Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Can not enter safe mode on xp [Closed]

Started by Fred1973 , Nov 21 2012 07:29 AM

This topic is locked

#1
Fred1973

Posted 21 November 2012 - 07:29 AM

New Member

Member
6 posts

Hi and i apologise in advance if i dont follow all the rules of the board as im new.
A few days ago when i was on my computer i got a grey screen appear saying your computer is now blocked by International Police Association and i would have to pay £100 to get it unlocked, after a quick google search i have found out thsi is a virus and to get it removed i would have to go into safe mode, but here lies the problem, whenever the computer starts up i tap F8 and the Windows Advanced Options Menu appears but every option i press either restarts my computer or goes directly to my profile log in page where if i log in the virus appears again. My question is how do i get my safe mode working again please? Also any adavice on hwo to get my computer free of the many viruses i most probably have would be greatly appriecatied. Again sorry if i have broken any of the board rules.
Dont know if this helps but the computer runs on xp and was bought as a stand alone base unit with windows already installed so i cant get my hands on the product key number as it was just in the box.

#2
Buddierdl

Posted 21 November 2012 - 08:27 AM

Trusted Helper

Malware Removal
2,524 posts

Hello Fred1973 and welcome to Geeks to Go. I am sorry that you are having troubles with your computer and will try my best to help you. I know that being infected is very frustrating, but I will be here to help you through the whole process of cleaning. Removing malware can be difficult and complicated and will most likely take many steps, so please stick with me until I have declared your computer clean. I always recommend printing my instructions before following them in case you cannot keep this webpage open. Please be sure to alway follow all steps exactly as they are written and let me know what happens each time. Stop and ask if something unexpected happens or if you are unsure of how to proceed.

Please respect my volunteered time and stay with me until I declare your computer clean. If you are going to be delayed for a while, please let me know.

Please note that I am currently in training as a GeekU Senior. My posts must be reviewed by an instructor, so there may be a slight delay.

I will reply soon with some instructions for you.

#3
Buddierdl

Posted 21 November 2012 - 11:54 AM

Trusted Helper

Malware Removal
2,524 posts

Hi Fred1973,

Let's get started on fixing your computer. The instructions below require the use of a USB flash drive. If you don't have one let me know and I can provide alternate instructions for using a CD.

I assume you have access to another computer since you are posting this. Please run this first set of instructions on the clean computer to create a bootable USB.

Download Peazip to the desktop
Run and install the programme
As it installs this page will show, deselect the AVG ticks
Press decline and it will then install cleanly

Posted Image

Download the following files to the desktop .. Right click the links and select save as...then select desktop

IsoToUsb

OTLPE_standard

Right click OTLPE on your desktop and select Peazip ..Open as archive

Posted Image

Select OTLPE standard

Posted Image

Click Extract, ensure that desktop is selected

Posted Image

Insert the USB stick Then run ISO to USB

Posted Image

Select the ISO file on the desktop, tick bootable . press burn

Now insert the prepared USB drive into your infected computer and follow these steps:

Reboot your system using the USB drive you just created.
Note : If you do not know how to set your computer to boot from USB follow the steps here
As the computer needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads
Your system should now display a Reatogo desktop.
Note : as you are running from USB it is not exactly speedy
Double-click on the OTLPE icon.
Select the Windows folder of the infected drive if it asks for a location
When asked "Do you wish to load the remote registry", select Yes
When asked "Do you wish to load remote user profile(s) for scanning", select Yes
Ensure the box "Automatically Load All Remaining Users" is checked and press OK
OTL should now start.
Press Run Scan to start the scan.
When finished, the file will be saved in drive C:\OTL.txt
Copy this file to your USB drive if you do not have internet connection on this system.
Right click the file and select send to : select the USB drive.
Confirm that it has copied to the USB drive by selecting it
You can backup any files that you wish from this OS
Please post the contents of the C:\OTL.txt file in your reply.

#4
Fred1973

Posted 21 November 2012 - 05:31 PM

New Member

Topic Starter
Member
6 posts

Hi thanks for the help so far and sorry its taken me so long to get a reply back but i was having problems with the usb sticks, now when i put the usb stick in the infected computer and want it to boot from a usb drive i have tried all 4 of the options and nothing is working, one is saying remove disks or other media and the other 3 are all just saying disk boot failure, instert system disc and press enter, just wondering if you know what i have done wrong and what i need to do to fix it, again thanks for the help so far

#5
Buddierdl

Posted 22 November 2012 - 08:22 AM

Trusted Helper

Malware Removal
2,524 posts

Hi Fred1973,

Let's try a CD instead. If you have a blank CD and a CD burner on your clean computer, please try these instructions:

Download OTLPEStd.exe to your desktop
Ensure that you have a blank CD in the drive
Double click OTLPEStd.exe and this will then open imgburn to burn the file to CD
Reboot your system using the boot CD you just created.
Note : If you do not know how to set your computer to boot from CD follow the steps here
As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads
Your system should now display a Reatogo desktop.
Note : as you are running from CD it is not exactly speedy
Double-click on the OTLPE icon.
Select the Windows folder of the infected drive if it asks for a location
When asked "Do you wish to load the remote registry", select Yes
When asked "Do you wish to load remote user profile(s) for scanning", select Yes
Ensure the box "Automatically Load All Remaining Users" is checked and press OK
OTL should now start.
Press Run Scan to start the scan.
When finished, the file will be saved in drive C:\OTL.txt
Copy this file to your USB drive if you do not have internet connection on this system.
Right click the file and select send to : select the USB drive.
Confirm that it has copied to the USB drive by selecting it
You can backup any files that you wish from this OS
Please post the contents of the C:\OTL.txt file in your reply.

#6
Fred1973

Posted 22 November 2012 - 04:07 PM

New Member

Topic Starter
Member
6 posts

OTL logfile created on: 11/22/2012 9:55:31 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

479.00 Mb Total Physical Memory | 263.00 Mb Available Physical Memory | 55.00% Memory free
383.00 Mb Paging File | 296.00 Mb Available in Paging File | 77.00% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76.68 Gb Total Space | 31.59 Gb Free Space | 41.20% Space Free | Partition Type: NTFS
Drive X: | 284.12 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled] -- -- (HidServ)
SRV - File not found [On_Demand] -- -- (AppMgmt)
SRV - [2012/08/06 15:26:28 | 000,000,000 | ---- | M] () [Auto] -- C:\Documents and Settings\Philip Green\Local Settings\Temp\DAT6F3.tmp -- (zgmtotxwd)
SRV - [2007/12/20 19:18:18 | 000,389,215 | ---- | M] (THOMSON Telecom Belgium) [Auto] -- C:\Program Files\Thomson SpeedTouch\ST330\service\st330service.exe -- (st330service)
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
SRV - [2006/06/05 07:59:18 | 000,174,080 | ---- | M] (Nokia.) [On_Demand] -- C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe -- (ServiceLayer)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | System] -- -- (tveojhbr)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (dvcvlqia)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2009/08/05 17:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008/05/05 11:42:18 | 000,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/02/22 10:33:02 | 000,114,304 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2008/02/22 10:33:02 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2008/02/22 10:33:00 | 000,087,936 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2008/02/11 11:07:00 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System] -- C:\WINDOWS\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2007/12/20 19:18:18 | 000,032,000 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\stppp.sys -- (stppp)
DRV - [2007/12/20 19:18:18 | 000,030,464 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\st330.sys -- (ST330)
DRV - [2007/12/20 19:18:18 | 000,012,672 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\stbus.sys -- (STBUS)
DRV - [2006/07/24 11:05:00 | 000,005,632 | ---- | M] () [File_System | System] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006/07/23 15:27:02 | 000,012,288 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\DP.sys -- (DP1112)
DRV - [2006/05/29 02:26:38 | 000,127,488 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (Nokia USB Phone Parent)
DRV - [2006/05/29 02:26:36 | 000,013,312 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcdcj.sys -- (Nokia USB Port)
DRV - [2006/05/29 02:26:36 | 000,013,312 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (Nokia USB Modem)
DRV - [2006/05/29 02:26:36 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (Nokia USB Generic)
DRV - [2005/02/23 08:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2004/09/29 02:35:30 | 000,219,136 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2004/09/29 02:34:24 | 000,702,592 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/09/29 02:33:50 | 001,036,928 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/05/22 10:44:44 | 000,670,203 | R--- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Intels51.sys -- (Intels51) Intel®
DRV - [2003/01/10 16:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/08/17 08:04:46 | 000,223,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\camdrv21.sys -- (camvid20)
DRV - [2000/10/25 07:27:24 | 000,003,000 | R--- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\SetupNT.sys -- (SetupNT)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Philip__Green_ON_C\Software\Microsoft\Internet Explorer\Main,Default = 95 49 08 A3 A4 A9 99 44 82 62 9B 0B 2C 4A 7E A0 [binary data]
IE - HKU\Philip__Green_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sky.com
IE - HKU\Philip__Green_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sky.com/
IE - HKU\Philip__Green_ON_C\..\URLSearchHook: {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll (America Online, Inc.)
IE - HKU\Philip__Green_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Philip__Green_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

