Jump to content

Welcome to Geeks to Go - Register now for FREE
Geeks To Go is a helpful hub, where thousands of friendly volunteers serve up answers and support. Get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. This message and all ads will be removed once you have signed in.
Create an Account Login to Account

'Open With' Virus [Solved]


  • This topic is locked This topic is locked

#1
wowcow12

wowcow12

    Member

  • Member
  • PipPip
  • 60 posts
Hi there,
When ever I click on an icon on my computer screen I get the 'open with' box. When I woke up this morning, my computer was continuously restarting its self because of this virus. My Norton Internet Protection won't open/work because I can't open it because of the virus. I can't open my disk cleaner either (as I saw it as a helpful tool to fix this problem in a similar post to mine)

I think this is the Rundll32.exe problem, but I'm not sure and need a beginners way to fix this problem (I'm not computer savvy)


I'm worried about my computer and very frustrated with this problem, any help received would be great.

Edited by wowcow12, 06 March 2010 - 02:35 PM.

  • 0

Advertisement


#2
Essexboy

Essexboy

    GeekU Moderator

  • GeekU Moderator
  • 63,854 posts
Hi lets see if we can get it going again

WARNING these fixes are designed for this user only and may cause damage if run on an uninfected machine

REGISTRY FIX

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"


Next you will need to create the repair registry fix to do that copy and paste ALL of the above in the quote box to a notepad file. Ensure there is no space above the Windows Registry Editor Version 5.00.
Then in notepad go to FILE > SAVE AS and in the dropdown box select SAVE AS TYPE to ALL FILES
Then in the FILE NAME box type fix.reg
This will create a fix.reg file on your desktop Posted Image

To use this file you will need to right click the icon and select merge, accept the warning if it appears and you are done.

If you cannot open notepad then download the attached text file and rename it to fix.reg [attachment=39729:fix.txt]

NEXT

Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.


THEN

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in

    netsvcs
    %SYSTEMDRIVE%\*.*
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    symmpi.sys
    adp3132.sys
    mv61xx.sys
    /md5stop
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav


  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.

  • 0

#3
wowcow12

wowcow12

    Member

  • Member
  • PipPip
  • 60 posts
I got the 'restart' box and I did the note and all of that as well


Malwarebytes' Anti-Malware 1.44
Database version: 3830
Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.13

3/7/2010 10:07:35 AM
mbam-log-2010-03-07 (10-07-35).txt

Scan type: Quick Scan
Objects scanned: 194421
Time elapsed: 5 hour(s), 36 minute(s), 19 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 19
Registry Values Infected: 5
Registry Data Items Infected: 8
Folders Infected: 11
Files Infected: 29

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{93c6313c-9db4-4694-8bd0-e378c573a9ad} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{e9bd0828-1fd9-410c-a50f-43ebe65d310f} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\DomainService (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\MS Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MySidesearch (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.TryMedia) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\rhcvkmj0e37p (Rogue.AntiVirusXP) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\jkwslist (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rhcvkmj0e37p (Rogue.AntiVirusXP) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Deewoo Network Manager (Adware.Radio) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bf (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bk (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\iu (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\rhcvkmj0e37p (Rogue.AntiVirusXP) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\bootstera (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
C:\Documents and Settings\Meredith\Application Data\Facegame (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest.FLEXSPACE\Application Data\WinAntiVirus Pro 2006 (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest.FLEXSPACE\Application Data\WinAntiVirus Pro 2006\Logs (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
C:\Program Files\Insider (Adware.DnsInsider) -> Quarantined and deleted successfully.
C:\Program Files\WinBudget (Adware.Admedia) -> Quarantined and deleted successfully.
C:\Program Files\WinBudget\bin (Adware.Admedia) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bharebio01 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cfig322 (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drvr2 (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f02WtR (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\PerfInfo (Rogue.WinPerformance) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\AWS\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.
C:\Documents and Settings\Meredith\Local Settings\Temp\amscnorxew.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Meredith\Local Settings\Temp\xocwsnmear.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Meredith\Local Settings\Temp\wcomsranxe.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Meredith\Local Settings\Temp\emnawrxocs.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Meredith\Local Settings\Temp\9C0.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Documents and Settings\Meredith\Local Settings\Temp\9C1.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Documents and Settings\Meredith\Local Settings\Temp\9C4.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Documents and Settings\Meredith\Local Settings\Temp\9C5.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest.FLEXSPACE\Application Data\WinAntiVirus Pro 2006\Logs\update.log (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest.FLEXSPACE\Application Data\WinAntiVirus Pro 2006\Logs\wa6Support.log (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest.FLEXSPACE\Application Data\WinAntiVirus Pro 2006\Logs\winav.log (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
C:\Program Files\Insider\Insider.exe (Adware.DnsInsider) -> Quarantined and deleted successfully.
C:\Program Files\Insider\UnInstall.exe (Adware.DnsInsider) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest.FLEXSPACE\Application Data\Microsoft\Internet Explorer\Quick Launch\AntiSpywareMaster.lnk (Rogue.AntiSpyware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest.FLEXSPACE\Start Menu\Programs\Startup\Deewoo.lnk (Malware.Links) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mom\Start Menu\Programs\Startup\Deewoo.lnk (Malware.Links) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest.FLEXSPACE\Start Menu\Programs\Startup\TA_Start.lnk (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Meredith\Start Menu\Programs\Startup\TA_Start.lnk (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Mom\Start Menu\Programs\Startup\TA_Start.lnk (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\{b7257580-330b-04b0-28e0-ca0ec94bafb7}.dll-uninst.exe (Adware.AdRotator) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\ssanykfb.dat (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\beep.sys (Fake.Beep.sys) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winpfz33.sys (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\BMb352180f.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BMb352180f.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • GeekU Moderator
  • 63,854 posts
Could you now run OTL please so that I can kill the remnants - also what problems are you experiencing ?
  • 0

#5
wowcow12

wowcow12

    Member

  • Member
  • PipPip
  • 60 posts
I have OTL open, do I just click 'run scan'?

Nothing is really a problem anymore, but there are files on my computer that just showed up and they're transparent, what are they?
  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • GeekU Moderator
  • 63,854 posts
Those are system files which I will hide when we finish - Yes just run a quick scan please
  • 0

#7
wowcow12

wowcow12

    Member

  • Member
  • PipPip
  • 60 posts
Alright, doing so.
  • 0

#8
wowcow12

wowcow12

    Member

  • Member
  • PipPip
  • 60 posts
Now what do I do?
  • 0

#9
Essexboy

Essexboy

    GeekU Moderator

  • GeekU Moderator
  • 63,854 posts
Could you post the log please :)
  • 0

#10
wowcow12

wowcow12

    Member

  • Member
  • PipPip
  • 60 posts
The one that popped up after the last OTL quick scan?

Edited by wowcow12, 07 March 2010 - 03:54 PM.

  • 0
<

Advertisement


#11
Essexboy

Essexboy

    GeekU Moderator

  • GeekU Moderator
  • 63,854 posts
Yes please
  • 0

#12
wowcow12

wowcow12

    Member

  • Member
  • PipPip
  • 60 posts
OTL logfile created on: 3/7/2010 10:20:28 AM - Run 1
OTL by OldTimer - Version 3.1.34.0 Folder = C:\Documents and Settings\Meredith\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

503.00 Mb Total Physical Memory | 49.00 Mb Available Physical Memory | 10.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 56.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 178.70 Gb Total Space | 2.51 Gb Free Space | 1.40% Space Free | Partition Type: NTFS
Drive D: | 7.59 Gb Total Space | 2.17 Gb Free Space | 28.52% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: FLEXSPACE
Current User Name: Meredith
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/03/07 10:19:15 | 000,553,984 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Meredith\Desktop\OTL.exe
PRC - [2010/02/18 22:19:07 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/09/03 14:07:12 | 001,576,176 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2008/06/10 04:27:04 | 000,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
PRC - [2008/06/10 04:27:03 | 000,329,104 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
PRC - [2007/10/08 14:50:56 | 000,041,824 | ---- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\1136999695\ee\aolsoftware.exe
PRC - [2007/06/13 03:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/04 14:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/10/16 00:17:18 | 000,276,000 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
PRC - [2005/04/12 01:10:22 | 000,065,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCMTR.EXE
PRC - [2005/04/06 18:57:12 | 000,090,112 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2005/04/06 18:53:00 | 002,805,248 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
PRC - [2005/02/16 17:37:06 | 000,045,056 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
PRC - [2003/05/22 21:38:26 | 000,106,496 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe
PRC - [2003/03/13 19:38:12 | 000,155,648 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMASST.exe
PRC - [2003/02/11 08:10:00 | 000,106,560 | ---- | M] (WinZip Computing, Inc.) -- C:\Program Files\WinZip\WZQKPICK.EXE


========== Modules (SafeList) ==========

MOD - [2010/03/07 10:19:15 | 000,553,984 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Meredith\Desktop\OTL.exe
MOD - [2006/08/25 08:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2005/02/16 17:37:06 | 000,024,613 | ---- | M] (BackWeb) -- C:\Documents and Settings\Meredith\Local Settings\Temp\IadHide5.dll


========== Win32 Services (SafeList) ==========

SRV - [2008/04/13 14:08:28 | 001,245,064 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2007/01/04 14:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/10/16 00:17:18 | 000,276,000 | ---- | M] (Pure Networks, Inc.) [Auto | Running] -- C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe -- (nmservice)
SRV - [2006/10/14 20:21:02 | 000,012,800 | ---- | M] (Pure Networks, Inc.) [On_Demand | Stopped] -- C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe -- (nmraapache)
SRV - [2003/05/22 21:38:26 | 000,106,496 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.msn.com/spbasic.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default = 18 D4 66 63 03 0C 6E 42 8F 17 9B 51 D6 3F C6 A2 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaulturl: "http://aim.search.ao...romesbox-en-us"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.5
FF - prefs.js..keyword.URL: "http://slirsredirect...b-en-us&query="


FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2010/03/06 01:23:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\ [2010/03/06 01:24:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/19 19:44:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/18 22:19:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Browser 8.1.0.0\Extensions\\Components: C:\Program Files\Netscape\Netscape Browser\Components [2009/11/19 22:27:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape Browser 8.1.0.0\Extensions\\Plugins: C:\Program Files\Netscape\Netscape Browser\Plugins [2009/11/19 22:27:50 | 000,000,000 | ---D | M]

[2009/07/10 10:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meredith\Application Data\Mozilla\Extensions
[2009/04/18 09:19:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meredith\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/03/07 10:17:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meredith\Application Data\Mozilla\Firefox\Profiles\swebfypu.default\extensions
[2009/09/03 19:43:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Meredith\Application Data\Mozilla\Firefox\Profiles\swebfypu.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/07/30 21:34:27 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Meredith\Application Data\Mozilla\Firefox\Profiles\swebfypu.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/12/17 19:14:46 | 000,004,554 | ---- | M] () -- C:\Documents and Settings\Meredith\Application Data\Mozilla\Firefox\Profiles\swebfypu.default\searchplugins\aim-search-1.xml
[2009/06/19 19:26:15 | 000,004,207 | ---- | M] () -- C:\Documents and Settings\Meredith\Application Data\Mozilla\Firefox\Profiles\swebfypu.default\searchplugins\aim-search.xml
[2008/11/29 10:28:26 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\Meredith\Application Data\Mozilla\Firefox\Profiles\swebfypu.default\searchplugins\jeffree-star.xml
[2010/03/07 01:55:52 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2008/06/30 13:44:08 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\Mozilla Firefox\components\coFFPlgn.dll
[2008/10/11 14:44:17 | 000,284,248 | ---- | M] (Musicnotes, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npmusicn.dll
[2009/04/11 13:56:54 | 000,239,432 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
[2007/04/16 10:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll

O1 HOSTS File: ([2009/10/14 19:13:55 | 000,343,689 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 11784 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll File not found
O2 - BHO: (no name) - {4FC0397A-C970-407E-B67A-39DDD0B8867E} - C:\WINDOWS\System32\aqmlgvo.dll File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (AIM Search) - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll File not found
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.5.0.127\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (HP view) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll (Hewlett-Packard Company)
O3 - HKLM\..\Toolbar: (BearShare MediaBar) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareMediaBar.dll (BearShare)
O3 - HKLM\..\Toolbar: (Yahoo! uC) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.5.0.127\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! uC) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll File not found
O4 - HKLM..\Run: [# L"h'9Ӝ3rWC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\cvtthy.exe File not found
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\Hdaudpropshortcut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [horyfyr] C:\Program Files\ComPlus Applications\horyfyr22011.exe File not found
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1136999695\ee\aolsoftware.exe (AOL LLC)
O4 - HKLM..\Run: [j9251831] C:\WINDOWS\System32\j9251831.DLL File not found
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UEYACh$v/fC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\cvtthy.exe File not found
O4 - HKLM..\Run: [UEYAChD] C:\WINDOWS\cvtthy.exe File not found
O4 - HKCU..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe File not found
O4 - HKCU..\Run: [Iwv6RVG8j] File not found
O4 - HKCU..\Run: [j5291437] C:\WINDOWS\System32\j5291437.DLL File not found
O4 - HKCU..\Run: [MsnMsgr] C:\Program Files\MSN Messenger\MsnMsgr.Exe File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKLM..\RunOnce: [SymLnch] C:\Documents and Settings\Chris\Application Data\Symantec\Layouts\Norton Internet Security\15.0.0.60\SymAllLanguages\NIS_RETAIL\90100\Support\SymLnch\SymLnch.exe (Symantec Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe (Hewlett-Packard)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyPoker.exe File not found
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyPoker.net\partypokernet.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: sxload.net ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: neopets.com ([www] https in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1118560510984 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_03)
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\puresp.dll (Pure Networks, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\cbxuvst: DllName - cbxuvst.dll - File not found
O20 - Winlogon\Notify\drjdus: DllName - drjdus.dll - File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\pmnli: DllName - C:\WINDOWS\system32\pmnli.dll - C:\WINDOWS\System32\pmnli.dll File not found
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\System32\towicigi.dll File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Meredith\My Documents\My Pictures\nsn background.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Meredith\My Documents\My Pictures\nsn background.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O29 - HKLM SecurityProviders - (msansspc.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/07/27 14:07:38 | 000,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 06:01:14 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{2e588a24-c967-11de-85f2-0011d8d19315}\Shell\AutoRun\command - "" = G:\setup.exe -- File not found
O33 - MountPoints2\{75026dd3-3269-11dd-843a-0011d8d19315}\Shell\AutoRun\command - "" = p1y2.cmd
O33 - MountPoints2\{75026dd3-3269-11dd-843a-0011d8d19315}\Shell\explore\Command - "" = p1y2.cmd
O33 - MountPoints2\{75026dd3-3269-11dd-843a-0011d8d19315}\Shell\open\Command - "" = p1y2.cmd
O33 - MountPoints2\{75026dd5-3269-11dd-843a-0011d8d19315}\Shell\AutoRun\command - "" = p1y2.cmd
O33 - MountPoints2\{75026dd5-3269-11dd-843a-0011d8d19315}\Shell\explore\Command - "" = p1y2.cmd
O33 - MountPoints2\{75026dd5-3269-11dd-843a-0011d8d19315}\Shell\open\Command - "" = p1y2.cmd
O33 - MountPoints2\{82183f74-f86d-11db-8112-00038a000015}\Shell\AutoRun\command - "" = G:\winlog.exe -- File not found
O33 - MountPoints2\{82183f74-f86d-11db-8112-00038a000015}\Shell\open\command - "" = G:\winlog.exe -- File not found
O33 - MountPoints2\{946850c5-1e27-11d9-baf0-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{946850c5-1e27-11d9-baf0-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{946850c5-1e27-11d9-baf0-806d6172696f}\Shell\AutoRun\command - "" = D:\setup.exe -- File not found
O33 - MountPoints2\{eaaabf42-31e0-11de-85b8-0011d8d19315}\Shell - "" = AutoRun
O33 - MountPoints2\{eaaabf42-31e0-11de-85b8-0011d8d19315}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{eaaabf42-31e0-11de-85b8-0011d8d19315}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: ('autocheck autochk *') - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2005/02/16 17:11:31 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Schedule - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (54046588552609792)

