 14:36:35 | Attr = ] mytdtntt.dll -> %SystemRoot%\System32\mytdtntt.dll -> [Ver = | Size = 76864 bytes | Created Date = 2008-01-11 23:21:17 | Attr = ] myyjetih.exe -> %SystemRoot%\System32\myyjetih.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-23 19:39:44 | Attr = ] naeplmlc.dll -> %SystemRoot%\System32\naeplmlc.dll -> [Ver = | Size = 77376 bytes | Created Date = 2008-01-23 15:18:51 | Attr = ] nbwhnake.dll -> %SystemRoot%\System32\nbwhnake.dll -> [Ver = | Size = 77376 bytes | Created Date = 2008-01-22 22:52:30 | Attr = ] ncsiigus.dll -> %SystemRoot%\System32\ncsiigus.dll -> [Ver = | Size = 89152 bytes | Created Date = 2008-01-28 19:38:29 | Attr = ] ncyyelhh.exe -> %SystemRoot%\System32\ncyyelhh.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-23 12:16:38 | Attr = ] nggrsece.exe -> %SystemRoot%\System32\nggrsece.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-08 14:00:36 | Attr = ] ngjtcuho.ini -> %SystemRoot%\System32\ngjtcuho.ini -> [Ver = | Size = 1142744 bytes | Created Date = 2008-01-28 13:26:21 | Attr = HS] nhvsdnkv.ini -> %SystemRoot%\System32\nhvsdnkv.ini -> [Ver = | Size = 987814 bytes | Created Date = 2007-12-21 23:21:11 | Attr = HS] nkfuthyf.ini -> %SystemRoot%\System32\nkfuthyf.ini -> [Ver = | Size = 1109005 bytes | Created Date = 2008-01-23 22:03:15 | Attr = HS] nodkdasf.dll -> %SystemRoot%\System32\nodkdasf.dll -> [Ver = | Size = 95808 bytes | Created Date = 2008-02-08 13:01:07 | Attr = ] nrmweutp.dll -> %SystemRoot%\System32\nrmweutp.dll -> [Ver = | Size = 91712 bytes | Created Date = 2008-02-29 13:20:30 | Attr = ] ntnut32.exe -> %SystemRoot%\System32\ntnut32.exe -> [Ver = | Size = 11776 bytes | Created Date = 2008-03-10 00:51:28 | Attr = ] ntulricv.ini -> %SystemRoot%\System32\ntulricv.ini -> [Ver = | Size = 1073412 bytes | Created Date = 2008-01-21 16:36:44 | Attr = HS] nvpiyptp.ini -> %SystemRoot%\System32\nvpiyptp.ini -> [Ver = | Size = 1193850 bytes | Created Date = 2008-02-06 20:58:05 | Attr = HS] nwynhqiy.ini -> %SystemRoot%\System32\nwynhqiy.ini -> [Ver = | Size = 1109365 bytes | Created Date = 2008-01-23 19:42:59 | Attr = HS] nxlqjoro.dll -> %SystemRoot%\System32\nxlqjoro.dll -> [Ver = | Size = 89664 bytes | Created Date = 2008-02-29 11:41:27 | Attr = ] nxromyit.dll -> %SystemRoot%\System32\nxromyit.dll -> [Ver = | Size = 64 bytes | Created Date = 2008-01-18 20:49:15 | Attr = ] nypecljv.exe -> %SystemRoot%\System32\nypecljv.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-07 23:03:39 | Attr = ] oanxoijc.dll -> %SystemRoot%\System32\oanxoijc.dll -> [Ver = | Size = 89664 bytes | Created Date = 2008-02-28 22:38:12 | Attr = ] odycwwju.exe -> %SystemRoot%\System32\odycwwju.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2007-12-22 21:43:23 | Attr = ] oeavsisr.dll -> %SystemRoot%\System32\oeavsisr.dll -> [Ver = | Size = 89152 bytes | Created Date = 2008-02-27 13:49:25 | Attr = ] ohetdfhv.exe -> %SystemRoot%\System32\ohetdfhv.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-07 21:26:26 | Attr = ] ohgdflff.dll -> %SystemRoot%\System32\ohgdflff.dll -> [Ver = | Size = 89664 bytes | Created Date = 2008-03-02 15:11:52 | Attr = ] oihpebkx.ini -> %SystemRoot%\System32\oihpebkx.ini -> [Ver = | Size = 1018742 bytes | Created Date = 2007-12-26 23:20:16 | Attr = HS] ojqcstns.exe -> %SystemRoot%\System32\ojqcstns.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-17 12:38:02 | Attr = ] omiskduo.exe -> %SystemRoot%\System32\omiskduo.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2007-12-26 20:47:19 | Attr = ] omvanade.ini -> %SystemRoot%\System32\omvanade.ini -> [Ver = | Size = 1038476 bytes | Created Date = 2008-01-04 13:33:16 | Attr = HS] omwkjejf.exe -> %SystemRoot%\System32\omwkjejf.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2007-12-28 13:26:58 | Attr = ] oniironh.dll -> %SystemRoot%\System32\oniironh.dll -> [Ver = | Size = 87616 bytes | Created Date = 2008-01-24 16:10:03 | Attr = ] oqruyevd.ini -> %SystemRoot%\System32\oqruyevd.ini -> [Ver = | Size = 1130158 bytes | Created Date = 2008-01-24 19:16:50 | Attr = HS] orikbdft.dll -> %SystemRoot%\System32\orikbdft.dll -> [Ver = | Size = 76864 bytes | Created Date = 2008-01-17 12:38:14 | Attr = ] otlckofp.dll -> %SystemRoot%\System32\otlckofp.dll -> [Ver = | Size = 89152 bytes | Created Date = 2008-01-15 13:40:53 | Attr = ] otwuvwdg.dll -> %SystemRoot%\System32\otwuvwdg.dll -> [Ver = | Size = 84544 bytes | Created Date = 2008-02-29 18:39:19 | Attr = ] ouqkkouq.ini -> %SystemRoot%\System32\ouqkkouq.ini -> [Ver = | Size = 1060562 bytes | Created Date = 2008-01-12 14:40:10 | Attr = HS] paoglpeb.ini -> %SystemRoot%\System32\paoglpeb.ini -> [Ver = | Size = 1278819 bytes | Created Date = 2008-03-09 21:23:18 | Attr = HS] pbupkmnl.dll -> %SystemRoot%\System32\pbupkmnl.dll -> [Ver = | Size = 89152 bytes | Created Date = 2008-02-24 22:01:41 | Attr = ] pdrqhmjf.dll -> %SystemRoot%\System32\pdrqhmjf.dll -> [Ver = | Size = 86592 bytes | Created Date = 2008-01-17 10:01:29 | Attr = ] pevyvxdj.ini -> %SystemRoot%\System32\pevyvxdj.ini -> [Ver = | Size = 1261265 bytes | Created Date = 2008-02-27 19:56:26 | Attr = HS] pfafejgx.ini -> %SystemRoot%\System32\pfafejgx.ini -> [Ver = | Size = 1215224 bytes | Created Date = 2008-02-11 00:02:44 | Attr = HS] pfokclto.ini -> %SystemRoot%\System32\pfokclto.ini -> [Ver = | Size = 1057028 bytes | Created Date = 2008-01-15 13:41:26 | Attr = HS] picqrlwi.ini -> %SystemRoot%\System32\picqrlwi.ini -> [Ver = | Size = 1066006 bytes | Created Date = 2008-01-17 12:41:24 | Attr = HS] pjlabpkb.dll -> %SystemRoot%\System32\pjlabpkb.dll -> [Ver = | Size = 91712 bytes | Created Date = 2008-03-03 12:29:52 | Attr = ] pjsmllpb.dll -> %SystemRoot%\System32\pjsmllpb.dll -> [Ver = | Size = 96832 bytes | Created Date = 2008-03-06 12:55:27 | Attr = ] pkvwqpxk.exe -> %SystemRoot%\System32\pkvwqpxk.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-10 18:33:06 | Attr = ] plorygqj.dll -> %SystemRoot%\System32\plorygqj.dll -> [Ver = | Size = 89152 bytes | Created Date = 2008-01-15 11:21:16 | Attr = ] Process.exe -> %SystemRoot%\System32\Process.exe -> http://www.beyondlogic.org [Ver = 2, 0, 0, 0 | Size = 53248 bytes | Created Date = 2008-03-11 01:03:34 | Attr = ] prtwmhhh.exe -> %SystemRoot%\System32\prtwmhhh.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-09 11:47:49 | Attr = ] psrautoc.dll -> %SystemRoot%\System32\psrautoc.dll -> [Ver = | Size = 92224 bytes | Created Date = 2008-03-09 21:26:13 | Attr = ] ptpyipvn.dll -> %SystemRoot%\System32\ptpyipvn.dll -> [Ver = | Size = 90688 bytes | Created Date = 2008-02-06 20:58:00 | Attr = ] ptsrtxey.exe -> %SystemRoot%\System32\ptsrtxey.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2007-12-25 11:08:33 | Attr = ] puwrbbhb.exe -> %SystemRoot%\System32\puwrbbhb.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-06 18:13:16 | Attr = ] pwbaalor.dll -> %SystemRoot%\System32\pwbaalor.dll -> [Ver = | Size = 91712 bytes | Created Date = 2008-03-02 15:05:58 | Attr = ] pwprwoyn.ini -> %SystemRoot%\System32\pwprwoyn.ini -> [Ver = | Size = 1089376 bytes | Created Date = 2008-01-22 14:13:40 | Attr = HS] qfuisfgs.ini -> %SystemRoot%\System32\qfuisfgs.ini -> [Ver = | Size = 1027882 bytes | Created Date = 2007-12-27 17:51:25 | Attr = HS] qjajusck.dll -> %SystemRoot%\System32\qjajusck.dll -> [Ver = | Size = 88640 bytes | Created Date = 2008-03-09 21:20:16 | Attr = ] qjchfvwe.dll -> %SystemRoot%\System32\qjchfvwe.dll -> [Ver = | Size = 28435 bytes | Created Date = 2008-03-01 13:53:38 | Attr = ] qmcynwtu.ini -> %SystemRoot%\System32\qmcynwtu.ini -> [Ver = | Size = 1061676 bytes | Created Date = 2008-01-16 18:58:19 | Attr = HS] qnmjjnwd.dll -> %SystemRoot%\System32\qnmjjnwd.dll -> [Ver = | Size = 94272 bytes | Created Date = 2008-02-06 12:23:03 | Attr = ] qnsptert.ini -> %SystemRoot%\System32\qnsptert.ini -> [Ver = | Size = 1043860 bytes | Created Date = 2008-01-05 20:18:59 | Attr = HS] qojfihhx.exe -> %SystemRoot%\System32\qojfihhx.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-15 16:30:56 | Attr = ] qomkalhh.exe -> %SystemRoot%\System32\qomkalhh.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-14 18:10:09 | Attr = ] qpsmgele.dll -> %SystemRoot%\System32\qpsmgele.dll -> [Ver = | Size = 87616 bytes | Created Date = 2008-01-25 18:01:41 | Attr = ] qrihkklr.dll -> %SystemRoot%\System32\qrihkklr.dll -> [Ver = | Size = 75840 bytes | Created Date = 2008-01-06 21:46:47 | Attr = ] qtalfwqi.exe -> %SystemRoot%\System32\qtalfwqi.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2007-12-20 19:54:42 | Attr = ] qvvymswr.ini -> %SystemRoot%\System32\qvvymswr.ini -> [Ver = | Size = 1179710 bytes | Created Date = 2008-02-01 19:10:03 | Attr = HS] qxjxidqd.ini -> %SystemRoot%\System32\qxjxidqd.ini -> [Ver = | Size = 1010086 bytes | Created Date = 2007-12-25 18:03:28 | Attr = HS] qxtdemhl.dll -> %SystemRoot%\System32\qxtdemhl.dll -> [Ver = | Size = 79936 bytes | Created Date = 2008-01-16 18:55:06 | Attr = ] rdmaesju.dll -> %SystemRoot%\System32\rdmaesju.dll -> [Ver = | Size = 76864 bytes | Created Date = 2008-01-07 19:01:53 | Attr = ] redtyufc.dll -> %SystemRoot%\System32\redtyufc.dll -> [Ver = | Size = 77376 bytes | Created Date = 2008-01-04 21:34:45 | Attr = ] reomjayr.dll -> %SystemRoot%\System32\reomjayr.dll -> [Ver = | Size = 94784 bytes | Created Date = 2008-02-01 19:07:00 | Attr = ] rgextalc.exe -> %SystemRoot%\System32\rgextalc.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2007-12-27 17:51:17 | Attr = ] rgyrieib.dll -> %SystemRoot%\System32\rgyrieib.dll -> [Ver = | Size = 90176 bytes | Created Date = 2008-01-13 12:07:20 | Attr = ] rktlvcim.ini -> %SystemRoot%\System32\rktlvcim.ini -> [Ver = | Size = 1031439 bytes | Created Date = 2007-12-29 19:21:58 | Attr = HS] rnoxpcgw.exe -> %SystemRoot%\System32\rnoxpcgw.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-11 21:39:46 | Attr = ] rnwexqew.dll -> %SystemRoot%\System32\rnwexqew.dll -> [Ver = | Size = 89664 bytes | Created Date = 2008-02-29 18:42:18 | Attr = ] rpfcuiwy.ini -> %SystemRoot%\System32\rpfcuiwy.ini -> [Ver = | Size = 1218437 bytes | Created Date = 2008-02-08 13:07:09 | Attr = HS] rpnebppw.dll -> %SystemRoot%\System32\rpnebppw.dll -> [Ver = | Size = 86080 bytes | Created Date = 2008-02-12 19:21:43 | Attr = ] rpuoqkja.exe -> %SystemRoot%\System32\rpuoqkja.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-04 21:37:51 | Attr = ] rqupdbhx.dll -> %SystemRoot%\System32\rqupdbhx.dll -> [Ver = | Size = 80960 bytes | Created Date = 2008-01-24 16:06:59 | Attr = ] rseoudwm.exe -> %SystemRoot%\System32\rseoudwm.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-04 10:59:22 | Attr = ] ruffnqrn.ini -> %SystemRoot%\System32\ruffnqrn.ini -> [Ver = | Size = 1244478 bytes | Created Date = 2008-02-28 22:41:24 | Attr = HS] rvntxbld.ini -> %SystemRoot%\System32\rvntxbld.ini -> [Ver = | Size = 1243135 bytes | Created Date = 2008-02-29 11:37:31 | Attr = HS] rwsmyvvq.dll -> %SystemRoot%\System32\rwsmyvvq.dll -> [Ver = | Size = 90688 bytes | Created Date = 2008-02-01 19:09:59 | Attr = ] rxrquikw.exe -> %SystemRoot%\System32\rxrquikw.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2007-12-29 19:18:55 | Attr = ] ryvdyllf.dll -> %SystemRoot%\System32\ryvdyllf.dll -> [Ver = | Size = 92736 bytes | Created Date = 2008-02-04 17:12:58 | Attr = ] safsqaqo.ini -> %SystemRoot%\System32\safsqaqo.ini -> [Ver = | Size = 1215104 bytes | Created Date = 2008-02-10 16:32:38 | Attr = HS] saoneopc.dll -> %SystemRoot%\System32\saoneopc.dll -> [Ver = | Size = 77888 bytes | Created Date = 2008-01-15 11:18:06 | Attr = ] sbfsjkxr.ini -> %SystemRoot%\System32\sbfsjkxr.ini -> [Ver = | Size = 1188492 bytes | Created Date = 2008-02-04 12:00:00 | Attr = HS] sed.exe -> %SystemRoot%\System32\sed.exe -> [Ver = | Size = 98816 bytes | Created Date = 2008-03-11 20:04:33 | Attr = ] seldigcc.exe -> %SystemRoot%\System32\seldigcc.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-06 18:50:41 | Attr = ] sfjneibe.dll -> %SystemRoot%\System32\sfjneibe.dll -> [Ver = | Size = 90176 bytes | Created Date = 2008-01-11 21:42:00 | Attr = ] sgfsiufq.dll -> %SystemRoot%\System32\sgfsiufq.dll -> [Ver = | Size = 90176 bytes | Created Date = 2007-12-27 17:51:20 | Attr = ] sgtrllbm.exe -> %SystemRoot%\System32\sgtrllbm.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2007-12-31 18:26:55 | Attr = ] shdocpe.dll -> %SystemRoot%\System32\shdocpe.dll -> [Ver = | Size = 15360 bytes | Created Date = 2008-03-10 00:51:28 | Attr = ] shjhgtmx.ini -> %SystemRoot%\System32\shjhgtmx.ini -> [Ver = | Size = 1089316 bytes | Created Date = 2008-01-22 20:49:13 | Attr = HS] sieieuey.dll -> %SystemRoot%\System32\sieieuey.dll -> [Ver = | Size = 78912 bytes | Created Date = 2008-01-30 17:09:26 | Attr = ] SIPSPI32.dll -> %SystemRoot%\System32\SIPSPI32.dll -> [Ver = | Size = 11008 bytes | Created Date = 2008-03-10 00:51:32 | Attr = ] sjboaplj.ini -> %SystemRoot%\System32\sjboaplj.ini -> [Ver = | Size = 1302502 bytes | Created Date = 2008-03-04 12:20:16 | Attr = HS] sjcgyqyd.exe -> %SystemRoot%\System32\sjcgyqyd.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-22 16:05:05 | Attr = ] slkkuwtt.dll -> %SystemRoot%\System32\slkkuwtt.dll -> [Ver = | Size = 76864 bytes | Created Date = 2008-01-11 21:38:53 | Attr = ] slryupkh.dll -> %SystemRoot%\System32\slryupkh.dll -> [Ver = | Size = 91712 bytes | Created Date = 2008-02-28 22:35:11 | Attr = ] smcdhbrt.ini -> %SystemRoot%\System32\smcdhbrt.ini -> [Ver = | Size = 1247186 bytes | Created Date = 2008-02-20 10:58:33 | Attr = HS] smjegtsm.dll -> %SystemRoot%\System32\smjegtsm.dll -> [Ver = | Size = 92736 bytes | Created Date = 2008-02-04 18:28:49 | Attr = ] sneyfsgk.dll -> %SystemRoot%\System32\sneyfsgk.dll -> [Ver = | Size = 76864 bytes | Created Date = 2008-01-17 09:55:32 | Attr = ] spycibrv.dll -> %SystemRoot%\System32\spycibrv.dll -> [Ver = | Size = 84544 bytes | Created Date = 2008-03-03 12:31:41 | Attr = ] SrchSTS.exe -> %SystemRoot%\System32\SrchSTS.exe -> S!Ri [Ver = | Size = 288417 bytes | Created Date = 2008-03-11 01:03:34 | Attr = ] sugiiscn.ini -> %SystemRoot%\System32\sugiiscn.ini -> [Ver = | Size = 1143472 bytes | Created Date = 2008-01-28 19:38:30 | Attr = HS] swreg.exe -> %SystemRoot%\System32\swreg.exe -> SteelWerX [Ver = 3.0.0.0 | Size = 161792 bytes | Created Date = 2008-03-11 01:03:34 | Attr = ] swsc.exe -> %SystemRoot%\System32\swsc.exe -> [Ver = | Size = 40960 bytes | Created Date = 2008-03-11 01:03:34 | Attr = ] swxcacls.exe -> %SystemRoot%\System32\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 79360 bytes | Created Date = 2008-03-11 01:03:34 | Attr = ] sysgpguw.ini -> %SystemRoot%\System32\sysgpguw.ini -> [Ver = | Size = 1043920 bytes | Created Date = 2008-01-06 18:53:55 | Attr = HS] tavsuecn.ini -> %SystemRoot%\System32\tavsuecn.ini -> [Ver = | Size = 988112 bytes | Created Date = 2007-12-23 12:28:41 | Attr = HS] tburhgrm.exe -> %SystemRoot%\System32\tburhgrm.