O1 HOSTS File: ([2004/08/04 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (no name) - {46A4E9D9-B30E-452A-8157-DBBEC8573B03} - C:\Program Files\VSAdd-in\VSAdd-in_1.dll ()
O2 - BHO: (AOLSearchHook Class) - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll (America Online, Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - File not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Productivity 3.1 Toolbar) - {9427041a-a8dc-4d06-9a68-93873486e957} - C:\Program Files\Productivity_3.1\prxtbPro0.dll (Conduit Ltd.)
O2 - BHO: (no name) - {DF941BC7-DD2A-484E-BD2C-8B8FF174D1EB} - File not found
O3 - HKLM\..\Toolbar: (&VSAdd-in) - {74DD705D-6834-439C-A735-A6DBE2677452} - C:\Program Files\VSAdd-in\VSAdd-in_1.dll ()
O3 - HKLM\..\Toolbar: (Productivity 3.1 Toolbar) - {9427041a-a8dc-4d06-9a68-93873486e957} - C:\Program Files\Productivity_3.1\prxtbPro0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\Philip__Green_ON_C\..\Toolbar\WebBrowser: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - No CLSID value found.
O3 - HKU\Philip__Green_ON_C\..\Toolbar\WebBrowser: (&VSAdd-in) - {74DD705D-6834-439C-A735-A6DBE2677452} - C:\Program Files\VSAdd-in\VSAdd-in_1.dll ()
O3 - HKU\Philip__Green_ON_C\..\Toolbar\WebBrowser: (Productivity 3.1 Toolbar) - {9427041A-A8DC-4D06-9A68-93873486E957} - C:\Program Files\Productivity_3.1\prxtbPro0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [cacaps] C:\Documents and Settings\Philip Green\Application Data\cacaps.dll (Electronic Arts Inc.)
O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files\T-Mobile\web'n'walk Manager\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKLM..\Run: [diagnostics] C:\Program Files\Thomson SpeedTouch\ST330\diagnostics\diagnostics.exe (THOMSON Telecom Belgium)
O4 - HKLM..\Run: [ExpressFiles] C:\Program Files\ExpressFiles\ExpressFiles.exe (http://www.express-files.com/)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1200932265\ee\aolsoftware.exe (America Online, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe ()
O4 - HKLM..\Run: [svñhîst] C:\Documents and Settings\Philip Green\Local Settings\Temp\tmp897e7baa\longlong.exe ()
O4 - HKLM..\Run: [ToUcamVProperty] C:\Program Files\Philips ToUcam Camera\VProperty.exe (Philips PC Cameras)
O4 - HKLM..\Run: [Windows Media] C:\WINDOWS\system32\WmInit.exe ()
O4 - HKU\Philip__Green_ON_C..\Run: [Aim6] C:\Program Files\AIM6\aim6.exe (AOL LLC)
O4 - HKU\Philip__Green_ON_C..\Run: [Baowixzou] C:\Documents and Settings\Philip Green\Application Data\Ylxu\cyqio.exe ()
O4 - HKU\Philip__Green_ON_C..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\Philip__Green_ON_C..\Run: [Ugkom] C:\Documents and Settings\Philip Green\Application Data\Duxeq\vyyvi.exe ()
O4 - HKU\Philip__Green_ON_C..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WTGU.lnk = File not found
O4 - Startup: C:\Documents and Settings\Philip Green\Start Menu\Programs\Startup\SmartCapture.lnk = C:\WINDOWS\Seiko\slpcap.exe (Seiko Instruments USA Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Philip__Green_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Philip__Green_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O9 - Extra Button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfar...etup1.0.1.0.cab (Reg Error: Key error.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ddcbbyy: DllName - ddcbbyy.dll - File not found
O20 - Winlogon\Notify\ysscp: DllName - C:\WINDOWS\AppPatch\ysscp.dll - File not found
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/05/31 15:28:47 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{2903824e-3e26-11de-9e3b-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{2903824e-3e26-11de-9e3b-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2903824e-3e26-11de-9e3b-00038a000015}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{5a4f9e70-77ef-11de-9ef7-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{5a4f9e70-77ef-11de-9ef7-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5a4f9e70-77ef-11de-9ef7-00038a000015}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{5a4f9e72-77ef-11de-9ef7-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{5a4f9e72-77ef-11de-9ef7-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5a4f9e72-77ef-11de-9ef7-00038a000015}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{b8ed360e-6fa7-11de-9ed8-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{b8ed360e-6fa7-11de-9ed8-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b8ed360e-6fa7-11de-9ed8-00038a000015}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/11/02 11:28:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philip Green\Desktop\eBay33
[2012/11/02 11:28:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philip Green\Desktop\eils
[2012/10/30 16:59:22 | 000,696,760 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/10/30 16:59:22 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/07/31 13:27:41 | 000,433,152 | ---- | C] (Electronic Arts Inc.) -- C:\Documents and Settings\Philip Green\Application Data\cacaps.dll
[2012/07/28 17:47:44 | 000,439,808 | ---- | C] (BitTorrent, Inc.) -- C:\Documents and Settings\Philip Green\Application Data\mresy.dll
[2011/06/20 14:53:36 | 000,444,416 | ---- | C] (Sysinternals) -- C:\Documents and Settings\All Users\Application Data\EkqCjRSTlvQ.exe
[2008/01/18 08:02:29 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\besqtrar.exe
[2008/01/18 08:01:57 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\ppvqsuvr.exe
[2008/01/18 08:00:02 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\cngdrfsp.exe
[2008/01/18 06:49:13 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\kqrficps.exe
[2008/01/18 06:48:41 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\svmupvmb.exe
[2008/01/18 06:31:25 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\ttixabsc.exe
[2008/01/18 06:30:30 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\kihuhumr.exe
[2008/01/17 15:04:31 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\wdugdayt.exe
[2008/01/17 15:04:05 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\xeacyybg.exe
[2008/01/17 14:58:48 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\bddpoeuh.exe
[2008/01/17 14:58:18 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\yhffnxdt.exe
[2008/01/17 14:35:40 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\uuhjncuo.exe
[2008/01/17 14:35:14 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\gwhjyyyo.exe
[2008/01/17 14:30:42 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\hmfhscqo.exe
[2008/01/17 14:30:15 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\vtlsffsr.exe
[2008/01/17 14:14:14 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\mgeiugln.exe
[2008/01/17 14:13:44 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\ummwsidy.exe
[2008/01/17 14:03:35 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\yqvidklv.exe
[2008/01/17 14:02:51 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\lbbeeuqs.exe
[2008/01/17 13:59:11 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\ejlefrwg.exe
[2008/01/17 13:56:14 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\fjasipjc.exe
[2008/01/17 13:55:45 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\tlhntveo.exe
[2008/01/17 12:43:47 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\ehvhoowo.exe
[2008/01/17 12:43:07 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\fjavvevw.exe
[2008/01/16 16:58:56 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\qjspsxse.exe
[2008/01/16 16:45:00 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\cbywtpah.exe
[2008/01/16 16:44:21 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\nxcmvdrx.exe
[2008/01/15 21:36:06 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\omblkgas.exe
[2008/01/15 21:35:36 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\ahryxdsb.exe
[2008/01/15 20:29:06 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\xbbwvxlw.exe
[2008/01/15 20:28:31 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdnseql.exe
[2008/01/15 20:22:55 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\eumvbqmp.exe
[2008/01/15 20:22:24 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\pjoplaln.exe
[2008/01/15 18:21:46 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\wjmwgwsu.exe
[2008/01/15 18:20:08 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\ylrjjhet.exe
[2008/01/15 18:13:11 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\mfqcltki.exe
[2008/01/15 18:12:39 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\qqwxleac.exe
[2008/01/15 18:07:30 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\wdteadbx.exe
[2008/01/15 18:06:46 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\mrsssyqj.exe
[2008/01/15 17:57:19 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\bgjoooox.exe
[2008/01/15 17:56:36 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\uvnpdrhj.exe
[2008/01/15 17:47:26 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\eiaqjwml.exe
[2008/01/15 17:33:45 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\xomwhyaw.exe
[2008/01/15 17:33:08 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\alwryxff.exe
[2008/01/15 17:22:55 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\bmaglbvv.exe
[2008/01/15 17:21:05 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\bgdeynbt.exe
[2008/01/15 17:14:23 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\lgxrwxpu.exe
[2008/01/15 17:13:01 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\eccthahi.exe
[2008/01/15 17:02:50 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\defiuaie.exe
[2008/01/15 17:01:25 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\fkrdoctf.exe
[2008/01/11 09:30:17 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\mxbyujec.exe
[2008/01/11 09:29:37 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\prmmglfs.exe
[2008/01/11 08:59:42 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\eudljxnh.exe
[2008/01/11 08:59:08 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\omujsssp.exe
[2008/01/11 07:59:17 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\yupyugbc.exe
[2008/01/11 07:56:36 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\mvqeswuh.exe
[2008/01/11 07:49:44 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\snjyafno.exe
[2008/01/11 07:49:19 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\phingnjl.exe
[2008/01/11 07:44:00 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\cngnuaej.exe
[2008/01/11 07:10:54 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\skjrnbjs.exe