========== Files/Folders - Created Within 14 Days ==========

[2010/03/07 10:19:15 | 000,553,984 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Meredith\Desktop\OTL.exe
[2010/03/06 14:16:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Meredith\Application Data\Malwarebytes
[2010/03/06 14:16:19 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/03/06 14:16:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/03/06 14:16:16 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/03/06 14:16:16 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/03/06 13:40:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Meredith\Application Data\Tific
[2010/03/06 03:28:32 | 000,046,640 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\msln.exe
[2010/03/06 01:24:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Meredith\My Documents\Symantec
[2010/03/06 01:20:26 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/03/06 01:20:26 | 000,060,808 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/03/06 01:20:25 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010/03/06 01:19:55 | 000,362,032 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1105000.07F\symtdi.sys
[2010/03/06 01:19:55 | 000,340,016 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1105000.07F\symtdiv.sys
[2010/03/06 01:19:54 | 000,328,752 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1105000.07F\symds.sys
[2010/03/06 01:19:54 | 000,172,592 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1105000.07F\symefa.sys
[2010/03/06 01:19:54 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1105000.07F\srtspx.sys
[2010/03/06 01:19:53 | 000,501,888 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1105000.07F\cchpx86.sys
[2010/03/06 01:19:53 | 000,325,168 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1105000.07F\srtsp.sys
[2010/03/06 01:19:53 | 000,116,272 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1105000.07F\ironx86.sys
[2010/03/06 01:16:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS\1105000.07F
[2010/03/06 01:14:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\NIS
[2010/03/06 01:14:06 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Sidebar
[2010/03/06 01:13:49 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Internet Security
[2010/03/06 01:00:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2010/03/06 00:41:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton Installer
[2010/03/06 00:41:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/03/06 00:34:13 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Utilities 14
[2010/03/06 00:25:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Meredith\Tracing
[2010/03/06 00:20:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/03/06 00:20:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\microsoft
[2010/03/06 00:20:18 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2010/03/06 00:19:25 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/03/05 23:38:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2009/08/15 16:04:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2009/04/15 18:25:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2008/05/08 21:02:19 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2008/02/07 16:10:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\AOL
[2007/12/01 03:01:34 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2007/11/03 13:13:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
[2007/04/29 12:14:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Symantec
[2005/07/02 22:23:26 | 000,090,112 | R--- | C] ( ) -- C:\WINDOWS\System32\SCCD3X02.DLL
[2005/02/16 17:13:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System\*.tmp files -> C:\WINDOWS\System\*.tmp -> ]
[1 C:\Documents and Settings\Meredith\My Documents\*.tmp files -> C:\Documents and Settings\Meredith\My Documents\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2010/03/07 10:19:50 | 014,680,064 | -H-- | M] () -- C:\Documents and Settings\Meredith\ntuser.dat
[2010/03/07 10:19:15 | 000,553,984 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Meredith\Desktop\OTL.exe
[2010/03/07 10:11:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/07 10:11:28 | 527,814,656 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/07 10:10:28 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Meredith\ntuser.ini
[2010/03/06 14:16:21 | 000,000,707 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/06 14:14:17 | 000,000,101 | ---- | M] () -- C:\Documents and Settings\Meredith\Desktop\fix.reg
[2010/03/06 13:37:23 | 000,010,752 | ---- | M] () -- C:\Documents and Settings\Meredith\Desktop\exefix_xp.com
[2010/03/06 03:28:32 | 000,046,640 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\msln.exe
[2010/03/06 03:14:30 | 001,148,184 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1105000.07F\Cat.DB
[2010/03/06 01:20:25 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2010/03/06 01:20:25 | 000,060,808 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2010/03/06 01:20:25 | 000,007,443 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/03/06 01:20:25 | 000,000,805 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/03/06 01:20:23 | 000,000,744 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - Chris.job
[2010/03/06 01:20:02 | 000,001,995 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton Internet Security.LNK
[2010/03/06 01:09:57 | 000,016,702 | -HS- | M] () -- C:\Documents and Settings\Meredith\Local Settings\Application Data\fXsMq7BWv
[2010/03/06 00:59:13 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/03/06 00:45:43 | 000,340,240 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/03/06 00:29:23 | 000,158,720 | -HS- | M] () -- C:\Documents and Settings\Meredith\Local Settings\Application Data\MSASCui.exe
[2010/03/06 00:24:57 | 000,102,240 | ---- | M] () -- C:\Documents and Settings\Meredith\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/03/06 00:22:45 | 000,000,923 | ---- | M] () -- C:\Documents and Settings\Meredith\My Documents\My Sharing Folders.lnk
[2010/03/02 20:12:04 | 000,000,664 | ---- | M] () -- C:\Documents and Settings\Meredith\Local Settings\Application Data\d3d9caps.dat
[2010/02/27 17:25:40 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/02/24 03:01:24 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System\*.tmp files -> C:\WINDOWS\System\*.tmp -> ]
[1 C:\Documents and Settings\Meredith\My Documents\*.tmp files -> C:\Documents and Settings\Meredith\My Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/03/06 14:16:21 | 000,000,707 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/06 14:14:17 | 000,000,101 | ---- | C] () -- C:\Documents and Settings\Meredith\Desktop\fix.reg
[2010/03/06 13:37:23 | 000,010,752 | ---- | C] () -- C:\Documents and Settings\Meredith\Desktop\exefix_xp.com
[2010/03/06 01:23:32 | 001,148,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1105000.07F\Cat.DB
[2010/03/06 01:20:26 | 000,007,443 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2010/03/06 01:20:26 | 000,000,805 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2010/03/06 01:20:02 | 000,001,995 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton Internet Security.LNK
[2010/03/06 01:19:55 | 000,007,787 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1105000.07F\symnetv.cat
[2010/03/06 01:19:55 | 000,001,473 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1105000.07F\symnetv.inf
[2010/03/06 01:19:54 | 000,007,444 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1105000.07F\symefa.cat
[2010/03/06 01:19:54 | 000,007,425 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1105000.07F\symds.cat
[2010/03/06 01:19:54 | 000,007,368 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1105000.07F\symnet.cat
[2010/03/06 01:19:54 | 000,003,374 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1105000.07F\symefa.inf
[2010/03/06 01:19:54 | 000,002,793 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1105000.07F\symds.inf
[2010/03/06 01:19:54 | 000,001,445 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1105000.07F\symnet.inf
[2010/03/06 01:19:54 | 000,001,388 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1105000.07F\srtspx.inf
[2010/03/06 01:19:53 | 000,007,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1105000.07F\srtspx.cat
[2010/03/06 01:19:53 | 000,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1105000.07F\srtsp.cat
[2010/03/06 01:19:53 | 000,007,438 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1105000.07F\iron.cat
[2010/03/06 01:19:53 | 000,007,396 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1105000.07F\cchpx86.cat
[2010/03/06 01:19:53 | 000,001,756 | R--- | C] () -- C:\WINDOWS\System32\drivers\NIS\1105000.07F\cchpx86.inf
[2010/03/06 01:19:53 | 000,001,382 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1105000.07F\srtsp.inf
[2010/03/06 01:19:53 | 000,000,742 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1105000.07F\iron.inf
[2010/03/06 01:19:53 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\NIS\1105000.07F\isolate.ini
[2010/03/06 00:29:23 | 000,158,720 | -HS- | C] () -- C:\Documents and Settings\Meredith\Local Settings\Application Data\MSASCui.exe
[2010/03/06 00:26:57 | 000,016,702 | -HS- | C] () -- C:\Documents and Settings\Meredith\Local Settings\Application Data\fXsMq7BWv
[2010/03/06 00:22:45 | 000,000,923 | ---- | C] () -- C:\Documents and Settings\Meredith\My Documents\My Sharing Folders.lnk
[2009/10/04 10:05:32 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2008/12/02 17:00:57 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\rmc_rtspdl.dll
[2008/11/24 18:27:26 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\Meredith\Local Settings\Application Data\d3d9caps.dat
[2008/08/26 17:40:10 | 000,000,031 | ---- | C] () -- C:\WINDOWS\hegames.ini
[2007/12/22 15:44:54 | 000,683,623 | -HS- | C] () -- C:\WINDOWS\System32\nfnmlxyp.ini
[2007/12/20 10:23:52 | 000,990,384 | -HS- | C] () -- C:\WINDOWS\System32\nluqefbf.ini
[2007/12/12 03:05:43 | 000,015,230 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/11/21 11:25:32 | 001,468,565 | -HS- | C] () -- C:\WINDOWS\System32\ipspiuov.ini
[2007/11/19 09:01:16 | 001,122,030 | -HS- | C] () -- C:\WINDOWS\System32\kfgrenqu.ini
[2007/11/14 10:20:26 | 001,127,852 | -HS- | C] () -- C:\WINDOWS\System32\gfkdisun.ini
[2007/11/14 10:16:53 | 000,669,171 | -HS- | C] () -- C:\WINDOWS\System32\huikkrmw.ini
[2007/10/22 21:29:55 | 001,201,946 | -HS- | C] () -- C:\WINDOWS\System32\ulmpjqng.ini
[2007/10/22 20:50:43 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\qoimpogl.ini
[2007/10/22 20:30:17 | 000,693,601 | -HS- | C] () -- C:\WINDOWS\System32\hmtkiwvk.ini
[2007/10/21 19:40:21 | 000,693,412 | -HS- | C] () -- C:\WINDOWS\System32\iovsxiuc.ini
[2007/10/21 18:36:41 | 000,693,541 | -HS- | C] () -- C:\WINDOWS\System32\gvibaidx.ini
[2007/10/21 18:31:41 | 000,693,475 | -HS- | C] () -- C:\WINDOWS\System32\ifovlahh.ini
[2007/10/21 17:47:32 | 000,693,412 | -HS- | C] () -- C:\WINDOWS\System32\laqueira.ini
[2007/10/21 17:09:59 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\wdaehecr.ini
[2007/10/21 16:19:01 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\ntftvkuv.ini
[2007/10/21 14:36:51 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\qjrbpjet.ini
[2007/10/21 13:42:34 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\ctoewbmj.ini
[2007/10/21 12:43:43 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\jwnxoecj.ini
[2007/10/21 09:26:19 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\ierhgspu.ini
[2007/10/21 09:13:30 | 000,693,541 | -HS- | C] () -- C:\WINDOWS\System32\goxprfcl.ini
[2007/10/20 21:07:05 | 000,693,490 | -HS- | C] () -- C:\WINDOWS\System32\iiadpgin.ini
[2007/10/20 14:21:24 | 000,693,472 | -HS- | C] () -- C:\WINDOWS\System32\lwryiyun.ini
[2007/10/19 18:17:15 | 000,693,430 | -HS- | C] () -- C:\WINDOWS\System32\gbsyikgn.ini
[2007/10/19 14:20:41 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\khiqhlia.ini
[2007/10/19 06:21:44 | 000,693,472 | -HS- | C] () -- C:\WINDOWS\System32\qcuyxrte.ini
[2007/10/18 23:14:35 | 000,693,481 | -HS- | C] () -- C:\WINDOWS\System32\oexjsogo.ini
[2007/10/18 06:21:28 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\tudivtgi.ini
[2007/10/17 23:15:26 | 000,693,430 | -HS- | C] () -- C:\WINDOWS\System32\jjebniyp.ini
[2007/10/17 15:13:05 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\xxjqvxrf.ini
[2007/10/17 13:50:00 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\nhxixjnx.ini
[2007/10/17 07:01:05 | 000,693,430 | -HS- | C] () -- C:\WINDOWS\System32\hgavlddo.ini
[2007/10/17 06:32:45 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\bbfwltpn.ini
[2007/10/16 20:57:02 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\lfryacvq.ini
[2007/10/16 18:44:48 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\kmhxhyln.ini
[2007/10/16 12:46:57 | 000,693,481 | -HS- | C] () -- C:\WINDOWS\System32\hekgqitn.ini
[2007/10/16 00:15:53 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\hsvidmbr.ini
[2007/10/15 12:48:06 | 000,693,439 | -HS- | C] () -- C:\WINDOWS\System32\bxxwkvme.ini
[2007/10/14 23:56:08 | 000,693,541 | -HS- | C] () -- C:\WINDOWS\System32\mxmfeofv.ini
[2007/10/14 17:42:06 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\qvowdder.ini
[2007/10/14 14:26:57 | 000,693,550 | -HS- | C] () -- C:\WINDOWS\System32\nyoopccp.ini
[2007/10/13 23:53:22 | 000,693,481 | -HS- | C] () -- C:\WINDOWS\System32\sgcaviyi.ini
[2007/10/13 14:26:36 | 000,693,481 | -HS- | C] () -- C:\WINDOWS\System32\egpawvog.ini
[2007/10/12 23:54:29 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\muyvtssw.ini
[2007/10/12 14:27:26 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\egfyuyfn.ini
[2007/10/12 13:26:13 | 000,693,412 | -HS- | C] () -- C:\WINDOWS\System32\yctheryx.ini
[2007/10/12 07:57:24 | 000,693,541 | -HS- | C] () -- C:\WINDOWS\System32\fwxqcxbu.ini
[2007/10/11 19:33:10 | 000,693,481 | -HS- | C] () -- C:\WINDOWS\System32\evqrgcii.ini
[2007/10/11 07:57:39 | 000,693,490 | -HS- | C] () -- C:\WINDOWS\System32\qnvmngvf.ini
[2007/10/10 19:33:24 | 000,693,458 | -HS- | C] () -- C:\WINDOWS\System32\kpohrdum.ini
[2007/10/10 07:57:17 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\syoktfmc.ini
[2007/10/09 11:09:38 | 000,693,472 | -HS- | C] () -- C:\WINDOWS\System32\uegiavrk.ini
[2007/10/09 08:41:20 | 000,693,697 | -HS- | C] () -- C:\WINDOWS\System32\lufegsob.ini
[2007/10/08 11:09:00 | 000,693,439 | -HS- | C] () -- C:\WINDOWS\System32\lxitlrnm.ini
[2007/10/07 22:40:14 | 000,693,601 | -HS- | C] () -- C:\WINDOWS\System32\jnwangxp.ini
[2007/10/07 21:19:05 | 000,693,481 | -HS- | C] () -- C:\WINDOWS\System32\hftkwwab.ini
[2007/10/06 22:40:19 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\gcmidykp.ini
[2007/10/06 21:19:47 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\tplwghig.ini
[2007/10/06 11:30:49 | 000,693,430 | -HS- | C] () -- C:\WINDOWS\System32\aubrjxvi.ini