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-11 11:38:12 | Attr = ] tcerysux.exe -> %SystemRoot%\System32\tcerysux.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-07 19:04:56 | Attr = ] tghsdvad.dll -> %SystemRoot%\System32\tghsdvad.dll -> [Ver = | Size = 86080 bytes | Created Date = 2008-02-27 13:46:25 | Attr = ] tibmxoay.ini -> %SystemRoot%\System32\tibmxoay.ini -> [Ver = | Size = 1089668 bytes | Created Date = 2008-01-22 17:37:51 | Attr = HS] ticglxde.dll -> %SystemRoot%\System32\ticglxde.dll -> [Ver = | Size = 90176 bytes | Created Date = 2008-01-14 21:24:12 | Attr = ] tkijpaoa.ini -> %SystemRoot%\System32\tkijpaoa.ini -> [Ver = | Size = 1054038 bytes | Created Date = 2008-01-10 18:36:08 | Attr = HS] tlqbjovx.exe -> %SystemRoot%\System32\tlqbjovx.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-15 13:40:51 | Attr = ] tlxuhcga.ini -> %SystemRoot%\System32\tlxuhcga.ini -> [Ver = | Size = 1018914 bytes | Created Date = 2007-12-26 12:18:23 | Attr = HS] tmp.reg -> %SystemRoot%\System32\tmp.reg -> [Ver = | Size = 2572 bytes | Created Date = 2008-03-11 01:05:03 | Attr = ] tobofkeh.dll -> %SystemRoot%\System32\tobofkeh.dll -> [Ver = | Size = 91200 bytes | Created Date = 2008-03-10 01:55:00 | Attr = ] tpubxhvm.exe -> %SystemRoot%\System32\tpubxhvm.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-31 12:37:12 | Attr = ] tsuhvphk.ini -> %SystemRoot%\System32\tsuhvphk.ini -> [Ver = | Size = 1302622 bytes | Created Date = 2008-03-04 12:57:53 | Attr = HS] tugigusl.ini -> %SystemRoot%\System32\tugigusl.ini -> [Ver = | Size = 1044040 bytes | Created Date = 2008-01-06 21:50:14 | Attr = HS] tuvixknc.ini -> %SystemRoot%\System32\tuvixknc.ini -> [Ver = | Size = 1009966 bytes | Created Date = 2007-12-25 11:11:57 | Attr = HS] twvdjwui.dll -> %SystemRoot%\System32\twvdjwui.dll -> [Ver = | Size = 79424 bytes | Created Date = 2008-01-21 16:33:33 | Attr = ] txdranio.exe -> %SystemRoot%\System32\txdranio.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2007-12-23 12:25:30 | Attr = ] tyhijffy.dll -> %SystemRoot%\System32\tyhijffy.dll -> [Ver = | Size = 86080 bytes | Created Date = 2008-02-13 11:24:11 | Attr = ] uccnvwyw.exe -> %SystemRoot%\System32\uccnvwyw.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-01 10:24:07 | Attr = ] udtynivj.exe -> %SystemRoot%\System32\udtynivj.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2007-12-23 18:46:48 | Attr = ] ugqtygkb.dll -> %SystemRoot%\System32\ugqtygkb.dll -> [Ver = | Size = 76864 bytes | Created Date = 2008-01-07 21:29:08 | Attr = ] uheaynvb.exe -> %SystemRoot%\System32\uheaynvb.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-23 15:21:54 | Attr = ] uhueknjg.ini -> %SystemRoot%\System32\uhueknjg.ini -> [Ver = | Size = 1076689 bytes | Created Date = 2008-01-18 11:53:33 | Attr = HS] uitskogr.dll -> %SystemRoot%\System32\uitskogr.dll -> [Ver = | Size = 88640 bytes | Created Date = 2008-03-01 16:15:21 | Attr = ] ukeibife.dll -> %SystemRoot%\System32\ukeibife.dll -> [Ver = | Size = 91712 bytes | Created Date = 2008-02-28 13:22:00 | Attr = ] ukosgsjc.exe -> %SystemRoot%\System32\ukosgsjc.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-04 14:39:23 | Attr = ] ukrxetya.ini -> %SystemRoot%\System32\ukrxetya.ini -> [Ver = | Size = 968097 bytes | Created Date = 2007-12-23 12:45:46 | Attr = HS] ulooocjm.dll -> %SystemRoot%\System32\ulooocjm.dll -> [Ver = | Size = 94272 bytes | Created Date = 2008-02-06 20:55:02 | Attr = ] uncerody.ini -> %SystemRoot%\System32\uncerody.ini -> [Ver = | Size = 1246747 bytes | Created Date = 2008-02-28 16:05:55 | Attr = HS] uncnxdsd.ini -> %SystemRoot%\System32\uncnxdsd.ini -> [Ver = | Size = 1235041 bytes | Created Date = 2008-02-13 18:10:46 | Attr = HS] ungavyte.dll -> %SystemRoot%\System32\ungavyte.dll -> [Ver = | Size = 93760 bytes | Created Date = 2008-02-10 14:53:07 | Attr = ] uuhenara.exe -> %SystemRoot%\System32\uuhenara.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2007-12-24 12:51:05 | Attr = ] uuuorxfk.ini -> %SystemRoot%\System32\uuuorxfk.ini -> [Ver = | Size = 1031199 bytes | Created Date = 2008-01-02 16:16:48 | Attr = HS] uvquwboc.ini -> %SystemRoot%\System32\uvquwboc.ini -> [Ver = | Size = 1027822 bytes | Created Date = 2007-12-27 11:51:39 | Attr = HS] uxfbessk.ini -> %SystemRoot%\System32\uxfbessk.ini -> [Ver = | Size = 1192418 bytes | Created Date = 2008-02-05 17:53:05 | Attr = HS] uxvjmeeb.dll -> %SystemRoot%\System32\uxvjmeeb.dll -> [Ver = | Size = 89664 bytes | Created Date = 2008-03-05 14:45:29 | Attr = ] uyexnnml.ini -> %SystemRoot%\System32\uyexnnml.ini -> [Ver = | Size = 987754 bytes | Created Date = 2007-12-21 12:37:06 | Attr = HS] VACFix.exe -> %SystemRoot%\System32\VACFix.exe -> S!Ri.URZ [Ver = | Size = 86528 bytes | Created Date = 2008-03-11 01:03:34 | Attr = ] vasveioe.dll -> %SystemRoot%\System32\vasveioe.dll -> [Ver = | Size = 78400 bytes | Created Date = 2008-01-04 12:56:29 | Attr = ] vbuuvaam.dll -> %SystemRoot%\System32\vbuuvaam.dll -> [Ver = | Size = 89152 bytes | Created Date = 2008-02-24 12:17:24 | Attr = ] VCCLSID.exe -> %SystemRoot%\System32\VCCLSID.exe -> S!Ri [Ver = | Size = 289144 bytes | Created Date = 2008-03-11 01:03:34 | Attr = ] vcirlutn.dll -> %SystemRoot%\System32\vcirlutn.dll -> [Ver = | Size = 85568 bytes | Created Date = 2008-01-21 16:36:33 | Attr = ] vdapvbcw.dll -> %SystemRoot%\System32\vdapvbcw.dll -> [Ver = | Size = 91712 bytes | Created Date = 2008-03-04 19:16:19 | Attr = ] vdibqhud.ini -> %SystemRoot%\System32\vdibqhud.ini -> [Ver = | Size = 1060494 bytes | Created Date = 2008-01-14 12:37:26 | Attr = HS] vdvsjijn.exe -> %SystemRoot%\System32\vdvsjijn.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2007-12-28 21:24:10 | Attr = ] vexahhaa.dll -> %SystemRoot%\System32\vexahhaa.dll -> [Ver = | Size = 96832 bytes | Created Date = 2008-03-05 14:48:29 | Attr = ] VFind.exe -> %SystemRoot%\System32\VFind.exe -> [Ver = | Size = 49152 bytes | Created Date = 2008-03-11 20:04:33 | Attr = ] vfvjagxn.exe -> %SystemRoot%\System32\vfvjagxn.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-04 13:30:00 | Attr = ] vhcvismm.exe -> %SystemRoot%\System32\vhcvismm.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-06 21:46:44 | Attr = ] viwivulv.dll -> %SystemRoot%\System32\viwivulv.dll -> [Ver = | Size = 87104 bytes | Created Date = 2008-01-04 14:42:22 | Attr = ] vjphrjye.dll -> %SystemRoot%\System32\vjphrjye.dll -> [Ver = | Size = 90176 bytes | Created Date = 2008-01-11 11:44:12 | Attr = ] vkndsvhn.dll -> %SystemRoot%\System32\vkndsvhn.dll -> [Ver = | Size = 85568 bytes | Created Date = 2007-12-21 23:21:00 | Attr = ] vldfgvtn.dll -> %SystemRoot%\System32\vldfgvtn.dll -> [Ver = | Size = 90176 bytes | Created Date = 2008-02-25 11:10:17 | Attr = ] vluviwiv.ini -> %SystemRoot%\System32\vluviwiv.ini -> [Ver = | Size = 1038364 bytes | Created Date = 2008-01-04 14:42:34 | Attr = HS] vnnxhevr.dll -> %SystemRoot%\System32\vnnxhevr.dll -> [Ver = | Size = 93248 bytes | Created Date = 2008-02-13 11:18:05 | Attr = ] vohqcquo.exe -> %SystemRoot%\System32\vohqcquo.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-14 21:18:16 | Attr = ] vrbicyps.ini -> %SystemRoot%\System32\vrbicyps.ini -> [Ver = | Size = 1286201 bytes | Created Date = 2008-03-03 12:31:42 | Attr = HS] vteruxds.dll -> %SystemRoot%\System32\vteruxds.dll -> [Ver = | Size = 91712 bytes | Created Date = 2008-02-29 18:37:20 | Attr = ] vttjqray.dll -> %SystemRoot%\System32\vttjqray.dll -> [Ver = | Size = 94784 bytes | Created Date = 2008-02-09 18:53:46 | Attr = ] vtuvvwx.dll -> %SystemRoot%\System32\vtuvvwx.dll -> [Ver = | Size = 39936 bytes | Created Date = 2008-03-09 21:25:49 | Attr = ] vuphagcc.exe -> %SystemRoot%\System32\vuphagcc.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2007-12-27 11:48:31 | Attr = ] vuutlqnd.dll -> %SystemRoot%\System32\vuutlqnd.dll -> [Ver = | Size = 80960 bytes | Created Date = 2008-01-24 19:10:27 | Attr = ] vwyhjkxh.dll -> %SystemRoot%\System32\vwyhjkxh.dll -> [Ver = | Size = 91712 bytes | Created Date = 2008-03-05 12:04:49 | Attr = ] vyqbgkdi.dll -> %SystemRoot%\System32\vyqbgkdi.dll -> [Ver = | Size = 79936 bytes | Created Date = 2008-01-10 14:10:13 | Attr = ] wasjewcy.ini -> %SystemRoot%\System32\wasjewcy.ini -> [Ver = | Size = 1031638 bytes | Created Date = 2008-01-04 11:05:23 | Attr = HS] watgisxh.dll -> %SystemRoot%\System32\watgisxh.dll -> [Ver = | Size = 92736 bytes | Created Date = 2008-02-17 15:36:27 | Attr = ] wgbxrrlt.dll -> %SystemRoot%\System32\wgbxrrlt.dll -> [Ver = | Size = 90688 bytes | Created Date = 2008-02-26 13:21:19 | Attr = ] whrxauxt.dll -> %SystemRoot%\System32\whrxauxt.dll -> [Ver = | Size = 89152 bytes | Created Date = 2008-02-27 19:53:12 | Attr = ] wiybjvwe.dll -> %SystemRoot%\System32\wiybjvwe.dll -> [Ver = | Size = 95296 bytes | Created Date = 2008-03-04 12:54:51 | Attr = ] wkkvbphs.dll -> %SystemRoot%\System32\wkkvbphs.dll -> [Ver = | Size = 78912 bytes | Created Date = 2008-01-22 14:07:18 | Attr = ] wowfx.dll -> %SystemRoot%\System32\wowfx.dll -> [Ver = | Size = 18944 bytes | Created Date = 2008-03-09 21:49:52 | Attr = ] wppbenpr.ini -> %SystemRoot%\System32\wppbenpr.ini -> [Ver = | Size = 1217593 bytes | Created Date = 2008-02-12 19:21:47 | Attr = HS] wrlskwyi.dll -> %SystemRoot%\System32\wrlskwyi.dll -> [Ver = | Size = 77888 bytes | Created Date = 2008-01-15 13:37:52 | Attr = ] WS2Fix.exe -> %SystemRoot%\System32\WS2Fix.exe -> [Ver = | Size = 25600 bytes | Created Date = 2008-03-11 01:03:34 | Attr = ] wwecyiru.dll -> %SystemRoot%\System32\wwecyiru.dll -> [Ver = | Size = 78912 bytes | Created Date = 2008-01-05 20:18:29 | Attr = ] wwvut.ini2 -> %SystemRoot%\System32\wwvut.ini2 -> [Ver = | Size = 211909 bytes | Created Date = 2008-03-10 17:56:52 | Attr = HS] wxxauokt.exe -> %SystemRoot%\System32\wxxauokt.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-15 11:18:22 | Attr = ] wyuijhvs.ini -> %SystemRoot%\System32\wyuijhvs.ini -> [Ver = | Size = 1060442 bytes | Created Date = 2008-01-14 18:15:07 | Attr = HS] xbkrhwef.exe -> %SystemRoot%\System32\xbkrhwef.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2007-12-25 18:00:17 | Attr = ] xcbdelgj.ini -> %SystemRoot%\System32\xcbdelgj.ini -> [Ver = | Size = 1058434 bytes | Created Date = 2008-01-11 22:14:02 | Attr = HS] xfxrttmi.dll -> %SystemRoot%\System32\xfxrttmi.dll -> [Ver = | Size = 93248 bytes | Created Date = 2008-02-13 18:07:23 | Attr = ] xgmmuhry.ini -> %SystemRoot%\System32\xgmmuhry.ini -> [Ver = | Size = 1049509 bytes | Created Date = 2008-01-09 11:50:57 | Attr = HS] xjjkdkeo.dll -> %SystemRoot%\System32\xjjkdkeo.dll -> [Ver = | Size = 93248 bytes | Created Date = 2008-02-12 11:40:35 | Attr = ] xjxxwaxk.exe -> %SystemRoot%\System32\xjxxwaxk.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2007-12-26 12:18:15 | Attr = ] xkjqthtw.ini -> %SystemRoot%\System32\xkjqthtw.ini -> [Ver = | Size = 1188612 bytes | Created Date = 2008-02-04 17:15:58 | Attr = HS] xkvvvnpe.ini -> %SystemRoot%\System32\xkvvvnpe.ini -> [Ver = | Size = 1044215 bytes | Created Date = 2008-01-07 19:05:11 | Attr = HS] xlipjvve.exe -> %SystemRoot%\System32\xlipjvve.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-25 17:58:38 | Attr = ] xlkexhnm.dll -> %SystemRoot%\System32\xlkexhnm.dll -> [Ver = | Size = 91712 bytes | Created Date = 2008-02-29 11:37:02 | Attr = ] xlvdvvjb.dll -> %SystemRoot%\System32\xlvdvvjb.dll -> [Ver = | Size = 78400 bytes | Created Date = 2008-01-04 13:27:22 | Attr = ] xmtghjhs.dll -> %SystemRoot%\System32\xmtghjhs.dll -> [Ver = | Size = 88640 bytes | Created Date = 2008-01-22 20:48:52 | Attr = ] xpbfbafa.dll -> %SystemRoot%\System32\xpbfbafa.dll -> [Ver = | Size = 90176 bytes | Created Date = 2008-01-01 10:25:24 | Attr = ] xtijatws.exe -> %SystemRoot%\System32\xtijatws.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-13 12:01:23 | Attr = ] xuvxrqyr.dll -> %SystemRoot%\System32\xuvxrqyr.dll -> [Ver = | Size = 97344 bytes | Created Date = 2008-02-18 12:03:33 | Attr = ] xybcdjgx.ini -> %SystemRoot%\System32\xybcdjgx.ini -> [Ver = | Size = 1248527 bytes | Created Date = 2008-02-18 12:06:44 | Attr = HS] xykaqsvw.exe -> %SystemRoot%\System32\xykaqsvw.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2007-12-21 23:20:48 | Attr = ] yaoxmbit.dll -> %SystemRoot%\System32\yaoxmbit.dll -> [Ver = | Size = 88640 bytes | Created Date = 2008-01-22 17:37:36 | Attr = ] ycngioof.exe -> %SystemRoot%\System32\ycngioof.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-25 16:26:56 | Attr = ] ycwejsaw.dll -> %SystemRoot%\System32\ycwejsaw.dll -> [Ver = | Size = 87104 bytes | Created Date = 2008-01-04 11:05:20 | Attr = ] ydctoclo.dll -> %SystemRoot%\System32\ydctoclo.dll -> [Ver = | Size = 89152 bytes | Created Date = 2008-02-24 18:51:02 | Attr = ] ydorecnu.dll -> %SystemRoot%\System32\ydorecnu.dll -> [Ver = | Size = 85056 bytes | Created Date = 2008-02-28 16:05:53 | Attr = ] yffjihyt.ini -> %SystemRoot%\System32\yffjihyt.ini -> [Ver = | Size = 1234981 bytes | Created Date = 2008-02-13 11:24:41 | Attr = HS] yiqhnywn.dll -> %SystemRoot%\System32\yiqhnywn.dll -> [Ver = | Size = 89664 bytes | Created Date = 2008-01-23 19:42:43 | Attr = ] yiulurug.ini -> %SystemRoot%\System32\yiulurug.ini -> [Ver = | Size = 1111205 bytes | Created Date = 2008-02-22 11:41:22 | Attr = HS] yjjhoxuf.ini -> %SystemRoot%\System32\yjjhoxuf.ini -> [Ver = | Size = 1056976 bytes | Created Date = 2008-01-15 16:34:12 | Attr = HS] yjpsnoxq.dll -> %SystemRoot%\System32\yjpsnoxq.dll -> [Ver = | Size = 93248 bytes | Created Date = 2008-02-11 14:05:11 | Attr = ] ymjccbli.exe -> %SystemRoot%\System32\ymjccbli.