[2008/01/11 07:10:11 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\ovecvlkr.exe
[2008/01/11 07:06:47 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\miuwisns.exe
[2008/01/11 07:06:10 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\snelqsnb.exe
[2008/01/10 17:40:14 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\dbadbgxs.exe
[2008/01/10 17:39:45 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\hcbfjfuq.exe
[2008/01/10 17:34:13 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\tksmwwea.exe
[2008/01/10 17:29:20 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\detelogm.exe
[2008/01/10 17:24:01 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\jtgicxdm.exe
[2008/01/10 17:23:29 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\ftnxsprg.exe
[2008/01/08 14:21:36 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\bfokwrce.exe
[2008/01/08 14:19:59 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\udwrttka.exe
[2008/01/08 14:13:20 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\epysgbwf.exe
[2008/01/08 14:11:29 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\ykcmpurc.exe
[2008/01/08 12:44:16 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\fhtjerjb.exe
[2008/01/08 12:35:30 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\bbrhgayi.exe
[2008/01/08 07:03:14 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\qvhsjqhh.exe
[2008/01/08 07:00:20 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\wnbgpehb.exe
[2008/01/08 06:52:46 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\usspcgjd.exe
[2008/01/08 06:51:40 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\foswvxwb.exe
[2008/01/08 06:44:56 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\sjdyiovy.exe
[2008/01/08 06:43:50 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\etnvvgnj.exe
[2008/01/08 06:30:22 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\xkjbqtwq.exe
[2008/01/08 06:28:26 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\hxsbmnjj.exe
[2008/01/08 06:24:25 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\dhssdvbu.exe
[2008/01/08 06:23:02 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\nbojauqh.exe
[2008/01/08 05:51:44 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\ouekqixi.exe
[2008/01/08 05:50:47 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\mphpwrro.exe
[2008/01/06 20:03:20 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\gktjwbjm.exe
[2008/01/06 20:02:37 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\dpilnyvo.exe
[2008/01/06 19:18:52 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\ftgnkmsm.exe
[2008/01/06 19:16:04 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\acrsuaam.exe
[2008/01/03 11:11:30 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\qbijpyxc.exe
[2008/01/03 11:10:54 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\kartlkpc.exe
[2008/01/02 09:18:26 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\voukwwxr.exe
[2008/01/02 09:17:58 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\vtcdssso.exe
[2008/01/02 07:02:57 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\koebdxmi.exe
[2008/01/02 07:02:31 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\pxjltkaf.exe
[2008/01/01 19:54:36 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\ruxlxuxr.exe
[2008/01/01 19:49:15 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\tgttnpgl.exe
[2008/01/01 17:25:21 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\ktvfahrs.exe
[2008/01/01 17:21:02 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\akufdyyk.exe
[2008/01/01 16:34:05 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\iwefaihd.exe
[2008/01/01 16:33:18 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\erkpyilg.exe
[2008/01/01 16:20:59 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\wisaejpr.exe
[2008/01/01 16:17:29 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\reutwonx.exe
[2008/01/01 16:05:39 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\suyrjwpl.exe
[2008/01/01 16:05:08 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\hohyadja.exe
[2007/12/30 16:18:28 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\cyvqipjq.exe
[2007/12/30 16:12:45 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\dqvdddwp.exe
[2007/12/30 12:57:09 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\tpysanbr.exe
[2007/12/30 12:56:13 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\hxpgjxjt.exe
[2007/12/29 17:21:18 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\brrljymn.exe
[2007/12/29 17:19:37 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\aopodxas.exe
[2007/12/29 05:38:14 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\rubycdne.exe
[2007/12/29 05:36:01 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\sojseofq.exe
[2007/12/28 12:01:17 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\uofkmxwp.exe
[2007/12/28 12:00:35 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\yelfawwr.exe
[2007/12/26 13:17:28 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\olhqdvgy.exe
[2007/12/26 13:16:25 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\lgvptplc.exe
[2007/12/26 04:31:27 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\tpubeyqr.exe
[2007/12/26 04:30:20 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\cdwvsnem.exe
[2007/12/24 17:41:12 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\qdvguhuu.exe
[2007/12/24 16:39:41 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\cjdmajct.exe
[2007/12/22 18:38:35 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\pjubnbhc.exe
[2007/12/22 17:37:17 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\yoemruwe.exe
[2007/12/21 06:10:05 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\sbeqjmhb.exe
[2007/12/21 06:08:02 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\ocefwgci.exe
[2007/12/20 07:13:23 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\qgahxapy.exe
[2007/12/20 07:11:10 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\cxbxgeyi.exe
[2007/12/20 06:54:02 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\dsqwnwqq.exe
[2007/12/20 06:52:26 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\hfvverxm.exe
[2007/12/19 18:05:44 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\uoqlaful.exe
[2007/12/19 18:04:37 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\tvbbtiaq.exe
[2007/12/19 05:07:48 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\egsekqfg.exe
[2007/12/19 05:07:14 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\nevbxyxf.exe
[2007/12/18 05:46:21 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\bpuxvurw.exe
[2007/12/18 05:45:55 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\alrgsypg.exe
[2007/12/17 08:24:16 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\fbenvkel.exe
[2007/12/17 08:23:22 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\gqebqpjn.exe
[2007/12/17 06:18:55 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\fueolnlg.exe
[2007/12/17 06:17:29 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\fqcmaofp.exe
[2007/12/15 13:08:10 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\nilcpahm.exe
[2007/12/15 13:07:45 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\anoyhtai.exe
[2007/12/14 17:52:17 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\vwljyjbw.exe
[2007/12/14 17:50:48 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\kqmlvolr.exe
[2007/12/14 07:53:43 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\rkarjsbt.exe
[2007/12/14 07:52:44 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\ftgehgna.exe
[2007/12/13 11:10:53 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\ysdyckoq.exe
[2007/12/13 11:09:16 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\hnpptvhu.exe
[2007/12/13 08:48:44 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\kgsqdmvr.exe
[2007/12/12 10:25:33 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\mrnxftuw.exe
[2007/12/12 10:24:40 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\dapwhnml.exe
[2007/12/12 06:37:48 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\moemmkmk.exe
[2007/12/12 06:36:50 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\suulnsoo.exe
[2007/12/11 18:21:19 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\kjuwpgiw.exe
[2007/12/11 18:19:30 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\iqxddmpw.exe
[2007/12/09 20:57:39 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\dawnbday.exe
[2007/12/09 20:56:58 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\wiflimtm.exe
[2007/12/06 18:08:32 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\npybydfy.exe
[2007/12/06 18:08:07 | 000,074,260 | ---- | C] ( ) -- C:\WINDOWS\System32\xfbxbdbf.exe
[2007/12/03 13:14:23 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\yrymynxc.exe
[2007/12/03 12:16:58 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\eauqeywn.exe
[2007/12/03 12:15:57 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\fnhlkije.exe
[2007/11/30 01:23:33 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\votacair.exe
[2007/11/30 01:22:08 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\xtcsejba.exe
[2007/11/29 09:38:10 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\qmubheam.exe
[2007/11/29 09:37:30 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\ygportfm.exe
[2007/11/29 07:18:44 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\ghperuju.exe
[2007/11/27 09:15:30 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\cabxwgml.exe
[2007/11/27 09:14:51 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\sggjmbjq.exe
[2007/11/27 07:54:14 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\vrqhqiyg.exe
[2007/11/27 07:53:43 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\rtqhohdf.exe
[2007/11/26 21:57:18 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\gxnmlgta.exe
[2007/11/26 21:53:21 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\fytmkqux.exe
[2007/11/26 21:39:39 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\qaoicifb.exe
[2007/11/26 21:35:45 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\tdbqyvpw.exe
[2007/11/26 21:27:14 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\yvjsslkb.exe
[2007/11/26 21:26:11 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\eeohdwxe.exe
[2007/11/26 21:20:23 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\rucawboa.exe
[2007/11/26 21:19:19 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\jkvpsbvj.exe