[2007/10/05 13:23:10 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\ikpptkic.ini
[2007/10/05 09:17:18 | 000,693,595 | -HS- | C] () -- C:\WINDOWS\System32\whyuqqum.ini
[2007/10/04 14:20:11 | 000,693,517 | -HS- | C] () -- C:\WINDOWS\System32\melxnxyk.ini
[2007/10/04 08:03:39 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\etfmbafn.ini
[2007/10/03 21:05:36 | 000,693,439 | -HS- | C] () -- C:\WINDOWS\System32\tqfeigth.ini
[2007/10/03 19:10:08 | 000,693,412 | -HS- | C] () -- C:\WINDOWS\System32\eyditimp.ini
[2007/10/03 15:56:29 | 000,000,354 | -HS- | C] () -- C:\WINDOWS\System32\wrbgjqun.ini
[2007/10/03 11:52:22 | 000,693,490 | -HS- | C] () -- C:\WINDOWS\System32\usculxlr.ini
[2007/10/03 11:35:01 | 000,693,532 | -HS- | C] () -- C:\WINDOWS\System32\ohsykdar.ini
[2007/10/03 11:27:07 | 000,693,472 | -HS- | C] () -- C:\WINDOWS\System32\bannbegf.ini
[2007/10/02 18:40:07 | 000,693,517 | -HS- | C] () -- C:\WINDOWS\System32\oscqpyak.ini
[2007/10/01 18:39:53 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\ewsvhmal.ini
[2007/10/01 10:19:02 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\iprtfhss.ini
[2007/10/01 09:38:10 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\euwrhyiw.ini
[2007/10/01 00:00:35 | 000,693,559 | -HS- | C] () -- C:\WINDOWS\System32\hruigwie.ini
[2007/09/30 23:39:49 | 000,693,481 | -HS- | C] () -- C:\WINDOWS\System32\bdrcjmfw.ini
[2007/09/30 17:55:39 | 000,693,440 | -HS- | C] () -- C:\WINDOWS\System32\ijwqvpha.ini
[2007/09/30 17:36:02 | 000,693,475 | -HS- | C] () -- C:\WINDOWS\System32\jovoljfc.ini
[2007/09/30 08:44:52 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\tjdislgs.ini
[2007/09/29 17:54:45 | 000,693,541 | -HS- | C] () -- C:\WINDOWS\System32\utmlorwp.ini
[2007/09/29 17:41:46 | 000,693,472 | -HS- | C] () -- C:\WINDOWS\System32\wfkeccbl.ini
[2007/09/29 11:43:49 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\ujggranp.ini
[2007/09/28 19:59:18 | 000,693,430 | -HS- | C] () -- C:\WINDOWS\System32\udkywdjh.ini
[2007/09/28 08:06:07 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\bxclmdil.ini
[2007/09/28 06:52:31 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\argnaune.ini
[2007/09/27 19:44:53 | 000,693,559 | -HS- | C] () -- C:\WINDOWS\System32\xtfsquoa.ini
[2007/09/26 18:36:53 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\drivers\yifgmazo.sys
[2007/09/26 18:36:17 | 000,693,472 | -HS- | C] () -- C:\WINDOWS\System32\shknilob.ini
[2007/09/26 16:45:59 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\gpdemjck.ini
[2007/09/26 05:55:06 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\alrmhrxd.ini
[2007/09/25 20:23:49 | 000,693,481 | -HS- | C] () -- C:\WINDOWS\System32\epvvdahp.ini
[2007/09/25 13:31:37 | 000,693,466 | -HS- | C] () -- C:\WINDOWS\System32\lojexkni.ini
[2007/09/24 20:24:26 | 000,693,466 | -HS- | C] () -- C:\WINDOWS\System32\nejoosdl.ini
[2007/09/24 07:12:58 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\rnjdexhn.ini
[2007/09/24 05:21:55 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\tanvfmbh.ini
[2007/09/23 19:00:38 | 000,693,475 | -HS- | C] () -- C:\WINDOWS\System32\hddgwysp.ini
[2007/09/23 16:27:56 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\sqxmtggp.ini
[2007/09/23 09:32:30 | 000,693,412 | -HS- | C] () -- C:\WINDOWS\System32\jexrktyc.ini
[2007/09/22 12:46:45 | 000,000,354 | -HS- | C] () -- C:\WINDOWS\System32\hqpyhetu.ini
[2007/09/21 16:14:56 | 000,693,508 | -HS- | C] () -- C:\WINDOWS\System32\wadjcgqh.ini
[2007/09/21 15:06:57 | 000,693,467 | -HS- | C] () -- C:\WINDOWS\System32\ccfqpmnh.ini
[2007/09/21 14:20:07 | 000,693,439 | -HS- | C] () -- C:\WINDOWS\System32\gjabygsw.ini
[2007/09/20 16:15:15 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\opkkctbt.ini
[2007/09/20 15:06:47 | 000,693,407 | -HS- | C] () -- C:\WINDOWS\System32\xmpwrgnh.ini
[2007/09/20 12:31:07 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\qhrwxujn.ini
[2007/09/20 05:49:29 | 000,693,536 | -HS- | C] () -- C:\WINDOWS\System32\lrdqelti.ini
[2007/09/19 22:33:53 | 000,693,485 | -HS- | C] () -- C:\WINDOWS\System32\kxdctrfn.ini
[2007/09/19 16:11:55 | 000,693,503 | -HS- | C] () -- C:\WINDOWS\System32\nskrmmvx.ini
[2007/09/19 15:02:41 | 000,693,503 | -HS- | C] () -- C:\WINDOWS\System32\jvfeekhd.ini
[2007/09/18 17:28:37 | 000,693,485 | -HS- | C] () -- C:\WINDOWS\System32\rddrclvl.ini
[2007/09/18 16:24:12 | 000,693,530 | -HS- | C] () -- C:\WINDOWS\System32\nudfetty.ini
[2007/09/17 21:24:41 | 000,693,564 | -HS- | C] () -- C:\WINDOWS\System32\stnntcfr.ini
[2007/09/17 21:11:25 | 000,693,545 | -HS- | C] () -- C:\WINDOWS\System32\yqoekjkq.ini
[2007/09/17 16:10:45 | 000,693,494 | -HS- | C] () -- C:\WINDOWS\System32\etcqxvry.ini
[2007/09/17 14:51:49 | 000,693,494 | -HS- | C] () -- C:\WINDOWS\System32\bjfuexsm.ini
[2007/09/16 22:16:12 | 000,693,605 | -HS- | C] () -- C:\WINDOWS\System32\lnluvhkq.ini
[2007/09/16 18:28:15 | 000,693,545 | -HS- | C] () -- C:\WINDOWS\System32\hixksbcl.ini
[2007/09/16 08:58:16 | 000,693,503 | -HS- | C] () -- C:\WINDOWS\System32\uthavkqf.ini
[2007/09/15 17:44:52 | 000,693,485 | -HS- | C] () -- C:\WINDOWS\System32\clrfrrdx.ini
[2007/09/15 13:26:09 | 000,693,530 | -HS- | C] () -- C:\WINDOWS\System32\tbebnpyj.ini
[2007/09/15 06:35:43 | 000,693,545 | -HS- | C] () -- C:\WINDOWS\System32\ntnymkcj.ini
[2007/09/15 06:21:12 | 000,693,544 | -HS- | C] () -- C:\WINDOWS\System32\expyphjm.ini
[2007/09/14 06:35:11 | 000,693,484 | -HS- | C] () -- C:\WINDOWS\System32\cypkrvbg.ini
[2007/09/14 06:20:34 | 000,693,550 | -HS- | C] () -- C:\WINDOWS\System32\wbnrclbt.ini
[2007/09/14 04:53:11 | 000,693,605 | -HS- | C] () -- C:\WINDOWS\System32\oyhhqydo.ini
[2007/09/13 20:26:58 | 000,693,545 | -HS- | C] () -- C:\WINDOWS\System32\nuwytifo.ini
[2007/09/13 18:17:28 | 000,693,530 | -HS- | C] () -- C:\WINDOWS\System32\jndwplrv.ini
[2007/09/13 17:04:19 | 000,693,476 | -HS- | C] () -- C:\WINDOWS\System32\npxmsuvp.ini
[2007/09/13 16:31:21 | 000,000,355 | -HS- | C] () -- C:\WINDOWS\System32\daduhtjc.ini
[2007/09/13 16:24:37 | 000,693,784 | -HS- | C] () -- C:\WINDOWS\System32\cvhwsurq.ini
[2007/09/13 16:00:24 | 000,693,665 | -HS- | C] () -- C:\WINDOWS\System32\tgurnspx.ini
[2007/09/13 15:50:08 | 000,693,544 | -HS- | C] () -- C:\WINDOWS\System32\briqlgao.ini
[2007/09/12 21:00:59 | 000,693,484 | -HS- | C] () -- C:\WINDOWS\System32\ltytfpen.ini
[2007/09/12 19:19:15 | 000,693,485 | -HS- | C] () -- C:\WINDOWS\System32\daihrhrp.ini
[2007/09/12 18:29:01 | 000,693,534 | -HS- | C] () -- C:\WINDOWS\System32\qyjyfqwi.ini
[2007/09/12 12:50:32 | 000,693,485 | -HS- | C] () -- C:\WINDOWS\System32\rgqysddw.ini
[2007/09/11 20:03:10 | 000,693,520 | -HS- | C] () -- C:\WINDOWS\System32\tnyplsup.ini
[2007/09/11 19:05:44 | 000,693,521 | -HS- | C] () -- C:\WINDOWS\System32\ywfsugdo.ini
[2007/09/11 18:10:44 | 000,693,485 | -HS- | C] () -- C:\WINDOWS\System32\gywapvgj.ini
[2007/09/11 06:36:57 | 000,693,511 | -HS- | C] () -- C:\WINDOWS\System32\khamanwj.ini
[2007/09/11 04:54:17 | 000,693,493 | -HS- | C] () -- C:\WINDOWS\System32\lbhrxror.ini
[2007/09/10 19:41:01 | 000,693,485 | -HS- | C] () -- C:\WINDOWS\System32\mmqrgktr.ini
[2007/09/10 15:03:26 | 000,693,607 | -HS- | C] () -- C:\WINDOWS\System32\rqkjfake.ini
[2007/09/09 22:07:45 | 000,693,485 | -HS- | C] () -- C:\WINDOWS\System32\uetqtork.ini
[2007/09/09 17:04:15 | 000,693,523 | -HS- | C] () -- C:\WINDOWS\System32\ffwraujy.ini
[2007/09/09 15:03:19 | 000,693,485 | -HS- | C] () -- C:\WINDOWS\System32\iofltclm.ini
[2007/09/09 09:15:05 | 000,693,484 | -HS- | C] () -- C:\WINDOWS\System32\ohctlyls.ini
[2007/09/09 09:09:15 | 000,693,484 | -HS- | C] () -- C:\WINDOWS\System32\sjhorbtp.ini
[2007/09/08 21:22:52 | 000,693,530 | -HS- | C] () -- C:\WINDOWS\System32\bdsqkqik.ini
[2007/09/08 19:14:20 | 000,693,485 | -HS- | C] () -- C:\WINDOWS\System32\wtcudxxo.ini
[2007/09/07 16:43:49 | 000,693,484 | -HS- | C] () -- C:\WINDOWS\System32\oablfcpq.ini
[2007/09/07 14:49:12 | 000,693,484 | -HS- | C] () -- C:\WINDOWS\System32\lxbppbvo.ini
[2007/09/06 21:48:00 | 000,693,617 | -HS- | C] () -- C:\WINDOWS\System32\tlssquay.ini
[2007/09/06 17:28:59 | 000,693,512 | -HS- | C] () -- C:\WINDOWS\System32\exqyokfo.ini
[2007/09/06 11:55:59 | 000,636,690 | -HS- | C] () -- C:\WINDOWS\System32\vldkkhkk.ini
[2007/09/05 21:01:49 | 000,738,835 | -HS- | C] () -- C:\WINDOWS\System32\ymhkceut.ini
[2007/09/05 19:19:23 | 000,738,806 | -HS- | C] () -- C:\WINDOWS\System32\xsemumvr.ini
[2007/09/05 11:55:49 | 000,738,756 | -HS- | C] () -- C:\WINDOWS\System32\oqtlkdhh.ini
[2007/09/04 21:02:39 | 000,738,771 | -HS- | C] () -- C:\WINDOWS\System32\qdewucxt.ini
[2007/09/04 19:19:53 | 000,738,763 | -HS- | C] () -- C:\WINDOWS\System32\hugejwxm.ini
[2007/09/04 15:04:36 | 000,738,744 | -HS- | C] () -- C:\WINDOWS\System32\sltixtfc.ini
[2007/09/04 08:08:25 | 000,997,512 | -HS- | C] () -- C:\WINDOWS\System32\unftxubr.ini
[2007/09/03 22:09:09 | 000,738,744 | -HS- | C] () -- C:\WINDOWS\System32\nwpcuuog.ini
[2007/09/03 08:07:40 | 000,738,754 | -HS- | C] () -- C:\WINDOWS\System32\wveunaym.ini
[2007/09/02 22:26:34 | 001,291,270 | -HS- | C] () -- C:\WINDOWS\System32\wrsrwdsn.ini
[2007/09/02 18:47:12 | 001,291,223 | -HS- | C] () -- C:\WINDOWS\System32\hrrcebob.ini
[2007/09/02 08:24:00 | 001,291,077 | -HS- | C] () -- C:\WINDOWS\System32\idoloysa.ini
[2007/09/01 17:51:05 | 001,792,608 | -HS- | C] () -- C:\WINDOWS\System32\foxyomby.ini
[2007/09/01 12:29:27 | 001,290,984 | -HS- | C] () -- C:\WINDOWS\System32\wfissbpo.ini
[2007/08/31 17:45:19 | 002,294,023 | -HS- | C] () -- C:\WINDOWS\System32\bblomotb.ini
[2007/08/31 11:54:30 | 001,792,490 | -HS- | C] () -- C:\WINDOWS\System32\ojnnwrou.ini
[2007/08/31 06:00:47 | 001,295,860 | -HS- | C] () -- C:\WINDOWS\System32\mqeskshn.ini
[2007/08/31 05:43:25 | 001,295,870 | -HS- | C] () -- C:\WINDOWS\System32\rwymiybk.ini
[2007/08/30 21:59:28 | 001,283,914 | -HS- | C] () -- C:\WINDOWS\System32\umdfcuqo.ini
[2007/08/30 21:00:58 | 001,283,903 | -HS- | C] () -- C:\WINDOWS\System32\nnbhfudf.ini
[2007/08/30 07:21:00 | 000,000,346 | -HS- | C] () -- C:\WINDOWS\System32\ksckbqoi.ini
[2007/08/29 22:20:07 | 001,246,653 | -HS- | C] () -- C:\WINDOWS\System32\jwikxvhu.ini
[2007/08/28 06:44:45 | 001,247,091 | -HS- | C] () -- C:\WINDOWS\System32\akxasklx.ini
[2007/08/28 05:40:18 | 000,000,346 | -HS- | C] () -- C:\WINDOWS\System32\xsjxbsyb.ini
[2007/08/27 18:40:09 | 000,000,466 | -HS- | C] () -- C:\WINDOWS\System32\rnlvkmga.ini
[2007/08/27 17:59:33 | 000,000,406 | -HS- | C] () -- C:\WINDOWS\System32\lefscdic.ini
[2007/08/27 15:06:42 | 000,000,346 | -HS- | C] () -- C:\WINDOWS\System32\xmhtfrjj.ini
[2007/08/27 12:23:19 | 001,266,541 | -HS- | C] () -- C:\WINDOWS\System32\xlgtofjl.ini
[2007/08/26 20:03:12 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\ahxhcijb.ini
[2007/08/26 19:05:51 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\fctdeycl.ini
[2007/08/26 16:18:12 | 001,255,183 | -HS- | C] () -- C:\WINDOWS\System32\ecwrgkef.ini
[2007/08/26 14:19:34 | 001,255,473 | -HS- | C] () -- C:\WINDOWS\System32\xoupderm.ini
[2007/08/26 13:50:44 | 001,255,404 | -HS- | C] () -- C:\WINDOWS\System32\crtvsmhh.ini
[2007/08/26 13:42:08 | 001,255,234 | -HS- | C] () -- C:\WINDOWS\System32\ljdffflm.ini
[2007/08/26 09:25:44 | 001,255,303 | -HS- | C] () -- C:\WINDOWS\System32\mhtavxco.ini
[2007/08/25 19:53:07 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\seybqlib.ini
[2007/08/25 10:18:20 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\apaoywha.ini
[2007/08/25 10:10:28 | 001,255,433 | -HS- | C] () -- C:\WINDOWS\System32\lvvyuapi.ini
[2007/08/24 21:03:16 | 001,255,363 | -HS- | C] () -- C:\WINDOWS\System32\pndjmbav.ini
[2007/08/24 16:57:49 | 001,255,243 | -HS- | C] () -- C:\WINDOWS\System32\ssudipeu.ini
[2007/08/24 15:24:23 | 001,255,183 | -HS- | C] () -- C:\WINDOWS\System32\npbwhvwp.ini
[2007/08/23 23:34:15 | 000,000,465 | -HS- | C] () -- C:\WINDOWS\System32\tsftador.ini
[2007/08/23 12:40:48 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\afuonvdq.ini
[2007/08/23 05:57:08 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\pxpxgbkv.ini
[2007/08/23 05:22:21 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\srhatqva.ini
[2007/08/22 18:51:14 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\subtlnos.ini
[2007/08/22 15:51:46 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\teqvixqg.ini
[2007/08/22 12:25:29 | 001,246,290 | -HS- | C] () -- C:\WINDOWS\System32\duvqrxey.ini
[2007/08/22 06:17:10 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\lujbvjbn.ini
[2007/08/22 05:18:41 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\aosecruj.ini
[2007/08/21 21:33:46 | 001,238,031 | -HS- | C] () -- C:\WINDOWS\System32\lekkogii.ini
[2007/08/21 20:17:25 | 001,238,160 | -HS- | C] () -- C:\WINDOWS\System32\nwgkmnke.ini
[2007/08/21 20:07:20 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\etbdeems.ini
[2007/08/21 18:07:28 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\qooxhsgf.ini
[2007/08/21 15:56:15 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\dekmrjwb.ini
[2007/08/20 17:53:14 | 001,229,621 | -HS- | C] () -- C:\WINDOWS\System32\nvtpikrx.ini
[2007/08/20 16:04:44 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\oobqedoq.ini
[2007/08/20 13:23:41 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\rbrmjgrn.ini
[2007/08/20 05:44:31 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\kasgxmjf.ini
[2007/08/19 20:48:41 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\wetdepek.ini
[2007/08/19 16:36:16 | 001,229,132 | -HS- | C] () -- C:\WINDOWS\System32\wyqlsnml.ini
[2007/08/19 12:34:42 | 001,229,063 | -HS- | C] () -- C:\WINDOWS\System32\ahtalvyb.ini
[2007/08/19 10:13:27 | 001,228,934 | -HS- | C] () -- C:\WINDOWS\System32\owcdipsd.ini
[2007/08/19 09:00:08 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\nfdtrwqi.ini
[2007/08/19 08:48:07 | 000,000,344 | -HS- | C] () -- C:\WINDOWS\System32\fpaldxut.ini
[2007/08/18 21:20:47 | 001,228,883 | -HS- | C] () -- C:\WINDOWS\System32\vwopevlm.ini
[2007/08/18 18:21:04 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\dexssbws.ini
[2007/08/18 14:51:23 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\fpdmstyx.ini
[2007/08/17 17:18:44 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\bkeeypmj.ini
[2007/08/17 15:44:41 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\odtlddvq.ini
[2007/08/17 07:06:59 | 000,000,465 | -HS- | C] () -- C:\WINDOWS\System32\ksgqqrqc.ini
[2007/08/16 20:38:36 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\yjmuceof.ini
[2007/08/16 19:58:48 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\ibdodwph.ini
[2007/08/16 17:08:35 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\odixejul.ini
[2007/08/16 15:21:30 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\iwykavtv.ini
[2007/08/16 06:30:13 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\ykynknry.ini
[2007/08/16 05:14:14 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\hpdqdetr.ini
[2007/08/15 22:21:32 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\egavxyvt.ini