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2007-12-26 23:18:28 | Attr = ] ypnrodua.ini -> %SystemRoot%\System32\ypnrodua.ini -> [Ver = | Size = 1044032 bytes | Created Date = 2008-01-05 19:02:26 | Attr = HS] yrcafscc.ini -> %SystemRoot%\System32\yrcafscc.ini -> [Ver = | Size = 1262108 bytes | Created Date = 2008-02-26 13:21:15 | Attr = HS] yrkhsjxf.ini -> %SystemRoot%\System32\yrkhsjxf.ini -> [Ver = | Size = 1243195 bytes | Created Date = 2008-02-29 13:26:30 | Attr = HS] ystwbnwk.dll -> %SystemRoot%\System32\ystwbnwk.dll -> [Ver = | Size = 78912 bytes | Created Date = 2008-01-05 19:02:14 | Attr = ] yubdxbyc.dll -> %SystemRoot%\System32\yubdxbyc.dll -> [Ver = | Size = 78400 bytes | Created Date = 2008-01-03 12:41:30 | Attr = ] yudqdbil.dll -> %SystemRoot%\System32\yudqdbil.dll -> [Ver = | Size = 89664 bytes | Created Date = 2008-02-28 23:03:05 | Attr = ] yuxvvrow.exe -> %SystemRoot%\System32\yuxvvrow.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-11 22:10:38 | Attr = ] yvdenjbw.exe -> %SystemRoot%\System32\yvdenjbw.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Created Date = 2008-01-18 11:50:21 | Attr = ] zip.exe -> %SystemRoot%\System32\zip.exe -> [Ver = | Size = 68096 bytes | Created Date = 2008-03-11 20:04:33 | Attr = ] 123messenger.per -> %SystemRoot%\123messenger.per -> [Ver = | Size = 15872 bytes | Created Date = 2008-03-10 00:51:55 | Attr = ] apphelp32.dll -> %SystemRoot%\apphelp32.dll -> [Ver = | Size = 20480 bytes | Created Date = 2008-03-10 00:50:59 | Attr = ] asferror32.dll -> %SystemRoot%\asferror32.dll -> [Ver = | Size = 16384 bytes | Created Date = 2008-03-10 00:51:00 | Attr = ] asycfilt32.dll -> %SystemRoot%\asycfilt32.dll -> [Ver = | Size = 15872 bytes | Created Date = 2008-03-10 00:51:00 | Attr = ] athprxy32.dll -> %SystemRoot%\athprxy32.dll -> [Ver = | Size = 12288 bytes | Created Date = 2008-03-10 00:51:00 | Attr = ] ati2dvaa32.dll -> %SystemRoot%\ati2dvaa32.dll -> [Ver = | Size = 20480 bytes | Created Date = 2008-03-10 00:51:01 | Attr = ] ati2dvag32.dll -> %SystemRoot%\ati2dvag32.dll -> [Ver = | Size = 13824 bytes | Created Date = 2008-03-10 00:51:01 | Attr = ] audiosrv32.dll -> %SystemRoot%\audiosrv32.dll -> [Ver = | Size = 30208 bytes | Created Date = 2008-03-10 00:51:02 | Attr = ] autodisc32.dll -> %SystemRoot%\autodisc32.dll -> [Ver = | Size = 31744 bytes | Created Date = 2008-03-10 00:51:03 | Attr = ] avifile32.dll -> %SystemRoot%\avifile32.dll -> [Ver = | Size = 15872 bytes | Created Date = 2008-03-10 00:51:03 | Attr = ] avisynthex32.dll -> %SystemRoot%\avisynthex32.dll -> [Ver = | Size = 21248 bytes | Created Date = 2008-03-10 00:51:03 | Attr = ] aviwrap32.dll -> %SystemRoot%\aviwrap32.dll -> [Ver = | Size = 29184 bytes | Created Date = 2008-03-10 00:51:04 | Attr = ] BMcfac83c8.xml -> %SystemRoot%\BMcfac83c8.xml -> [Ver = | Size = 109636 bytes | Created Date = 2008-02-27 13:43:33 | Attr = ] browserad.dll -> %SystemRoot%\browserad.dll -> [Ver = | Size = 26624 bytes | Created Date = 2008-03-10 00:51:05 | Attr = ] changeurl_30.dll -> %SystemRoot%\changeurl_30.dll -> [Ver = | Size = 21504 bytes | Created Date = 2008-03-10 00:50:54 | Attr = ] didduid.ini -> %SystemRoot%\didduid.ini -> [Ver = | Size = 29952 bytes | Created Date = 2008-03-10 00:54:34 | Attr = ] erdnt -> %SystemRoot%\erdnt -> [Folder | Created Date = 2008-03-11 20:06:29 | Attr = ] FLEOK -> %SystemRoot%\FLEOK -> [Folder | Created Date = 2008-03-10 00:54:34 | Attr = ] Minidump -> %SystemRoot%\Minidump -> [Folder | Created Date = 2008-01-04 12:50:52 | Attr = ] msa64chk.dll -> %SystemRoot%\msa64chk.dll -> [Ver = | Size = 11264 bytes | Created Date = 2008-03-10 00:51:57 | Attr = ] msapasrc.dll -> %SystemRoot%\msapasrc.dll -> [Ver = | Size = 16384 bytes | Created Date = 2008-03-10 00:51:57 | Attr = ] Nircmd.exe -> %SystemRoot%\Nircmd.exe -> NirSoft [Ver = 2.05 | Size = 28160 bytes | Created Date = 2008-03-11 20:04:33 | Attr = ] ntnut.exe -> %SystemRoot%\ntnut.exe -> [Ver = | Size = 29184 bytes | Created Date = 2008-03-10 00:51:27 | Attr = ] PSEXESVC.EXE -> %SystemRoot%\PSEXESVC.EXE -> Sysinternals [Ver = 1.70 | Size = 53248 bytes | Created Date = 2008-03-11 20:04:16 | Attr = ] pskt.ini -> %SystemRoot%\pskt.ini -> [Ver = | Size = 22 bytes | Created Date = 2008-03-11 22:55:49 | Attr = ] shdocpe.dll -> %SystemRoot%\shdocpe.dll -> [Ver = | Size = 20224 bytes | Created Date = 2008-03-10 00:51:26 | Attr = ] shdocpl.dll -> %SystemRoot%\shdocpl.dll -> [Ver = | Size = 14848 bytes | Created Date = 2008-03-10 00:51:27 | Attr = ] solcache -> %SystemRoot%\solcache -> [Folder | Created Date = 2007-12-25 11:58:05 | Attr = ] winsb.dll -> %SystemRoot%\winsb.dll -> [Ver = | Size = 24832 bytes | Created Date = 2008-03-10 00:51:10 | Attr = ] [Files Created - Additional Folder Scans - Non-Microsoft Only] Grisoft -> %AllUsersProfile%\Application Data\Grisoft -> [Folder | Created Date = 2008-03-11 00:53:02 | Attr = ] Lavasoft -> %AllUsersProfile%\Application Data\Lavasoft -> [Folder | Created Date = 2008-03-10 01:11:18 | Attr = ] Macromedia -> %AllUsersProfile%\Application Data\Macromedia -> [Folder | Created Date = 2008-02-27 20:24:04 | Attr = ] SUPERAntiSpyware.com -> %AllUsersProfile%\Application Data\SUPERAntiSpyware.com -> [Folder | Created Date = 2008-03-10 16:13:05 | Attr = ] TEMP -> %AllUsersProfile%\Application Data\TEMP -> [Folder | Created Date = 2008-03-09 21:59:51 | Attr = ] @Alternate Data Stream - 98 bytes -> %AllUsersProfile%\Application Data\TEMP:DFC5A2B2 WLInstaller -> %AllUsersProfile%\Application Data\WLInstaller -> [Folder | Created Date = 2008-03-03 00:30:10 | Attr = ] Grisoft -> %AppData%\Grisoft -> [Folder | Created Date = 2008-03-11 01:34:59 | Attr = ] SUPERAntiSpyware.com -> %AppData%\SUPERAntiSpyware.com -> [Folder | Created Date = 2008-03-10 16:09:49 | Attr = ] PCHealth -> %UserProfile%\Local Settings\Application Data\PCHealth -> [Folder | Created Date = 2008-03-03 01:39:19 | Attr = ] Adobe Scripts -> %UserProfile%\My Documents\Adobe Scripts -> [Folder | Created Date = 2008-02-12 18:33:40 | Attr = ] CV Shit -> %UserProfile%\My Documents\CV Shit -> [Folder | Created Date = 2008-03-03 14:17:10 | Attr = ] My Stationery -> %UserProfile%\My Documents\My Stationery -> [Folder | Created Date = 2008-03-03 02:01:35 | Attr = R S] Updater -> %UserProfile%\My Documents\Updater -> [Folder | Created Date = 2008-03-05 20:52:49 | Attr = ] 46194.gp4 -> %UserProfile%\Desktop\46194.gp4 -> [Ver = | Size = 20179 bytes | Created Date = 2008-03-16 18:38:05 | Attr = ] Cleaning Tools -> %UserProfile%\Desktop\Cleaning Tools -> [Folder | Created Date = 2008-03-11 00:47:05 | Attr = ] dss.exe -> %UserProfile%\Desktop\dss.exe -> [Ver = 3, 2, 8, 1 | Size = 686630 bytes | Created Date = 2008-03-12 17:11:39 | Attr = ] Thumbs.db -> %UserProfile%\Desktop\Thumbs.db -> [Ver = | Size = 6144 bytes | Created Date = 2008-02-11 16:44:38 | Attr = HS] @Alternate Data Stream - 0 bytes -> %UserProfile%\Desktop\Thumbs.db:encryptable WinPFind35u -> %UserProfile%\Desktop\WinPFind35u -> [Folder | Created Date = 2008-03-18 00:44:34 | Attr = ] WinPFind35u.exe -> %UserProfile%\Desktop\WinPFind35u.exe -> [Ver = | Size = 481244 bytes | Created Date = 2008-03-17 22:39:32 | Attr = ] Macromedia -> %CommonProgramFiles%\Macromedia -> [Folder | Created Date = 2008-02-27 20:19:09 | Attr = ] WindowsLiveInstaller -> %CommonProgramFiles%\WindowsLiveInstaller -> [Folder | Created Date = 2008-03-03 00:35:17 | Attr = HS] [Files/Folders - Modified Within 90 days] boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 222 bytes | Modified Date = 2008-02-11 23:57:45 | Attr = HS] Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 2008-03-16 22:25:17 | Attr = HS] Deckard -> %SystemDrive%\Deckard -> [Folder | Modified Date = 2008-03-12 17:17:32 | Attr = ] hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 267964416 bytes | Modified Date = 2008-03-17 11:51:47 | Attr = HS] Program Files -> %ProgramFiles% -> [Folder | Modified Date = 2008-03-16 22:19:16 | Attr = R ] VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Modified Date = 2008-03-16 23:20:13 | Attr = ] WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 2008-03-18 00:43:06 | Attr = ] tmcomm.sys -> %SystemRoot%\System32\drivers\tmcomm.sys -> Trend Micro Inc. [Ver = 1.6.0.1059 | Size = 102664 bytes | Modified Date = 2008-03-10 22:49:24 | Attr = ] aakbgmdi.dll -> %SystemRoot%\System32\aakbgmdi.dll -> [Ver = | Size = 91712 bytes | Modified Date = 2008-03-05 14:42:31 | Attr = ] aanfdldq.dll -> %SystemRoot%\System32\aanfdldq.dll -> [Ver = | Size = 92224 bytes | Modified Date = 2008-02-07 16:04:44 | Attr = ] acfffaeddbcec.dll -> %SystemRoot%\System32\acfffaeddbcec.dll -> [Ver = | Size = 93184 bytes | Modified Date = 2008-03-10 22:25:55 | Attr = ] acfotmix.ini -> %SystemRoot%\System32\acfotmix.ini -> [Ver = | Size = 1307434 bytes | Modified Date = 2008-03-06 12:47:42 | Attr = HS] afabfbpx.ini -> %SystemRoot%\System32\afabfbpx.ini -> [Ver = | Size = 1031859 bytes | Modified Date = 2008-01-01 10:25:48 | Attr = HS] agchuxlt.dll -> %SystemRoot%\System32\agchuxlt.dll -> [Ver = | Size = 87104 bytes | Modified Date = 2007-12-26 12:18:20 | Attr = ] aigphkbe.dll -> %SystemRoot%\System32\aigphkbe.dll -> [Ver = | Size = 92736 bytes | Modified Date = 2008-01-31 12:39:23 | Attr = ] albinkab.dll -> %SystemRoot%\System32\albinkab.dll -> [Ver = | Size = 91200 bytes | Modified Date = 2008-03-10 12:38:53 | Attr = ] aldtvvtr.dll -> %SystemRoot%\System32\aldtvvtr.dll -> [Ver = | Size = 91712 bytes | Modified Date = 2008-03-01 16:12:19 | Attr = ] alupvwre.ini -> %SystemRoot%\System32\alupvwre.ini -> [Ver = | Size = 1286141 bytes | Modified Date = 2008-03-03 11:29:24 | Attr = HS] appwbpun.ini -> %SystemRoot%\System32\appwbpun.ini -> [Ver = | Size = 990093 bytes | Modified Date = 2007-12-20 18:52:45 | Attr = HS] audornpy.dll -> %SystemRoot%\System32\audornpy.dll -> [Ver = | Size = 90176 bytes | Modified Date = 2008-01-05 19:02:23 | Attr = ] awkyeqnk.dll -> %SystemRoot%\System32\awkyeqnk.dll -> [Ver = | Size = 95808 bytes | Modified Date = 2008-02-08 12:53:14 | Attr = ] axeykeup.dll -> %SystemRoot%\System32\axeykeup.dll -> [Ver = | Size = 79424 bytes | Modified Date = 2008-01-11 11:41:25 | Attr = ] aytexrku.dll -> %SystemRoot%\System32\aytexrku.dll -> [Ver = | Size = 87104 bytes | Modified Date = 2007-12-23 12:45:44 | Attr = ] bchnvvrw.ini -> %SystemRoot%\System32\bchnvvrw.ini -> [Ver = | Size = 1060442 bytes | Modified Date = 2008-01-12 13:31:20 | Attr = HS] bdebafab.dll -> %SystemRoot%\System32\bdebafab.dll -> [Ver = | Size = 108562 bytes | Modified Date = 2008-03-04 12:48:44 | Attr = ] bdobqtqk.dll -> %SystemRoot%\System32\bdobqtqk.dll -> [Ver = | Size = 89664 bytes | Modified Date = 2008-03-05 12:07:51 | Attr = ] bdwdlmyd.ini -> %SystemRoot%\System32\bdwdlmyd.ini -> [Ver = | Size = 1043975 bytes | Modified Date = 2008-01-08 14:06:54 | Attr = HS] beemjvxu.ini -> %SystemRoot%\System32\beemjvxu.ini -> [Ver = | Size = 1302838 bytes | Modified Date = 2008-03-05 14:45:48 | Attr = HS] bevkahlo.ini -> %SystemRoot%\System32\bevkahlo.ini -> [Ver = | Size = 1090285 bytes | Modified Date = 2008-02-24 12:18:49 | Attr = HS] bgrvqljv.ini -> %SystemRoot%\System32\bgrvqljv.ini -> [Ver = | Size = 1031199 bytes | Modified Date = 2007-12-28 21:21:54 | Attr = HS] bieirygr.ini -> %SystemRoot%\System32\bieirygr.ini -> [Ver = | Size = 1060682 bytes | Modified Date = 2008-01-14 09:11:56 | Attr = HS] birxlcju.ini -> %SystemRoot%\System32\birxlcju.ini -> [Ver = | Size = 1043915 bytes | Modified Date = 2008-01-08 13:58:19 | Attr = HS] blhdevry.dll -> %SystemRoot%\System32\blhdevry.dll -> [Ver = | Size = 91712 bytes | Modified Date = 2008-03-04 12:17:07 | Attr = ] boglqofr.ini -> %SystemRoot%\System32\boglqofr.ini -> [Ver = | Size = 1089376 bytes | Modified Date = 2008-01-23 12:14:09 | Attr = HS] bqkfpkqs.ini -> %SystemRoot%\System32\bqkfpkqs.ini -> [Ver = | Size = 1237531 bytes | Modified Date = 2008-02-20 09:53:06 | Attr = HS] btgouucl.ini -> %SystemRoot%\System32\btgouucl.ini -> [Ver = | Size = 990750 bytes | Modified Date = 2007-12-24 12:54:52 | Attr = HS] bvddhavv.dll -> %SystemRoot%\System32\bvddhavv.dll -> [Ver = | Size = 80448 bytes | Modified Date = 2008-01-25 17:55:50 | Attr = ] bycvqalq.exe -> %SystemRoot%\System32\bycvqalq.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-28 19:35:30 | Attr = ] CatRoot -> %SystemRoot%\System32\CatRoot -> [Folder | Modified Date = 2008-02-03 19:59:47 | Attr = ] CatRoot2 -> %SystemRoot%\System32\CatRoot2 -> [Folder | Modified Date = 2008-03-16 21:57:58 | Attr = ] cbpdslhj.ini -> %SystemRoot%\System32\cbpdslhj.ini -> [Ver = | Size = 1253834 bytes | Modified Date = 2008-02-25 10:04:55 | Attr = HS] cdimyxxf.exe -> %SystemRoot%\System32\cdimyxxf.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-11 23:24:17 | Attr = ] ceayoewi.dll -> %SystemRoot%\System32\ceayoewi.dll -> [Ver = | Size = 79424 bytes | Modified Date = 2008-01-10 18:30:06 | Attr = ] cescurvb.exe -> %SystemRoot%\System32\cescurvb.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2007-12-30 18:14:17 | Attr = ] cibpunoy.dll -> %SystemRoot%\System32\cibpunoy.dll -> [Ver = | Size = 64 bytes | Modified Date = 2008-03-01 13:50:39 | Attr = ] cmaqrrem.ini -> %SystemRoot%\System32\cmaqrrem.ini -> [Ver = | Size = 1200173 bytes | Modified Date = 2008-02-08 12:58:21 | Attr = HS] cpmmqdse.ini -> %SystemRoot%\System32\cpmmqdse.ini -> [Ver = | Size = 1279221 bytes | Modified Date = 2008-03-10 18:48:06 | Attr = HS] creyptxc.exe -> %SystemRoot%\System32\creyptxc.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-22 20:45:57 | Attr = ] csijxxyw.exe -> %SystemRoot%\System32\csijxxyw.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-22 14:10:25 | Attr = ] cvpmjoxc.ini -> %SystemRoot%\System32\cvpmjoxc.ini -> [Ver = | Size = 990213 bytes | Modified Date = 2007-12-21 11:31:23 | Attr = HS] cxdlkxio.dll -> %SystemRoot%\System32\cxdlkxio.dll -> [Ver = | Size = 64 bytes | Modified Date = 2008-03-01 13:50:46 | Attr = ] cxrvxsax.exe -> %SystemRoot%\System32\cxrvxsax.