[2007/11/26 21:11:49 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\uiatntrg.exe
[2007/11/26 21:11:24 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\dpwnulut.exe
[2007/11/26 13:15:29 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\kphknjdc.exe
[2007/11/26 13:14:55 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\hlgaeqax.exe
[2007/11/26 13:12:51 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\ctnafmmm.exe
[2007/11/26 13:11:56 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\yibtcspi.exe
[2007/11/26 13:08:37 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\ucercdiv.exe
[2007/11/26 13:07:53 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\bnyjyrgk.exe
[2007/11/25 20:12:06 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\qpdgfsli.exe
[2007/11/25 20:09:43 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\jyliwxwb.exe
[2007/11/24 13:03:33 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\hcfbocll.exe
[2007/11/24 13:03:11 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\gwdstlbs.exe
[2007/11/23 20:06:27 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\kjxfvsai.exe
[2007/11/23 20:05:37 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\tmaqqnid.exe
[2007/11/23 19:51:21 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\qdnqtaso.exe
[2007/11/23 19:50:00 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\bthofgen.exe
[2007/11/23 19:22:07 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\qcwmdaxa.exe
[2007/11/23 19:21:22 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\kpnajmei.exe
[2007/11/22 11:13:05 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\kiapcapc.exe
[2007/11/22 11:11:23 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\hqayfqtp.exe
[2007/11/22 08:03:52 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\ivponmil.exe
[2007/11/22 08:02:44 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\xqpgtykn.exe
[2007/11/21 16:59:04 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\lpctlhso.exe
[2007/11/21 16:58:25 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\huhcjegt.exe
[2007/11/21 06:37:14 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\kybxgtcj.exe
[2007/11/21 06:35:29 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\mgmjxdxg.exe
[2007/11/21 04:29:57 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\ecmubcju.exe
[2007/11/21 04:28:17 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\iycintvk.exe
[2007/11/19 09:12:39 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\bpxxxusa.exe
[2007/11/19 09:10:17 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\ndvulivf.exe
[2007/11/19 04:33:57 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\iqvdnsdo.exe
[2007/11/19 04:32:52 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\ampanidj.exe
[2007/11/18 11:37:09 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\qfdexopw.exe
[2007/11/18 11:35:54 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\uydtlwrl.exe
[2007/11/17 11:28:30 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\idobgkfx.exe
[2007/11/17 11:26:25 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\ukoldkvk.exe
[2007/11/17 11:05:33 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\lbhsjngp.exe
[2007/11/17 11:03:27 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\csrqrddf.exe
[2007/11/17 07:59:10 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\mnwjuuct.exe
[2007/11/17 07:54:44 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\ukivgljq.exe
[2007/11/17 06:20:46 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\kgyqysam.exe
[2007/11/17 06:18:26 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\nduakgxw.exe
[2007/11/16 11:13:11 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\ruqfxioe.exe
[2007/11/16 11:12:45 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\evnvrdra.exe
[2007/11/13 05:17:11 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\xmlpiabw.exe
[2007/11/13 05:16:39 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\mvulnnyg.exe
[2007/11/11 17:30:36 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\klcupiud.exe
[2007/11/11 17:29:24 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\jovwwlje.exe
[2007/11/11 16:10:01 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\unsgpswh.exe
[2007/11/11 16:09:28 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\cxdjrvsa.exe
[2007/11/11 15:20:32 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\irgjkpxm.exe
[2007/11/11 15:19:57 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\uqkrfnuk.exe
[2007/11/11 14:54:46 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\xmguqgvs.exe
[2007/11/11 14:53:36 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\lachibea.exe
[2007/11/09 06:42:26 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\vulsjbvi.exe
[2007/11/09 06:40:44 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\navhbafi.exe
[2007/11/09 06:27:40 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\mehacwtp.exe
[2007/11/09 06:25:05 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\ijlkrguk.exe
[2007/11/09 06:02:26 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\afrmwiyk.exe
[2007/11/09 06:01:34 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\bqhrlwmk.exe
[2007/11/08 18:06:52 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\yudhjgli.exe
[2007/11/08 18:06:25 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\fqxthkyu.exe
[2007/11/08 18:03:08 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\cbuidahh.exe
[2007/11/08 18:02:40 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\nnbjwjtw.exe
[2007/11/08 17:55:22 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\lsmdbfjj.exe
[2007/11/08 17:54:27 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\riuduqdk.exe
[2007/11/08 16:52:11 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\ybenwvqb.exe
[2007/11/08 16:51:19 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\webysyyg.exe
[2007/11/08 15:57:35 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\nkloslhk.exe
[2007/11/08 15:57:10 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\pkeihxax.exe
[2007/11/08 14:28:06 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\hbtxewiy.exe
[2007/11/08 14:27:42 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\dusbelqu.exe
[2007/11/08 06:00:28 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\gsadifkw.exe
[2007/11/08 06:00:03 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\awilhxcc.exe
[2007/11/07 07:14:03 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\nkinbbtr.exe
[2007/11/07 07:13:11 | 000,071,188 | ---- | C] ( ) -- C:\WINDOWS\System32\mspmrmpv.exe
[2007/11/06 06:46:48 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\cxhdicci.exe
[2007/11/06 06:46:10 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\mcpswuat.exe
[2007/11/05 05:56:04 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ttnwqeyp.exe
[2007/11/05 05:55:32 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\fudndrmi.exe
[2007/11/04 19:43:08 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\mffqdicx.exe
[2007/11/04 19:42:37 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\rfbdxfyp.exe
[2007/11/04 14:48:19 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\tsijrbyf.exe
[2007/11/04 14:46:57 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\muvdishm.exe
[2007/11/03 15:10:06 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\herlrxii.exe
[2007/11/03 15:08:05 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\sropjjux.exe
[2007/11/03 06:35:16 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\yhhkejhj.exe
[2007/11/03 06:11:03 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\uowymilj.exe
[2007/11/03 06:10:32 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\tmhfyqvr.exe
[2007/11/03 05:05:53 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\mubbxhai.exe
[2007/11/03 05:04:18 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\xfqlxjvi.exe
[2007/11/01 13:04:41 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\gvbabtwq.exe
[2007/11/01 13:03:46 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\fnsgiwbh.exe
[2007/10/31 08:40:26 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\icfbjktp.exe
[2007/10/31 08:18:25 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\mgpkifew.exe
[2007/10/31 07:27:44 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\sfyxdxmv.exe
[2007/10/31 07:26:11 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\itfddley.exe
[2007/10/31 06:29:17 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\irtxynms.exe
[2007/10/31 06:28:27 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\bjmnaeoh.exe
[2007/10/30 05:50:50 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\utaaybrt.exe
[2007/10/30 05:50:11 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\fehxgqqc.exe
[2007/10/30 05:22:13 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\jeshommv.exe
[2007/10/29 10:43:18 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\xbknwgic.exe
[2007/10/29 10:42:40 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\wjjnkasf.exe
[2007/10/29 05:18:28 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\edscdeqi.exe
[2007/10/29 05:18:01 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ssibkfuw.exe
[2007/10/28 11:07:52 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\tohnppbj.exe
[2007/10/28 11:05:57 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\mtjyjtov.exe
[2007/10/28 10:51:59 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\uvxhdjjt.exe
[2007/10/28 10:51:27 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\fdmkktxg.exe
[2007/10/27 13:42:24 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\jwiefgvs.exe
[2007/10/27 13:41:58 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\rvsknhht.exe
[2007/10/26 03:21:06 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\vaputifb.exe
[2007/10/26 03:20:15 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ftlnjvdc.exe
[2007/10/25 04:49:50 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\noimynwn.exe
[2007/10/25 04:48:11 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\hmhcxxny.exe
[2007/10/24 19:21:09 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\wuldlyqd.exe
[2007/10/24 19:19:58 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ugmgwjon.exe
[2007/10/24 18:05:48 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ncdjqvpl.exe
[2007/10/24 18:05:10 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\nmrwgxbo.exe