[2007/08/15 21:19:19 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\kudpohiq.ini
[2007/08/15 20:02:17 | 000,000,465 | -HS- | C] () -- C:\WINDOWS\System32\hnmftifs.ini
[2007/08/15 15:32:39 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\qhgwfpxo.ini
[2007/08/15 06:55:31 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\wrnjlxkw.ini
[2007/08/14 20:23:05 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\lvmwtdjp.ini
[2007/08/14 18:01:50 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\jaxmpvap.ini
[2007/08/14 17:47:25 | 001,233,613 | -HS- | C] () -- C:\WINDOWS\System32\vgpltwqc.ini
[2007/08/14 06:31:42 | 001,215,903 | -HS- | C] () -- C:\WINDOWS\System32\mansgrmx.ini
[2007/08/13 20:03:48 | 001,215,845 | -HS- | C] () -- C:\WINDOWS\System32\twndeeea.ini
[2007/08/13 17:16:33 | 001,215,780 | -HS- | C] () -- C:\WINDOWS\System32\kndfbeip.ini
[2007/08/13 15:06:16 | 001,215,664 | -HS- | C] () -- C:\WINDOWS\System32\vvuxxpfc.ini
[2007/08/12 20:48:51 | 001,214,054 | -HS- | C] () -- C:\WINDOWS\System32\puyatnyq.ini
[2007/08/12 13:08:41 | 000,000,416 | -HS- | C] () -- C:\WINDOWS\System32\tgtcidyx.ini
[2007/08/12 12:59:14 | 001,222,620 | -HS- | C] () -- C:\WINDOWS\System32\sdgihucn.ini
[2007/08/12 10:34:48 | 001,214,036 | -HS- | C] () -- C:\WINDOWS\System32\gtsdhovt.ini
[2007/08/11 21:01:33 | 001,222,698 | -HS- | C] () -- C:\WINDOWS\System32\sosupxod.ini
[2007/08/10 07:54:36 | 001,222,620 | -HS- | C] () -- C:\WINDOWS\System32\xopcqiow.ini
[2007/08/09 21:16:05 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\cuwogaru.ini
[2007/08/09 16:16:48 | 001,202,261 | -HS- | C] () -- C:\WINDOWS\System32\vgupytbh.ini
[2007/08/09 06:25:22 | 001,202,164 | -HS- | C] () -- C:\WINDOWS\System32\yxhtapga.ini
[2007/08/09 05:29:54 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\wjkubovk.ini
[2007/08/08 18:49:20 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\oyusjtmv.ini
[2007/08/08 16:23:25 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\hqkokuly.ini
[2007/08/08 06:56:02 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\jsmujgpg.ini
[2007/08/08 04:51:50 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\vprjirrv.ini
[2007/08/07 19:39:21 | 000,000,295 | -HS- | C] () -- C:\WINDOWS\System32\hvfrmptu.ini
[2007/08/07 16:15:29 | 001,203,930 | -HS- | C] () -- C:\WINDOWS\System32\basyijki.ini
[2007/08/07 06:53:49 | 001,194,524 | -HS- | C] () -- C:\WINDOWS\System32\togkgcri.ini
[2007/08/06 18:49:45 | 001,194,422 | -HS- | C] () -- C:\WINDOWS\System32\bysacmmf.ini
[2007/08/06 07:57:47 | 001,194,275 | -HS- | C] () -- C:\WINDOWS\System32\xcfunrua.ini
[2007/08/05 22:39:44 | 001,204,400 | -HS- | C] () -- C:\WINDOWS\System32\lavxvwva.ini
[2007/08/05 17:27:11 | 001,204,680 | -HS- | C] () -- C:\WINDOWS\System32\gaycyyjw.ini
[2007/08/05 15:14:58 | 001,204,680 | -HS- | C] () -- C:\WINDOWS\System32\dfaxoiec.ini
[2007/08/05 12:12:17 | 001,204,680 | -HS- | C] () -- C:\WINDOWS\System32\lqhggedt.ini
[2007/08/04 19:10:09 | 001,204,708 | -HS- | C] () -- C:\WINDOWS\System32\gavkmwor.ini
[2007/08/04 17:58:44 | 001,204,680 | -HS- | C] () -- C:\WINDOWS\System32\xfucxnwp.ini
[2007/08/04 15:11:27 | 001,204,680 | -HS- | C] () -- C:\WINDOWS\System32\ddvpbsrm.ini
[2007/08/04 10:58:47 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\prtsibly.ini
[2007/08/04 09:14:28 | 001,204,800 | -HS- | C] () -- C:\WINDOWS\System32\qqnpvwxo.ini
[2007/08/03 21:41:19 | 001,204,758 | -HS- | C] () -- C:\WINDOWS\System32\wjadwmvl.ini
[2007/08/03 20:58:15 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\xdkhugnd.ini
[2007/08/03 20:51:14 | 001,204,689 | -HS- | C] () -- C:\WINDOWS\System32\slvjehmm.ini
[2007/08/03 20:04:56 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\rkrxqhhx.ini
[2007/08/03 19:32:09 | 001,205,049 | -HS- | C] () -- C:\WINDOWS\System32\umepbbhh.ini
[2007/08/03 16:28:09 | 001,204,979 | -HS- | C] () -- C:\WINDOWS\System32\okravdpy.ini
[2007/08/03 08:12:58 | 001,204,860 | -HS- | C] () -- C:\WINDOWS\System32\copixvnk.ini
[2007/08/02 19:47:47 | 000,000,355 | -HS- | C] () -- C:\WINDOWS\System32\jnoftnkx.ini
[2007/08/02 13:24:40 | 001,205,492 | -HS- | C] () -- C:\WINDOWS\System32\fjkvliub.ini
[2007/08/02 06:58:54 | 001,204,168 | -HS- | C] () -- C:\WINDOWS\System32\tarpoirv.ini
[2007/08/01 16:25:13 | 001,190,175 | -HS- | C] () -- C:\WINDOWS\System32\opsbfiwn.ini
[2007/08/01 15:33:49 | 001,190,097 | -HS- | C] () -- C:\WINDOWS\System32\upkgmtfv.ini
[2007/08/01 07:26:51 | 001,189,286 | -HS- | C] () -- C:\WINDOWS\System32\pwtfrgmm.ini
[2007/08/01 05:20:32 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\xmiipdfl.ini
[2007/07/31 16:23:48 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\ukghvhqp.ini
[2007/07/31 13:16:19 | 000,000,295 | -HS- | C] () -- C:\WINDOWS\System32\bspnddha.ini
[2007/07/31 13:03:29 | 000,000,686 | -HS- | C] () -- C:\WINDOWS\System32\ahbhfjbf.ini
[2007/07/31 07:34:22 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\xjjjofld.ini
[2007/07/30 17:52:08 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\pcahieft.ini
[2007/07/30 16:36:15 | 001,253,816 | -HS- | C] () -- C:\WINDOWS\System32\bxbyripg.ini
[2007/07/30 10:01:15 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\fmagfcfm.ini
[2007/07/30 07:13:11 | 001,248,890 | -HS- | C] () -- C:\WINDOWS\System32\pjgaoymt.ini
[2007/07/29 21:39:14 | 001,248,286 | -HS- | C] () -- C:\WINDOWS\System32\lmhavqrp.ini
[2007/07/29 21:14:07 | 001,248,286 | -HS- | C] () -- C:\WINDOWS\System32\qrbdunoq.ini
[2007/07/29 20:37:00 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\huvdiqxq.ini
[2007/07/29 19:25:43 | 000,000,746 | -HS- | C] () -- C:\WINDOWS\System32\pvclmsoj.ini
[2007/07/29 19:12:34 | 001,248,346 | -HS- | C] () -- C:\WINDOWS\System32\ltindmsx.ini
[2007/07/29 17:13:48 | 000,000,746 | -HS- | C] () -- C:\WINDOWS\System32\pqhuohio.ini
[2007/07/29 14:51:05 | 001,248,346 | -HS- | C] () -- C:\WINDOWS\System32\gecrkpkb.ini
[2007/07/29 14:47:24 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\pjvrvhvy.ini
[2007/07/29 14:31:15 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\uenemqyb.ini
[2007/07/29 13:14:55 | 001,248,286 | -HS- | C] () -- C:\WINDOWS\System32\uuoojhpp.ini
[2007/07/29 09:17:34 | 000,000,295 | -HS- | C] () -- C:\WINDOWS\System32\neuxpfmn.ini
[2007/07/29 09:12:38 | 001,248,405 | -HS- | C] () -- C:\WINDOWS\System32\ieydgqgq.ini
[2007/07/29 08:55:58 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\lpasthxp.ini
[2007/07/29 01:51:03 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\ttvkvfih.ini
[2007/07/28 17:31:46 | 001,248,286 | -HS- | C] () -- C:\WINDOWS\System32\lwhdmcyr.ini
[2007/07/28 16:09:30 | 001,248,306 | -HS- | C] () -- C:\WINDOWS\System32\wfpglpny.ini
[2007/07/28 13:28:32 | 001,248,434 | -HS- | C] () -- C:\WINDOWS\System32\mhnvmkqb.ini
[2007/07/28 13:19:05 | 001,248,346 | -HS- | C] () -- C:\WINDOWS\System32\aidetqla.ini
[2007/07/28 13:11:25 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\mdybpmnt.ini
[2007/07/28 11:48:58 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\oirlguot.ini
[2007/07/27 23:22:55 | 001,248,313 | -HS- | C] () -- C:\WINDOWS\System32\nonyxxti.ini
[2007/07/27 17:48:12 | 000,000,745 | -HS- | C] () -- C:\WINDOWS\System32\qtcglcja.ini
[2007/07/27 17:19:12 | 001,248,346 | -HS- | C] () -- C:\WINDOWS\System32\dqtmbdgf.ini
[2007/07/26 21:37:48 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\abysojyo.ini
[2007/07/26 20:37:02 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\dtbksslp.ini
[2007/07/26 19:03:31 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\iqbqlsxb.ini
[2007/07/26 18:27:11 | 001,216,024 | -HS- | C] () -- C:\WINDOWS\System32\gemvmegf.ini
[2007/07/26 15:42:42 | 000,000,465 | -HS- | C] () -- C:\WINDOWS\System32\tswffwnp.ini
[2007/07/25 18:35:04 | 000,000,805 | -HS- | C] () -- C:\WINDOWS\System32\yfglifnr.ini
[2007/07/25 15:43:53 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\bvwnagyb.ini
[2007/07/25 12:24:13 | 001,215,852 | -HS- | C] () -- C:\WINDOWS\System32\tobeumra.ini
[2007/07/24 18:35:09 | 000,000,745 | -HS- | C] () -- C:\WINDOWS\System32\gdwyjsqs.ini
[2007/07/24 16:25:56 | 001,216,142 | -HS- | C] () -- C:\WINDOWS\System32\sexyvxka.ini
[2007/07/24 15:43:37 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\wgssfddr.ini
[2007/07/24 14:19:56 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\jecmtylp.ini
[2007/06/13 10:20:09 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\wbiijgfu.ini
[2007/06/13 01:22:59 | 000,000,295 | -HS- | C] () -- C:\WINDOWS\System32\jsvhgdxl.ini
[2007/06/13 01:17:25 | 000,946,167 | -HS- | C] () -- C:\WINDOWS\System32\mtafarer.ini
[2007/06/13 01:06:36 | 000,948,121 | -HS- | C] () -- C:\WINDOWS\System32\mdynpptk.ini
[2007/06/13 00:58:00 | 000,948,002 | -HS- | C] () -- C:\WINDOWS\System32\anvcroug.ini
[2007/06/13 00:38:41 | 000,947,882 | -HS- | C] () -- C:\WINDOWS\System32\elyngptr.ini
[2007/06/13 00:32:49 | 000,947,822 | -HS- | C] () -- C:\WINDOWS\System32\petyadog.ini
[2007/06/13 00:00:59 | 000,948,521 | -HS- | C] () -- C:\WINDOWS\System32\hoovuqpr.ini
[2007/06/12 23:51:56 | 000,948,461 | -HS- | C] () -- C:\WINDOWS\System32\wjblpbfg.ini
[2007/06/12 23:39:04 | 000,948,341 | -HS- | C] () -- C:\WINDOWS\System32\vuvnxjhx.ini
[2007/06/12 21:09:41 | 000,000,295 | -HS- | C] () -- C:\WINDOWS\System32\dgtxfadx.ini
[2007/06/12 20:48:59 | 000,943,998 | -HS- | C] () -- C:\WINDOWS\System32\qntxiyui.ini
[2007/06/12 10:19:01 | 000,943,748 | -HS- | C] () -- C:\WINDOWS\System32\auftmwld.ini
[2007/06/12 09:16:31 | 000,943,827 | -HS- | C] () -- C:\WINDOWS\System32\rdwlevvq.ini
[2007/06/12 00:53:52 | 000,943,988 | -HS- | C] () -- C:\WINDOWS\System32\abmiatwj.ini
[2007/06/11 22:54:22 | 000,943,928 | -HS- | C] () -- C:\WINDOWS\System32\qaadbfyq.ini
[2007/06/11 22:44:31 | 000,943,808 | -HS- | C] () -- C:\WINDOWS\System32\bexgsajf.ini
[2007/06/11 14:38:17 | 000,943,748 | -HS- | C] () -- C:\WINDOWS\System32\lebvxryp.ini
[2007/06/11 13:51:28 | 000,943,748 | -HS- | C] () -- C:\WINDOWS\System32\oaqnibcm.ini
[2007/06/11 11:42:26 | 000,943,748 | -HS- | C] () -- C:\WINDOWS\System32\nlspdhcd.ini
[2007/06/11 11:38:30 | 000,943,748 | -HS- | C] () -- C:\WINDOWS\System32\mabmdqvk.ini
[2007/06/11 11:28:48 | 000,943,748 | -HS- | C] () -- C:\WINDOWS\System32\xliluukt.ini
[2007/06/11 11:18:05 | 000,943,748 | -HS- | C] () -- C:\WINDOWS\System32\rancyjng.ini
[2007/06/11 09:15:17 | 000,943,748 | -HS- | C] () -- C:\WINDOWS\System32\odxmapjk.ini
[2007/04/25 17:55:38 | 000,000,883 | -HS- | C] () -- C:\WINDOWS\System32\sjwewaqi.ini
[2007/04/15 15:35:58 | 001,539,401 | -HS- | C] () -- C:\WINDOWS\System32\truupvim.ini
[2007/03/22 10:52:52 | 001,701,894 | -HS- | C] () -- C:\WINDOWS\System32\vpbgnfnm.ini
[2007/03/06 13:20:38 | 001,597,481 | -HS- | C] () -- C:\WINDOWS\System32\groeobds.ini
[2006/12/24 14:00:02 | 000,037,557 | -HS- | C] () -- C:\WINDOWS\System32\xopnplhm.ini
[2006/12/14 21:30:18 | 000,037,557 | -HS- | C] () -- C:\WINDOWS\System32\bhjrvnnl.ini
[2006/12/14 18:32:26 | 000,037,557 | -HS- | C] () -- C:\WINDOWS\System32\chgmryve.ini
[2006/12/14 17:50:43 | 000,037,557 | -HS- | C] () -- C:\WINDOWS\System32\phmumwpy.ini
[2006/12/05 13:26:15 | 000,000,547 | -HS- | C] () -- C:\WINDOWS\3mpvsr.ini2
[2006/11/27 10:19:25 | 000,970,559 | -HS- | C] () -- C:\WINDOWS\snima.ini2
[2006/05/21 20:40:50 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS7D.DLL
[2006/01/23 20:50:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\muveeapp.INI
[2006/01/10 20:53:40 | 000,000,029 | ---- | C] () -- C:\WINDOWS\atid.ini
[2005/12/25 22:04:45 | 000,001,357 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/10/11 15:02:40 | 002,142,597 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005/07/02 22:23:25 | 000,131,072 | R--- | C] () -- C:\WINDOWS\System32\SCCD3X01.DLL
[2005/06/28 20:35:09 | 000,299,923 | ---- | C] () -- C:\WINDOWS\System32\drivers\sonyhcs.sys
[2005/06/28 20:35:09 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\SONYHCY.DLL
[2005/06/28 20:35:09 | 000,038,739 | ---- | C] () -- C:\WINDOWS\System32\drivers\sonyhcc.sys
[2005/06/28 20:35:09 | 000,006,097 | ---- | C] () -- C:\WINDOWS\System32\drivers\sonyhcb.sys
[2005/06/28 20:35:09 | 000,003,654 | ---- | C] () -- C:\WINDOWS\System32\drivers\Sonyhcp.dll
[2005/05/20 12:56:41 | 000,003,961 | ---- | C] () -- C:\WINDOWS\System32\0s49kktg.ini
[2005/05/20 12:56:41 | 000,000,035 | ---- | C] () -- C:\WINDOWS\System32\fhmlu7k1.ini
[2005/05/20 12:56:41 | 000,000,035 | ---- | C] () -- C:\WINDOWS\System32\7dugphv4.ini
[2005/05/17 18:08:50 | 000,189,952 | ---- | C] () -- C:\Documents and Settings\Meredith\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/05/07 09:20:46 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\Meredith\Local Settings\Application Data\fusioncache.dat
[2005/05/02 21:43:32 | 000,007,166 | ---- | C] () -- C:\WINDOWS\hpdj3840.ini
[2005/05/02 21:42:55 | 000,000,414 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2005/02/16 18:07:17 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/02/16 18:03:38 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/02/16 18:03:38 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/02/16 18:03:38 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/02/16 18:03:38 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/02/16 18:03:37 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/02/16 18:03:37 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/02/16 17:35:35 | 000,014,555 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2005/02/16 17:35:29 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2005/02/16 17:35:06 | 000,002,158 | ---- | C] () -- C:\WINDOWS\System32\ssmute.ini
[2005/02/16 17:31:55 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/02/16 17:13:47 | 000,001,446 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2005/02/16 17:11:28 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/02/16 17:09:10 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2005/02/16 17:00:20 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/02/16 14:35:13 | 000,095,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys
[2005/02/04 10:56:42 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2005/02/04 10:56:42 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2005/02/04 10:56:20 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2004/09/13 16:35:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/19 20:14:46 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2004/08/19 20:14:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2004/06/15 21:38:02 | 000,000,549 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/04/10 16:04:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[2001/08/23 12:00:00 | 000,022,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\SbcpHid.sys
[2001/07/13 07:04:00 | 000,373,248 | ---- | C] () -- C:\WINDOWS\EyeCand3.INI
[1999/01/22 11:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
[1998/01/12 01:00:00 | 000,040,448 | ---- | C] () -- C:\WINDOWS\System32\REGOBJ.DLL