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-23 21:56:48 | Attr = ] d3d8caps.dat -> %SystemRoot%\System32\d3d8caps.dat -> [Ver = | Size = 1632 bytes | Modified Date = 2008-02-06 00:17:41 | Attr = ] d3d9caps.dat -> %SystemRoot%\System32\d3d9caps.dat -> [Ver = | Size = 1744 bytes | Modified Date = 2008-03-13 00:15:45 | Attr = ] davdshgt.ini -> %SystemRoot%\System32\davdshgt.ini -> [Ver = | Size = 1262168 bytes | Modified Date = 2008-02-27 13:46:47 | Attr = HS] ddanimhy.ini -> %SystemRoot%\System32\ddanimhy.ini -> [Ver = | Size = 1109185 bytes | Modified Date = 2008-01-23 15:16:28 | Attr = HS] dgqjmamm.dll -> %SystemRoot%\System32\dgqjmamm.dll -> [Ver = | Size = 89664 bytes | Modified Date = 2008-02-29 13:23:30 | Attr = ] dhlrqabp.dll -> %SystemRoot%\System32\dhlrqabp.dll -> [Ver = | Size = 90176 bytes | Modified Date = 2008-02-28 16:02:51 | Attr = ] dktregij.ini -> %SystemRoot%\System32\dktregij.ini -> [Ver = | Size = 1307203 bytes | Modified Date = 2008-03-09 21:18:00 | Attr = HS] dmvvxpnp.dll -> %SystemRoot%\System32\dmvvxpnp.dll -> [Ver = | Size = 91712 bytes | Modified Date = 2008-03-06 12:49:30 | Attr = ] dpfnllrl.exe -> %SystemRoot%\System32\dpfnllrl.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-16 12:04:08 | Attr = ] drivers -> %SystemRoot%\System32\drivers -> [Folder | Modified Date = 2008-03-11 21:55:53 | Attr = ] drkmmwvj.ini -> %SystemRoot%\System32\drkmmwvj.ini -> [Ver = | Size = 971429 bytes | Modified Date = 2007-12-19 11:47:05 | Attr = HS] DRVSTORE -> %SystemRoot%\System32\DRVSTORE -> [Folder | Modified Date = 2008-03-03 01:23:30 | Attr = ] dsqxtuhe.exe -> %SystemRoot%\System32\dsqxtuhe.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-30 17:06:29 | Attr = ] duhqbidv.dll -> %SystemRoot%\System32\duhqbidv.dll -> [Ver = | Size = 90176 bytes | Modified Date = 2008-01-14 12:37:13 | Attr = ] dvdryuct.dll -> %SystemRoot%\System32\dvdryuct.dll -> [Ver = | Size = 78912 bytes | Modified Date = 2008-01-28 19:33:16 | Attr = ] dwxrroxs.ini -> %SystemRoot%\System32\dwxrroxs.ini -> [Ver = | Size = 1089496 bytes | Modified Date = 2008-01-22 17:29:14 | Attr = HS] dwyjrvdq.dll -> %SystemRoot%\System32\dwyjrvdq.dll -> [Ver = | Size = 91712 bytes | Modified Date = 2008-02-28 22:59:50 | Attr = ] dymldwdb.dll -> %SystemRoot%\System32\dymldwdb.dll -> [Ver = | Size = 90176 bytes | Modified Date = 2008-01-08 14:06:33 | Attr = ] eamfsdfd.dll -> %SystemRoot%\System32\eamfsdfd.dll -> [Ver = | Size = 96832 bytes | Modified Date = 2008-03-05 12:05:04 | Attr = ] earagtsj.dll -> %SystemRoot%\System32\earagtsj.dll -> [Ver = | Size = 93248 bytes | Modified Date = 2008-02-05 11:43:13 | Attr = ] eavlpffp.ini -> %SystemRoot%\System32\eavlpffp.ini -> [Ver = | Size = 1109305 bytes | Modified Date = 2008-01-23 19:34:20 | Attr = HS] ebienjfs.ini -> %SystemRoot%\System32\ebienjfs.ini -> [Ver = | Size = 1057895 bytes | Modified Date = 2008-01-11 21:43:19 | Attr = HS] ebsvnsoe.dll -> %SystemRoot%\System32\ebsvnsoe.dll -> [Ver = | Size = 97344 bytes | Modified Date = 2008-02-18 14:06:24 | Attr = ] ebtcuser.dll -> %SystemRoot%\System32\ebtcuser.dll -> [Ver = | Size = 77888 bytes | Modified Date = 2008-01-09 11:47:42 | Attr = ] edanavmo.dll -> %SystemRoot%\System32\edanavmo.dll -> [Ver = | Size = 87104 bytes | Modified Date = 2008-01-04 13:33:01 | Attr = ] edxlgcit.ini -> %SystemRoot%\System32\edxlgcit.ini -> [Ver = | Size = 1060562 bytes | Modified Date = 2008-01-15 09:07:31 | Attr = HS] eeaffsvh.dll -> %SystemRoot%\System32\eeaffsvh.dll -> [Ver = | Size = 77376 bytes | Modified Date = 2008-01-23 19:36:52 | Attr = ] ehogavek.exe -> %SystemRoot%\System32\ehogavek.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-24 19:13:26 | Attr = ] eimdltak.ini -> %SystemRoot%\System32\eimdltak.ini -> [Ver = | Size = 1038424 bytes | Modified Date = 2008-01-05 18:02:11 | Attr = HS] ejolvgji.dll -> %SystemRoot%\System32\ejolvgji.dll -> [Ver = | Size = 96832 bytes | Modified Date = 2008-02-03 21:08:50 | Attr = ] ektnacrs.dll -> %SystemRoot%\System32\ektnacrs.dll -> [Ver = | Size = 76864 bytes | Modified Date = 2008-01-12 14:34:08 | Attr = ] elegmspq.ini -> %SystemRoot%\System32\elegmspq.ini -> [Ver = | Size = 1130338 bytes | Modified Date = 2008-01-25 18:06:14 | Attr = HS] emnwuibn.dll -> %SystemRoot%\System32\emnwuibn.dll -> [Ver = | Size = 76864 bytes | Modified Date = 2008-01-11 22:07:46 | Attr = ] enqmlsgb.dll -> %SystemRoot%\System32\enqmlsgb.dll -> [Ver = | Size = 76864 bytes | Modified Date = 2008-01-14 21:22:26 | Attr = ] erbnbcng.dll -> %SystemRoot%\System32\erbnbcng.dll -> [Ver = | Size = 76864 bytes | Modified Date = 2008-01-13 12:04:37 | Attr = ] esalcwdd.dll -> %SystemRoot%\System32\esalcwdd.dll -> [Ver = | Size = 89664 bytes | Modified Date = 2008-03-10 18:53:54 | Attr = ] estmqdrr.dll -> %SystemRoot%\System32\estmqdrr.dll -> [Ver = | Size = 75840 bytes | Modified Date = 2008-01-06 18:50:45 | Attr = ] etloqrqo.dll -> %SystemRoot%\System32\etloqrqo.dll -> [Ver = | Size = 78912 bytes | Modified Date = 2008-01-22 17:35:20 | Attr = ] eyjrhpjv.ini -> %SystemRoot%\System32\eyjrhpjv.ini -> [Ver = | Size = 1058250 bytes | Modified Date = 2008-01-11 11:45:28 | Attr = HS] eykantal.ini -> %SystemRoot%\System32\eykantal.ini -> [Ver = | Size = 1242480 bytes | Modified Date = 2008-02-15 10:16:05 | Attr = HS] fdigjsjr.dll -> %SystemRoot%\System32\fdigjsjr.dll -> [Ver = | Size = 77376 bytes | Modified Date = 2008-01-23 21:59:53 | Attr = ] fhcbwets.exe -> %SystemRoot%\System32\fhcbwets.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-14 12:34:18 | Attr = ] fhuxheni.exe -> %SystemRoot%\System32\fhuxheni.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-16 18:52:20 | Attr = ] fjmhqrdp.ini -> %SystemRoot%\System32\fjmhqrdp.ini -> [Ver = | Size = 1066463 bytes | Modified Date = 2008-01-17 12:34:51 | Attr = HS] FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [Ver = | Size = 224024 bytes | Modified Date = 2008-02-28 12:17:30 | Attr = ] fpdtlmjl.dll -> %SystemRoot%\System32\fpdtlmjl.dll -> [Ver = | Size = 93248 bytes | Modified Date = 2008-02-05 17:52:44 | Attr = ] fvjbxjaw.exe -> %SystemRoot%\System32\fvjbxjaw.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-28 13:25:56 | Attr = ] fxjshkry.dll -> %SystemRoot%\System32\fxjshkry.dll -> [Ver = | Size = 84544 bytes | Modified Date = 2008-02-29 13:26:29 | Attr = ] fyhtufkn.dll -> %SystemRoot%\System32\fyhtufkn.dll -> [Ver = | Size = 89664 bytes | Modified Date = 2008-01-23 22:02:59 | Attr = ] gbsnljyx.ini -> %SystemRoot%\System32\gbsnljyx.ini -> [Ver = | Size = 1286021 bytes | Modified Date = 2008-03-02 14:04:00 | Attr = HS] GDIPFONTCACHEV1.DAT -> %SystemRoot%\System32\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 53584 bytes | Modified Date = 2007-12-29 22:08:35 | Attr = ] gdwvuwto.ini -> %SystemRoot%\System32\gdwvuwto.ini -> [Ver = | Size = 1286021 bytes | Modified Date = 2008-03-01 13:49:29 | Attr = HS] gefvhsff.dll -> %SystemRoot%\System32\gefvhsff.dll -> [Ver = | Size = 78400 bytes | Modified Date = 2008-01-20 17:09:29 | Attr = ] ghuvqued.dll -> %SystemRoot%\System32\ghuvqued.dll -> [Ver = | Size = 93248 bytes | Modified Date = 2008-02-12 19:15:49 | Attr = ] gjnkeuhu.dll -> %SystemRoot%\System32\gjnkeuhu.dll -> [Ver = | Size = 86592 bytes | Modified Date = 2008-01-18 11:53:31 | Attr = ] gqjnhynr.dll -> %SystemRoot%\System32\gqjnhynr.dll -> [Ver = | Size = 96832 bytes | Modified Date = 2008-02-03 22:15:04 | Attr = ] gqreuuvh.dll -> %SystemRoot%\System32\gqreuuvh.dll -> [Ver = | Size = 77376 bytes | Modified Date = 2008-01-18 11:47:35 | Attr = ] grdspycw.dll -> %SystemRoot%\System32\grdspycw.dll -> [Ver = | Size = 89664 bytes | Modified Date = 2008-03-10 12:37:15 | Attr = ] gtckmary.exe -> %SystemRoot%\System32\gtckmary.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-24 16:07:28 | Attr = ] gtgmodmg.exe -> %SystemRoot%\System32\gtgmodmg.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2007-12-23 12:42:37 | Attr = ] gxdawtna.ini -> %SystemRoot%\System32\gxdawtna.ini -> [Ver = | Size = 1217534 bytes | Modified Date = 2008-02-12 19:22:23 | Attr = HS] hdcqsaxy.dll -> %SystemRoot%\System32\hdcqsaxy.dll -> [Ver = | Size = 79936 bytes | Modified Date = 2008-01-16 12:04:20 | Attr = ] hltlludy.dll -> %SystemRoot%\System32\hltlludy.dll -> [Ver = | Size = 77376 bytes | Modified Date = 2008-01-23 12:16:34 | Attr = ] hnoriino.ini -> %SystemRoot%\System32\hnoriino.ini -> [Ver = | Size = 1117554 bytes | Modified Date = 2008-01-24 19:07:14 | Attr = HS] htkkdaep.exe -> %SystemRoot%\System32\htkkdaep.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-22 22:49:34 | Attr = ] hvgquuhu.ini -> %SystemRoot%\System32\hvgquuhu.ini -> [Ver = | Size = 1199993 bytes | Modified Date = 2008-02-07 22:59:02 | Attr = HS] hvhtisbq.exe -> %SystemRoot%\System32\hvhtisbq.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-21 16:30:42 | Attr = ] hxiqgwhk.dll -> %SystemRoot%\System32\hxiqgwhk.dll -> [Ver = | Size = 95808 bytes | Modified Date = 2008-02-08 00:00:27 | Attr = ] iaurcuef.dll -> %SystemRoot%\System32\iaurcuef.dll -> [Ver = | Size = 80448 bytes | Modified Date = 2008-01-25 16:30:03 | Attr = ] ickkbnfr.ini -> %SystemRoot%\System32\ickkbnfr.ini -> [Ver = | Size = 1284831 bytes | Modified Date = 2008-03-10 18:56:52 | Attr = HS] IEDFix.exe -> %SystemRoot%\System32\IEDFix.exe -> S!Ri.URZ [Ver = | Size = 82432 bytes | Modified Date = 2008-03-05 22:29:16 | Attr = ] iggivrif.ini -> %SystemRoot%\System32\iggivrif.ini -> [Ver = | Size = 1073352 bytes | Modified Date = 2008-01-21 15:28:23 | Attr = HS] igqbasgq.dll -> %SystemRoot%\System32\igqbasgq.dll -> [Ver = | Size = 78912 bytes | Modified Date = 2008-01-06 18:09:50 | Attr = ] ihrthapa.dll -> %SystemRoot%\System32\ihrthapa.dll -> [Ver = | Size = 64 bytes | Modified Date = 2008-01-18 20:53:34 | Attr = ] ihvhymsi.ini -> %SystemRoot%\System32\ihvhymsi.ini -> [Ver = | Size = 1044032 bytes | Modified Date = 2008-01-06 18:47:12 | Attr = HS] ijgcahcp.ini -> %SystemRoot%\System32\ijgcahcp.ini -> [Ver = | Size = 1031679 bytes | Modified Date = 2008-01-01 00:53:24 | Attr = HS] iluephmi.dll -> %SystemRoot%\System32\iluephmi.dll -> [Ver = | Size = 77888 bytes | Modified Date = 2008-01-15 16:30:49 | Attr = ] injlwarn.dll -> %SystemRoot%\System32\injlwarn.dll -> [Ver = | Size = 78912 bytes | Modified Date = 2008-01-22 16:03:20 | Attr = ] iosotltj.ini -> %SystemRoot%\System32\iosotltj.ini -> [Ver = | Size = 1192298 bytes | Modified Date = 2008-02-05 16:50:45 | Attr = HS] ismyhvhi.dll -> %SystemRoot%\System32\ismyhvhi.dll -> [Ver = | Size = 90176 bytes | Modified Date = 2008-01-06 18:13:40 | Attr = ] isvfgkvm.dll -> %SystemRoot%\System32\isvfgkvm.dll -> [Ver = | Size = 84544 bytes | Modified Date = 2008-02-28 23:05:53 | Attr = ] itahkyxp.exe -> %SystemRoot%\System32\itahkyxp.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-17 09:58:38 | Attr = ] iuhwxjvj.ini -> %SystemRoot%\System32\iuhwxjvj.ini -> [Ver = | Size = 1302143 bytes | Modified Date = 2008-03-05 11:02:36 | Attr = HS] javmqxts.dll -> %SystemRoot%\System32\javmqxts.dll -> [Ver = | Size = 89152 bytes | Modified Date = 2008-02-24 00:17:20 | Attr = ] jbwomhjx.ini -> %SystemRoot%\System32\jbwomhjx.ini -> [Ver = | Size = 1214864 bytes | Modified Date = 2008-02-10 14:50:14 | Attr = HS] jdyahqbj.ini -> %SystemRoot%\System32\jdyahqbj.ini -> [Ver = | Size = 1260406 bytes | Modified Date = 2008-02-26 12:19:18 | Attr = HS] jectcjuk.exe -> %SystemRoot%\System32\jectcjuk.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-02 16:13:35 | Attr = ] jfhdeywe.dll -> %SystemRoot%\System32\jfhdeywe.dll -> [Ver = | Size = 93248 bytes | Modified Date = 2008-02-12 00:54:19 | Attr = ] jgledbcx.dll -> %SystemRoot%\System32\jgledbcx.dll -> [Ver = | Size = 90176 bytes | Modified Date = 2008-01-11 22:13:49 | Attr = ] jglughgb.dll -> %SystemRoot%\System32\jglughgb.dll -> [Ver = | Size = 91712 bytes | Modified Date = 2008-03-06 12:37:50 | Attr = ] jgwjhqqr.dll -> %SystemRoot%\System32\jgwjhqqr.dll -> [Ver = | Size = 78912 bytes | Modified Date = 2008-01-22 20:43:51 | Attr = ] jhkhgydh.ini -> %SystemRoot%\System32\jhkhgydh.ini -> [Ver = | Size = 1031319 bytes | Modified Date = 2007-12-29 18:16:45 | Attr = HS] jilcgmbs.ini -> %SystemRoot%\System32\jilcgmbs.ini -> [Ver = | Size = 1188732 bytes | Modified Date = 2008-02-05 10:41:25 | Attr = HS] jjvarbag.dll -> %SystemRoot%\System32\jjvarbag.dll -> [Ver = | Size = 89664 bytes | Modified Date = 2008-03-10 01:52:33 | Attr = ] jkwwmrqo.exe -> %SystemRoot%\System32\jkwwmrqo.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-10 14:13:13 | Attr = ] jmrvwyli.exe -> %SystemRoot%\System32\jmrvwyli.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-05 20:15:30 | Attr = ] jpbuqoth.dll -> %SystemRoot%\System32\jpbuqoth.dll -> [Ver = | Size = 93248 bytes | Modified Date = 2008-02-10 23:56:44 | Attr = ] jpjifblo.dll -> %SystemRoot%\System32\jpjifblo.dll -> [Ver = | Size = 78912 bytes | Modified Date = 2008-01-28 13:25:33 | Attr = ] jqgyrolp.ini -> %SystemRoot%\System32\jqgyrolp.ini -> [Ver = | Size = 1057028 bytes | Modified Date = 2008-01-15 13:34:16 | Attr = HS] jxxlsamr.exe -> %SystemRoot%\System32\jxxlsamr.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-01 00:53:53 | Attr = ] kbrybqus.ini -> %SystemRoot%\System32\kbrybqus.ini -> [Ver = | Size = 1018622 bytes | Modified Date = 2007-12-26 23:17:45 | Attr = HS] kdmjddhu.ini -> %SystemRoot%\System32\kdmjddhu.ini -> [Ver = | Size = 1194517 bytes | Modified Date = 2008-02-06 19:53:37 | Attr = HS] kjhemjhj.ini -> %SystemRoot%\System32\kjhemjhj.ini -> [Ver = | Size = 1185612 bytes | Modified Date = 2008-02-01 18:05:19 | Attr = HS] kjxtbmsd.ini -> %SystemRoot%\System32\kjxtbmsd.ini -> [Ver = | Size = 1214984 bytes | Modified Date = 2008-02-10 15:24:24 | Attr = HS] kmpbdgcs.ini -> %SystemRoot%\System32\kmpbdgcs.ini -> [Ver = | Size = 990690 bytes | Modified Date = 2007-12-24 12:54:35 | Attr = HS] kmuducbj.dll -> %SystemRoot%\System32\kmuducbj.dll -> [Ver = | Size = 91712 bytes | Modified Date = 2008-02-27 13:43:26 | Attr = ] knhfypop.dll -> %SystemRoot%\System32\knhfypop.dll -> [Ver = | Size = 95296 bytes | Modified Date = 2008-03-04 19:22:20 | Attr = ] knqeiyan.dll -> %SystemRoot%\System32\knqeiyan.dll -> [Ver = | Size = 89152 bytes | Modified Date = 2008-02-20 10:55:26 | Attr = ] kqgcwbcj.dll -> %SystemRoot%\System32\kqgcwbcj.dll -> [Ver = | Size = 96832 bytes | Modified Date = 2008-02-03 15:52:00 | Attr = ] kqtqbodb.ini -> %SystemRoot%\System32\kqtqbodb.ini -> [Ver = | Size = 1304091 bytes | Modified Date = 2008-03-05 14:15:37 | Attr = HS] krcenjvm.exe -> %SystemRoot%\System32\krcenjvm.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2007-12-19 18:59:51 | Attr = ] kulncpam.ini -> %SystemRoot%\System32\kulncpam.ini -> [Ver = | Size = 1044275 bytes | Modified Date = 2008-01-07 21:31:45 | Attr = HS] kvldlrvn.exe -> %SystemRoot%\System32\kvldlrvn.