[2007/10/24 16:55:11 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\rovhmyrd.exe
[2007/10/24 16:49:21 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\cwwvquwn.exe
[2007/10/24 16:05:08 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\qtkkisbl.exe
[2007/10/24 16:04:45 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\nqvfqwqr.exe
[2007/10/23 06:46:42 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\aoutqlhj.exe
[2007/10/23 06:44:06 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\cvfcurjb.exe
[2007/10/23 05:47:32 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\fwmmhpda.exe
[2007/10/23 05:46:45 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\tqiixhrs.exe
[2007/10/20 04:51:50 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\whrmpoqh.exe
[2007/10/19 19:15:08 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\nhuefekr.exe
[2007/10/19 19:09:48 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\xamrtrjx.exe
[2007/10/19 19:01:39 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\yxkxkuog.exe
[2007/10/19 18:58:47 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\bqfpxmie.exe
[2007/10/19 18:45:04 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\jurlwbyh.exe
[2007/10/19 18:43:18 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ivciqyev.exe
[2007/10/19 17:32:02 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\orxejumm.exe
[2007/10/19 16:28:32 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\jfpaqrvl.exe
[2007/10/19 16:27:17 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\hgsqvrrr.exe
[2007/10/19 16:06:52 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\lkhifqki.exe
[2007/10/19 16:04:52 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\smlsjjmd.exe
[2007/10/18 13:50:13 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ajiuujix.exe
[2007/10/17 19:36:36 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\vuvpxlff.exe
[2007/10/17 19:30:37 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\furtfnhb.exe
[2007/10/17 18:47:22 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\aatnlbwk.exe
[2007/10/17 18:46:57 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\susnvsgc.exe
[2007/10/17 04:21:36 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ktvyuymx.exe
[2007/10/17 04:21:11 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\bnvbjyaw.exe
[2007/10/12 15:59:40 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ttnyprbp.exe
[2007/10/12 15:58:34 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\frlrvyfp.exe
[2007/10/10 14:24:32 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\jjseryvv.exe
[2007/10/10 14:23:15 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\jmlilted.exe
[2007/10/10 10:17:59 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\klcrhwfa.exe
[2007/10/10 10:17:18 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\dkdliayp.exe
[2007/10/10 04:48:25 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\cclimnaf.exe
[2007/10/10 04:48:04 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\effwseni.exe
[2007/10/07 12:52:20 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\fyogwctn.exe
[2007/10/07 12:51:33 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\axqiupxn.exe
[2007/10/07 02:26:52 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\mkavoqva.exe
[2007/10/07 02:25:54 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ksueqwsd.exe
[2007/10/05 19:08:44 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\krhhrwgp.exe
[2007/10/05 19:07:47 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\jebirnky.exe
[2007/10/05 17:05:57 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\skwsrpid.exe
[2007/10/05 16:41:44 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\shpqaree.exe
[2007/10/04 12:22:58 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\admjlief.exe
[2007/10/04 10:13:37 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\yxrsjold.exe
[2007/10/04 08:17:08 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ajghtptm.exe
[2007/10/04 06:19:40 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\eqswpqwm.exe
[2007/10/04 05:54:38 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\srhdpqpc.exe
[2007/10/04 05:50:45 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\jeftofib.exe
[2007/09/30 11:30:31 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\lscsydhs.exe
[2007/09/30 11:28:06 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\lvfklpcx.exe
[2007/09/30 11:14:36 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ijjmdvky.exe
[2007/09/30 11:12:53 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\valfmaop.exe
[2007/09/29 19:40:29 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ianettvp.exe
[2007/09/29 19:39:17 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\jxyubxrn.exe
[2007/09/29 16:10:31 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\duecicbo.exe
[2007/09/29 16:09:18 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\cwpjkbos.exe
[2007/09/29 12:34:11 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\smmgvqoc.exe
[2007/09/29 12:32:30 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\iytlyqng.exe
[2007/09/29 12:16:07 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\svuueqln.exe
[2007/09/29 12:14:17 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\fkgpsfhl.exe
[2007/09/29 04:26:24 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\qcajcthm.exe
[2007/09/29 04:25:27 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\kqcpukhq.exe
[2007/09/26 17:32:29 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\shryasug.exe
[2007/09/26 17:28:28 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\xkrplixs.exe
[2007/09/26 17:14:24 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\rahwkqtf.exe
[2007/09/26 17:11:11 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\dfohrpjg.exe
[2007/09/26 02:58:37 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ethtgwvy.exe
[2007/09/24 06:28:58 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\uqhtnejl.exe
[2007/09/24 06:27:50 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\prrduhqa.exe
[2007/09/22 15:35:29 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\fhkewtts.exe
[2007/09/22 04:06:56 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\eejvghjv.exe
[2007/09/22 04:04:53 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\djnphsfc.exe
[2007/09/20 15:53:14 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ufqeepkf.exe
[2007/09/20 15:50:51 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\esxjqofe.exe
[2007/09/20 06:55:33 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\sqfgdwai.exe
[2007/09/20 06:54:20 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\uklyykuy.exe
[2007/09/19 07:42:09 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\xnfldqcx.exe
[2007/09/19 07:37:56 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\kpfkqquh.exe
[2007/09/19 04:21:06 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\mupljiwr.exe
[2007/09/19 04:19:51 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\wtvdjdcd.exe
[2007/09/18 13:17:46 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ydfjodje.exe
[2007/09/18 13:15:22 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\mkahwhtl.exe
[2007/09/18 12:56:14 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\clfuajhn.exe
[2007/09/18 12:54:09 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\oqmcntxo.exe
[2007/09/18 12:49:16 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\iwqkdmdr.exe
[2007/09/17 11:24:07 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\jwiooqaf.exe
[2007/09/17 11:22:30 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\hqmmbjhe.exe
[2007/09/17 11:11:59 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\lygnuihv.exe
[2007/09/17 11:10:06 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\yfonsksx.exe
[2007/09/17 07:05:04 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ppcoecfq.exe
[2007/09/17 05:24:44 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ggkimbnd.exe
[2007/09/17 05:22:33 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\gwosreyx.exe
[2007/09/15 19:51:56 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\vthdttwy.exe
[2007/09/15 19:49:34 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\locrimjs.exe
[2007/09/15 12:38:20 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\asgofoqe.exe
[2007/09/15 12:37:08 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\etotiigi.exe
[2007/09/14 08:26:54 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\skrsdoog.exe
[2007/09/14 08:24:21 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\waetklse.exe
[2007/09/14 07:27:08 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\djxfmrrc.exe
[2007/09/14 07:25:12 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\dkraiqvh.exe
[2007/09/14 07:18:51 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\jrpopfhy.exe
[2007/09/14 07:16:49 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ugecwhtf.exe
[2007/09/14 07:12:27 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\rmijbrll.exe
[2007/09/14 07:10:06 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\emgagvxf.exe
[2007/09/14 06:20:02 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\gxryirie.exe
[2007/09/14 06:16:16 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\oxeampih.exe
[2007/09/14 02:31:20 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\tskpcxul.exe
[2007/09/14 02:28:19 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\nkxlxgrq.exe
[2007/09/13 19:44:52 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ehdhlsfw.exe
[2007/09/13 19:41:38 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\hsynrryb.exe
[2007/09/12 02:04:24 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\rvcefeex.exe
[2007/09/12 02:02:18 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\punwihee.exe
[2007/09/11 15:44:18 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\dixinefr.exe
[2007/09/11 15:43:09 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\cmdpajof.exe
[2007/09/11 04:37:10 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\tutvstfl.exe
[2007/09/11 04:35:35 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\pcfmqiok.exe
[2007/09/09 15:58:48 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\bivvoydw.exe
[2007/09/09 15:54:38 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ltrlxadh.exe
[2007/09/08 05:10:10 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\fnqjwymb.exe