========== LOP Check ==========

[2009/07/30 19:38:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\121B5
[2008/09/20 19:12:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2009/12/17 19:12:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM
[2009/12/17 19:13:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM Toolbar
[2009/11/11 10:49:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2006/05/21 20:40:16 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2009/11/04 10:55:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2008/04/14 07:15:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\hkhqveto
[2008/10/11 14:44:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Musicnotes
[2005/06/06 21:21:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2010/03/06 01:00:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2009/05/20 19:44:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
[2005/08/13 10:33:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBT
[2010/03/06 00:42:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/06/19 18:47:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/11/19 22:35:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/23 18:14:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2006/09/22 22:13:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meredith\Application Data\acccore
[2005/05/14 08:36:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meredith\Application Data\Aim
[2009/11/11 11:06:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meredith\Application Data\Azureus
[2008/07/19 21:43:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meredith\Application Data\FrostWire
[2005/02/16 17:13:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meredith\Application Data\InterMute
[2007/02/11 15:23:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meredith\Application Data\InterVideo
[2007/12/30 13:07:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meredith\Application Data\Jasc
[2005/06/22 16:32:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meredith\Application Data\Leadertech
[2009/09/18 23:43:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meredith\Application Data\LimeWire
[2008/07/31 17:03:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meredith\Application Data\MP3Torpedo
[2006/08/26 13:51:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meredith\Application Data\Netscape
[2008/04/17 18:07:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meredith\Application Data\Nexon
[2005/02/16 17:13:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meredith\Application Data\SampleView
[2010/01/19 21:50:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meredith\Application Data\SuperNZB
[2010/03/06 13:40:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meredith\Application Data\Tific
[2007/01/11 17:57:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Meredith\Application Data\Viewpoint

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2006/02/13 17:43:12 | 000,010,920 | ---- | M] () -- C:\aolconnfix.exe
[2006/02/13 17:43:12 | 000,001,039 | ---- | M] () -- C:\aolconnfix.txt
[2008/08/10 17:25:53 | 000,000,040 | ---- | M] () -- C:\Auth.prof
[2005/04/28 15:53:58 | 000,000,213 | RHS- | M] () -- C:\BOOT.BAK
[2008/08/31 15:25:08 | 000,000,281 | -HS- | M] () -- C:\boot.ini
[2006/02/11 22:20:26 | 000,000,076 | ---- | M] () -- C:\Catalog.LiveSubscribe
[2004/08/03 21:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2004/10/15 03:38:18 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2005/07/31 18:50:09 | 000,000,004 | -HS- | M] () -- C:\dllimp_regmsft985
[2005/05/17 12:47:25 | 000,000,000 | ---- | M] () -- C:\edds.exe
[2010/03/07 10:11:28 | 527,814,656 | -HS- | M] () -- C:\hiberfil.sys
[2005/02/04 10:56:20 | 000,000,002 | -H-- | M] () -- C:\hpbi.log
[2006/05/11 15:02:55 | 000,314,612 | ---- | M] () -- C:\hpfr3840.log
[2004/10/15 03:38:18 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2005/05/15 16:32:33 | 338,352,128 | ---- | M] () -- C:\movie.mpg
[2005/07/19 22:07:48 | 000,001,897 | ---- | M] () -- C:\movie.mpg.scn
[2004/10/15 03:38:18 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2005/05/19 18:31:05 | 000,010,074 | ---- | M] () -- C:\nine.exe
[2008/10/16 16:34:37 | 614,465,536 | -HS- | M] () -- C:\NRTPage.sys
[2004/08/03 21:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2004/08/03 21:00:00 | 000,250,032 | RHS- | M] () -- C:\ntldr
[2010/03/07 10:11:26 | 792,723,456 | -HS- | M] () -- C:\pagefile.sys
[2010/02/20 17:04:49 | 000,000,268 | -H-- | M] () -- C:\sqmdata00.sqm
[2009/10/08 12:21:13 | 000,000,232 | -H-- | M] () -- C:\sqmdata01.sqm
[2009/10/08 18:29:42 | 000,000,268 | -H-- | M] () -- C:\sqmdata02.sqm
[2009/10/09 23:17:15 | 000,000,268 | -H-- | M] () -- C:\sqmdata03.sqm
[2009/10/10 15:58:51 | 000,000,268 | -H-- | M] () -- C:\sqmdata04.sqm
[2009/11/01 14:27:59 | 000,000,268 | -H-- | M] () -- C:\sqmdata05.sqm
[2009/11/01 17:08:40 | 000,000,268 | -H-- | M] () -- C:\sqmdata06.sqm
[2009/11/01 17:41:54 | 000,000,268 | -H-- | M] () -- C:\sqmdata07.sqm
[2009/11/01 19:29:28 | 000,000,268 | -H-- | M] () -- C:\sqmdata08.sqm
[2009/11/01 22:31:48 | 000,000,268 | -H-- | M] () -- C:\sqmdata09.sqm
[2009/11/02 16:13:00 | 000,000,268 | -H-- | M] () -- C:\sqmdata10.sqm
[2009/11/03 15:21:29 | 000,000,268 | -H-- | M] () -- C:\sqmdata11.sqm
[2009/11/21 09:04:24 | 000,000,268 | -H-- | M] () -- C:\sqmdata12.sqm
[2009/12/12 16:56:10 | 000,000,268 | -H-- | M] () -- C:\sqmdata13.sqm
[2009/12/16 03:21:45 | 000,000,268 | -H-- | M] () -- C:\sqmdata14.sqm
[2009/12/26 14:35:29 | 000,000,268 | -H-- | M] () -- C:\sqmdata15.sqm
[2010/01/09 12:49:46 | 000,000,268 | -H-- | M] () -- C:\sqmdata16.sqm
[2010/02/06 07:08:35 | 000,000,268 | -H-- | M] () -- C:\sqmdata17.sqm
[2010/02/11 23:20:31 | 000,000,268 | -H-- | M] () -- C:\sqmdata18.sqm
[2010/02/18 08:48:11 | 000,000,268 | -H-- | M] () -- C:\sqmdata19.sqm
[2010/01/09 12:49:46 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2010/02/06 07:08:34 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2010/02/11 23:20:30 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2010/02/18 08:48:11 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2010/02/20 17:04:48 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2009/10/08 18:29:41 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2009/10/09 23:17:14 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2009/10/10 15:58:51 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2009/11/01 14:27:57 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2009/11/01 17:08:40 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2009/11/01 17:41:53 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2009/11/01 18:15:04 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2009/11/01 19:29:27 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2009/11/01 22:31:47 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2009/11/02 16:12:59 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2009/11/03 15:21:29 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2009/11/21 09:04:22 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2009/12/12 16:56:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2009/12/16 03:21:44 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2009/12/26 14:35:28 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2008/04/25 14:53:58 | 000,000,158 | ---- | M] () -- C:\YServer.txt


< MD5 for: AGP440.SYS >
[2004/08/04 11:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004/08/03 21:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2008/04/13 11:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 11:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004/08/03 21:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008/04/13 11:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004/08/03 21:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] () MD5=CF181D5FEE4AA4CBF8B852CC1BDB7AAA -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 17:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\eventlog.dll
[2004/08/04 04:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004/08/04 04:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/13 17:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\netlogon.dll
[2009/02/06 11:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 11:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004/08/04 04:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004/08/04 04:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/04 04:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004/08/04 04:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\system32\scecli.dll
[2008/04/13 17:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2001/07/03 20:33:00 | 000,053,248 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\SONYHCY.DLL
[9 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2001/11/05 09:23:14 | 000,006,097 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sonyhcb.sys
[2001/11/05 09:23:20 | 000,038,739 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sonyhcc.sys
[2001/11/05 09:23:52 | 000,299,923 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sonyhcs.sys