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-03 12:44:30 | Attr = ] kwugubsv.ini -> %SystemRoot%\System32\kwugubsv.ini -> [Ver = | Size = 1038544 bytes | Modified Date = 2008-01-04 11:06:16 | Attr = HS] kyvoeilk.exe -> %SystemRoot%\System32\kyvoeilk.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-20 17:10:41 | Attr = ] latnakye.dll -> %SystemRoot%\System32\latnakye.dll -> [Ver = | Size = 86080 bytes | Modified Date = 2008-02-13 21:46:53 | Attr = ] lbvfgnjw.ini -> %SystemRoot%\System32\lbvfgnjw.ini -> [Ver = | Size = 1031559 bytes | Modified Date = 2007-12-31 18:24:47 | Attr = HS] lcuuogtb.dll -> %SystemRoot%\System32\lcuuogtb.dll -> [Ver = | Size = 87104 bytes | Modified Date = 2007-12-24 12:54:15 | Attr = ] lelftaan.dll -> %SystemRoot%\System32\lelftaan.dll -> [Ver = | Size = 93760 bytes | Modified Date = 2008-02-10 16:26:38 | Attr = ] lgquuguf.dll -> %SystemRoot%\System32\lgquuguf.dll -> [Ver = | Size = 76864 bytes | Modified Date = 2008-01-08 14:03:42 | Attr = ] liprvnnr.ini -> %SystemRoot%\System32\liprvnnr.ini -> [Ver = | Size = 294 bytes | Modified Date = 2008-02-24 21:55:57 | Attr = HS] ljhdyfbq.dll -> %SystemRoot%\System32\ljhdyfbq.dll -> [Ver = | Size = 76864 bytes | Modified Date = 2008-01-07 23:03:50 | Attr = ] lkqiimtm.dll -> %SystemRoot%\System32\lkqiimtm.dll -> [Ver = | Size = 93760 bytes | Modified Date = 2008-02-22 11:44:22 | Attr = ] llmuemna.exe -> %SystemRoot%\System32\llmuemna.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2007-12-21 12:34:04 | Attr = ] lnmuywqw.ini -> %SystemRoot%\System32\lnmuywqw.ini -> [Ver = | Size = 1049629 bytes | Modified Date = 2008-01-10 18:27:49 | Attr = HS] lolchhbw.dll -> %SystemRoot%\System32\lolchhbw.dll -> [Ver = | Size = 89664 bytes | Modified Date = 2008-03-03 12:34:43 | Attr = ] loovqjit.dll -> %SystemRoot%\System32\loovqjit.dll -> [Ver = | Size = 78400 bytes | Modified Date = 2008-01-04 14:36:24 | Attr = ] loulrtqf.ini -> %SystemRoot%\System32\loulrtqf.ini -> [Ver = | Size = 1031799 bytes | Modified Date = 2008-01-01 10:25:44 | Attr = HS] lsjutftt.ini -> %SystemRoot%\System32\lsjutftt.ini -> [Ver = | Size = 1061556 bytes | Modified Date = 2008-01-16 17:50:12 | Attr = HS] lwdnoiwl.dll -> %SystemRoot%\System32\lwdnoiwl.dll -> [Ver = | Size = 96832 bytes | Modified Date = 2008-03-06 12:40:51 | Attr = ] lwydqkpv.ini -> %SystemRoot%\System32\lwydqkpv.ini -> [Ver = | Size = 1215344 bytes | Modified Date = 2008-02-11 23:52:21 | Attr = HS] lxdrmeyh.exe -> %SystemRoot%\System32\lxdrmeyh.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-22 17:35:49 | Attr = ] lxhgbarp.ini -> %SystemRoot%\System32\lxhgbarp.ini -> [Ver = | Size = 1213785 bytes | Modified Date = 2008-02-12 11:38:41 | Attr = HS] lyirdbfo.ini -> %SystemRoot%\System32\lyirdbfo.ini -> [Ver = | Size = 1090345 bytes | Modified Date = 2008-02-24 12:18:25 | Attr = HS] lyynwagx.exe -> %SystemRoot%\System32\lyynwagx.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-05 19:02:04 | Attr = ] mahwyfis.dll -> %SystemRoot%\System32\mahwyfis.dll -> [Ver = | Size = 78400 bytes | Modified Date = 2008-01-04 11:02:21 | Attr = ] mapcnluk.dll -> %SystemRoot%\System32\mapcnluk.dll -> [Ver = | Size = 90176 bytes | Modified Date = 2008-01-07 21:30:56 | Attr = ] mbwuyhdb.dll -> %SystemRoot%\System32\mbwuyhdb.dll -> [Ver = | Size = 92736 bytes | Modified Date = 2008-02-04 11:59:38 | Attr = ] mcfysdih.dll -> %SystemRoot%\System32\mcfysdih.dll -> [Ver = | Size = 79936 bytes | Modified Date = 2008-01-14 18:08:59 | Attr = ] mfonngxb.ini -> %SystemRoot%\System32\mfonngxb.ini -> [Ver = | Size = 1248407 bytes | Modified Date = 2008-02-18 11:02:21 | Attr = HS] mhwvneov.ini -> %SystemRoot%\System32\mhwvneov.ini -> [Ver = | Size = 991602 bytes | Modified Date = 2007-12-23 11:23:02 | Attr = HS] mjnirgsr.dll -> %SystemRoot%\System32\mjnirgsr.dll -> [Ver = | Size = 95296 bytes | Modified Date = 2008-03-04 12:17:18 | Attr = ] mntvafhs.dll -> %SystemRoot%\System32\mntvafhs.dll -> [Ver = | Size = 79936 bytes | Modified Date = 2008-01-14 12:34:10 | Attr = ] mopoq.ini -> %SystemRoot%\System32\mopoq.ini -> [Ver = | Size = 166689 bytes | Modified Date = 2008-03-10 19:59:16 | Attr = HS] mopoq.ini2 -> %SystemRoot%\System32\mopoq.ini2 -> [Ver = | Size = 166689 bytes | Modified Date = 2008-03-10 19:57:53 | Attr = HS] mqhajueh.dll -> %SystemRoot%\System32\mqhajueh.dll -> [Ver = | Size = 93248 bytes | Modified Date = 2008-02-13 21:40:11 | Attr = ] mrsydspu.ini -> %SystemRoot%\System32\mrsydspu.ini -> [Ver = | Size = 1130278 bytes | Modified Date = 2008-01-25 17:53:29 | Attr = HS] msanlmqk.dll -> %SystemRoot%\System32\msanlmqk.dll -> [Ver = | Size = 91712 bytes | Modified Date = 2008-03-04 12:51:53 | Attr = ] MSNSA32.dll -> %SystemRoot%\System32\MSNSA32.dll -> [Ver = | Size = 24320 bytes | Modified Date = 2008-03-10 00:51:58 | Attr = ] mucumsnb.ini -> %SystemRoot%\System32\mucumsnb.ini -> [Ver = | Size = 1167065 bytes | Modified Date = 2008-01-31 11:37:04 | Attr = HS] mufidfxh.ini -> %SystemRoot%\System32\mufidfxh.ini -> [Ver = | Size = 1279101 bytes | Modified Date = 2008-03-10 12:35:16 | Attr = HS] mvkgfvsi.ini -> %SystemRoot%\System32\mvkgfvsi.ini -> [Ver = | Size = 1244215 bytes | Modified Date = 2008-02-28 23:07:15 | Attr = HS] mxntotbj.exe -> %SystemRoot%\System32\mxntotbj.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-12 14:36:42 | Attr = ] mytdtntt.dll -> %SystemRoot%\System32\mytdtntt.dll -> [Ver = | Size = 76864 bytes | Modified Date = 2008-01-11 23:21:28 | Attr = ] myyjetih.exe -> %SystemRoot%\System32\myyjetih.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-23 19:39:52 | Attr = ] naeplmlc.dll -> %SystemRoot%\System32\naeplmlc.dll -> [Ver = | Size = 77376 bytes | Modified Date = 2008-01-23 15:19:00 | Attr = ] nbwhnake.dll -> %SystemRoot%\System32\nbwhnake.dll -> [Ver = | Size = 77376 bytes | Modified Date = 2008-01-22 22:52:39 | Attr = ] ncsiigus.dll -> %SystemRoot%\System32\ncsiigus.dll -> [Ver = | Size = 89152 bytes | Modified Date = 2008-01-28 19:38:30 | Attr = ] ncyyelhh.exe -> %SystemRoot%\System32\ncyyelhh.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-23 12:16:38 | Attr = ] nggrsece.exe -> %SystemRoot%\System32\nggrsece.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-08 14:00:37 | Attr = ] ngjtcuho.ini -> %SystemRoot%\System32\ngjtcuho.ini -> [Ver = | Size = 1142744 bytes | Modified Date = 2008-01-28 19:33:30 | Attr = HS] nhvsdnkv.ini -> %SystemRoot%\System32\nhvsdnkv.ini -> [Ver = | Size = 987814 bytes | Modified Date = 2007-12-21 23:21:27 | Attr = HS] nkfuthyf.ini -> %SystemRoot%\System32\nkfuthyf.ini -> [Ver = | Size = 1109005 bytes | Modified Date = 2008-01-23 22:04:11 | Attr = HS] nodkdasf.dll -> %SystemRoot%\System32\nodkdasf.dll -> [Ver = | Size = 95808 bytes | Modified Date = 2008-02-08 13:01:08 | Attr = ] nrmweutp.dll -> %SystemRoot%\System32\nrmweutp.dll -> [Ver = | Size = 91712 bytes | Modified Date = 2008-02-29 13:20:31 | Attr = ] ntnut32.exe -> %SystemRoot%\System32\ntnut32.exe -> [Ver = | Size = 11776 bytes | Modified Date = 2008-03-10 00:51:28 | Attr = ] ntulricv.ini -> %SystemRoot%\System32\ntulricv.ini -> [Ver = | Size = 1073412 bytes | Modified Date = 2008-01-21 16:37:03 | Attr = HS] nvpiyptp.ini -> %SystemRoot%\System32\nvpiyptp.ini -> [Ver = | Size = 1193850 bytes | Modified Date = 2008-02-06 22:11:32 | Attr = HS] nwynhqiy.ini -> %SystemRoot%\System32\nwynhqiy.ini -> [Ver = | Size = 1109365 bytes | Modified Date = 2008-01-23 19:43:51 | Attr = HS] nxlqjoro.dll -> %SystemRoot%\System32\nxlqjoro.dll -> [Ver = | Size = 89664 bytes | Modified Date = 2008-02-29 11:41:28 | Attr = ] nxromyit.dll -> %SystemRoot%\System32\nxromyit.dll -> [Ver = | Size = 64 bytes | Modified Date = 2008-01-18 20:49:21 | Attr = ] nypecljv.exe -> %SystemRoot%\System32\nypecljv.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-07 23:03:39 | Attr = ] oanxoijc.dll -> %SystemRoot%\System32\oanxoijc.dll -> [Ver = | Size = 89664 bytes | Modified Date = 2008-02-28 22:38:13 | Attr = ] odycwwju.exe -> %SystemRoot%\System32\odycwwju.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2007-12-22 21:43:23 | Attr = ] oeavsisr.dll -> %SystemRoot%\System32\oeavsisr.dll -> [Ver = | Size = 89152 bytes | Modified Date = 2008-02-27 13:49:26 | Attr = ] ohetdfhv.exe -> %SystemRoot%\System32\ohetdfhv.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-07 21:26:26 | Attr = ] ohgdflff.dll -> %SystemRoot%\System32\ohgdflff.dll -> [Ver = | Size = 89664 bytes | Modified Date = 2008-03-02 15:11:54 | Attr = ] oihpebkx.ini -> %SystemRoot%\System32\oihpebkx.ini -> [Ver = | Size = 1018742 bytes | Modified Date = 2007-12-27 11:46:14 | Attr = HS] ojqcstns.exe -> %SystemRoot%\System32\ojqcstns.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-17 12:38:12 | Attr = ] omiskduo.exe -> %SystemRoot%\System32\omiskduo.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2007-12-26 20:47:19 | Attr = ] omvanade.ini -> %SystemRoot%\System32\omvanade.ini -> [Ver = | Size = 1038476 bytes | Modified Date = 2008-01-04 14:33:01 | Attr = HS] omwkjejf.exe -> %SystemRoot%\System32\omwkjejf.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2007-12-28 13:26:58 | Attr = ] oniironh.dll -> %SystemRoot%\System32\oniironh.dll -> [Ver = | Size = 87616 bytes | Modified Date = 2008-01-24 16:16:14 | Attr = ] oqruyevd.ini -> %SystemRoot%\System32\oqruyevd.ini -> [Ver = | Size = 1130158 bytes | Modified Date = 2008-01-25 16:25:42 | Attr = HS] orikbdft.dll -> %SystemRoot%\System32\orikbdft.dll -> [Ver = | Size = 76864 bytes | Modified Date = 2008-01-17 12:38:22 | Attr = ] otlckofp.dll -> %SystemRoot%\System32\otlckofp.dll -> [Ver = | Size = 89152 bytes | Modified Date = 2008-01-15 13:41:11 | Attr = ] otwuvwdg.dll -> %SystemRoot%\System32\otwuvwdg.dll -> [Ver = | Size = 84544 bytes | Modified Date = 2008-02-29 18:39:19 | Attr = ] ouqkkouq.ini -> %SystemRoot%\System32\ouqkkouq.ini -> [Ver = | Size = 1060562 bytes | Modified Date = 2008-01-13 10:59:01 | Attr = HS] paoglpeb.ini -> %SystemRoot%\System32\paoglpeb.ini -> [Ver = | Size = 1278819 bytes | Modified Date = 2008-03-10 01:18:51 | Attr = HS] pbupkmnl.dll -> %SystemRoot%\System32\pbupkmnl.dll -> [Ver = | Size = 89152 bytes | Modified Date = 2008-02-24 22:01:58 | Attr = ] pdrqhmjf.dll -> %SystemRoot%\System32\pdrqhmjf.dll -> [Ver = | Size = 86592 bytes | Modified Date = 2008-01-17 10:01:39 | Attr = ] perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [Ver = | Size = 59644 bytes | Modified Date = 2008-03-16 13:24:30 | Attr = ] perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [Ver = | Size = 395530 bytes | Modified Date = 2008-03-16 13:24:30 | Attr = ] PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [Ver = | Size = 462344 bytes | Modified Date = 2008-03-16 13:24:27 | Attr = ] pevyvxdj.ini -> %SystemRoot%\System32\pevyvxdj.ini -> [Ver = | Size = 1261265 bytes | Modified Date = 2008-02-28 12:20:03 | Attr = HS] pfafejgx.ini -> %SystemRoot%\System32\pfafejgx.ini -> [Ver = | Size = 1215224 bytes | Modified Date = 2008-02-11 13:03:01 | Attr = HS] pfokclto.ini -> %SystemRoot%\System32\pfokclto.ini -> [Ver = | Size = 1057028 bytes | Modified Date = 2008-01-15 15:26:55 | Attr = HS] picqrlwi.ini -> %SystemRoot%\System32\picqrlwi.ini -> [Ver = | Size = 1066006 bytes | Modified Date = 2008-01-18 11:45:29 | Attr = HS] pjlabpkb.dll -> %SystemRoot%\System32\pjlabpkb.dll -> [Ver = | Size = 91712 bytes | Modified Date = 2008-03-03 12:29:53 | Attr = ] pjsmllpb.dll -> %SystemRoot%\System32\pjsmllpb.dll -> [Ver = | Size = 96832 bytes | Modified Date = 2008-03-06 12:55:29 | Attr = ] pkvwqpxk.exe -> %SystemRoot%\System32\pkvwqpxk.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-10 18:33:08 | Attr = ] plorygqj.dll -> %SystemRoot%\System32\plorygqj.dll -> [Ver = | Size = 89152 bytes | Modified Date = 2008-01-15 11:21:27 | Attr = ] prtwmhhh.exe -> %SystemRoot%\System32\prtwmhhh.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-09 11:47:49 | Attr = ] psrautoc.dll -> %SystemRoot%\System32\psrautoc.dll -> [Ver = | Size = 92224 bytes | Modified Date = 2008-03-09 21:26:18 | Attr = ] ptpyipvn.dll -> %SystemRoot%\System32\ptpyipvn.dll -> [Ver = | Size = 90688 bytes | Modified Date = 2008-02-06 20:58:03 | Attr = ] ptsrtxey.exe -> %SystemRoot%\System32\ptsrtxey.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2007-12-25 11:08:41 | Attr = ] puwrbbhb.exe -> %SystemRoot%\System32\puwrbbhb.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-06 18:13:17 | Attr = ] pwbaalor.dll -> %SystemRoot%\System32\pwbaalor.dll -> [Ver = | Size = 91712 bytes | Modified Date = 2008-03-02 15:05:58 | Attr = ] pwprwoyn.ini -> %SystemRoot%\System32\pwprwoyn.ini -> [Ver = | Size = 1089376 bytes | Modified Date = 2008-01-22 16:00:23 | Attr = HS] qfuisfgs.ini -> %SystemRoot%\System32\qfuisfgs.ini -> [Ver = | Size = 1027882 bytes | Modified Date = 2007-12-27 17:51:51 | Attr = HS] qjajusck.dll -> %SystemRoot%\System32\qjajusck.dll -> [Ver = | Size = 88640 bytes | Modified Date = 2008-03-09 21:20:18 | Attr = ] qjchfvwe.dll -> %SystemRoot%\System32\qjchfvwe.dll -> [Ver = | Size = 28435 bytes | Modified Date = 2008-03-01 13:53:40 | Attr = ] qmcynwtu.ini -> %SystemRoot%\System32\qmcynwtu.ini -> [Ver = | Size = 1061676 bytes | Modified Date = 2008-01-17 09:53:17 | Attr = HS] qnmjjnwd.dll -> %SystemRoot%\System32\qnmjjnwd.dll -> [Ver = | Size = 94272 bytes | Modified Date = 2008-02-06 12:23:04 | Attr = ] qnsptert.ini -> %SystemRoot%\System32\qnsptert.ini -> [Ver = | Size = 1043860 bytes | Modified Date = 2008-01-06 18:07:46 | Attr = HS] qojfihhx.exe -> %SystemRoot%\System32\qojfihhx.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-15 16:30:56 | Attr = ] qomkalhh.exe -> %SystemRoot%\System32\qomkalhh.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-14 18:10:09 | Attr = ] qpsmgele.dll -> %SystemRoot%\System32\qpsmgele.dll -> [Ver = | Size = 87616 bytes | Modified Date = 2008-01-25 18:05:51 | Attr = ] qrihkklr.dll -> %SystemRoot%\System32\qrihkklr.dll -> [Ver = | Size = 75840 bytes | Modified Date = 2008-01-06 21:46:48 | Attr = ] qtalfwqi.exe -> %SystemRoot%\System32\qtalfwqi.