[2007/09/08 05:07:28 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\kgjdcvhr.exe
[2007/09/07 20:13:53 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\xgjreprm.exe
[2007/09/07 20:10:15 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\fieqxxwf.exe
[2007/09/07 19:34:07 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\roojbbav.exe
[2007/09/07 19:29:23 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\eorrptgd.exe
[2007/09/07 17:54:14 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\wmevoxws.exe
[2007/09/07 17:17:00 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\armungap.exe
[2007/09/07 17:12:53 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ijkmfhji.exe
[2007/09/07 15:38:55 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\fcxswkmt.exe
[2007/09/07 04:01:20 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\diqcllpt.exe
[2007/09/07 03:03:38 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\djctgjxf.exe
[2007/09/07 02:18:06 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\coyxsfud.exe
[2007/09/07 02:14:29 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\vuylonbk.exe
[2007/09/06 14:33:15 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\dbjftrkj.exe
[2007/09/04 10:56:48 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\imjsnpfr.exe
[2007/09/04 10:54:47 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\vrvuaklm.exe
[2007/09/04 04:54:23 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\bixqvxqd.exe
[2007/09/02 02:23:07 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ldkmxhoo.exe
[2007/09/02 02:20:32 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\hjayrmeb.exe
[2007/09/01 18:26:34 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ayeqbmnq.exe
[2007/09/01 11:11:10 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\yedvvdol.exe
[2007/09/01 11:09:25 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ygnecxol.exe
[2007/08/30 16:22:39 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\wyuppbls.exe
[2007/08/30 05:50:51 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\gitjlqop.exe
[2007/08/30 05:48:19 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\wtvgfyge.exe
[2007/08/30 05:36:19 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\isxfhbwt.exe
[2007/08/30 05:34:04 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\jmakhjwe.exe
[2007/08/30 04:27:15 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\wjtgaaba.exe
[2007/08/30 04:24:54 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\bvtwlxyc.exe
[2007/08/30 04:06:30 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\tswiwaev.exe
[2007/08/30 04:04:50 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\kgqyfgmu.exe
[2007/08/30 03:52:39 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\slaaqidk.exe
[2007/08/29 08:46:33 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\sbokesoq.exe
[2007/08/29 08:42:25 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\nxdgmqok.exe
[2007/08/28 14:32:32 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\auoquyle.exe
[2007/08/28 14:30:14 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\faypceup.exe
[2007/08/14 18:45:46 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\otjdjsyb.exe
[2007/08/14 18:43:53 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\wehtyjdc.exe
[2007/08/14 18:13:09 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\yuuuyevp.exe
[2007/08/14 18:00:33 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ngjeltoc.exe
[2007/08/14 17:44:58 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\sjyoayag.exe
[2007/08/14 17:42:58 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\jnusfwiu.exe
[2007/08/14 17:38:29 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\mvtucpja.exe
[2007/08/14 17:33:56 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\eyekbmnk.exe
[2007/08/14 17:07:47 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\efbquvja.exe
[2007/08/14 17:04:11 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\fbboaiaj.exe
[2007/08/14 15:28:29 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\unqnntjx.exe
[2007/08/14 15:26:12 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\slcvrbru.exe
[2007/08/14 15:17:55 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\arkxefvy.exe
[2007/08/14 15:11:25 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ossskees.exe
[2007/08/14 14:57:45 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\bkogkygd.exe
[2007/08/14 14:54:11 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\uvkqldqi.exe
[2007/08/14 13:43:16 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\vwckybiw.exe
[2007/08/14 13:39:26 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\poumgcvn.exe
[2007/08/14 13:12:15 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\fygtvdek.exe
[2007/08/14 13:10:00 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\jakkuwpk.exe
[2007/08/14 11:21:55 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\qjwwirkn.exe
[2007/08/14 11:19:14 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\xlcsaupx.exe
[2007/08/14 11:04:45 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\lspairpb.exe
[2007/08/14 11:01:52 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ylxruhix.exe
[2007/08/14 04:07:03 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\yvecfkkb.exe
[2007/08/14 04:05:35 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\mwthyhwu.exe
[2007/08/12 11:28:27 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\vcfqjrhx.exe
[2007/08/12 11:27:00 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ahpgnqiv.exe
[2007/08/12 11:21:39 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ldmyimie.exe
[2007/08/12 11:18:08 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\brirnpvt.exe
[2007/08/12 09:35:24 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\noxhxdea.exe
[2007/08/12 09:33:55 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\tthphnjp.exe
[2007/08/12 04:48:13 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\epcxobrv.exe
[2007/08/11 12:10:50 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\kbbxbsfr.exe
[2007/08/11 12:08:52 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\sgjchhvi.exe
[2007/08/11 12:05:15 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\fxdydwtf.exe
[2007/08/11 12:03:33 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\njlxdhnr.exe
[2007/08/11 11:46:31 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\pvfhrlnj.exe
[2007/08/11 11:44:45 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ukgmsmen.exe
[2007/08/11 11:18:08 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\avnxkobt.exe
[2007/08/10 18:18:49 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\guinjjih.exe
[2007/08/09 14:04:16 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\awwqahdm.exe
[2007/08/09 14:01:38 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\lnraomdb.exe
[2007/08/09 13:51:13 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\jeadnxtg.exe
[2007/08/09 13:47:56 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ngoymafl.exe
[2007/08/09 13:31:46 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\tjrihchd.exe
[2007/08/09 13:30:39 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\jlqjocnw.exe
[2007/08/08 19:00:52 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\dsmoiihq.exe
[2007/08/08 17:45:26 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\tqqsvltq.exe
[2007/08/08 17:43:09 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\ylimpaqo.exe
[2007/08/08 16:46:55 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\dkrapyxo.exe
[2007/08/08 16:43:46 | 000,075,284 | ---- | C] ( ) -- C:\WINDOWS\System32\dynmdosp.exe
[2007/07/07 17:53:01 | 000,050,708 | ---- | C] ( ) -- C:\WINDOWS\System32\mjediwqy.exe
[2007/07/07 17:50:10 | 000,050,708 | ---- | C] ( ) -- C:\WINDOWS\System32\dtvlxtmw.exe
[2007/07/07 17:39:28 | 000,050,708 | ---- | C] ( ) -- C:\WINDOWS\System32\gjxtjqen.exe
[2007/07/07 17:35:52 | 000,050,708 | ---- | C] ( ) -- C:\WINDOWS\System32\emdstyoq.exe
[2007/07/07 16:41:57 | 000,050,708 | ---- | C] ( ) -- C:\WINDOWS\System32\jbarfigv.exe
[2007/07/07 16:40:26 | 000,050,708 | ---- | C] ( ) -- C:\WINDOWS\System32\watctigk.exe
[2007/07/07 15:42:04 | 000,050,708 | ---- | C] ( ) -- C:\WINDOWS\System32\pbpwuugj.exe
[2007/07/07 15:39:03 | 000,050,708 | ---- | C] ( ) -- C:\WINDOWS\System32\ojcuugso.exe
[2007/07/07 15:24:23 | 000,050,708 | ---- | C] ( ) -- C:\WINDOWS\System32\sieivpam.exe
[2007/07/07 15:21:21 | 000,050,708 | ---- | C] ( ) -- C:\WINDOWS\System32\bwloyqmv.exe
[2007/07/07 11:53:04 | 000,050,708 | ---- | C] ( ) -- C:\WINDOWS\System32\revoofla.exe
[2007/07/07 11:51:16 | 000,050,708 | ---- | C] ( ) -- C:\WINDOWS\System32\aeyjljbc.exe
[2007/07/07 11:12:31 | 000,050,708 | ---- | C] ( ) -- C:\WINDOWS\System32\nsdkyxvn.exe
[2007/07/06 03:25:28 | 000,050,708 | ---- | C] ( ) -- C:\WINDOWS\System32\ubsowiau.exe
[2007/07/06 03:24:20 | 000,050,708 | ---- | C] ( ) -- C:\WINDOWS\System32\uocwkomv.exe
[2007/07/05 02:18:10 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\nfprpjgy.exe
[2007/07/05 02:16:50 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\koyrcrhy.exe
[2007/07/04 17:34:45 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\ajftihcu.exe
[2007/07/04 17:32:47 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\ikhmmyae.exe
[2007/07/04 17:19:41 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\wfswgsvi.exe
[2007/07/04 17:17:50 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\prplbsuo.exe
[2007/07/04 17:04:39 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\ffjupbob.exe
[2007/07/04 16:58:13 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\ukutfdmb.exe
[2007/07/04 15:36:57 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\lildscqb.exe
[2007/07/04 15:29:07 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\rbtdivqd.exe
[2007/07/04 15:26:24 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\idbyuowv.exe
[2007/07/04 15:09:02 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\tuvtdufw.exe
[2007/07/04 15:07:13 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\iscobmhx.exe
[2007/07/04 14:58:45 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\cwjoxmqw.exe
[2007/07/04 14:56:37 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\ejufcdmy.exe
[2007/07/04 12:06:49 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\odavfkip.exe
[2007/07/04 12:02:55 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\vbicewea.exe