< %systemroot%\System32\config\*.sav >
[2004/10/14 20:29:40 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/10/14 20:29:40 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/10/14 20:29:40 | 000,868,352 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

========== Alternate Data Streams ==========

@Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D287FACF
< End of report >
  • 0

#13
Essexboy

Essexboy

    GeekU Moderator

  • GeekU Moderator
  • 63,854 posts
OK lots more to kill - Could you post the fix log from OTL and the TDSSKiller log

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    O2 - BHO: (no name) - {4FC0397A-C970-407E-B67A-39DDD0B8867E} - C:\WINDOWS\System32\aqmlgvo.dll File not found
    O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
    O4 - HKLM..\Run: [#  L"h'9Ӝ3rWC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\cvtthy.exe File not found
    O4 - HKLM..\Run: [horyfyr] C:\Program Files\ComPlus Applications\horyfyr22011.exe File not found
    O4 - HKLM..\Run: [j9251831] C:\WINDOWS\System32\j9251831.DLL File not found
    O4 - HKLM..\Run: [UEYACh$v/fC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\cvtthy.exe File not found
    O4 - HKLM..\Run: [UEYAChD] C:\WINDOWS\cvtthy.exe File not found
    O4 - HKCU..\Run: [Iwv6RVG8j] File not found
    O4 - HKCU..\Run: [j5291437] C:\WINDOWS\System32\j5291437.DLL File not found
    O15 - HKLM\..Trusted Domains: sxload.net ([]* in Trusted sites)
    O20 - Winlogon\Notify\cbxuvst: DllName - cbxuvst.dll - File not found
    O20 - Winlogon\Notify\drjdus: DllName - drjdus.dll - File not found
    O20 - Winlogon\Notify\pmnli: DllName - C:\WINDOWS\system32\pmnli.dll - C:\WINDOWS\System32\pmnli.dll File not found
    O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\System32\towicigi.dll File not found
    O29 - HKLM SecurityProviders - (msansspc.dll) - File not found
    O33 - MountPoints2\{2e588a24-c967-11de-85f2-0011d8d19315}\Shell\AutoRun\command - "" = G:\setup.exe -- File not found
    O33 - MountPoints2\{75026dd3-3269-11dd-843a-0011d8d19315}\Shell\AutoRun\command - "" = p1y2.cmd
    O33 - MountPoints2\{75026dd3-3269-11dd-843a-0011d8d19315}\Shell\explore\Command - "" = p1y2.cmd
    O33 - MountPoints2\{75026dd3-3269-11dd-843a-0011d8d19315}\Shell\open\Command - "" = p1y2.cmd
    O33 - MountPoints2\{75026dd5-3269-11dd-843a-0011d8d19315}\Shell\AutoRun\command - "" = p1y2.cmd
    O33 - MountPoints2\{75026dd5-3269-11dd-843a-0011d8d19315}\Shell\explore\Command - "" = p1y2.cmd
    O33 - MountPoints2\{75026dd5-3269-11dd-843a-0011d8d19315}\Shell\open\Command - "" = p1y2.cmd
    O33 - MountPoints2\{82183f74-f86d-11db-8112-00038a000015}\Shell\AutoRun\command - "" = G:\winlog.exe -- File not found
    O33 - MountPoints2\{82183f74-f86d-11db-8112-00038a000015}\Shell\open\command - "" = G:\winlog.exe -- File not found
    O33 - MountPoints2\{946850c5-1e27-11d9-baf0-806d6172696f}\Shell - "" = AutoRun
    O33 - MountPoints2\{946850c5-1e27-11d9-baf0-806d6172696f}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{946850c5-1e27-11d9-baf0-806d6172696f}\Shell\AutoRun\command - "" = D:\setup.exe -- File not found
    [2010/03/06 03:28:32 | 000,046,640 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\msln.exe
    [2005/07/02 22:23:26 | 000,090,112 | R--- | C] ( ) -- C:\WINDOWS\System32\SCCD3X02.DLL
    [2010/03/06 00:29:23 | 000,158,720 | -HS- | C] () -- C:\Documents and Settings\Meredith\Local Settings\Application Data\MSASCui.exe
    [2010/03/06 00:26:57 | 000,016,702 | -HS- | C] () -- C:\Documents and Settings\Meredith\Local Settings\Application Data\fXsMq7BWv
    [2007/12/22 15:44:54 | 000,683,623 | -HS- | C] () -- C:\WINDOWS\System32\nfnmlxyp.ini
    [2007/12/20 10:23:52 | 000,990,384 | -HS- | C] () -- C:\WINDOWS\System32\nluqefbf.ini
    [2007/11/21 11:25:32 | 001,468,565 | -HS- | C] () -- C:\WINDOWS\System32\ipspiuov.ini
    [2007/11/19 09:01:16 | 001,122,030 | -HS- | C] () -- C:\WINDOWS\System32\kfgrenqu.ini
    [2007/11/14 10:20:26 | 001,127,852 | -HS- | C] () -- C:\WINDOWS\System32\gfkdisun.ini
    [2007/11/14 10:16:53 | 000,669,171 | -HS- | C] () -- C:\WINDOWS\System32\huikkrmw.ini
    [2007/10/22 21:29:55 | 001,201,946 | -HS- | C] () -- C:\WINDOWS\System32\ulmpjqng.ini
    [2007/10/22 20:50:43 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\qoimpogl.ini
    [2007/10/22 20:30:17 | 000,693,601 | -HS- | C] () -- C:\WINDOWS\System32\hmtkiwvk.ini
    [2007/10/21 19:40:21 | 000,693,412 | -HS- | C] () -- C:\WINDOWS\System32\iovsxiuc.ini
    [2007/10/21 18:36:41 | 000,693,541 | -HS- | C] () -- C:\WINDOWS\System32\gvibaidx.ini
    [2007/10/21 18:31:41 | 000,693,475 | -HS- | C] () -- C:\WINDOWS\System32\ifovlahh.ini
    [2007/10/21 17:47:32 | 000,693,412 | -HS- | C] () -- C:\WINDOWS\System32\laqueira.ini
    [2007/10/21 17:09:59 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\wdaehecr.ini
    [2007/10/21 16:19:01 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\ntftvkuv.ini
    [2007/10/21 14:36:51 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\qjrbpjet.ini
    [2007/10/21 13:42:34 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\ctoewbmj.ini
    [2007/10/21 12:43:43 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\jwnxoecj.ini
    [2007/10/21 09:26:19 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\ierhgspu.ini
    [2007/10/21 09:13:30 | 000,693,541 | -HS- | C] () -- C:\WINDOWS\System32\goxprfcl.ini
    [2007/10/20 21:07:05 | 000,693,490 | -HS- | C] () -- C:\WINDOWS\System32\iiadpgin.ini
    [2007/10/20 14:21:24 | 000,693,472 | -HS- | C] () -- C:\WINDOWS\System32\lwryiyun.ini
    [2007/10/19 18:17:15 | 000,693,430 | -HS- | C] () -- C:\WINDOWS\System32\gbsyikgn.ini
    [2007/10/19 14:20:41 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\khiqhlia.ini
    [2007/10/19 06:21:44 | 000,693,472 | -HS- | C] () -- C:\WINDOWS\System32\qcuyxrte.ini
    [2007/10/18 23:14:35 | 000,693,481 | -HS- | C] () -- C:\WINDOWS\System32\oexjsogo.ini
    [2007/10/18 06:21:28 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\tudivtgi.ini
    [2007/10/17 23:15:26 | 000,693,430 | -HS- | C] () -- C:\WINDOWS\System32\jjebniyp.ini
    [2007/10/17 15:13:05 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\xxjqvxrf.ini
    [2007/10/17 13:50:00 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\nhxixjnx.ini
    [2007/10/17 07:01:05 | 000,693,430 | -HS- | C] () -- C:\WINDOWS\System32\hgavlddo.ini
    [2007/10/17 06:32:45 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\bbfwltpn.ini
    [2007/10/16 20:57:02 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\lfryacvq.ini
    [2007/10/16 18:44:48 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\kmhxhyln.ini
    [2007/10/16 12:46:57 | 000,693,481 | -HS- | C] () -- C:\WINDOWS\System32\hekgqitn.ini
    [2007/10/16 00:15:53 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\hsvidmbr.ini
    [2007/10/15 12:48:06 | 000,693,439 | -HS- | C] () -- C:\WINDOWS\System32\bxxwkvme.ini
    [2007/10/14 23:56:08 | 000,693,541 | -HS- | C] () -- C:\WINDOWS\System32\mxmfeofv.ini
    [2007/10/14 17:42:06 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\qvowdder.ini
    [2007/10/14 14:26:57 | 000,693,550 | -HS- | C] () -- C:\WINDOWS\System32\nyoopccp.ini
    [2007/10/13 23:53:22 | 000,693,481 | -HS- | C] () -- C:\WINDOWS\System32\sgcaviyi.ini
    [2007/10/13 14:26:36 | 000,693,481 | -HS- | C] () -- C:\WINDOWS\System32\egpawvog.ini
    [2007/10/12 23:54:29 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\muyvtssw.ini
    [2007/10/12 14:27:26 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\egfyuyfn.ini
    [2007/10/12 13:26:13 | 000,693,412 | -HS- | C] () -- C:\WINDOWS\System32\yctheryx.ini
    [2007/10/12 07:57:24 | 000,693,541 | -HS- | C] () -- C:\WINDOWS\System32\fwxqcxbu.ini
    [2007/10/11 19:33:10 | 000,693,481 | -HS- | C] () -- C:\WINDOWS\System32\evqrgcii.ini
    [2007/10/11 07:57:39 | 000,693,490 | -HS- | C] () -- C:\WINDOWS\System32\qnvmngvf.ini
    [2007/10/10 19:33:24 | 000,693,458 | -HS- | C] () -- C:\WINDOWS\System32\kpohrdum.ini
    [2007/10/10 07:57:17 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\syoktfmc.ini
    [2007/10/09 11:09:38 | 000,693,472 | -HS- | C] () -- C:\WINDOWS\System32\uegiavrk.ini
    [2007/10/09 08:41:20 | 000,693,697 | -HS- | C] () -- C:\WINDOWS\System32\lufegsob.ini
    [2007/10/08 11:09:00 | 000,693,439 | -HS- | C] () -- C:\WINDOWS\System32\lxitlrnm.ini
    [2007/10/07 22:40:14 | 000,693,601 | -HS- | C] () -- C:\WINDOWS\System32\jnwangxp.ini
    [2007/10/07 21:19:05 | 000,693,481 | -HS- | C] () -- C:\WINDOWS\System32\hftkwwab.ini
    [2007/10/06 22:40:19 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\gcmidykp.ini
    [2007/10/06 21:19:47 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\tplwghig.ini
    [2007/10/06 11:30:49 | 000,693,430 | -HS- | C] () -- C:\WINDOWS\System32\aubrjxvi.ini
    [2007/10/05 13:23:10 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\ikpptkic.ini
    [2007/10/05 09:17:18 | 000,693,595 | -HS- | C] () -- C:\WINDOWS\System32\whyuqqum.ini
    [2007/10/04 14:20:11 | 000,693,517 | -HS- | C] () -- C:\WINDOWS\System32\melxnxyk.ini
    [2007/10/04 08:03:39 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\etfmbafn.ini
    [2007/10/03 21:05:36 | 000,693,439 | -HS- | C] () -- C:\WINDOWS\System32\tqfeigth.ini
    [2007/10/03 19:10:08 | 000,693,412 | -HS- | C] () -- C:\WINDOWS\System32\eyditimp.ini
    [2007/10/03 15:56:29 | 000,000,354 | -HS- | C] () -- C:\WINDOWS\System32\wrbgjqun.ini
    [2007/10/03 11:52:22 | 000,693,490 | -HS- | C] () -- C:\WINDOWS\System32\usculxlr.ini
    [2007/10/03 11:35:01 | 000,693,532 | -HS- | C] () -- C:\WINDOWS\System32\ohsykdar.ini
    [2007/10/03 11:27:07 | 000,693,472 | -HS- | C] () -- C:\WINDOWS\System32\bannbegf.ini
    [2007/10/02 18:40:07 | 000,693,517 | -HS- | C] () -- C:\WINDOWS\System32\oscqpyak.ini
    [2007/10/01 18:39:53 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\ewsvhmal.ini
    [2007/10/01 10:19:02 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\iprtfhss.ini
    [2007/10/01 09:38:10 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\euwrhyiw.ini
    [2007/10/01 00:00:35 | 000,693,559 | -HS- | C] () -- C:\WINDOWS\System32\hruigwie.ini
    [2007/09/30 23:39:49 | 000,693,481 | -HS- | C] () -- C:\WINDOWS\System32\bdrcjmfw.ini
    [2007/09/30 17:55:39 | 000,693,440 | -HS- | C] () -- C:\WINDOWS\System32\ijwqvpha.ini
    [2007/09/30 17:36:02 | 000,693,475 | -HS- | C] () -- C:\WINDOWS\System32\jovoljfc.ini
    [2007/09/30 08:44:52 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\tjdislgs.ini
    [2007/09/29 17:54:45 | 000,693,541 | -HS- | C] () -- C:\WINDOWS\System32\utmlorwp.ini
    [2007/09/29 17:41:46 | 000,693,472 | -HS- | C] () -- C:\WINDOWS\System32\wfkeccbl.ini
    [2007/09/29 11:43:49 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\ujggranp.ini
    [2007/09/28 19:59:18 | 000,693,430 | -HS- | C] () -- C:\WINDOWS\System32\udkywdjh.ini
    [2007/09/28 08:06:07 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\bxclmdil.ini
    [2007/09/28 06:52:31 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\argnaune.ini
    [2007/09/27 19:44:53 | 000,693,559 | -HS- | C] () -- C:\WINDOWS\System32\xtfsquoa.ini
    [2007/09/26 18:36:53 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\drivers\yifgmazo.sys
    [2007/09/26 18:36:17 | 000,693,472 | -HS- | C] () -- C:\WINDOWS\System32\shknilob.ini
    [2007/09/26 16:45:59 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\gpdemjck.ini
    [2007/09/26 05:55:06 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\alrmhrxd.ini
    [2007/09/25 20:23:49 | 000,693,481 | -HS- | C] () -- C:\WINDOWS\System32\epvvdahp.ini
    [2007/09/25 13:31:37 | 000,693,466 | -HS- | C] () -- C:\WINDOWS\System32\lojexkni.ini
    [2007/09/24 20:24:26 | 000,693,466 | -HS- | C] () -- C:\WINDOWS\System32\nejoosdl.ini
    [2007/09/24 07:12:58 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\rnjdexhn.ini
    [2007/09/24 05:21:55 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\tanvfmbh.ini
    [2007/09/23 19:00:38 | 000,693,475 | -HS- | C] () -- C:\WINDOWS\System32\hddgwysp.ini
    [2007/09/23 16:27:56 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\sqxmtggp.ini
    [2007/09/23 09:32:30 | 000,693,412 | -HS- | C] () -- C:\WINDOWS\System32\jexrktyc.ini
    [2007/09/22 12:46:45 | 000,000,354 | -HS- | C] () -- C:\WINDOWS\System32\hqpyhetu.ini
    [2007/09/21 16:14:56 | 000,693,508 | -HS- | C] () -- C:\WINDOWS\System32\wadjcgqh.ini
    [2007/09/21 15:06:57 | 000,693,467 | -HS- | C] () -- C:\WINDOWS\System32\ccfqpmnh.ini
    [2007/09/21 14:20:07 | 000,693,439 | -HS- | C] () -- C:\WINDOWS\System32\gjabygsw.ini
    [2007/09/20 16:15:15 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\opkkctbt.ini
    [2007/09/20 15:06:47 | 000,693,407 | -HS- | C] () -- C:\WINDOWS\System32\xmpwrgnh.ini
    [2007/09/20 12:31:07 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\qhrwxujn.ini
    [2007/09/20 05:49:29 | 000,693,536 | -HS- | C] () -- C:\WINDOWS\System32\lrdqelti.ini
    [2007/09/19 22:33:53 | 000,693,485 | -HS- | C] () -- C:\WINDOWS\System32\kxdctrfn.ini
    [2007/09/19 16:11:55 | 000,693,503 | -HS- | C] () -- C:\WINDOWS\System32\nskrmmvx.ini
    [2007/09/19 15:02:41 | 000,693,503 | -HS- | C] () -- C:\WINDOWS\System32\jvfeekhd.ini
    [2007/09/18 17:28:37 | 000,693,485 | -HS- | C] () -- C:\WINDOWS\System32\rddrclvl.ini
    [2007/09/18 16:24:12 | 000,693,530 | -HS- | C] () -- C:\WINDOWS\System32\nudfetty.ini
    [2007/09/17 21:24:41 | 000,693,564 | -HS- | C] () -- C:\WINDOWS\System32\stnntcfr.ini
    [2007/09/17 21:11:25 | 000,693,545 | -HS- | C] () -- C:\WINDOWS\System32\yqoekjkq.ini
    [2007/09/17 16:10:45 | 000,693,494 | -HS- | C] () -- C:\WINDOWS\System32\etcqxvry.ini
    [2007/09/17 14:51:49 | 000,693,494 | -HS- | C] () -- C:\WINDOWS\System32\bjfuexsm.ini
    [2007/09/16 22:16:12 | 000,693,605 | -HS- | C] () -- C:\WINDOWS\System32\lnluvhkq.ini
    [2007/09/16 18:28:15 | 000,693,545 | -HS- | C] () -- C:\WINDOWS\System32\hixksbcl.ini
    [2007/09/16 08:58:16 | 000,693,503 | -HS- | C] () -- C:\WINDOWS\System32\uthavkqf.ini
    [2007/09/15 17:44:52 | 000,693,485 | -HS- | C] () -- C:\WINDOWS\System32\clrfrrdx.ini
    [2007/09/15 13:26:09 | 000,693,530 | -HS- | C] () -- C:\WINDOWS\System32\tbebnpyj.ini
    [2007/09/15 06:35:43 | 000,693,545 | -HS- | C] () -- C:\WINDOWS\System32\ntnymkcj.ini
    [2007/09/15 06:21:12 | 000,693,544 | -HS- | C] () -- C:\WINDOWS\System32\expyphjm.ini
    [2007/09/14 06:35:11 | 000,693,484 | -HS- | C] () -- C:\WINDOWS\System32\cypkrvbg.ini
    [2007/09/14 06:20:34 | 000,693,550 | -HS- | C] () -- C:\WINDOWS\System32\wbnrclbt.ini
    [2007/09/14 04:53:11 | 000,693,605 | -HS- | C] () -- C:\WINDOWS\System32\oyhhqydo.ini
    [2007/09/13 20:26:58 | 000,693,545 | -HS- | C] () -- C:\WINDOWS\System32\nuwytifo.ini
    [2007/09/13 18:17:28 | 000,693,530 | -HS- | C] () -- C:\WINDOWS\System32\jndwplrv.ini
    [2007/09/13 17:04:19 | 000,693,476 | -HS- | C] () -- C:\WINDOWS\System32\npxmsuvp.ini
    [2007/09/13 16:31:21 | 000,000,355 | -HS- | C] () -- C:\WINDOWS\System32\daduhtjc.ini
    [2007/09/13 16:24:37 | 000,693,784 | -HS- | C] () -- C:\WINDOWS\System32\cvhwsurq.ini
    [2007/09/13 16:00:24 | 000,693,665 | -HS- | C] () -- C:\WINDOWS\System32\tgurnspx.ini
    [2007/09/13 15:50:08 | 000,693,544 | -HS- | C] () -- C:\WINDOWS\System32\briqlgao.ini
    [2007/09/12 21:00:59 | 000,693,484 | -HS- | C] () -- C:\WINDOWS\System32\ltytfpen.ini
    [2007/09/12 19:19:15 | 000,693,485 | -HS- | C] () -- C:\WINDOWS\System32\daihrhrp.ini
    [2007/09/12 18:29:01 | 000,693,534 | -HS- | C] () -- C:\WINDOWS\System32\qyjyfqwi.ini
    [2007/09/12 12:50:32 | 000,693,485 | -HS- | C] () -- C:\WINDOWS\System32\rgqysddw.ini
    [2007/09/11 20:03:10 | 000,693,520 | -HS- | C] () -- C:\WINDOWS\System32\tnyplsup.ini
    [2007/09/11 19:05:44 | 000,693,521 | -HS- | C] () -- C:\WINDOWS\System32\ywfsugdo.ini
    [2007/09/11 18:10:44 | 000,693,485 | -HS- | C] () -- C:\WINDOWS\System32\gywapvgj.ini
    [2007/09/11 06:36:57 | 000,693,511 | -HS- | C] () -- C:\WINDOWS\System32\khamanwj.ini
    [2007/09/11 04:54:17 | 000,693,493 | -HS- | C] () -- C:\WINDOWS\System32\lbhrxror.ini
    [2007/09/10 19:41:01 | 000,693,485 | -HS- | C] () -- C:\WINDOWS\System32\mmqrgktr.ini
    [2007/09/10 15:03:26 | 000,693,607 | -HS- | C] () -- C:\WINDOWS\System32\rqkjfake.ini
    [2007/09/09 22:07:45 | 000,693,485 | -HS- | C] () -- C:\WINDOWS\System32\uetqtork.ini
    [2007/09/09 17:04:15 | 000,693,523 | -HS- | C] () -- C:\WINDOWS\System32\ffwraujy.ini
    [2007/09/09 15:03:19 | 000,693,485 | -HS- | C] () -- C:\WINDOWS\System32\iofltclm.ini
    [2007/09/09 09:15:05 | 000,693,484 | -HS- | C] () -- C:\WINDOWS\System32\ohctlyls.ini
    [2007/09/09 09:09:15 | 000,693,484 | -HS- | C] () -- C:\WINDOWS\System32\sjhorbtp.ini
    [2007/09/08 21:22:52 | 000,693,530 | -HS- | C] () -- C:\WINDOWS\System32\bdsqkqik.ini
    [2007/09/08 19:14:20 | 000,693,485 | -HS- | C] () -- C:\WINDOWS\System32\wtcudxxo.ini
    [2007/09/07 16:43:49 | 000,693,484 | -HS- | C] () -- C:\WINDOWS\System32\oablfcpq.ini
    [2007/09/07 14:49:12 | 000,693,484 | -HS- | C] () -- C:\WINDOWS\System32\lxbppbvo.ini
    [2007/09/06 21:48:00 | 000,693,617 | -HS- | C] () -- C:\WINDOWS\System32\tlssquay.ini
    [2007/09/06 17:28:59 | 000,693,512 | -HS- | C] () -- C:\WINDOWS\System32\exqyokfo.ini
    [2007/09/06 11:55:59 | 000,636,690 | -HS- | C] () -- C:\WINDOWS\System32\vldkkhkk.ini
    [2007/09/05 21:01:49 | 000,738,835 | -HS- | C] () -- C:\WINDOWS\System32\ymhkceut.ini
    [2007/09/05 19:19:23 | 000,738,806 | -HS- | C] () -- C:\WINDOWS\System32\xsemumvr.ini
    [2007/09/05 11:55:49 | 000,738,756 | -HS- | C] () -- C:\WINDOWS\System32\oqtlkdhh.ini
    [2007/09/04 21:02:39 | 000,738,771 | -HS- | C] () -- C:\WINDOWS\System32\qdewucxt.ini
    [2007/09/04 19:19:53 | 000,738,763 | -HS- | C] () -- C:\WINDOWS\System32\hugejwxm.ini
    [2007/09/04 15:04:36 | 000,738,744 | -HS- | C] () -- C:\WINDOWS\System32\sltixtfc.ini
    [2007/09/04 08:08:25 | 000,997,512 | -HS- | C] () -- C:\WINDOWS\System32\unftxubr.ini
    [2007/09/03 22:09:09 | 000,738,744 | -HS- | C] () -- C:\WINDOWS\System32\nwpcuuog.ini
    [2007/09/03 08:07:40 | 000,738,754 | -HS- | C] () -- C:\WINDOWS\System32\wveunaym.ini
    [2007/09/02 22:26:34 | 001,291,270 | -HS- | C] () -- C:\WINDOWS\System32\wrsrwdsn.ini