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2007-12-20 19:54:49 | Attr = ] qvvymswr.ini -> %SystemRoot%\System32\qvvymswr.ini -> [Ver = | Size = 1179710 bytes | Modified Date = 2008-02-03 22:11:36 | Attr = HS] qxjxidqd.ini -> %SystemRoot%\System32\qxjxidqd.ini -> [Ver = | Size = 1010086 bytes | Modified Date = 2007-12-26 11:15:50 | Attr = HS] qxtdemhl.dll -> %SystemRoot%\System32\qxtdemhl.dll -> [Ver = | Size = 79936 bytes | Modified Date = 2008-01-16 18:55:14 | Attr = ] rdmaesju.dll -> %SystemRoot%\System32\rdmaesju.dll -> [Ver = | Size = 76864 bytes | Modified Date = 2008-01-07 19:01:54 | Attr = ] redtyufc.dll -> %SystemRoot%\System32\redtyufc.dll -> [Ver = | Size = 77376 bytes | Modified Date = 2008-01-04 21:34:45 | Attr = ] reomjayr.dll -> %SystemRoot%\System32\reomjayr.dll -> [Ver = | Size = 94784 bytes | Modified Date = 2008-02-01 19:07:01 | Attr = ] rgextalc.exe -> %SystemRoot%\System32\rgextalc.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2007-12-27 17:51:18 | Attr = ] rgyrieib.dll -> %SystemRoot%\System32\rgyrieib.dll -> [Ver = | Size = 90176 bytes | Modified Date = 2008-01-13 12:07:37 | Attr = ] rktlvcim.ini -> %SystemRoot%\System32\rktlvcim.ini -> [Ver = | Size = 1031439 bytes | Modified Date = 2007-12-30 18:12:09 | Attr = HS] rnoxpcgw.exe -> %SystemRoot%\System32\rnoxpcgw.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-11 21:40:36 | Attr = ] rnwexqew.dll -> %SystemRoot%\System32\rnwexqew.dll -> [Ver = | Size = 89664 bytes | Modified Date = 2008-02-29 18:42:19 | Attr = ] rpfcuiwy.ini -> %SystemRoot%\System32\rpfcuiwy.ini -> [Ver = | Size = 1218437 bytes | Modified Date = 2008-02-09 18:51:57 | Attr = HS] rpnebppw.dll -> %SystemRoot%\System32\rpnebppw.dll -> [Ver = | Size = 86080 bytes | Modified Date = 2008-02-12 19:21:44 | Attr = ] rpuoqkja.exe -> %SystemRoot%\System32\rpuoqkja.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-04 21:37:53 | Attr = ] rqupdbhx.dll -> %SystemRoot%\System32\rqupdbhx.dll -> [Ver = | Size = 80960 bytes | Modified Date = 2008-01-24 16:07:09 | Attr = ] rseoudwm.exe -> %SystemRoot%\System32\rseoudwm.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-04 10:59:22 | Attr = ] ruffnqrn.ini -> %SystemRoot%\System32\ruffnqrn.ini -> [Ver = | Size = 1244478 bytes | Modified Date = 2008-02-28 23:08:28 | Attr = HS] rvntxbld.ini -> %SystemRoot%\System32\rvntxbld.ini -> [Ver = | Size = 1243135 bytes | Modified Date = 2008-02-29 13:19:10 | Attr = HS] rwsmyvvq.dll -> %SystemRoot%\System32\rwsmyvvq.dll -> [Ver = | Size = 90688 bytes | Modified Date = 2008-02-01 19:10:00 | Attr = ] rxrquikw.exe -> %SystemRoot%\System32\rxrquikw.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2007-12-29 19:18:55 | Attr = ] ryvdyllf.dll -> %SystemRoot%\System32\ryvdyllf.dll -> [Ver = | Size = 92736 bytes | Modified Date = 2008-02-04 17:13:00 | Attr = ] safsqaqo.ini -> %SystemRoot%\System32\safsqaqo.ini -> [Ver = | Size = 1215104 bytes | Modified Date = 2008-02-10 22:54:49 | Attr = HS] saoneopc.dll -> %SystemRoot%\System32\saoneopc.dll -> [Ver = | Size = 77888 bytes | Modified Date = 2008-01-15 11:18:13 | Attr = ] sbfsjkxr.ini -> %SystemRoot%\System32\sbfsjkxr.ini -> [Ver = | Size = 1188492 bytes | Modified Date = 2008-02-04 17:11:45 | Attr = HS] seldigcc.exe -> %SystemRoot%\System32\seldigcc.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-06 18:50:41 | Attr = ] sfjneibe.dll -> %SystemRoot%\System32\sfjneibe.dll -> [Ver = | Size = 90176 bytes | Modified Date = 2008-01-11 21:42:09 | Attr = ] sgfsiufq.dll -> %SystemRoot%\System32\sgfsiufq.dll -> [Ver = | Size = 90176 bytes | Modified Date = 2007-12-27 17:51:21 | Attr = ] sgtrllbm.exe -> %SystemRoot%\System32\sgtrllbm.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2007-12-31 18:26:55 | Attr = ] shdocpe.dll -> %SystemRoot%\System32\shdocpe.dll -> [Ver = | Size = 15360 bytes | Modified Date = 2008-03-10 00:51:28 | Attr = ] shjhgtmx.ini -> %SystemRoot%\System32\shjhgtmx.ini -> [Ver = | Size = 1089316 bytes | Modified Date = 2008-01-22 20:49:36 | Attr = HS] sieieuey.dll -> %SystemRoot%\System32\sieieuey.dll -> [Ver = | Size = 78912 bytes | Modified Date = 2008-01-30 17:09:27 | Attr = ] SIPSPI32.dll -> %SystemRoot%\System32\SIPSPI32.dll -> [Ver = | Size = 11008 bytes | Modified Date = 2008-03-10 00:51:32 | Attr = ] sjboaplj.ini -> %SystemRoot%\System32\sjboaplj.ini -> [Ver = | Size = 1302502 bytes | Modified Date = 2008-03-04 12:51:19 | Attr = HS] sjcgyqyd.exe -> %SystemRoot%\System32\sjcgyqyd.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-22 16:05:13 | Attr = ] slkkuwtt.dll -> %SystemRoot%\System32\slkkuwtt.dll -> [Ver = | Size = 76864 bytes | Modified Date = 2008-01-11 21:39:36 | Attr = ] slryupkh.dll -> %SystemRoot%\System32\slryupkh.dll -> [Ver = | Size = 91712 bytes | Modified Date = 2008-02-28 22:35:13 | Attr = ] smcdhbrt.ini -> %SystemRoot%\System32\smcdhbrt.ini -> [Ver = | Size = 1247186 bytes | Modified Date = 2008-02-22 10:38:58 | Attr = HS] smjegtsm.dll -> %SystemRoot%\System32\smjegtsm.dll -> [Ver = | Size = 92736 bytes | Modified Date = 2008-02-04 18:28:51 | Attr = ] sneyfsgk.dll -> %SystemRoot%\System32\sneyfsgk.dll -> [Ver = | Size = 76864 bytes | Modified Date = 2008-01-17 09:55:46 | Attr = ] spycibrv.dll -> %SystemRoot%\System32\spycibrv.dll -> [Ver = | Size = 84544 bytes | Modified Date = 2008-03-03 12:31:42 | Attr = ] Status.MPF -> %SystemRoot%\System32\Status.MPF -> [Ver = | Size = 160992 bytes | Modified Date = 2008-03-17 11:58:51 | Attr = ] sugiiscn.ini -> %SystemRoot%\System32\sugiiscn.ini -> [Ver = | Size = 1143472 bytes | Modified Date = 2008-01-30 16:33:05 | Attr = HS] sysgpguw.ini -> %SystemRoot%\System32\sysgpguw.ini -> [Ver = | Size = 1043920 bytes | Modified Date = 2008-01-06 21:44:20 | Attr = HS] tavsuecn.ini -> %SystemRoot%\System32\tavsuecn.ini -> [Ver = | Size = 988112 bytes | Modified Date = 2007-12-23 12:40:30 | Attr = HS] tburhgrm.exe -> %SystemRoot%\System32\tburhgrm.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-11 11:38:20 | Attr = ] tcerysux.exe -> %SystemRoot%\System32\tcerysux.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-07 19:04:58 | Attr = ] tghsdvad.dll -> %SystemRoot%\System32\tghsdvad.dll -> [Ver = | Size = 86080 bytes | Modified Date = 2008-02-27 13:46:26 | Attr = ] tibmxoay.ini -> %SystemRoot%\System32\tibmxoay.ini -> [Ver = | Size = 1089668 bytes | Modified Date = 2008-01-22 20:42:07 | Attr = HS] ticglxde.dll -> %SystemRoot%\System32\ticglxde.dll -> [Ver = | Size = 90176 bytes | Modified Date = 2008-01-14 21:24:25 | Attr = ] tkijpaoa.ini -> %SystemRoot%\System32\tkijpaoa.ini -> [Ver = | Size = 1054038 bytes | Modified Date = 2008-01-11 10:36:01 | Attr = HS] tlqbjovx.exe -> %SystemRoot%\System32\tlqbjovx.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-15 13:40:51 | Attr = ] tlxuhcga.ini -> %SystemRoot%\System32\tlxuhcga.ini -> [Ver = | Size = 1018914 bytes | Modified Date = 2007-12-26 20:44:09 | Attr = HS] tmp.reg -> %SystemRoot%\System32\tmp.reg -> [Ver = | Size = 2572 bytes | Modified Date = 2008-03-13 12:02:05 | Attr = ] tobofkeh.dll -> %SystemRoot%\System32\tobofkeh.dll -> [Ver = | Size = 91200 bytes | Modified Date = 2008-03-10 01:55:00 | Attr = ] tpubxhvm.exe -> %SystemRoot%\System32\tpubxhvm.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-31 12:37:13 | Attr = ] tsuhvphk.ini -> %SystemRoot%\System32\tsuhvphk.ini -> [Ver = | Size = 1302622 bytes | Modified Date = 2008-03-04 19:14:19 | Attr = HS] tugigusl.ini -> %SystemRoot%\System32\tugigusl.ini -> [Ver = | Size = 1044040 bytes | Modified Date = 2008-01-07 18:59:35 | Attr = HS] tuvixknc.ini -> %SystemRoot%\System32\tuvixknc.ini -> [Ver = | Size = 1009966 bytes | Modified Date = 2007-12-25 16:58:10 | Attr = HS] twvdjwui.dll -> %SystemRoot%\System32\twvdjwui.dll -> [Ver = | Size = 79424 bytes | Modified Date = 2008-01-21 16:33:43 | Attr = ] txdranio.exe -> %SystemRoot%\System32\txdranio.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2007-12-23 12:25:39 | Attr = ] tyhijffy.dll -> %SystemRoot%\System32\tyhijffy.dll -> [Ver = | Size = 86080 bytes | Modified Date = 2008-02-13 11:24:29 | Attr = ] uccnvwyw.exe -> %SystemRoot%\System32\uccnvwyw.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-01 10:24:07 | Attr = ] udtynivj.exe -> %SystemRoot%\System32\udtynivj.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2007-12-23 18:46:53 | Attr = ] ugqtygkb.dll -> %SystemRoot%\System32\ugqtygkb.dll -> [Ver = | Size = 76864 bytes | Modified Date = 2008-01-07 21:29:10 | Attr = ] uheaynvb.exe -> %SystemRoot%\System32\uheaynvb.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-23 15:22:01 | Attr = ] uhueknjg.ini -> %SystemRoot%\System32\uhueknjg.ini -> [Ver = | Size = 1076689 bytes | Modified Date = 2008-01-20 16:53:51 | Attr = HS] uitskogr.dll -> %SystemRoot%\System32\uitskogr.dll -> [Ver = | Size = 88640 bytes | Modified Date = 2008-03-01 16:15:22 | Attr = ] ukeibife.dll -> %SystemRoot%\System32\ukeibife.dll -> [Ver = | Size = 91712 bytes | Modified Date = 2008-02-28 13:22:00 | Attr = ] ukosgsjc.exe -> %SystemRoot%\System32\ukosgsjc.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-04 14:39:24 | Attr = ] ukrxetya.ini -> %SystemRoot%\System32\ukrxetya.ini -> [Ver = | Size = 968097 bytes | Modified Date = 2007-12-23 12:46:08 | Attr = HS] ulooocjm.dll -> %SystemRoot%\System32\ulooocjm.dll -> [Ver = | Size = 94272 bytes | Modified Date = 2008-02-06 20:55:04 | Attr = ] uncerody.ini -> %SystemRoot%\System32\uncerody.ini -> [Ver = | Size = 1246747 bytes | Modified Date = 2008-02-28 16:06:43 | Attr = HS] uncnxdsd.ini -> %SystemRoot%\System32\uncnxdsd.ini -> [Ver = | Size = 1235041 bytes | Modified Date = 2008-02-13 21:37:59 | Attr = HS] ungavyte.dll -> %SystemRoot%\System32\ungavyte.dll -> [Ver = | Size = 93760 bytes | Modified Date = 2008-02-10 14:53:08 | Attr = ] uuhenara.exe -> %SystemRoot%\System32\uuhenara.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2007-12-24 12:51:19 | Attr = ] uuuorxfk.ini -> %SystemRoot%\System32\uuuorxfk.ini -> [Ver = | Size = 1031199 bytes | Modified Date = 2008-01-03 11:39:07 | Attr = HS] uvquwboc.ini -> %SystemRoot%\System32\uvquwboc.ini -> [Ver = | Size = 1027822 bytes | Modified Date = 2007-12-27 17:51:36 | Attr = HS] uxfbessk.ini -> %SystemRoot%\System32\uxfbessk.ini -> [Ver = | Size = 1192418 bytes | Modified Date = 2008-02-06 11:21:39 | Attr = HS] uxvjmeeb.dll -> %SystemRoot%\System32\uxvjmeeb.dll -> [Ver = | Size = 89664 bytes | Modified Date = 2008-03-05 14:45:30 | Attr = ] uyexnnml.ini -> %SystemRoot%\System32\uyexnnml.ini -> [Ver = | Size = 987754 bytes | Modified Date = 2007-12-21 23:18:24 | Attr = HS] VACFix.exe -> %SystemRoot%\System32\VACFix.exe -> S!Ri.URZ [Ver = | Size = 86528 bytes | Modified Date = 2008-03-09 01:15:33 | Attr = ] vasveioe.dll -> %SystemRoot%\System32\vasveioe.dll -> [Ver = | Size = 78400 bytes | Modified Date = 2008-01-04 12:56:30 | Attr = ] vbuuvaam.dll -> %SystemRoot%\System32\vbuuvaam.dll -> [Ver = | Size = 89152 bytes | Modified Date = 2008-02-24 12:17:35 | Attr = ] vcirlutn.dll -> %SystemRoot%\System32\vcirlutn.dll -> [Ver = | Size = 85568 bytes | Modified Date = 2008-01-21 16:36:43 | Attr = ] vdapvbcw.dll -> %SystemRoot%\System32\vdapvbcw.dll -> [Ver = | Size = 91712 bytes | Modified Date = 2008-03-04 19:16:20 | Attr = ] vdibqhud.ini -> %SystemRoot%\System32\vdibqhud.ini -> [Ver = | Size = 1060494 bytes | Modified Date = 2008-01-14 18:06:05 | Attr = HS] vdvsjijn.exe -> %SystemRoot%\System32\vdvsjijn.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2007-12-28 21:24:10 | Attr = ] vexahhaa.dll -> %SystemRoot%\System32\vexahhaa.dll -> [Ver = | Size = 96832 bytes | Modified Date = 2008-03-05 14:48:31 | Attr = ] vfvjagxn.exe -> %SystemRoot%\System32\vfvjagxn.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-04 13:30:02 | Attr = ] vhcvismm.exe -> %SystemRoot%\System32\vhcvismm.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-06 21:46:44 | Attr = ] viwivulv.dll -> %SystemRoot%\System32\viwivulv.dll -> [Ver = | Size = 87104 bytes | Modified Date = 2008-01-04 14:42:23 | Attr = ] vjphrjye.dll -> %SystemRoot%\System32\vjphrjye.dll -> [Ver = | Size = 90176 bytes | Modified Date = 2008-01-11 11:44:53 | Attr = ] vkndsvhn.dll -> %SystemRoot%\System32\vkndsvhn.dll -> [Ver = | Size = 85568 bytes | Modified Date = 2007-12-21 23:21:10 | Attr = ] vldfgvtn.dll -> %SystemRoot%\System32\vldfgvtn.dll -> [Ver = | Size = 90176 bytes | Modified Date = 2008-02-25 11:10:27 | Attr = ] vluviwiv.ini -> %SystemRoot%\System32\vluviwiv.ini -> [Ver = | Size = 1038364 bytes | Modified Date = 2008-01-04 14:42:40 | Attr = HS] vnnxhevr.dll -> %SystemRoot%\System32\vnnxhevr.dll -> [Ver = | Size = 93248 bytes | Modified Date = 2008-02-13 11:19:54 | Attr = ] vohqcquo.exe -> %SystemRoot%\System32\vohqcquo.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-14 21:18:46 | Attr = ] vrbicyps.ini -> %SystemRoot%\System32\vrbicyps.ini -> [Ver = | Size = 1286201 bytes | Modified Date = 2008-03-03 12:32:08 | Attr = HS] vteruxds.dll -> %SystemRoot%\System32\vteruxds.dll -> [Ver = | Size = 91712 bytes | Modified Date = 2008-02-29 18:37:20 | Attr = ] vttjqray.dll -> %SystemRoot%\System32\vttjqray.dll -> [Ver = | Size = 94784 bytes | Modified Date = 2008-02-09 18:53:48 | Attr = ] vtuvvwx.dll -> %SystemRoot%\System32\vtuvvwx.dll -> [Ver = | Size = 39936 bytes | Modified Date = 2008-03-09 21:25:49 | Attr = ] vuphagcc.exe -> %SystemRoot%\System32\vuphagcc.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2007-12-27 11:48:31 | Attr = ] vuutlqnd.dll -> %SystemRoot%\System32\vuutlqnd.dll -> [Ver = | Size = 80960 bytes | Modified Date = 2008-01-24 19:10:36 | Attr = ] vwyhjkxh.dll -> %SystemRoot%\System32\vwyhjkxh.dll -> [Ver = | Size = 91712 bytes | Modified Date = 2008-03-05 12:04:50 | Attr = ] vyqbgkdi.dll -> %SystemRoot%\System32\vyqbgkdi.dll -> [Ver = | Size = 79936 bytes | Modified Date = 2008-01-10 14:10:14 | Attr = ] wasjewcy.ini -> %SystemRoot%\System32\wasjewcy.ini -> [Ver = | Size = 1031638 bytes | Modified Date = 2008-01-04 11:05:40 | Attr = HS] watgisxh.dll -> %SystemRoot%\System32\watgisxh.dll -> [Ver = | Size = 92736 bytes | Modified Date = 2008-02-17 15:36:39 | Attr = ] wgbxrrlt.dll -> %SystemRoot%\System32\wgbxrrlt.dll -> [Ver = | Size = 90688 bytes | Modified Date = 2008-02-26 13:21:20 | Attr = ] whrxauxt.dll -> %SystemRoot%\System32\whrxauxt.dll -> [Ver = | Size = 89152 bytes | Modified Date = 2008-02-27 19:53:13 | Attr = ] wiybjvwe.dll -> %SystemRoot%\System32\wiybjvwe.dll -> [Ver = | Size = 95296 bytes | Modified Date = 2008-03-04 12:54:53 | Attr = ] wkkvbphs.dll -> %SystemRoot%\System32\wkkvbphs.dll -> [Ver = | Size = 78912 bytes | Modified Date = 2008-01-22 14:07:26 | Attr = ] wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [Ver = | Size = 13646 bytes | Modified Date = 2008-03-15 15:48:28 | Attr = ] wppbenpr.ini -> %SystemRoot%\System32\wppbenpr.ini -> [Ver = | Size = 1217593 bytes | Modified Date = 2008-02-12 19:22:17 | Attr = HS] wrlskwyi.dll -> %SystemRoot%\System32\wrlskwyi.dll -> [Ver = | Size = 77888 bytes | Modified Date = 2008-01-15 13:38:30 | Attr = ] wwecyiru.dll -> %SystemRoot%\System32\wwecyiru.dll -> [Ver = | Size = 78912 bytes | Modified Date = 2008-01-05 20:18:32 | Attr = ] wwvut.ini2 -> %SystemRoot%\System32\wwvut.ini2 -> [Ver = | Size = 211909 bytes | Modified Date = 2008-03-10 18:42:34 | Attr = HS] wxxauokt.exe -> %SystemRoot%\System32\wxxauokt.