[2007/07/04 11:38:02 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\obsusuuk.exe
[2007/07/04 11:36:06 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\fuwqdlpi.exe
[2007/07/04 08:39:02 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\ahrmtqex.exe
[2007/07/04 08:36:51 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\oeuuhlrv.exe
[2007/07/04 08:21:57 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\suyeuwwe.exe
[2007/07/04 08:19:17 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\cfamgfqv.exe
[2007/07/04 07:54:39 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\hpfyamrr.exe
[2007/07/04 07:53:05 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\fyxouyqr.exe
[2007/07/01 10:00:01 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\ufxrntdk.exe
[2007/06/26 18:39:27 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\ytbbhjer.exe
[2007/06/26 18:38:01 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\ykchcepd.exe
[2007/06/26 18:29:21 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\tpxpuabm.exe
[2007/06/26 18:27:42 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\nayshlki.exe
[2007/06/26 18:15:39 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\cocnyldk.exe
[2007/06/26 17:54:44 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\bjnvcqbx.exe
[2007/06/26 17:53:01 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\qcmlnwsu.exe
[2007/06/26 17:39:27 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\bdowtmir.exe
[2007/06/26 17:37:07 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\wcbjvmhh.exe
[2007/06/26 16:47:32 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\pukosjlt.exe
[2007/06/26 16:46:04 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\rhmisnwe.exe
[2007/06/26 16:33:09 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\ejeckwgp.exe
[2007/06/26 16:31:34 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\xwjsptih.exe
[2007/06/26 16:09:19 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\khiphwqc.exe
[2007/06/25 08:01:32 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\gjtoncrh.exe
[2007/06/25 07:57:36 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\vpducpjl.exe
[2007/06/25 07:26:57 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\ufmnwcpd.exe
[2007/06/25 07:24:43 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\iobxfmxf.exe
[2007/06/25 06:44:19 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\sjjujiqk.exe
[2007/06/25 06:43:15 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\cvkeyyiv.exe
[2007/06/24 06:45:05 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\eyguarsp.exe
[2007/06/24 06:03:16 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\cxjqtdvj.exe
[2007/06/24 06:01:22 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\tglideqm.exe
[2007/06/24 05:52:51 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\iumgnrxx.exe
[2007/06/24 05:50:55 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\heafkods.exe
[2007/06/24 05:32:58 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\ijwikpfn.exe
[2007/06/24 05:30:07 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\xawagcvy.exe
[2007/06/24 05:14:40 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\mrailukx.exe
[2007/06/24 05:12:48 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\ivrlsokf.exe
[2007/06/24 04:39:57 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\xmojteyc.exe
[2007/06/24 04:35:51 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\woupyhjb.exe
[2007/06/24 04:19:53 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\ltyynhek.exe
[2007/06/23 13:33:33 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\gkywpgfy.exe
[2007/06/23 13:30:53 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\idkhfmvv.exe
[2007/06/23 13:25:00 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\hyfxigym.exe
[2007/06/23 13:23:10 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\ghydpafd.exe
[2007/06/23 13:03:59 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\lwcytnpf.exe
[2007/06/22 07:39:02 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\dmxiagpo.exe
[2007/06/22 07:37:44 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\wbjsshgx.exe
[2007/06/22 07:00:07 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\npcxaifm.exe
[2007/06/22 06:57:57 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\cfwilfix.exe
[2007/06/22 04:58:21 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\bewvtrfm.exe
[2007/06/22 04:17:41 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\atigwwcm.exe
[2007/06/21 14:23:13 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\pqkwrnfc.exe
[2007/06/21 14:21:23 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\ctksnygu.exe
[2007/06/21 14:05:49 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\oveaauuo.exe
[2007/06/21 14:01:50 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\sigxcfao.exe
[2007/06/21 13:36:33 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\trkaukqp.exe
[2007/06/21 13:34:34 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\ejyghhfo.exe
[2007/06/21 13:30:50 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\afkrvpix.exe
[2007/06/21 13:28:54 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\evfvvkdl.exe
[2007/06/21 13:18:08 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\tphbkpru.exe
[2007/06/21 13:15:52 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\gvfkqrln.exe
[2007/06/21 12:14:49 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\ypcolixe.exe
[2007/06/21 12:13:36 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\ytdrbklg.exe
[2007/06/21 10:37:39 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\kbpnicbc.exe
[2007/06/21 10:36:29 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\btbtiuqp.exe
[2007/06/21 09:08:19 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\jfiyview.exe
[2007/06/21 09:06:54 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\autqpmox.exe
[2007/06/20 10:09:18 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\qrienoff.exe
[2007/06/20 10:08:05 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\mncrfvvh.exe
[2007/06/20 09:56:33 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\kibyuxpu.exe
[2007/06/20 09:55:03 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\ipfjxrdc.exe
[2007/06/20 06:53:57 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\axbrihqy.exe
[2007/06/20 06:52:31 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\anefykou.exe
[2007/06/20 06:36:47 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\icbrkusx.exe
[2007/06/20 06:35:27 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\iouayfmc.exe
[2007/06/20 06:27:27 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\wimdtkhk.exe
[2007/06/20 06:26:13 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\lmmalitc.exe
[2007/06/20 06:11:57 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\qrbblhuv.exe
[2007/06/20 06:09:07 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\omxwtrjd.exe
[2007/06/20 05:28:11 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\ryujfgxi.exe
[2007/06/20 05:26:20 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\gorifkub.exe
[2007/06/20 05:12:33 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\efygijuq.exe
[2007/06/18 03:03:26 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\gxbyurng.exe
[2007/06/17 15:08:49 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\vfrojgbb.exe
[2007/06/17 14:39:51 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\vxcdgajq.exe
[2007/06/17 14:28:09 | 000,122,900 | ---- | C] ( ) -- C:\WINDOWS\System32\nltddfvp.exe
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[20 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/11/21 19:26:58 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/11/21 19:25:47 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\Express Files Updater.job
[2012/11/21 08:04:51 | 000,013,744 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/11/18 18:53:17 | 000,000,887 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WTGU.lnk
[2012/11/18 15:35:38 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/11/02 11:35:43 | 000,002,489 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Word.lnk
[2012/10/30 16:59:22 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/10/30 16:59:22 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/10/28 15:04:05 | 000,067,796 | ---- | M] () -- C:\Documents and Settings\Philip Green\Desktop\538770_10151175032821100_1544543661_n.jpg
[2012/10/28 11:34:40 | 000,432,688 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/10/28 11:34:40 | 000,067,660 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[20 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/10/11 10:16:19 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Philip Green\ŸŸ
[2012/08/31 13:28:47 | 000,006,116 | ---- | C] () -- C:\Documents and Settings\Philip Green\Application Data\cscet.dll
[2012/08/06 15:26:29 | 000,140,320 | ---- | C] () -- C:\WINDOWS\System32\drivers\str.sys
[2012/02/03 14:26:55 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Philip Green\Ÿ7Ÿ7
[2012/02/02 08:27:12 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011/06/20 14:54:15 | 000,120,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\16427B.sys
[2010/11/24 14:29:35 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/11/20 16:00:00 | 035,048,115 | ---- | C] () -- C:\WINDOWS\System32\WmInit.exe
[2010/11/20 16:00:00 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\WmInit.dat
[2010/01/24 18:24:52 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Philip Green\Ÿ8Ÿ8
[2010/01/24 17:03:02 | 000,165,074 | ---- | C] () -- C:\WINDOWS\hpoins21.dat
[2010/01/24 17:03:01 | 000,007,262 | ---- | C] () -- C:\WINDOWS\hpomdl21.dat
[2010/01/15 16:47:52 | 000,018,724 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/07/23 18:11:06 | 000,000,040 | ---- | C] () -- C:\WINDOWS\ujf635.bin
[2008/12/30 15:52:32 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2008/12/30 15:47:44 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2008/07/30 07:32:30 | 000,000,021 | ---- | C] () -- C:\WINDOWS\VI_setup.ini
[2008/07/30 07:31:41 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PB_setup.ini
[2008/07/30 07:04:44 | 000,308,736 | ---- | C] () -- C:\WINDOWS\System32\fpxlib.dll
[2008/07/30 07:04:44 | 000,091,136 | ---- | C] () -- C:\WINDOWS\System32\jpeglib.dll
[2008/07/30 07:03:57 | 000,000,579 | ---- | C] () -- C:\WINDOWS\videoimp.ini