    [2007/09/02 18:47:12 | 001,291,223 | -HS- | C] () -- C:\WINDOWS\System32\hrrcebob.ini
    [2007/09/02 08:24:00 | 001,291,077 | -HS- | C] () -- C:\WINDOWS\System32\idoloysa.ini
    [2007/09/01 17:51:05 | 001,792,608 | -HS- | C] () -- C:\WINDOWS\System32\foxyomby.ini
    [2007/09/01 12:29:27 | 001,290,984 | -HS- | C] () -- C:\WINDOWS\System32\wfissbpo.ini
    [2007/08/31 17:45:19 | 002,294,023 | -HS- | C] () -- C:\WINDOWS\System32\bblomotb.ini
    [2007/08/31 11:54:30 | 001,792,490 | -HS- | C] () -- C:\WINDOWS\System32\ojnnwrou.ini
    [2007/08/31 06:00:47 | 001,295,860 | -HS- | C] () -- C:\WINDOWS\System32\mqeskshn.ini
    [2007/08/31 05:43:25 | 001,295,870 | -HS- | C] () -- C:\WINDOWS\System32\rwymiybk.ini
    [2007/08/30 21:59:28 | 001,283,914 | -HS- | C] () -- C:\WINDOWS\System32\umdfcuqo.ini
    [2007/08/30 21:00:58 | 001,283,903 | -HS- | C] () -- C:\WINDOWS\System32\nnbhfudf.ini
    [2007/08/30 07:21:00 | 000,000,346 | -HS- | C] () -- C:\WINDOWS\System32\ksckbqoi.ini
    [2007/08/29 22:20:07 | 001,246,653 | -HS- | C] () -- C:\WINDOWS\System32\jwikxvhu.ini
    [2007/08/28 06:44:45 | 001,247,091 | -HS- | C] () -- C:\WINDOWS\System32\akxasklx.ini
    [2007/08/28 05:40:18 | 000,000,346 | -HS- | C] () -- C:\WINDOWS\System32\xsjxbsyb.ini
    [2007/08/27 18:40:09 | 000,000,466 | -HS- | C] () -- C:\WINDOWS\System32\rnlvkmga.ini
    [2007/08/27 17:59:33 | 000,000,406 | -HS- | C] () -- C:\WINDOWS\System32\lefscdic.ini
    [2007/08/27 15:06:42 | 000,000,346 | -HS- | C] () -- C:\WINDOWS\System32\xmhtfrjj.ini
    [2007/08/27 12:23:19 | 001,266,541 | -HS- | C] () -- C:\WINDOWS\System32\xlgtofjl.ini
    [2007/08/26 20:03:12 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\ahxhcijb.ini
    [2007/08/26 19:05:51 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\fctdeycl.ini
    [2007/08/26 16:18:12 | 001,255,183 | -HS- | C] () -- C:\WINDOWS\System32\ecwrgkef.ini
    [2007/08/26 14:19:34 | 001,255,473 | -HS- | C] () -- C:\WINDOWS\System32\xoupderm.ini
    [2007/08/26 13:50:44 | 001,255,404 | -HS- | C] () -- C:\WINDOWS\System32\crtvsmhh.ini
    [2007/08/26 13:42:08 | 001,255,234 | -HS- | C] () -- C:\WINDOWS\System32\ljdffflm.ini
    [2007/08/26 09:25:44 | 001,255,303 | -HS- | C] () -- C:\WINDOWS\System32\mhtavxco.ini
    [2007/08/25 19:53:07 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\seybqlib.ini
    [2007/08/25 10:18:20 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\apaoywha.ini
    [2007/08/25 10:10:28 | 001,255,433 | -HS- | C] () -- C:\WINDOWS\System32\lvvyuapi.ini
    [2007/08/24 21:03:16 | 001,255,363 | -HS- | C] () -- C:\WINDOWS\System32\pndjmbav.ini
    [2007/08/24 16:57:49 | 001,255,243 | -HS- | C] () -- C:\WINDOWS\System32\ssudipeu.ini
    [2007/08/24 15:24:23 | 001,255,183 | -HS- | C] () -- C:\WINDOWS\System32\npbwhvwp.ini
    [2007/08/23 23:34:15 | 000,000,465 | -HS- | C] () -- C:\WINDOWS\System32\tsftador.ini
    [2007/08/23 12:40:48 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\afuonvdq.ini
    [2007/08/23 05:57:08 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\pxpxgbkv.ini
    [2007/08/23 05:22:21 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\srhatqva.ini
    [2007/08/22 18:51:14 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\subtlnos.ini
    [2007/08/22 15:51:46 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\teqvixqg.ini
    [2007/08/22 12:25:29 | 001,246,290 | -HS- | C] () -- C:\WINDOWS\System32\duvqrxey.ini
    [2007/08/22 06:17:10 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\lujbvjbn.ini
    [2007/08/22 05:18:41 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\aosecruj.ini
    [2007/08/21 21:33:46 | 001,238,031 | -HS- | C] () -- C:\WINDOWS\System32\lekkogii.ini
    [2007/08/21 20:17:25 | 001,238,160 | -HS- | C] () -- C:\WINDOWS\System32\nwgkmnke.ini
    [2007/08/21 20:07:20 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\etbdeems.ini
    [2007/08/21 18:07:28 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\qooxhsgf.ini
    [2007/08/21 15:56:15 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\dekmrjwb.ini
    [2007/08/20 17:53:14 | 001,229,621 | -HS- | C] () -- C:\WINDOWS\System32\nvtpikrx.ini
    [2007/08/20 16:04:44 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\oobqedoq.ini
    [2007/08/20 13:23:41 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\rbrmjgrn.ini
    [2007/08/20 05:44:31 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\kasgxmjf.ini
    [2007/08/19 20:48:41 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\wetdepek.ini
    [2007/08/19 16:36:16 | 001,229,132 | -HS- | C] () -- C:\WINDOWS\System32\wyqlsnml.ini
    [2007/08/19 12:34:42 | 001,229,063 | -HS- | C] () -- C:\WINDOWS\System32\ahtalvyb.ini
    [2007/08/19 10:13:27 | 001,228,934 | -HS- | C] () -- C:\WINDOWS\System32\owcdipsd.ini
    [2007/08/19 09:00:08 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\nfdtrwqi.ini
    [2007/08/19 08:48:07 | 000,000,344 | -HS- | C] () -- C:\WINDOWS\System32\fpaldxut.ini
    [2007/08/18 21:20:47 | 001,228,883 | -HS- | C] () -- C:\WINDOWS\System32\vwopevlm.ini
    [2007/08/18 18:21:04 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\dexssbws.ini
    [2007/08/18 14:51:23 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\fpdmstyx.ini
    [2007/08/17 17:18:44 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\bkeeypmj.ini
    [2007/08/17 15:44:41 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\odtlddvq.ini
    [2007/08/17 07:06:59 | 000,000,465 | -HS- | C] () -- C:\WINDOWS\System32\ksgqqrqc.ini
    [2007/08/16 20:38:36 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\yjmuceof.ini
    [2007/08/16 19:58:48 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\ibdodwph.ini
    [2007/08/16 17:08:35 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\odixejul.ini
    [2007/08/16 15:21:30 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\iwykavtv.ini
    [2007/08/16 06:30:13 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\ykynknry.ini
    [2007/08/16 05:14:14 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\hpdqdetr.ini
    [2007/08/15 22:21:32 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\egavxyvt.ini
    [2007/08/15 21:19:19 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\kudpohiq.ini
    [2007/08/15 20:02:17 | 000,000,465 | -HS- | C] () -- C:\WINDOWS\System32\hnmftifs.ini
    [2007/08/15 15:32:39 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\qhgwfpxo.ini
    [2007/08/15 06:55:31 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\wrnjlxkw.ini
    [2007/08/14 20:23:05 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\lvmwtdjp.ini
    [2007/08/14 18:01:50 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\jaxmpvap.ini
    [2007/08/14 17:47:25 | 001,233,613 | -HS- | C] () -- C:\WINDOWS\System32\vgpltwqc.ini
    [2007/08/14 06:31:42 | 001,215,903 | -HS- | C] () -- C:\WINDOWS\System32\mansgrmx.ini
    [2007/08/13 20:03:48 | 001,215,845 | -HS- | C] () -- C:\WINDOWS\System32\twndeeea.ini
    [2007/08/13 17:16:33 | 001,215,780 | -HS- | C] () -- C:\WINDOWS\System32\kndfbeip.ini
    [2007/08/13 15:06:16 | 001,215,664 | -HS- | C] () -- C:\WINDOWS\System32\vvuxxpfc.ini
    [2007/08/12 20:48:51 | 001,214,054 | -HS- | C] () -- C:\WINDOWS\System32\puyatnyq.ini
    [2007/08/12 13:08:41 | 000,000,416 | -HS- | C] () -- C:\WINDOWS\System32\tgtcidyx.ini
    [2007/08/12 12:59:14 | 001,222,620 | -HS- | C] () -- C:\WINDOWS\System32\sdgihucn.ini
    [2007/08/12 10:34:48 | 001,214,036 | -HS- | C] () -- C:\WINDOWS\System32\gtsdhovt.ini
    [2007/08/11 21:01:33 | 001,222,698 | -HS- | C] () -- C:\WINDOWS\System32\sosupxod.ini
    [2007/08/10 07:54:36 | 001,222,620 | -HS- | C] () -- C:\WINDOWS\System32\xopcqiow.ini
    [2007/08/09 21:16:05 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\cuwogaru.ini
    [2007/08/09 16:16:48 | 001,202,261 | -HS- | C] () -- C:\WINDOWS\System32\vgupytbh.ini
    [2007/08/09 06:25:22 | 001,202,164 | -HS- | C] () -- C:\WINDOWS\System32\yxhtapga.ini
    [2007/08/09 05:29:54 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\wjkubovk.ini
    [2007/08/08 18:49:20 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\oyusjtmv.ini
    [2007/08/08 16:23:25 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\hqkokuly.ini
    [2007/08/08 06:56:02 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\jsmujgpg.ini
    [2007/08/08 04:51:50 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\vprjirrv.ini
    [2007/08/07 19:39:21 | 000,000,295 | -HS- | C] () -- C:\WINDOWS\System32\hvfrmptu.ini
    [2007/08/07 16:15:29 | 001,203,930 | -HS- | C] () -- C:\WINDOWS\System32\basyijki.ini
    [2007/08/07 06:53:49 | 001,194,524 | -HS- | C] () -- C:\WINDOWS\System32\togkgcri.ini
    [2007/08/06 18:49:45 | 001,194,422 | -HS- | C] () -- C:\WINDOWS\System32\bysacmmf.ini
    [2007/08/06 07:57:47 | 001,194,275 | -HS- | C] () -- C:\WINDOWS\System32\xcfunrua.ini
    [2007/08/05 22:39:44 | 001,204,400 | -HS- | C] () -- C:\WINDOWS\System32\lavxvwva.ini
    [2007/08/05 17:27:11 | 001,204,680 | -HS- | C] () -- C:\WINDOWS\System32\gaycyyjw.ini
    [2007/08/05 15:14:58 | 001,204,680 | -HS- | C] () -- C:\WINDOWS\System32\dfaxoiec.ini
    [2007/08/05 12:12:17 | 001,204,680 | -HS- | C] () -- C:\WINDOWS\System32\lqhggedt.ini
    [2007/08/04 19:10:09 | 001,204,708 | -HS- | C] () -- C:\WINDOWS\System32\gavkmwor.ini
    [2007/08/04 17:58:44 | 001,204,680 | -HS- | C] () -- C:\WINDOWS\System32\xfucxnwp.ini
    [2007/08/04 15:11:27 | 001,204,680 | -HS- | C] () -- C:\WINDOWS\System32\ddvpbsrm.ini
    [2007/08/04 10:58:47 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\prtsibly.ini
    [2007/08/04 09:14:28 | 001,204,800 | -HS- | C] () -- C:\WINDOWS\System32\qqnpvwxo.ini
    [2007/08/03 21:41:19 | 001,204,758 | -HS- | C] () -- C:\WINDOWS\System32\wjadwmvl.ini
    [2007/08/03 20:58:15 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\xdkhugnd.ini
    [2007/08/03 20:51:14 | 001,204,689 | -HS- | C] () -- C:\WINDOWS\System32\slvjehmm.ini
    [2007/08/03 20:04:56 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\rkrxqhhx.ini
    [2007/08/03 19:32:09 | 001,205,049 | -HS- | C] () -- C:\WINDOWS\System32\umepbbhh.ini
    [2007/08/03 16:28:09 | 001,204,979 | -HS- | C] () -- C:\WINDOWS\System32\okravdpy.ini
    [2007/08/03 08:12:58 | 001,204,860 | -HS- | C] () -- C:\WINDOWS\System32\copixvnk.ini
    [2007/08/02 19:47:47 | 000,000,355 | -HS- | C] () -- C:\WINDOWS\System32\jnoftnkx.ini
    [2007/08/02 13:24:40 | 001,205,492 | -HS- | C] () -- C:\WINDOWS\System32\fjkvliub.ini
    [2007/08/02 06:58:54 | 001,204,168 | -HS- | C] () -- C:\WINDOWS\System32\tarpoirv.ini
    [2007/08/01 16:25:13 | 001,190,175 | -HS- | C] () -- C:\WINDOWS\System32\opsbfiwn.ini
    [2007/08/01 15:33:49 | 001,190,097 | -HS- | C] () -- C:\WINDOWS\System32\upkgmtfv.ini
    [2007/08/01 07:26:51 | 001,189,286 | -HS- | C] () -- C:\WINDOWS\System32\pwtfrgmm.ini
    [2007/08/01 05:20:32 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\xmiipdfl.ini
    [2007/07/31 16:23:48 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\ukghvhqp.ini
    [2007/07/31 13:16:19 | 000,000,295 | -HS- | C] () -- C:\WINDOWS\System32\bspnddha.ini
    [2007/07/31 13:03:29 | 000,000,686 | -HS- | C] () -- C:\WINDOWS\System32\ahbhfjbf.ini
    [2007/07/31 07:34:22 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\xjjjofld.ini
    [2007/07/30 17:52:08 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\pcahieft.ini
    [2007/07/30 16:36:15 | 001,253,816 | -HS- | C] () -- C:\WINDOWS\System32\bxbyripg.ini
    [2007/07/30 10:01:15 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\fmagfcfm.ini
    [2007/07/30 07:13:11 | 001,248,890 | -HS- | C] () -- C:\WINDOWS\System32\pjgaoymt.ini
    [2007/07/29 21:39:14 | 001,248,286 | -HS- | C] () -- C:\WINDOWS\System32\lmhavqrp.ini
    [2007/07/29 21:14:07 | 001,248,286 | -HS- | C] () -- C:\WINDOWS\System32\qrbdunoq.ini
    [2007/07/29 20:37:00 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\huvdiqxq.ini
    [2007/07/29 19:25:43 | 000,000,746 | -HS- | C] () -- C:\WINDOWS\System32\pvclmsoj.ini
    [2007/07/29 19:12:34 | 001,248,346 | -HS- | C] () -- C:\WINDOWS\System32\ltindmsx.ini
    [2007/07/29 17:13:48 | 000,000,746 | -HS- | C] () -- C:\WINDOWS\System32\pqhuohio.ini
    [2007/07/29 14:51:05 | 001,248,346 | -HS- | C] () -- C:\WINDOWS\System32\gecrkpkb.ini
    [2007/07/29 14:47:24 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\pjvrvhvy.ini
    [2007/07/29 14:31:15 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\uenemqyb.ini
    [2007/07/29 13:14:55 | 001,248,286 | -HS- | C] () -- C:\WINDOWS\System32\uuoojhpp.ini
    [2007/07/29 09:17:34 | 000,000,295 | -HS- | C] () -- C:\WINDOWS\System32\neuxpfmn.ini
    [2007/07/29 09:12:38 | 001,248,405 | -HS- | C] () -- C:\WINDOWS\System32\ieydgqgq.ini
    [2007/07/29 08:55:58 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\lpasthxp.ini
    [2007/07/29 01:51:03 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\ttvkvfih.ini
    [2007/07/28 17:31:46 | 001,248,286 | -HS- | C] () -- C:\WINDOWS\System32\lwhdmcyr.ini
    [2007/07/28 16:09:30 | 001,248,306 | -HS- | C] () -- C:\WINDOWS\System32\wfpglpny.ini
    [2007/07/28 13:28:32 | 001,248,434 | -HS- | C] () -- C:\WINDOWS\System32\mhnvmkqb.ini
    [2007/07/28 13:19:05 | 001,248,346 | -HS- | C] () -- C:\WINDOWS\System32\aidetqla.ini
    [2007/07/28 13:11:25 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\mdybpmnt.ini
    [2007/07/28 11:48:58 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\oirlguot.ini
    [2007/07/27 23:22:55 | 001,248,313 | -HS- | C] () -- C:\WINDOWS\System32\nonyxxti.ini
    [2007/07/27 17:48:12 | 000,000,745 | -HS- | C] () -- C:\WINDOWS\System32\qtcglcja.ini
    [2007/07/27 17:19:12 | 001,248,346 | -HS- | C] () -- C:\WINDOWS\System32\dqtmbdgf.ini
    [2007/07/26 21:37:48 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\abysojyo.ini
    [2007/07/26 20:37:02 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\dtbksslp.ini
    [2007/07/26 19:03:31 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\iqbqlsxb.ini
    [2007/07/26 18:27:11 | 001,216,024 | -HS- | C] () -- C:\WINDOWS\System32\gemvmegf.ini
    [2007/07/26 15:42:42 | 000,000,465 | -HS- | C] () -- C:\WINDOWS\System32\tswffwnp.ini
    [2007/07/25 18:35:04 | 000,000,805 | -HS- | C] () -- C:\WINDOWS\System32\yfglifnr.ini
    [2007/07/25 15:43:53 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\bvwnagyb.ini
    [2007/07/25 12:24:13 | 001,215,852 | -HS- | C] () -- C:\WINDOWS\System32\tobeumra.ini
    [2007/07/24 18:35:09 | 000,000,745 | -HS- | C] () -- C:\WINDOWS\System32\gdwyjsqs.ini
    [2007/07/24 16:25:56 | 001,216,142 | -HS- | C] () -- C:\WINDOWS\System32\sexyvxka.ini
    [2007/07/24 15:43:37 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\wgssfddr.ini
    [2007/07/24 14:19:56 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\jecmtylp.ini
    [2007/06/13 10:20:09 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\wbiijgfu.ini
    [2007/06/13 01:22:59 | 000,000,295 | -HS- | C] () -- C:\WINDOWS\System32\jsvhgdxl.ini
    [2007/06/13 01:17:25 | 000,946,167 | -HS- | C] () -- C:\WINDOWS\System32\mtafarer.ini
    [2007/06/13 01:06:36 | 000,948,121 | -HS- | C] () -- C:\WINDOWS\System32\mdynpptk.ini
    [2007/06/13 00:58:00 | 000,948,002 | -HS- | C] () -- C:\WINDOWS\System32\anvcroug.ini
    [2007/06/13 00:38:41 | 000,947,882 | -HS- | C] () -- C:\WINDOWS\System32\elyngptr.ini
    [2007/06/13 00:32:49 | 000,947,822 | -HS- | C] () -- C:\WINDOWS\System32\petyadog.ini
    [2007/06/13 00:00:59 | 000,948,521 | -HS- | C] () -- C:\WINDOWS\System32\hoovuqpr.ini
    [2007/06/12 23:51:56 | 000,948,461 | -HS- | C] () -- C:\WINDOWS\System32\wjblpbfg.ini
    [2007/06/12 23:39:04 | 000,948,341 | -HS- | C] () -- C:\WINDOWS\System32\vuvnxjhx.ini
    [2007/06/12 21:09:41 | 000,000,295 | -HS- | C] () -- C:\WINDOWS\System32\dgtxfadx.ini
    [2007/06/12 20:48:59 | 000,943,998 | -HS- | C] () -- C:\WINDOWS\System32\qntxiyui.ini
    [2007/06/12 10:19:01 | 000,943,748 | -HS- | C] () -- C:\WINDOWS\System32\auftmwld.ini
    [2007/06/12 09:16:31 | 000,943,827 | -HS- | C] () -- C:\WINDOWS\System32\rdwlevvq.ini
    [2007/06/12 00:53:52 | 000,943,988 | -HS- | C] () -- C:\WINDOWS\System32\abmiatwj.ini
    [2007/06/11 22:54:22 | 000,943,928 | -HS- | C] () -- C:\WINDOWS\System32\qaadbfyq.ini
    [2007/06/11 22:44:31 | 000,943,808 | -HS- | C] () -- C:\WINDOWS\System32\bexgsajf.ini
    [2007/06/11 14:38:17 | 000,943,748 | -HS- | C] () -- C:\WINDOWS\System32\lebvxryp.ini
    [2007/06/11 13:51:28 | 000,943,748 | -HS- | C] () -- C:\WINDOWS\System32\oaqnibcm.ini
    [2007/06/11 11:42:26 | 000,943,748 | -HS- | C] () -- C:\WINDOWS\System32\nlspdhcd.ini
    [2007/06/11 11:38:30 | 000,943,748 | -HS- | C] () -- C:\WINDOWS\System32\mabmdqvk.ini
    [2007/06/11 11:28:48 | 000,943,748 | -HS- | C] () -- C:\WINDOWS\System32\xliluukt.ini
    [2007/06/11 11:18:05 | 000,943,748 | -HS- | C] () -- C:\WINDOWS\System32\rancyjng.ini
    [2007/06/11 09:15:17 | 000,943,748 | -HS- | C] () -- C:\WINDOWS\System32\odxmapjk.ini
    [2007/04/25 17:55:38 | 000,000,883 | -HS- | C] () -- C:\WINDOWS\System32\sjwewaqi.ini
    [2007/04/15 15:35:58 | 001,539,401 | -HS- | C] () -- C:\WINDOWS\System32\truupvim.ini
    [2007/03/22 10:52:52 | 001,701,894 | -HS- | C] () -- C:\WINDOWS\System32\vpbgnfnm.ini
    [2007/03/06 13:20:38 | 001,597,481 | -HS- | C] () -- C:\WINDOWS\System32\groeobds.ini
    [2006/12/24 14:00:02 | 000,037,557 | -HS- | C] () -- C:\WINDOWS\System32\xopnplhm.ini
    [2006/12/14 21:30:18 | 000,037,557 | -HS- | C] () -- C:\WINDOWS\System32\bhjrvnnl.ini
    [2006/12/14 18:32:26 | 000,037,557 | -HS- | C] () -- C:\WINDOWS\System32\chgmryve.ini
    [2006/12/14 17:50:43 | 000,037,557 | -HS- | C] () -- C:\WINDOWS\System32\phmumwpy.ini
    [2006/12/05 13:26:15 | 000,000,547 | -HS- | C] () -- C:\WINDOWS\3mpvsr.ini2
    [2006/11/27 10:19:25 | 000,970,559 | -HS- | C] () -- C:\WINDOWS\snima.ini2
    [2005/05/20 12:56:41 | 000,003,961 | ---- | C] () -- C:\WINDOWS\System32\0s49kktg.ini
    [2005/05/20 12:56:41 | 000,000,035 | ---- | C] () -- C:\WINDOWS\System32\fhmlu7k1.ini
    [2005/05/20 12:56:41 | 000,000,035 | ---- | C] () -- C:\WINDOWS\System32\7dugphv4.ini
    [2008/04/14 07:15:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\hkhqveto
    [2009/07/30 19:38:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\121B5
    [2005/05/17 12:47:25 | 000,000,000 | ---- | M] () -- C:\edds.exe
    