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-15 11:18:22 | Attr = ] wyuijhvs.ini -> %SystemRoot%\System32\wyuijhvs.ini -> [Ver = | Size = 1060442 bytes | Modified Date = 2008-01-14 20:16:05 | Attr = HS] xbkrhwef.exe -> %SystemRoot%\System32\xbkrhwef.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2007-12-25 18:00:25 | Attr = ] xcbdelgj.ini -> %SystemRoot%\System32\xcbdelgj.ini -> [Ver = | Size = 1058434 bytes | Modified Date = 2008-01-11 22:14:20 | Attr = HS] xfxrttmi.dll -> %SystemRoot%\System32\xfxrttmi.dll -> [Ver = | Size = 93248 bytes | Modified Date = 2008-02-13 18:07:34 | Attr = ] xgmmuhry.ini -> %SystemRoot%\System32\xgmmuhry.ini -> [Ver = | Size = 1049509 bytes | Modified Date = 2008-01-10 13:08:15 | Attr = HS] xjjkdkeo.dll -> %SystemRoot%\System32\xjjkdkeo.dll -> [Ver = | Size = 93248 bytes | Modified Date = 2008-02-12 11:40:36 | Attr = ] xjxxwaxk.exe -> %SystemRoot%\System32\xjxxwaxk.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2007-12-26 12:18:15 | Attr = ] xkjqthtw.ini -> %SystemRoot%\System32\xkjqthtw.ini -> [Ver = | Size = 1188612 bytes | Modified Date = 2008-02-04 18:27:05 | Attr = HS] xkvvvnpe.ini -> %SystemRoot%\System32\xkvvvnpe.ini -> [Ver = | Size = 1044215 bytes | Modified Date = 2008-01-07 21:32:03 | Attr = HS] xlipjvve.exe -> %SystemRoot%\System32\xlipjvve.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-25 17:58:47 | Attr = ] xlkexhnm.dll -> %SystemRoot%\System32\xlkexhnm.dll -> [Ver = | Size = 91712 bytes | Modified Date = 2008-02-29 11:37:02 | Attr = ] xlvdvvjb.dll -> %SystemRoot%\System32\xlvdvvjb.dll -> [Ver = | Size = 78400 bytes | Modified Date = 2008-01-04 13:27:23 | Attr = ] xmtghjhs.dll -> %SystemRoot%\System32\xmtghjhs.dll -> [Ver = | Size = 88640 bytes | Modified Date = 2008-01-22 20:49:01 | Attr = ] xpbfbafa.dll -> %SystemRoot%\System32\xpbfbafa.dll -> [Ver = | Size = 90176 bytes | Modified Date = 2008-01-01 10:25:25 | Attr = ] xtijatws.exe -> %SystemRoot%\System32\xtijatws.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-13 12:01:32 | Attr = ] xuvxrqyr.dll -> %SystemRoot%\System32\xuvxrqyr.dll -> [Ver = | Size = 97344 bytes | Modified Date = 2008-02-18 12:03:45 | Attr = ] xybcdjgx.ini -> %SystemRoot%\System32\xybcdjgx.ini -> [Ver = | Size = 1248527 bytes | Modified Date = 2008-02-18 14:00:47 | Attr = HS] xykaqsvw.exe -> %SystemRoot%\System32\xykaqsvw.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2007-12-21 23:20:58 | Attr = ] yaoxmbit.dll -> %SystemRoot%\System32\yaoxmbit.dll -> [Ver = | Size = 88640 bytes | Modified Date = 2008-01-22 17:37:50 | Attr = ] ycngioof.exe -> %SystemRoot%\System32\ycngioof.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-25 16:27:04 | Attr = ] ycwejsaw.dll -> %SystemRoot%\System32\ycwejsaw.dll -> [Ver = | Size = 87104 bytes | Modified Date = 2008-01-04 11:05:21 | Attr = ] ydctoclo.dll -> %SystemRoot%\System32\ydctoclo.dll -> [Ver = | Size = 89152 bytes | Modified Date = 2008-02-24 18:51:13 | Attr = ] ydorecnu.dll -> %SystemRoot%\System32\ydorecnu.dll -> [Ver = | Size = 85056 bytes | Modified Date = 2008-02-28 16:05:54 | Attr = ] yffjihyt.ini -> %SystemRoot%\System32\yffjihyt.ini -> [Ver = | Size = 1234981 bytes | Modified Date = 2008-02-13 11:25:20 | Attr = HS] yiqhnywn.dll -> %SystemRoot%\System32\yiqhnywn.dll -> [Ver = | Size = 89664 bytes | Modified Date = 2008-01-23 19:42:55 | Attr = ] yiulurug.ini -> %SystemRoot%\System32\yiulurug.ini -> [Ver = | Size = 1111205 bytes | Modified Date = 2008-02-23 23:14:55 | Attr = HS] yjjhoxuf.ini -> %SystemRoot%\System32\yjjhoxuf.ini -> [Ver = | Size = 1056976 bytes | Modified Date = 2008-01-16 12:01:54 | Attr = HS] yjpsnoxq.dll -> %SystemRoot%\System32\yjpsnoxq.dll -> [Ver = | Size = 93248 bytes | Modified Date = 2008-02-11 14:05:12 | Attr = ] ymjccbli.exe -> %SystemRoot%\System32\ymjccbli.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2007-12-26 23:18:28 | Attr = ] ypnrodua.ini -> %SystemRoot%\System32\ypnrodua.ini -> [Ver = | Size = 1044032 bytes | Modified Date = 2008-01-05 20:12:03 | Attr = HS] yrcafscc.ini -> %SystemRoot%\System32\yrcafscc.ini -> [Ver = | Size = 1262108 bytes | Modified Date = 2008-02-27 13:46:38 | Attr = HS] yrkhsjxf.ini -> %SystemRoot%\System32\yrkhsjxf.ini -> [Ver = | Size = 1243195 bytes | Modified Date = 2008-02-29 13:27:05 | Attr = HS] ystwbnwk.dll -> %SystemRoot%\System32\ystwbnwk.dll -> [Ver = | Size = 78912 bytes | Modified Date = 2008-01-05 19:02:14 | Attr = ] yubdxbyc.dll -> %SystemRoot%\System32\yubdxbyc.dll -> [Ver = | Size = 78400 bytes | Modified Date = 2008-01-03 12:41:30 | Attr = ] yudqdbil.dll -> %SystemRoot%\System32\yudqdbil.dll -> [Ver = | Size = 89664 bytes | Modified Date = 2008-02-28 23:03:07 | Attr = ] yuxvvrow.exe -> %SystemRoot%\System32\yuxvvrow.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-11 22:10:38 | Attr = ] yvdenjbw.exe -> %SystemRoot%\System32\yvdenjbw.exe -> [Ver = 1, 0, 0, 1 | Size = 74304 bytes | Modified Date = 2008-01-18 11:50:28 | Attr = ] 123messenger.per -> %SystemRoot%\123messenger.per -> [Ver = | Size = 15872 bytes | Modified Date = 2008-03-10 00:51:55 | Attr = ] apphelp32.dll -> %SystemRoot%\apphelp32.dll -> [Ver = | Size = 20480 bytes | Modified Date = 2008-03-10 00:50:59 | Attr = ] asferror32.dll -> %SystemRoot%\asferror32.dll -> [Ver = | Size = 16384 bytes | Modified Date = 2008-03-10 00:51:00 | Attr = ] asycfilt32.dll -> %SystemRoot%\asycfilt32.dll -> [Ver = | Size = 15872 bytes | Modified Date = 2008-03-10 00:51:00 | Attr = ] athprxy32.dll -> %SystemRoot%\athprxy32.dll -> [Ver = | Size = 12288 bytes | Modified Date = 2008-03-10 00:51:00 | Attr = ] ati2dvaa32.dll -> %SystemRoot%\ati2dvaa32.dll -> [Ver = | Size = 20480 bytes | Modified Date = 2008-03-10 00:51:01 | Attr = ] ati2dvag32.dll -> %SystemRoot%\ati2dvag32.dll -> [Ver = | Size = 13824 bytes | Modified Date = 2008-03-10 00:51:01 | Attr = ] audiosrv32.dll -> %SystemRoot%\audiosrv32.dll -> [Ver = | Size = 30208 bytes | Modified Date = 2008-03-10 00:51:02 | Attr = ] autodisc32.dll -> %SystemRoot%\autodisc32.dll -> [Ver = | Size = 31744 bytes | Modified Date = 2008-03-10 00:51:03 | Attr = ] avifile32.dll -> %SystemRoot%\avifile32.dll -> [Ver = | Size = 15872 bytes | Modified Date = 2008-03-10 00:51:03 | Attr = ] avisynthex32.dll -> %SystemRoot%\avisynthex32.dll -> [Ver = | Size = 21248 bytes | Modified Date = 2008-03-10 00:51:03 | Attr = ] aviwrap32.dll -> %SystemRoot%\aviwrap32.dll -> [Ver = | Size = 29184 bytes | Modified Date = 2008-03-10 00:51:04 | Attr = ] BMcfac83c8.xml -> %SystemRoot%\BMcfac83c8.xml -> [Ver = | Size = 109636 bytes | Modified Date = 2008-03-17 22:56:51 | Attr = ] bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 2008-03-17 11:54:59 | Attr = S] browserad.dll -> %SystemRoot%\browserad.dll -> [Ver = | Size = 26624 bytes | Modified Date = 2008-03-10 00:51:05 | Attr = ] changeurl_30.dll -> %SystemRoot%\changeurl_30.dll -> [Ver = | Size = 21504 bytes | Modified Date = 2008-03-10 00:50:54 | Attr = ] didduid.ini -> %SystemRoot%\didduid.ini -> [Ver = | Size = 29952 bytes | Modified Date = 2008-03-10 00:54:34 | Attr = ] Downloaded Installations -> %SystemRoot%\Downloaded Installations -> [Folder | Modified Date = 2008-02-27 20:05:24 | Attr = ] Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 2008-03-12 17:19:45 | Attr = S] erdnt -> %SystemRoot%\erdnt -> [Folder | Modified Date = 2008-03-12 17:18:20 | Attr = ] FLEOK -> %SystemRoot%\FLEOK -> [Folder | Modified Date = 2008-03-10 20:41:11 | Attr = ] Fonts -> %SystemRoot%\Fonts -> [Folder | Modified Date = 2008-02-11 15:19:59 | Attr = R S] inf -> %SystemRoot%\inf -> [Folder | Modified Date = 2008-03-11 20:13:17 | Attr = H ] Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 2008-03-16 22:25:21 | Attr = HS] Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 2008-03-10 12:27:44 | Attr = ] msa64chk.dll -> %SystemRoot%\msa64chk.dll -> [Ver = | Size = 11264 bytes | Modified Date = 2008-03-10 00:51:57 | Attr = ] msapasrc.dll -> %SystemRoot%\msapasrc.dll -> [Ver = | Size = 16384 bytes | Modified Date = 2008-03-10 00:51:57 | Attr = ] ntnut.exe -> %SystemRoot%\ntnut.exe -> [Ver = | Size = 29184 bytes | Modified Date = 2008-03-10 00:51:27 | Attr = ] pchealth -> %SystemRoot%\pchealth -> [Folder | Modified Date = 2008-03-03 14:39:25 | Attr = ] Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 2008-03-18 00:44:25 | Attr = ] PSEXESVC.EXE -> %SystemRoot%\PSEXESVC.EXE -> Sysinternals [Ver = 1.70 | Size = 53248 bytes | Modified Date = 2008-03-11 22:20:16 | Attr = ] pskt.ini -> %SystemRoot%\pskt.ini -> [Ver = | Size = 22 bytes | Modified Date = 2008-03-17 11:57:12 | Attr = ] shdocpe.dll -> %SystemRoot%\shdocpe.dll -> [Ver = | Size = 20224 bytes | Modified Date = 2008-03-10 00:51:26 | Attr = ] shdocpl.dll -> %SystemRoot%\shdocpl.dll -> [Ver = | Size = 14848 bytes | Modified Date = 2008-03-10 00:51:27 | Attr = ] solcache -> %SystemRoot%\solcache -> [Folder | Modified Date = 2007-12-25 11:58:05 | Attr = ] system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 256 bytes | Modified Date = 2008-02-11 23:57:45 | Attr = ] system32 -> %SystemRoot%\system32 -> [Folder | Modified Date = 2008-03-16 22:30:36 | Attr = ] Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 2008-03-17 23:56:44 | Attr = ] win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 738 bytes | Modified Date = 2008-03-12 01:33:13 | Attr = ] winsb.dll -> %SystemRoot%\winsb.dll -> [Ver = | Size = 24832 bytes | Modified Date = 2008-03-10 00:51:10 | Attr = ] A8713B3C918EB1D4.job -> %SystemRoot%\tasks\A8713B3C918EB1D4.job -> [Ver = | Size = 258 bytes | Modified Date = 2008-03-18 | Attr = H ] AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Modified Date = 2008-03-16 15:49:00 | Attr = ] SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 2008-03-17 11:55:19 | Attr = H ] qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 6464 bytes | Modified Date = 2008-03-03 02:21:30 | Attr = ] qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 5348 bytes | Modified Date = 2008-03-03 11:31:18 | Attr = ] opa11.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\DATA\opa11.dat -> [Ver = | Size = 8206 bytes | Modified Date = 2006-08-11 12:28:47 | Attr = ] Perflib_Perfdata_7e0.dat -> C:\WINDOWS\Temp\Perflib_Perfdata_7e0.dat -> [Ver = | Size = 16384 bytes | Modified Date = 2008-03-17 22:03:43 | Attr = ] [Files Modified - Additional Folder Scans - Non-Microsoft Only] Grisoft -> %AllUsersProfile%\Application Data\Grisoft -> [Folder | Modified Date = 2008-03-11 00:53:02 | Attr = ] Lavasoft -> %AllUsersProfile%\Application Data\Lavasoft -> [Folder | Modified Date = 2008-03-10 16:55:19 | Attr = ] Macromedia -> %AllUsersProfile%\Application Data\Macromedia -> [Folder | Modified Date = 2008-02-27 20:24:04 | Attr = ] SUPERAntiSpyware.com -> %AllUsersProfile%\Application Data\SUPERAntiSpyware.com -> [Folder | Modified Date = 2008-03-10 16:13:05 | Attr = ] TEMP -> %AllUsersProfile%\Application Data\TEMP -> [Folder | Modified Date = 2008-03-10 01:01:44 | Attr = ] @Alternate Data Stream - 98 bytes -> %AllUsersProfile%\Application Data\TEMP:DFC5A2B2 trust real gram locks -> %AllUsersProfile%\Application Data\trust real gram locks -> [Folder | Modified Date = 2008-03-10 18:13:35 | Attr = ] WLInstaller -> %AllUsersProfile%\Application Data\WLInstaller -> [Folder | Modified Date = 2008-03-03 14:35:05 | Attr = ] Adobe -> %AppData%\Adobe -> [Folder | Modified Date = 2008-02-12 18:32:48 | Attr = ] EXTRA LOCKS LOGO -> %AppData%\EXTRA LOCKS LOGO -> [Folder | Modified Date = 2008-03-10 18:13:35 | Attr = ] Grisoft -> %AppData%\Grisoft -> [Folder | Modified Date = 2008-03-11 01:34:59 | Attr = ] Macromedia -> %AppData%\Macromedia -> [Folder | Modified Date = 2008-02-27 22:58:38 | Attr = ] Microsoft Games -> %AppData%\Microsoft Games -> [Folder | Modified Date = 2008-02-12 18:46:34 | Attr = ] Opera -> %AppData%\Opera -> [Folder | Modified Date = 2008-03-12 16:42:55 | Attr = ] SUPERAntiSpyware.com -> %AppData%\SUPERAntiSpyware.com -> [Folder | Modified Date = 2008-03-16 22:24:43 | Attr = ] GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [Ver = | Size = 58776 bytes | Modified Date = 2008-02-29 15:04:35 | Attr = ] IconCache.db -> %UserProfile%\Local Settings\Application Data\IconCache.db -> [Ver = | Size = 4829108 bytes | Modified Date = 2008-03-17 00:31:36 | Attr = H ] Microsoft -> %UserProfile%\Local Settings\Application Data\Microsoft -> [Folder | Modified Date = 2008-03-11 00:52:04 | Attr = ] PCHealth -> %UserProfile%\Local Settings\Application Data\PCHealth -> [Folder | Modified Date = 2008-03-03 01:39:19 | Attr = ] Adobe Scripts -> %UserProfile%\My Documents\Adobe Scripts -> [Folder | Modified Date = 2008-02-12 18:33:40 | Attr = ] CV Shit -> %UserProfile%\My Documents\CV Shit -> [Folder | Modified Date = 2008-03-11 12:35:44 | Attr = ] My Music -> %UserProfile%\My Documents\My Music -> [Folder | Modified Date = 2008-03-03 14:19:52 | Attr = R S] My Pictures -> %UserProfile%\My Documents\My Pictures -> [Folder | Modified Date = 2008-02-24 00:07:23 | Attr = R S] My Received Files -> %UserProfile%\My Documents\My Received Files -> [Folder | Modified Date = 2008-03-03 14:19:11 | Attr = ] My Sharing Folders.lnk -> %UserProfile%\My Documents\My Sharing Folders.lnk -> [Ver = | Size = 605 bytes | Modified Date = 2008-03-17 16:49:17 | Attr = ] My Stationery -> %UserProfile%\My Documents\My Stationery -> [Folder | Modified Date = 2008-03-03 02:01:39 | Attr = R S] Updater -> %UserProfile%\My Documents\Updater -> [Folder | Modified Date = 2008-03-05 20:52:49 | Attr = ] 46194.gp4 -> %UserProfile%\Desktop\46194.gp4 -> [Ver = | Size = 20179 bytes | Modified Date = 2008-03-16 18:37:44 | Attr = ] Cleaning Tools -> %UserProfile%\Desktop\Cleaning Tools -> [Folder | Modified Date = 2008-03-16 23:19:13 | Attr = ] dss.exe -> %UserProfile%\Desktop\dss.exe -> [Ver = 3, 2, 8, 1 | Size = 686630 bytes | Modified Date = 2008-03-12 17:11:41 | Attr = ] Thumbs.db -> %UserProfile%\Desktop\Thumbs.db -> [Ver = | Size = 6144 bytes | Modified Date = 2008-02-11 16:44:40 | Attr = HS] @Alternate Data Stream - 0 bytes -> %UserProfile%\Desktop\Thumbs.db:encryptable WinPFind35u -> %UserProfile%\Desktop\WinPFind35u -> [Folder | Modified Date = 2008-03-18 00:44:34 | Attr = ] WinPFind35u.exe -> %UserProfile%\Desktop\WinPFind35u.exe -> [Ver = | Size = 481244 bytes | Modified Date = 2008-03-17 22:41:13 | Attr = ] Macromedia -> %CommonProgramFiles%\Macromedia -> [Folder | Modified Date = 2008-02-27 20:28:13 | Attr = ] Microsoft Shared -> %CommonProgramFiles%\Microsoft Shared -> [Folder | Modified Date = 2008-03-03 00:38:50 | Attr = ] WindowsLiveInstaller -> %CommonProgramFiles%\WindowsLiveInstaller -> [Folder | Modified Date = 2008-03-03 01:34:12 | Attr = HS] [File - Lop Check: Additional Folder Scans - Non-Microsoft Only] C:\Documents and Settings\All Users\Application Data\ -> C:\Documents and Settings\All Users\Application Data -> [Folder | Modified Date = 2008-03-10 16:13:05 | Attr = RH ] ACD Systems -> C:\Documents and Settings\All Users\Application Data\ACD Systems -> [Folder | Modified Date = 2007-08-22 21:08:21 | Attr = ] Adobe -> C:\Documents and Settings\All Users\Application Data\Adobe -> [Folder | Modified Date = 2007-08-21 14:46:13 | Attr = ] Adobe Systems -> C:\Documents and Settings\All Users\Application Data\Adobe Systems -> [Folder | Modified Date = 2007-03-04 17:14:58 | Attr = ] Apple Computer -> C:\Documents and Settings\All Users\Application Data\Apple Computer -> [Folder | Modified Date = 2006-10-18 16:43:07 | Attr = ] Avanquest Software -> C:\Documents and Settings\All Users\Application Data\Avanquest Software -> [Folder | Modified Date = 2007-09-16 17:21:24 | Attr = ] FLEXnet -> C:\Documents and Settings\All Users\Application Data\FLEXnet -> [Folder | Modified Date = 2007-08-07 00:59:44 | Attr = ] Google -> C:\Documents and Settings\All Users\Application Data\Google -> [Folder | Modified Date = 2006-12-12 16:19:15 | Attr = ] Grisoft -> C:\Documents and Settings\All Users\Application Data\Grisoft -> [Folder | Modified Date = 2008-03-11 00:53:02 | Attr = ] IconTweaker -> C:\Documents and Settings\All Users\Application Data\IconTweaker -> [Folder | Modified Date = 2007-11-21 22:32:10 | Attr = ] Individual Software -> C:\Documents and Settings\All Users\Application Data\Individual Software -> [Folder | Modified Date = 2006-08-11 15:24:00 | Attr = ] Lavasoft -> C:\Documents and Settings\All Users\Application Data\Lavasoft -> [Folder | Modified Date = 2008-03-10 16:55:19 | Attr = ] Macromedia -> C:\Documents and Settings\All Users\Application Data\Macromedia -> [Folder | Modified Date = 2008-02-27 20:24:04 | Attr = ] McAfee -> C:\Documents and Settings\All Users\Application Data\McAfee -> [Folder | Modified Date = 2006-08-11 13:08:34 | Attr = ] McAfee.com -> C:\Documents and Settings\All Users\Application Data\McAfee.com -> [Folder | Modified Date = 2007-10-04 02:41:38 | Attr = ] McAfee.com Personal Firewall -> C:\Documents and Settings\All Users\Application Data\McAfee.com Personal Firewall -> [Folder | Modified Date = 2007-08-22 18:11:37 | Attr = ] Microsoft -> C:\Documents and Settings\All Users\Application Data\Microsoft -> [Folder | Modified Date = 2007-08-22 20:59:07 | Attr = S] Microsoft Corporation -> C:\Documents and Settings\All Users\Application Data\Microsoft Corporation -> [Folder | Modified Date = 2007-03-04 13:50:39 | Attr = ] pixelStorm -> C:\Documents and Settings\All Users\Application Data\pixelStorm -> [Folder | Modified Date = 2006-10-24 21:32:59 | Attr = ] QuickTime -> C:\Documents and Settings\All Users\Application Data\QuickTime -> [Folder | Modified Date = 2006-09-03 20:26:25 | Attr = ] show itch idol that -> C:\Documents and Settings\All Users\Application Data\show itch idol that -> [Folder | Modified Date = 2007-11-21 11:56:44 | Attr = ] Spybot - Search & Destroy -> C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy -> [Folder | Modified Date = 2007-11-26 22:45:11 | Attr = ] SUPERAntiSpyware.com -> C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com -> [Folder | Modified Date = 2008-03-10 16:13:05 | Attr = ] TEMP -> C:\Documents and Settings\All Users\Application Data\TEMP -> [Folder | Modified Date = 2008-03-10 01:01:44 | Attr = ] @Alternate Data Stream - 98 bytes -> %AllUsersProfile%\Application Data\TEMP:DFC5A2B2 That size part chin -> C:\Documents and Settings\All Users\Application Data\That size part chin -> [Folder | Modified Date = 2007-12-13 02:56:27 | Attr = ] trust real gram locks -> C:\Documents and Settings\All Users\Application Data\trust real gram locks -> [Folder | Modified Date = 2008-03-10 18:13:35 | Attr = ] Trymedia -> C:\Documents and Settings\All Users\Application Data\Trymedia -> [Folder | Modified Date = 2006-08-11 21:28:57 | Attr = ] VideoEgg -> C:\Documents and Settings\All Users\Application Data\VideoEgg -> [Folder | Modified Date = 2006-12-27 19:09:51 | Attr = ] WildTangent -> C:\Documents and Settings\All Users\Application Data\WildTangent -> [Folder | Modified Date = 2006-08-11 22:02:44 | Attr = ] Windows Genuine Advantage -> C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage -> [Folder | Modified Date = 2006-10-19 20:58:32 | Attr = ] Windows Live Toolbar -> C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar -> [Folder | Modified Date = 2006-08-14 22:33:11 | Attr = ] WinZip -> C:\Documents and Settings\All Users\Application Data\WinZip -> [Folder | Modified Date = 2007-10-09 23:39:09 | Attr = ] WLInstaller -> C:\Documents and Settings\All Users\Application Data\WLInstaller -> [Folder | Modified Date = 2008-03-03 14:35:05 | Attr = ] C:\Documents and Settings\Andre\Application Data\ -> C:\Documents and Settings\Andre\Application Data -> [Folder | Modified Date = 2008-03-11 01:34:59 | Attr = RH ] ACD Systems -> C:\Documents and Settings\Andre\Application Data\ACD Systems -> [Folder | Modified Date = 2006-08-11 21:41:34 | Attr = ] Adobe -> C:\Documents and Settings\Andre\Application Data\Adobe -> [Folder | Modified Date = 2008-02-12 18:32:48 | Attr = ] AdobeUM -> C:\Documents and Settings\Andre\Application Data\AdobeUM -> [Folder | Modified Date = 2007-03-23 15:44:57 | Attr = ] Ahead -> C:\Documents and Settings\Andre\Application Data\Ahead -> [Folder | Modified Date = 2006-08-15 20:42:54 | Attr = ] Apple Computer -> C:\Documents and Settings\Andre\Application Data\Apple Computer -> [Folder | Modified Date = 2007-11-05 16:44:51 | Attr = ] EXTRA LOCKS LOGO -> C:\Documents and Settings\Andre\Application Data\EXTRA LOCKS LOGO -> [Folder | Modified Date = 2008-03-10 18:13:35 | Attr = ] GetRightToGo -> C:\Documents and Settings\Andre\Application Data\GetRightToGo -> [Folder | Modified Date = 2007-10-28 14:27:18 | Attr = ] Grisoft -> C:\Documents and Settings\Andre\Application Data\Grisoft -> [Folder | Modified Date = 2008-03-11 01:34:59 | Attr = ] Hamachi -> C:\Documents and Settings\Andre\Application Data\Hamachi -> [Folder | Modified Date = 2007-04-12 17:24:42 | Attr = ] HBLX6 -> C:\Documents and Settings\Andre\Application Data\HBLX6 -> [Folder | Modified Date = 2007-01-20 10:29:50 | Attr = ] IconTweaker -> C:\Documents and Settings\Andre\Application Data\IconTweaker -> [Folder | Modified Date = 2007-11-21 22:32:10 | Attr = ] Identities -> C:\Documents and Settings\Andre\Application Data\Identities -> [Folder | Modified Date = 2006-08-10 15:38:00 | Attr = ] LimeWire -> C:\Documents and Settings\Andre\Application Data\LimeWire -> [Folder | Modified Date = 2007-11-27 19:54:02 | Attr = ] Macromedia -> C:\Documents and Settings\Andre\Application Data\Macromedia -> [Folder | Modified Date = 2008-02-27 22:58:38 | Attr = ] Magic Match -> C:\Documents and Settings\Andre\Application Data\Magic Match -> [Folder | Modified Date = 2006-08-11 21:59:31 | Attr = ] McAfee -> C:\Documents and Settings\Andre\Application Data\McAfee -> [Folder | Modified Date = 2006-08-11 11:16:41 | Attr = ] McAfee.com Personal Firewall -> C:\Documents and Settings\Andre\Application Data\McAfee.com Personal Firewall -> [Folder | Modified Date = 2006-08-11 13:21:50 | Attr = ] Microsoft -> C:\Documents and Settings\Andre\Application Data\Microsoft -> [Folder | Modified Date = 2006-10-02 15:32:58 | Attr = S] Microsoft Games -> C:\Documents and Settings\Andre\Application Data\Microsoft Games -> [Folder | Modified Date = 2008-02-12 18:46:34 | Attr = ] Mozilla -> C:\Documents and Settings\Andre\Application Data\Mozilla -> [Folder | Modified Date = 2007-01-19 18:02:19 | Attr = ] Opera -> C:\Documents and Settings\Andre\Application Data\Opera -> [Folder | Modified Date = 2008-03-12 16:42:55 | Attr = ] SmartFTP -> C:\Documents and Settings\Andre\Application Data\SmartFTP -> [Folder | Modified Date = 2007-03-15 20:12:29 | Attr = ] Sun -> C:\Documents and Settings\Andre\Application Data\Sun -> [Folder | Modified Date = 2006-08-27 15:11:31 | Attr = ] SUPERAntiSpyware.com -> C:\Documents and Settings\Andre\Application Data\SUPERAntiSpyware.com -> [Folder | Modified Date = 2008-03-16 22:24:43 | Attr = ] Talkback -> C:\Documents and Settings\Andre\Application Data\Talkback -> [Folder | Modified Date = 2007-01-19 18:03:21 | Attr = ] tunebite -> C:\Documents and Settings\Andre\Application Data\tunebite -> [Folder | Modified Date = 2007-10-28 12:56:32 | Attr = ] vlc -> C:\Documents and Settings\Andre\Application Data\vlc -> [Folder | Modified Date = 2006-08-15 20:55:58 | Attr = ] WinRAR -> C:\Documents and Settings\Andre\Application Data\WinRAR -> [Folder | Modified Date = 2007-10-09 23:26:56 | Attr = ] C:\Documents and Settings\Chloe\Application Data\ -> C:\Documents and Settings\Chloe\Application Data -> [Folder | Modified Date = 2007-07-12 10:09:30 | Attr = H ] ACD Systems -> C:\Documents and Settings\Chloe\Application Data\ACD Systems -> [Folder | Modified Date = 2006-08-14 21:25:55 | Attr = ] Adobe -> C:\Documents and Settings\Chloe\Application Data\Adobe -> [Folder | Modified Date = 2006-06-16 17:14:18 | Attr = ] AdobeUM -> C:\Documents and Settings\Chloe\Application Data\AdobeUM -> [Folder | Modified Date = 2006-08-15 17:48:23 | Attr = ] Apple Computer -> C:\Documents and Settings\Chloe\Application Data\Apple Computer -> [Folder | Modified Date = 2006-11-04 10:40:04 | Attr = ] EXTRA LOCKS LOGO -> C:\Documents and Settings\Chloe\Application Data\EXTRA LOCKS LOGO -> [Folder | Modified Date = 2008-03-10 18:13:35 | Attr = ] Identities -> C:\Documents and Settings\Chloe\Application Data\Identities -> [Folder | Modified Date = 2006-08-10 15:45:00 | Attr = ] LimeWire -> C:\Documents and Settings\Chloe\Application Data\LimeWire -> [Folder | Modified Date = 2007-11-27 19:54:02 | Attr = ] Macromedia -> C:\Documents and Settings\Chloe\Application Data\Macromedia -> [Folder | Modified Date = 2006-10-24 10:27:20 | Attr = ] Magic Match -> C:\Documents and Settings\Chloe\Application Data\Magic Match -> [Folder | Modified Date = 2006-10-05 13:22:46 | Attr = ] McAfee -> C:\Documents and Settings\Chloe\Application Data\McAfee -> [Folder | Modified Date = 2007-07-12 10:09:30 | Attr = ] McAfee.com Personal Firewall -> C:\Documents and Settings\Chloe\Application Data\McAfee.com Personal Firewall -> [Folder | Modified Date = 2007-12-29 22:03:44 | Attr = ] Microsoft -> C:\Documents and Settings\Chloe\Application Data\Microsoft -> [Folder | Modified Date = 2007-04-18 11:47:08 | Attr = S] Mozilla -> C:\Documents and Settings\Chloe\Application Data\Mozilla -> [Folder | Modified Date = 2007-01-30 16:40:54 | Attr = ] Sun -> C:\Documents and Settings\Chloe\Application Data\Sun -> [Folder | Modified Date = 2006-10-28 17:58:11 | Attr = ] Talkback -> C:\Documents and Settings\Chloe\Application Data\Talkback -> [Folder | Modified Date = 2007-01-30 16:44:18 | Attr = ] VideoEgg -> C:\Documents and Settings\Chloe\Application Data\VideoEgg -> [Folder | Modified Date = 2007-02-26 16:18:00 | Attr = ] vlc -> C:\Documents and Settings\Chloe\Application Data\vlc -> [Folder | Modified Date = 2006-08-14 22:50:36 | Attr = ] C:\Documents and Settings\Default User\Application Data\ -> C:\Documents and Settings\Default User\Application Data -> [Folder | Modified Date = 2006-08-11 03:11:13 | Attr = RH ] Microsoft -> C:\Documents and Settings\Default User\Application Data\Microsoft -> [Folder | Modified Date = 2006-08-10 15:29:05 | Attr = S] C:\Documents and Settings\LocalService\Application Data\ -> C:\Documents and Settings\LocalService\Application Data -> [Folder | Modified Date = 2006-08-11 13:18:37 | Attr = ] McAfee.com Personal Firewall -> C:\Documents and Settings\LocalService\Application Data\McAfee.com Personal Firewall -> [Folder | Modified Date = 2006-08-11 13:18:37 | Attr = ] Microsoft -> C:\Documents and Settings\LocalService\Application Data\Microsoft -> [Folder | Modified Date = 2007-10-28 15:58:18 | Attr = S] C:\Documents and Settings\NetworkService\Application Data\ -> C:\Documents and Settings\NetworkService\Application Data -> [Folder | Modified Date = 2006-08-10 15:35:04 | Attr = ] Microsoft -> C:\Documents and Settings\NetworkService\Application Data\Microsoft -> [Folder | Modified Date = 2006-08-10 15:29:05 | Attr = S] C:\WINDOWS\Tasks\ -> C:\WINDOWS\Tasks -> [Folder | Modified Date = 2007-12-13 02:58:02 | Attr = S] A8713B3C918EB1D4.job -> C:\WINDOWS\Tasks\A8713B3C918EB1D4.job -> [Ver = | Size = 258 bytes | Modified Date = 2008-03-18 | Attr = H ] AppleSoftwareUpdate.job -> C:\WINDOWS\Tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Modified Date = 2008-03-16 15:49:00 | Attr = ] BugDoctorAndre.job -> C:\WINDOWS\Tasks\BugDoctorAndre.job -> [Ver = | Size = 256 bytes | Modified Date = 2006-08-27 21:56:41 | Attr = ] desktop.ini -> C:\WINDOWS\Tasks\desktop.ini -> [Ver = | Size = 65 bytes | Modified Date = 2004-08-05 | Attr = RH ] McAfee AntiSpyware.job -> C:\WINDOWS\Tasks\McAfee AntiSpyware.job -> [Ver = | Size = 362 bytes | Modified Date = 2007-12-18 05:30:00 | Attr = ] SA.DAT -> C:\WINDOWS\Tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 2008-03-17 11:55:19 | Attr = H ] [File - Purity Scan: Additional Folder Scans - Non-Microsoft Only] < End of report > [/code]