    :Commands
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download TDSSKiller and save it to your Desktop.

  • Extract the file and run it.
  • Once completed it will create a log in your C:\ drive
  • Please post the contents of that log

  • 0

#14
wowcow12

wowcow12

    Member

  • Member
  • PipPip
  • 60 posts
Here is the OTL scan

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4FC0397A-C970-407E-B67A-39DDD0B8867E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4FC0397A-C970-407E-B67A-39DDD0B8867E}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\# L"h'9Ӝ3rWC:\Program Files\ISTsvc\istsvc.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\horyfyr not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\j9251831 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UEYACh$v/fC:\Program Files\ISTsvc\istsvc.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UEYAChD deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Iwv6RVG8j deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\j5291437 deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sxload.net\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cbxuvst\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\drjdus\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\pmnli\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\SysTray not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35CEC8A3-2BE6-11D2-8773-92E220524153}\ not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders:msansspc.dll deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2e588a24-c967-11de-85f2-0011d8d19315}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2e588a24-c967-11de-85f2-0011d8d19315}\ not found.
File G:\setup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{75026dd3-3269-11dd-843a-0011d8d19315}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75026dd3-3269-11dd-843a-0011d8d19315}\ not found.
File p1y2.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{75026dd3-3269-11dd-843a-0011d8d19315}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75026dd3-3269-11dd-843a-0011d8d19315}\ not found.
File p1y2.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{75026dd3-3269-11dd-843a-0011d8d19315}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75026dd3-3269-11dd-843a-0011d8d19315}\ not found.
File p1y2.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{75026dd5-3269-11dd-843a-0011d8d19315}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75026dd5-3269-11dd-843a-0011d8d19315}\ not found.
File p1y2.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{75026dd5-3269-11dd-843a-0011d8d19315}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75026dd5-3269-11dd-843a-0011d8d19315}\ not found.
File p1y2.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{75026dd5-3269-11dd-843a-0011d8d19315}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75026dd5-3269-11dd-843a-0011d8d19315}\ not found.
File p1y2.cmd not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{82183f74-f86d-11db-8112-00038a000015}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{82183f74-f86d-11db-8112-00038a000015}\ not found.
File G:\winlog.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{82183f74-f86d-11db-8112-00038a000015}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{82183f74-f86d-11db-8112-00038a000015}\ not found.
File G:\winlog.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{946850c5-1e27-11d9-baf0-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{946850c5-1e27-11d9-baf0-806d6172696f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{946850c5-1e27-11d9-baf0-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{946850c5-1e27-11d9-baf0-806d6172696f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{946850c5-1e27-11d9-baf0-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{946850c5-1e27-11d9-baf0-806d6172696f}\ not found.
File D:\setup.exe not found.
File C:\WINDOWS\System32\msln.exe not found.
File C:\WINDOWS\System32\SCCD3X02.DLL not found.
File C:\Documents and Settings\Meredith\Local Settings\Application Data\MSASCui.exe not found.
File C:\Documents and Settings\Meredith\Local Settings\Application Data\fXsMq7BWv not found.
File C:\WINDOWS\System32\nfnmlxyp.ini not found.
File C:\WINDOWS\System32\nluqefbf.ini not found.
File C:\WINDOWS\System32\ipspiuov.ini not found.
File C:\WINDOWS\System32\kfgrenqu.ini not found.
File C:\WINDOWS\System32\gfkdisun.ini not found.
File C:\WINDOWS\System32\huikkrmw.ini not found.
File C:\WINDOWS\System32\ulmpjqng.ini not found.
File C:\WINDOWS\System32\qoimpogl.ini not found.
File C:\WINDOWS\System32\hmtkiwvk.ini not found.
File C:\WINDOWS\System32\iovsxiuc.ini not found.
File C:\WINDOWS\System32\gvibaidx.ini not found.
File C:\WINDOWS\System32\ifovlahh.ini not found.
File C:\WINDOWS\System32\laqueira.ini not found.
File C:\WINDOWS\System32\wdaehecr.ini not found.
File C:\WINDOWS\System32\ntftvkuv.ini not found.
File C:\WINDOWS\System32\qjrbpjet.ini not found.
File C:\WINDOWS\System32\ctoewbmj.ini not found.
File C:\WINDOWS\System32\jwnxoecj.ini not found.
File C:\WINDOWS\System32\ierhgspu.ini not found.
File C:\WINDOWS\System32\goxprfcl.ini not found.
File C:\WINDOWS\System32\iiadpgin.ini not found.
File C:\WINDOWS\System32\lwryiyun.ini not found.
File C:\WINDOWS\System32\gbsyikgn.ini not found.
File C:\WINDOWS\System32\khiqhlia.ini not found.
File C:\WINDOWS\System32\qcuyxrte.ini not found.
File C:\WINDOWS\System32\oexjsogo.ini not found.
File C:\WINDOWS\System32\tudivtgi.ini not found.
File C:\WINDOWS\System32\jjebniyp.ini not found.
File C:\WINDOWS\System32\xxjqvxrf.ini not found.
File C:\WINDOWS\System32\nhxixjnx.ini not found.
File C:\WINDOWS\System32\hgavlddo.ini not found.
File C:\WINDOWS\System32\bbfwltpn.ini not found.
File C:\WINDOWS\System32\lfryacvq.ini not found.
File C:\WINDOWS\System32\kmhxhyln.ini not found.
File C:\WINDOWS\System32\hekgqitn.ini not found.
File C:\WINDOWS\System32\hsvidmbr.ini not found.
File C:\WINDOWS\System32\bxxwkvme.ini not found.
File C:\WINDOWS\System32\mxmfeofv.ini not found.
File C:\WINDOWS\System32\qvowdder.ini not found.
File C:\WINDOWS\System32\nyoopccp.ini not found.
File C:\WINDOWS\System32\sgcaviyi.ini not found.
File C:\WINDOWS\System32\egpawvog.ini not found.
File C:\WINDOWS\System32\muyvtssw.ini not found.
File C:\WINDOWS\System32\egfyuyfn.ini not found.
File C:\WINDOWS\System32\yctheryx.ini not found.
File C:\WINDOWS\System32\fwxqcxbu.ini not found.
File C:\WINDOWS\System32\evqrgcii.ini not found.
File C:\WINDOWS\System32\qnvmngvf.ini not found.
File C:\WINDOWS\System32\kpohrdum.ini not found.
File C:\WINDOWS\System32\syoktfmc.ini not found.
File C:\WINDOWS\System32\uegiavrk.ini not found.
File C:\WINDOWS\System32\lufegsob.ini not found.
File C:\WINDOWS\System32\lxitlrnm.ini not found.
File C:\WINDOWS\System32\jnwangxp.ini not found.
File C:\WINDOWS\System32\hftkwwab.ini not found.
File C:\WINDOWS\System32\gcmidykp.ini not found.
File C:\WINDOWS\System32\tplwghig.ini not found.
File C:\WINDOWS\System32\aubrjxvi.ini not found.
File C:\WINDOWS\System32\ikpptkic.ini not found.
File C:\WINDOWS\System32\whyuqqum.ini not found.
File C:\WINDOWS\System32\melxnxyk.ini not found.
File C:\WINDOWS\System32\etfmbafn.ini not found.
File C:\WINDOWS\System32\tqfeigth.ini not found.
File C:\WINDOWS\System32\eyditimp.ini not found.
File C:\WINDOWS\System32\wrbgjqun.ini not found.
File C:\WINDOWS\System32\usculxlr.ini not found.
File C:\WINDOWS\System32\ohsykdar.ini not found.
File C:\WINDOWS\System32\bannbegf.ini not found.
File C:\WINDOWS\System32\oscqpyak.ini not found.
File C:\WINDOWS\System32\ewsvhmal.ini not found.
File C:\WINDOWS\System32\iprtfhss.ini not found.
File C:\WINDOWS\System32\euwrhyiw.ini not found.
File C:\WINDOWS\System32\hruigwie.ini not found.
File C:\WINDOWS\System32\bdrcjmfw.ini not found.
File C:\WINDOWS\System32\ijwqvpha.ini not found.
File C:\WINDOWS\System32\jovoljfc.ini not found.
File C:\WINDOWS\System32\tjdislgs.ini not found.
File C:\WINDOWS\System32\utmlorwp.ini not found.
File C:\WINDOWS\System32\wfkeccbl.ini not found.
File C:\WINDOWS\System32\ujggranp.ini not found.
File C:\WINDOWS\System32\udkywdjh.ini not found.
File C:\WINDOWS\System32\bxclmdil.ini not found.
File C:\WINDOWS\System32\argnaune.ini not found.
File C:\WINDOWS\System32\xtfsquoa.ini not found.
File C:\WINDOWS\System32\drivers\yifgmazo.sys not found.
File C:\WINDOWS\System32\shknilob.ini not found.
File C:\WINDOWS\System32\gpdemjck.ini not found.
File C:\WINDOWS\System32\alrmhrxd.ini not found.
File C:\WINDOWS\System32\epvvdahp.ini not found.
File C:\WINDOWS\System32\lojexkni.ini not found.
File C:\WINDOWS\System32\nejoosdl.ini not found.
File C:\WINDOWS\System32\rnjdexhn.ini not found.
File C:\WINDOWS\System32\tanvfmbh.ini not found.
File C:\WINDOWS\System32\hddgwysp.ini not found.
File C:\WINDOWS\System32\sqxmtggp.ini not found.
File C:\WINDOWS\System32\jexrktyc.ini not found.
File C:\WINDOWS\System32\hqpyhetu.ini not found.
File C:\WINDOWS\System32\wadjcgqh.ini not found.
File C:\WINDOWS\System32\ccfqpmnh.ini not found.
File C:\WINDOWS\System32\gjabygsw.ini not found.
File C:\WINDOWS\System32\opkkctbt.ini not found.
File C:\WINDOWS\System32\xmpwrgnh.ini not found.
File C:\WINDOWS\System32\qhrwxujn.ini not found.
File C:\WINDOWS\System32\lrdqelti.ini not found.
File C:\WINDOWS\System32\kxdctrfn.ini not found.
File C:\WINDOWS\System32\nskrmmvx.ini not found.
File C:\WINDOWS\System32\jvfeekhd.ini not found.
File C:\WINDOWS\System32\rddrclvl.ini not found.
File C:\WINDOWS\System32\nudfetty.ini not found.
File C:\WINDOWS\System32\stnntcfr.ini not found.
File C:\WINDOWS\System32\yqoekjkq.ini not found.
File C:\WINDOWS\System32\etcqxvry.ini not found.
File C:\WINDOWS\System32\bjfuexsm.ini not found.
File C:\WINDOWS\System32\lnluvhkq.ini not found.
File C:\WINDOWS\System32\hixksbcl.ini not found.
File C:\WINDOWS\System32\uthavkqf.ini not found.
File C:\WINDOWS\System32\clrfrrdx.ini not found.
File C:\WINDOWS\System32\tbebnpyj.ini not found.
File C:\WINDOWS\System32\ntnymkcj.ini not found.
File C:\WINDOWS\System32\expyphjm.ini not found.
File C:\WINDOWS\System32\cypkrvbg.ini not found.
File C:\WINDOWS\System32\wbnrclbt.ini not found.
File C:\WINDOWS\System32\oyhhqydo.ini not found.
File C:\WINDOWS\System32\nuwytifo.ini not found.
File C:\WINDOWS\System32\jndwplrv.ini not found.
File C:\WINDOWS\System32\npxmsuvp.ini not found.
File C:\WINDOWS\System32\daduhtjc.ini not found.
File C:\WINDOWS\System32\cvhwsurq.ini not found.
File C:\WINDOWS\System32\tgurnspx.ini not found.
File C:\WINDOWS\System32\briqlgao.ini not found.
File C:\WINDOWS\System32\ltytfpen.ini not found.
File C:\WINDOWS\System32\daihrhrp.ini not found.
File C:\WINDOWS\System32\qyjyfqwi.ini not found.
File C:\WINDOWS\System32\rgqysddw.ini not found.
File C:\WINDOWS\System32\tnyplsup.ini not found.
File C:\WINDOWS\System32\ywfsugdo.ini not found.
File C:\WINDOWS\System32\gywapvgj.ini not found.
File C:\WINDOWS\System32\khamanwj.ini not found.
File C:\WINDOWS\System32\lbhrxror.ini not found.
File C:\WINDOWS\System32\mmqrgktr.ini not found.
File C:\WINDOWS\System32\rqkjfake.ini not found.
File C:\WINDOWS\System32\uetqtork.ini not found.
File C:\WINDOWS\System32\ffwraujy.ini not found.
File C:\WINDOWS\System32\iofltclm.ini not found.
File C:\WINDOWS\System32\ohctlyls.ini not found.
File C:\WINDOWS\System32\sjhorbtp.ini not found.
File C:\WINDOWS\System32\bdsqkqik.ini not found.
File C:\WINDOWS\System32\wtcudxxo.ini not found.
File C:\WINDOWS\System32\oablfcpq.ini not found.
File C:\WINDOWS\System32\lxbppbvo.ini not found.
File C:\WINDOWS\System32\tlssquay.ini not found.
File C:\WINDOWS\System32\exqyokfo.ini not found.
File C:\WINDOWS\System32\vldkkhkk.ini not found.
File C:\WINDOWS\System32\ymhkceut.ini not found.
File C:\WINDOWS\System32\xsemumvr.ini not found.
File C:\WINDOWS\System32\oqtlkdhh.ini not found.
File C:\WINDOWS\System32\qdewucxt.ini not found.
File C:\WINDOWS\System32\hugejwxm.ini not found.
File C:\WINDOWS\System32\sltixtfc.ini not found.
File C:\WINDOWS\System32\unftxubr.ini not found.
File C:\WINDOWS\System32\nwpcuuog.ini not found.
File C:\WINDOWS\System32\wveunaym.ini not found.
File C:\WINDOWS\System32\wrsrwdsn.ini not found.
File C:\WINDOWS\System32\hrrcebob.ini not found.
File C:\WINDOWS\System32\idoloysa.ini not found.
File C:\WINDOWS\System32\foxyomby.ini not found.
File C:\WINDOWS\System32\wfissbpo.ini not found.
File C:\WINDOWS\System32\bblomotb.ini not found.
File C:\WINDOWS\System32\ojnnwrou.ini not found.
File C:\WINDOWS\System32\mqeskshn.ini not found.
File C:\WINDOWS\System32\rwymiybk.ini not found.
File C:\WINDOWS\System32\umdfcuqo.ini not found.
File C:\WINDOWS\System32\nnbhfudf.ini not found.
File C:\WINDOWS\System32\ksckbqoi.ini not found.
File C:\WINDOWS\System32\jwikxvhu.ini not found.
File C:\WINDOWS\System32\akxasklx.ini not found.
File C:\WINDOWS\System32\xsjxbsyb.ini not found.
File C:\WINDOWS\System32\rnlvkmga.ini not found.
File C:\WINDOWS\System32\lefscdic.ini not found.
File C:\WINDOWS\System32\xmhtfrjj.ini not found.
File C:\WINDOWS\System32\xlgtofjl.ini not found.
File C:\WINDOWS\System32\ahxhcijb.ini not found.
File C:\WINDOWS\System32\fctdeycl.ini not found.
File C:\WINDOWS\System32\ecwrgkef.ini not found.
File C:\WINDOWS\System32\xoupderm.ini not found.
File C:\WINDOWS\System32\crtvsmhh.ini not found.
File C:\WINDOWS\System32\ljdffflm.ini not found.
File C:\WINDOWS\System32\mhtavxco.ini not found.
File C:\WINDOWS\System32\seybqlib.ini not found.
File C:\WINDOWS\System32\apaoywha.ini not found.
File C:\WINDOWS\System32\lvvyuapi.ini not found.
File C:\WINDOWS\System32\pndjmbav.ini not found.
File C:\WINDOWS\System32\ssudipeu.ini not found.
File C:\WINDOWS\System32\npbwhvwp.ini not found.
File C:\WINDOWS\System32\tsftador.ini not found.
File C:\WINDOWS\System32\afuonvdq.ini not found.
File C:\WINDOWS\System32\pxpxgbkv.ini not found.
File C:\WINDOWS\System32\srhatqva.ini not found.
File C:\WINDOWS\System32\subtlnos.ini not found.
File C:\WINDOWS\System32\teqvixqg.ini not found.
File C:\WINDOWS\System32\duvqrxey.ini not found.
File C:\WINDOWS\System32\lujbvjbn.ini not found.
File C:\WINDOWS\System32\aosecruj.ini not found.
File C:\WINDOWS\System32\lekkogii.ini not found.
File C:\WINDOWS\System32\nwgkmnke.ini not found.
File C:\WINDOWS\System32\etbdeems.ini not found.
File C:\WINDOWS\System32\qooxhsgf.ini not found.
File C:\WINDOWS\System32\dekmrjwb.ini not found.
File C:\WINDOWS\System32\nvtpikrx.ini not found.
File C:\WINDOWS\System32\oobqedoq.ini not found.
File C:\WINDOWS\System32\rbrmjgrn.ini not found.
File C:\WINDOWS\System32\kasgxmjf.ini not found.
File C:\WINDOWS\System32\wetdepek.ini not found.
File C:\WINDOWS\System32\wyqlsnml.ini not found.
File C:\WINDOWS\System32\ahtalvyb.ini not found.
File C:\WINDOWS\System32\owcdipsd.ini not found.
File C:\WINDOWS\System32\nfdtrwqi.ini not found.
File C:\WINDOWS\System32\fpaldxut.ini not found.
File C:\WINDOWS\System32\vwopevlm.ini not found.
File C:\WINDOWS\System32\dexssbws.ini not found.
File C:\WINDOWS\System32\fpdmstyx.ini not found.
File C:\WINDOWS\System32\bkeeypmj.ini not found.
File C:\WINDOWS\System32\odtlddvq.ini not found.
File C:\WINDOWS\System32\ksgqqrqc.ini not found.
File C:\WINDOWS\System32\yjmuceof.ini not found.
File C:\WINDOWS\System32\ibdodwph.ini not found.
File C:\WINDOWS\System32\odixejul.ini not found.
File C:\WINDOWS\System32\iwykavtv.ini not found.
File C:\WINDOWS\System32\ykynknry.ini not found.
File C:\WINDOWS\System32\hpdqdetr.ini not found.
File C:\WINDOWS\System32\egavxyvt.ini not found.
File C:\WINDOWS\System32\kudpohiq.ini not found.
File C:\WINDOWS\System32\hnmftifs.ini not found.
File C:\WINDOWS\System32\qhgwfpxo.ini not found.
File C:\WINDOWS\System32\wrnjlxkw.ini not found.
File C:\WINDOWS\System32\lvmwtdjp.ini not found.
File C:\WINDOWS\System32\jaxmpvap.ini not found.
File C:\WINDOWS\System32\vgpltwqc.ini not found.
File C:\WINDOWS\System32\mansgrmx.ini not found.
File C:\WINDOWS\System32\twndeeea.ini not found.
File C:\WINDOWS\System32\kndfbeip.ini not found.
File C:\WINDOWS\System32\vvuxxpfc.ini not found.
File C:\WINDOWS\System32\puyatnyq.ini not found.
File C:\WINDOWS\System32\tgtcidyx.ini not found.
File C:\WINDOWS\System32\sdgihucn.ini not found.
File C:\WINDOWS\System32\gtsdhovt.ini not found.
File C:\WINDOWS\System32\sosupxod.ini not found.
File C:\WINDOWS\System32\xopcqiow.ini not found.
File C:\WINDOWS\System32\cuwogaru.ini not found.
File C:\WINDOWS\System32\vgupytbh.ini not found.
File C:\WINDOWS\System32\yxhtapga.ini not found.
File C:\WINDOWS\System32\wjkubovk.ini not found.
File C:\WINDOWS\System32\oyusjtmv.ini not found.
File C:\WINDOWS\System32\hqkokuly.ini not found.
File C:\WINDOWS\System32\jsmujgpg.ini not found.
File C:\WINDOWS\System32\vprjirrv.ini not found.
File C:\WINDOWS\System32\hvfrmptu.ini not found.
File C:\WINDOWS\System32\basyijki.ini not found.
File C:\WINDOWS\System32\togkgcri.ini not found.
File C:\WINDOWS\System32\bysacmmf.ini not found.
File C:\WINDOWS\System32\xcfunrua.ini not found.
File C:\WINDOWS\System32\lavxvwva.ini not found.
File C:\WINDOWS\System32\gaycyyjw.ini not found.
File C:\WINDOWS\System32\dfaxoiec.ini not found.
File C:\WINDOWS\System32\lqhggedt.ini not found.
File C:\WINDOWS\System32\gavkmwor.ini not found.
File C:\WINDOWS\System32\xfucxnwp.ini not found.
File C:\WINDOWS\System32\ddvpbsrm.ini not found.
File C:\WINDOWS\System32\prtsibly.ini not found.
File C:\WINDOWS\System32\qqnpvwxo.ini not found.
File C:\WINDOWS\System32\wjadwmvl.ini not found.
File C:\WINDOWS\System32\xdkhugnd.ini not found.
File C:\WINDOWS\System32\slvjehmm.ini not found.
File C:\WINDOWS\System32\rkrxqhhx.ini not found.
File C:\WINDOWS\System32\umepbbhh.ini not found.
File C:\WINDOWS\System32\okravdpy.ini not found.
File C:\WINDOWS\System32\copixvnk.ini not found.
File C:\WINDOWS\System32\jnoftnkx.ini not found.
File C:\WINDOWS\System32\fjkvliub.ini not found.
File C:\WINDOWS\System32\tarpoirv.ini not found.
File C:\WINDOWS\System32\opsbfiwn.ini not found.
File C:\WINDOWS\System32\upkgmtfv.ini not found.
File C:\WINDOWS\System32\pwtfrgmm.ini not found.
File C:\WINDOWS\System32\xmiipdfl.ini not found.
File C:\WINDOWS\System32\ukghvhqp.ini not found.
File C:\WINDOWS\System32\bspnddha.ini not found.
File C:\WINDOWS\System32\ahbhfjbf.ini not found.
File C:\WINDOWS\System32\xjjjofld.ini not found.
File C:\WINDOWS\System32\pcahieft.ini not found.
File C:\WINDOWS\System32\bxbyripg.ini not found.
File C:\WINDOWS\System32\fmagfcfm.ini not found.
File C:\WINDOWS\System32\pjgaoymt.ini not found.
File C:\WINDOWS\System32\lmhavqrp.ini not found.
File C:\WINDOWS\System32\qrbdunoq.ini not found.
File C:\WINDOWS\System32\huvdiqxq.ini not found.
File C:\WINDOWS\System32\pvclmsoj.ini not found.
File C:\WINDOWS\System32\ltindmsx.ini not found.
File C:\WINDOWS\System32\pqhuohio.ini not found.
File C:\WINDOWS\System32\gecrkpkb.ini not found.
File C:\WINDOWS\System32\pjvrvhvy.ini not found.
File C:\WINDOWS\System32\uenemqyb.ini not found.
File C:\WINDOWS\System32\uuoojhpp.ini not found.
File C:\WINDOWS\System32\neuxpfmn.ini not found.
File C:\WINDOWS\System32\ieydgqgq.ini not found.
File C:\WINDOWS\System32\lpasthxp.ini not found.
File C:\WINDOWS\System32\ttvkvfih.ini not found.
File C:\WINDOWS\System32\lwhdmcyr.ini not found.
File C:\WINDOWS\System32\wfpglpny.ini not found.
File C:\WINDOWS\System32\mhnvmkqb.ini not found.
File C:\WINDOWS\System32\aidetqla.ini not found.
File C:\WINDOWS\System32\mdybpmnt.ini not found.
File C:\WINDOWS\System32\oirlguot.ini not found.
File C:\WINDOWS\System32\nonyxxti.ini not found.
File C:\WINDOWS\System32\qtcglcja.ini not found.
File C:\WINDOWS\System32\dqtmbdgf.ini not found.
File C:\WINDOWS\System32\abysojyo.ini not found.
File C:\WINDOWS\System32\dtbksslp.ini not found.
File C:\WINDOWS\System32\iqbqlsxb.ini not found.
File C:\WINDOWS\System32\gemvmegf.ini not found.
File C:\WINDOWS\System32\tswffwnp.ini not found.
File C:\WINDOWS\System32\yfglifnr.ini not found.
File C:\WINDOWS\System32\bvwnagyb.ini not found.
File C:\WINDOWS\System32\tobeumra.ini not found.
File C:\WINDOWS\System32\gdwyjsqs.ini not found.
File C:\WINDOWS\System32\sexyvxka.ini not found.
File C:\WINDOWS\System32\wgssfddr.ini not found.
File C:\WINDOWS\System32\jecmtylp.ini not found.
File C:\WINDOWS\System32\wbiijgfu.ini not found.
File C:\WINDOWS\System32\jsvhgdxl.ini not found.
File C:\WINDOWS\System32\mtafarer.ini not found.
File C:\WINDOWS\System32\mdynpptk.ini not found.
File C:\WINDOWS\System32\anvcroug.ini not found.
File C:\WINDOWS\System32\elyngptr.ini not found.
File C:\WINDOWS\System32\petyadog.ini not found.
File C:\WINDOWS\System32\hoovuqpr.ini not found.
File C:\WINDOWS\System32\wjblpbfg.ini not found.
File C:\WINDOWS\System32\vuvnxjhx.ini not found.
File C:\WINDOWS\System32\dgtxfadx.ini not found.
File C:\WINDOWS\System32\qntxiyui.ini not found.
File C:\WINDOWS\System32\auftmwld.ini not found.
File C:\WINDOWS\System32\rdwlevvq.ini not found.
File C:\WINDOWS\System32\abmiatwj.ini not found.
File C:\WINDOWS\System32\qaadbfyq.ini not found.
File C:\WINDOWS\System32\bexgsajf.ini not found.
File C:\WINDOWS\System32\lebvxryp.ini not found.
File C:\WINDOWS\System32\oaqnibcm.ini not found.
File C:\WINDOWS\System32\nlspdhcd.ini not found.
File C:\WINDOWS\System32\mabmdqvk.ini not found.
File C:\WINDOWS\System32\xliluukt.ini not found.
File C:\WINDOWS\System32\rancyjng.ini not found.
File C:\WINDOWS\System32\odxmapjk.ini not found.
File C:\WINDOWS\System32\sjwewaqi.ini not found.
File C:\WINDOWS\System32\truupvim.ini not found.
File C:\WINDOWS\System32\vpbgnfnm.ini not found.
File C:\WINDOWS\System32\groeobds.ini not found.
File C:\WINDOWS\System32\xopnplhm.ini not found.
File C:\WINDOWS\System32\bhjrvnnl.ini not found.
File C:\WINDOWS\System32\chgmryve.ini not found.
File C:\WINDOWS\System32\phmumwpy.ini not found.
File C:\WINDOWS\3mpvsr.ini2 not found.
File C:\WINDOWS\snima.ini2 not found.
File C:\WINDOWS\System32\0s49kktg.ini not found.
File C:\WINDOWS\System32\fhmlu7k1.ini not found.
File C:\WINDOWS\System32\7dugphv4.ini not found.
Folder C:\Documents and Settings\All Users\Application Data\hkhqveto\ not found.
Folder C:\Documents and Settings\All Users\Application Data\121B5\ not found.
File C:\edds.exe not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: All Users

User: Chris
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest.FLEXSPACE
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: HP_Owner

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Meredith
->Temp folder emptied: 27087 bytes
->Temporary Internet Files folder emptied: 184978 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 13131315 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 886407 bytes

User: Mom
->Temp folder emptied: 53161972 bytes
->Temporary Internet Files folder emptied: 52954278 bytes
->Java cache emptied: 247814 bytes
->FireFox cache emptied: 4296663 bytes
->Flash cache emptied: 1871 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 786730 bytes

User: Nic

User: Zac

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 7597830 bytes
%systemroot%\System32 .tmp files removed: 2505910 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 361106046 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 23951800 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 480347 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 497.00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Chris
->Flash cache emptied: 0 bytes

User: Default User

User: Guest

User: Guest.FLEXSPACE
->Flash cache emptied: 0 bytes

User: HP_Owner

User: LocalService

User: Meredith
->Flash cache emptied: 0 bytes

User: Mom
->Flash cache emptied: 0 bytes

User: NetworkService

User: Nic

User: Zac

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.1.34.0 log created on 03072010_153410

Files\Folders moved on Reboot...
C:\Documents and Settings\Meredith\Local Settings\Temp\IadHide5.dll moved successfully.

Registry entries deleted on Reboot...
  • 0

#15
Essexboy

Essexboy

    GeekU Moderator

  • GeekU Moderator
  • 63,854 posts
If you could run TDSSKiller now that should remove the final infection
  • 0

Advertisement




Similar Topics: 'Open With' Virus [Solved]     x


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

featured