[2008/07/30 07:03:47 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2008/06/13 07:28:24 | 000,000,036 | ---- | C] () -- C:\WINDOWS\Tiny_Run.ini
[2008/03/13 08:37:22 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\0D6603F961.dll
[2008/02/20 17:58:24 | 000,000,294 | -HS- | C] () -- C:\WINDOWS\System32\wovkwgds.ini
[2008/02/20 17:37:09 | 000,000,354 | -HS- | C] () -- C:\WINDOWS\System32\wovkwgds.ini2
[2008/02/10 14:37:13 | 000,120,340 | ---- | C] () -- C:\WINDOWS\System32\ggdeuqlc.dll
[2008/02/09 16:55:15 | 000,120,340 | ---- | C] () -- C:\WINDOWS\System32\jlyhodjn.dll
[2008/02/09 16:45:02 | 000,120,340 | ---- | C] () -- C:\WINDOWS\System32\athdhpki.dll
[2008/02/05 20:09:12 | 000,120,852 | ---- | C] () -- C:\WINDOWS\System32\muyelovf.dll
[2008/02/03 19:09:02 | 000,120,852 | ---- | C] () -- C:\WINDOWS\System32\qyivrvvh.dll
[2008/02/02 17:51:14 | 000,120,852 | ---- | C] () -- C:\WINDOWS\System32\nhlvpvdc.dll
[2008/02/02 17:29:40 | 000,120,852 | ---- | C] () -- C:\WINDOWS\System32\vtspxoto.dll
[2008/02/02 16:49:00 | 000,120,852 | ---- | C] () -- C:\WINDOWS\System32\seqwkjrj.dll
[2008/02/02 13:52:00 | 000,120,852 | ---- | C] () -- C:\WINDOWS\System32\xdiaefcg.dll
[2008/01/29 19:43:08 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\ekfslnxi.dll
[2008/01/29 18:20:19 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\mnxlwxdo.dll
[2008/01/29 18:15:00 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\hophpdvf.dll
[2008/01/29 17:20:01 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\jixbcllo.dll
[2008/01/29 16:53:09 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\crkhujvh.dll
[2008/01/29 16:07:10 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\wduksyna.dll
[2008/01/29 13:59:25 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\reayoipa.dll
[2008/01/26 18:30:51 | 000,120,852 | ---- | C] () -- C:\WINDOWS\System32\gmflodam.dll
[2008/01/26 16:48:38 | 000,120,852 | ---- | C] () -- C:\WINDOWS\System32\ppwdkqaf.dll
[2008/01/21 11:21:21 | 000,000,715 | ---- | C] () -- C:\WINDOWS\aolback.exe.lnk
[2008/01/21 11:13:28 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/01/18 06:30:54 | 000,076,412 | ---- | C] () -- C:\WINDOWS\System32\vqdarvjo.dll
[2008/01/17 14:59:15 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\qdocaeng.dll
[2008/01/17 14:14:44 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\txrmofrq.dll
[2008/01/17 13:59:35 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\ovjbmool.dll
[2008/01/16 17:00:25 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\bsimevjo.dll
[2008/01/16 16:45:30 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\kfhnkhbm.dll
[2008/01/15 18:20:40 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\uygabqpq.dll
[2008/01/15 18:14:11 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\hcumojyy.dll
[2008/01/15 17:15:07 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\xthtdmsl.dll
[2008/01/15 17:01:46 | 000,076,412 | ---- | C] () -- C:\WINDOWS\System32\mfymtohm.dll
[2008/01/11 09:30:55 | 000,076,412 | ---- | C] () -- C:\WINDOWS\System32\lybavfbi.dll
[2008/01/08 14:20:26 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\utcdyibq.dll
[2008/01/08 14:12:23 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\ibrtnhie.dll
[2008/01/08 05:51:05 | 000,076,412 | ---- | C] () -- C:\WINDOWS\System32\hsjoudvq.dll
[2008/01/06 19:17:20 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\fkaavgex.dll
[2008/01/06 19:16:29 | 000,076,412 | ---- | C] () -- C:\WINDOWS\System32\vjioavmd.dll
[2008/01/01 19:51:14 | 000,120,852 | ---- | C] () -- C:\WINDOWS\System32\irjscwmr.dll
[2008/01/01 16:18:59 | 000,120,852 | ---- | C] () -- C:\WINDOWS\System32\iydriild.dll
[2008/01/01 16:06:04 | 000,076,412 | ---- | C] () -- C:\WINDOWS\System32\viturvyh.dll
[2007/12/30 16:15:27 | 000,122,388 | ---- | C] () -- C:\WINDOWS\System32\gdlvhoud.dll
[2007/12/29 17:20:08 | 000,122,388 | ---- | C] () -- C:\WINDOWS\System32\kjnevimg.dll
[2007/12/29 05:37:07 | 000,076,412 | ---- | C] () -- C:\WINDOWS\System32\ddwyhjpm.dll
[2007/12/28 12:00:52 | 000,076,412 | ---- | C] () -- C:\WINDOWS\System32\uteinwex.dll
[2007/12/26 13:18:27 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\vbgtlatt.dll
[2007/12/22 18:41:14 | 000,076,412 | ---- | C] () -- C:\WINDOWS\System32\lmkoebfn.dll
[2007/12/22 18:39:55 | 000,121,876 | ---- | C] () -- C:\WINDOWS\System32\qswgyuee.dll
[2007/12/22 17:38:25 | 000,037,376 | ---- | C] () -- C:\WINDOWS\System32\yayywxv.dll
[2007/12/21 06:11:07 | 000,037,376 | ---- | C] () -- C:\WINDOWS\System32\nnnlkji.dll
[2007/12/21 06:09:41 | 000,037,376 | ---- | C] () -- C:\WINDOWS\System32\qommnlj.dll
[2007/12/20 07:13:21 | 000,037,376 | ---- | C] () -- C:\WINDOWS\System32\ssqnkhe.dll
[2007/12/20 07:12:36 | 000,037,376 | ---- | C] () -- C:\WINDOWS\System32\ssqommj.dll
[2007/12/20 06:53:54 | 000,037,376 | ---- | C] () -- C:\WINDOWS\System32\nnnolmm.dll
[2007/12/20 06:52:26 | 000,037,376 | ---- | C] () -- C:\WINDOWS\System32\khfcyww.dll
[2007/12/19 18:05:44 | 000,037,376 | ---- | C] () -- C:\WINDOWS\System32\khfgffd.dll
[2007/12/19 18:04:53 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\mdqvnwjn.dll
[2007/12/19 18:04:37 | 000,037,376 | ---- | C] () -- C:\WINDOWS\System32\ddcdeda.dll
[2007/12/19 05:08:20 | 000,037,376 | ---- | C] () -- C:\WINDOWS\System32\opnmkif.dll
[2007/12/19 05:07:14 | 000,037,376 | ---- | C] () -- C:\WINDOWS\System32\cbxyxvw.dll
[2007/12/14 17:51:34 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\oxtqcyue.dll
[2007/12/11 18:20:09 | 000,121,876 | ---- | C] () -- C:\WINDOWS\System32\agpbopls.dll
[2007/12/04 18:02:33 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\oeegytnm.dll
[2007/11/30 01:22:42 | 000,122,388 | ---- | C] () -- C:\WINDOWS\System32\dfyvqdae.dll
[2007/11/26 21:54:32 | 000,121,876 | ---- | C] () -- C:\WINDOWS\System32\vtstulxc.dll
[2007/11/26 21:19:44 | 000,121,876 | ---- | C] () -- C:\WINDOWS\System32\ftjhudiq.dll
[2007/11/26 21:12:30 | 000,121,876 | ---- | C] () -- C:\WINDOWS\System32\prtlfbrf.dll
[2007/11/25 20:10:44 | 000,120,852 | ---- | C] () -- C:\WINDOWS\System32\rqijancy.dll
[2007/11/23 20:06:49 | 000,121,876 | ---- | C] () -- C:\WINDOWS\System32\ypimsqjy.dll
[2007/11/21 04:28:39 | 000,121,876 | ---- | C] () -- C:\WINDOWS\System32\vlpxmaak.dll
[2007/11/18 11:37:34 | 000,120,852 | ---- | C] () -- C:\WINDOWS\System32\nueoeuil.dll
[2007/11/17 11:04:20 | 000,120,852 | ---- | C] () -- C:\WINDOWS\System32\ladxnsxy.dll
[2007/11/17 07:56:08 | 000,120,852 | ---- | C] () -- C:\WINDOWS\System32\foyayxth.dll
[2007/11/17 06:18:47 | 000,120,852 | ---- | C] () -- C:\WINDOWS\System32\cncqlijt.dll
[2007/11/13 05:17:34 | 000,122,388 | ---- | C] () -- C:\WINDOWS\System32\fwvpqvxr.dll
[2007/11/11 16:10:48 | 000,122,388 | ---- | C] () -- C:\WINDOWS\System32\vuclpoat.dll
[2007/11/11 14:53:53 | 000,122,388 | ---- | C] () -- C:\WINDOWS\System32\dppgeddx.dll
[2007/11/08 16:53:11 | 000,120,852 | ---- | C] () -- C:\WINDOWS\System32\yaqbyqcc.dll
[2007/11/04 14:47:42 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\wcntwrdk.dll
[2007/11/03 15:08:37 | 000,120,852 | ---- | C] () -- C:\WINDOWS\System32\inglhegh.dll
[2007/10/28 11:06:22 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\fyusxyca.dll
[2007/10/24 18:06:29 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\wquxvgcw.dll
[2007/10/24 16:51:45 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\athmvvwi.dll
[2007/10/23 10:16:57 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\nroeakcs.ini
[2007/10/23 06:53:20 | 000,693,457 | -HS- | C] () -- C:\WINDOWS\System32\pelkxsti.ini
[2007/10/23 06:52:42 | 000,082,964 | ---- | C] () -- C:\WINDOWS\System32\itsxklep.dll
[2007/10/23 05:48:29 | 000,693,997 | -HS- | C] () -- C:\WINDOWS\System32\xshyxqhu.ini
[2007/10/23 05:47:46 | 000,082,964 | ---- | C] () -- C:\WINDOWS\System32\uhqxyhsx.dll
[2007/10/23 05:47:19 | 000,693,892 | -HS- | C] () -- C:\WINDOWS\System32\dyuddxyx.ini
[2007/10/20 04:54:28 | 000,121,876 | ---- | C] () -- C:\WINDOWS\System32\xddwcrkd.dll
[2007/10/20 04:54:14 | 000,693,841 | -HS- | C] () -- C:\WINDOWS\System32\hyvbfnwj.ini
[2007/10/20 04:51:11 | 000,693,601 | -HS- | C] () -- C:\WINDOWS\System32\ffibsida.ini
[2007/10/19 19:16:18 | 000,693,559 | -HS- | C] () -- C:\WINDOWS\System32\stygxsxc.ini
[2007/10/19 19:12:34 | 000,121,876 | ---- | C] () -- C:\WINDOWS\System32\gddhnnqu.dll
[2007/10/19 19:12:22 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\jrcgmofb.ini
[2007/10/19 19:04:05 | 000,693,481 | -HS- | C] () -- C:\WINDOWS\System32\hasqupao.ini
[2007/10/19 19:03:14 | 000,082,964 | ---- | C] () -- C:\WINDOWS\System32\oapuqsah.dll
[2007/10/19 19:01:20 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\vdxdywtt.ini
[2007/10/19 18:59:05 | 000,121,876 | ---- | C] () -- C:\WINDOWS\System32\xvtlmupn.dll
[2007/10/19 18:46:28 | 000,693,481 | -HS- | C] () -- C:\WINDOWS\System32\coetxudp.ini
[2007/10/19 18:45:26 | 000,082,964 | ---- | C] () -- C:\WINDOWS\System32\pduxteoc.dll
[2007/10/19 18:44:37 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\apvatxll.ini
[2007/10/19 17:33:07 | 000,693,439 | -HS- | C] () -- C:\WINDOWS\System32\ymyftmsq.ini
[2007/10/19 17:32:31 | 000,082,964 | ---- | C] () -- C:\WINDOWS\System32\qsmtfymy.dll
[2007/10/19 16:32:52 | 000,693,919 | -HS- | C] () -- C:\WINDOWS\System32\ygffghwg.ini
[2007/10/19 16:31:17 | 000,082,964 | ---- | C] () -- C:\WINDOWS\System32\gwhgffgy.dll
[2007/10/19 16:28:04 | 000,693,841 | -HS- | C] () -- C:\WINDOWS\System32\bskpmpwx.ini
[2007/10/19 16:07:47 | 000,693,781 | -HS- | C] () -- C:\WINDOWS\System32\hhwyrrtj.ini
[2007/10/19 16:05:49 | 000,121,876 | ---- | C] () -- C:\WINDOWS\System32\yjdjnkgp.dll
[2007/10/19 16:05:44 | 000,693,661 | -HS- | C] () -- C:\WINDOWS\System32\apviramj.ini
[2007/10/18 13:50:55 | 000,693,601 | -HS- | C] () -- C:\WINDOWS\System32\bhnlnsoo.ini
[2007/10/18 13:49:39 | 000,693,412 | -HS- | C] () -- C:\WINDOWS\System32\mikhiiif.ini
[2007/10/17 19:39:04 | 000,693,662 | -HS- | C] () -- C:\WINDOWS\System32\lpnnmlhx.ini
[2007/10/17 19:38:42 | 000,082,964 | ---- | C] () -- C:\WINDOWS\System32\xhlmnnpl.dll
[2007/10/17 19:37:19 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\sijqdcto.dll
[2007/10/17 19:36:23 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\flajdlpm.ini
[2007/10/17 18:47:55 | 000,695,101 | -HS- | C] () -- C:\WINDOWS\System32\yjhlxasi.ini
[2007/10/17 18:47:37 | 000,082,964 | ---- | C] () -- C:\WINDOWS\System32\isaxlhjy.dll
[2007/10/17 04:22:22 | 000,695,041 | -HS- | C] () -- C:\WINDOWS\System32\axufuprb.ini
[2007/10/12 16:00:12 | 000,694,939 | -HS- | C] () -- C:\WINDOWS\System32\rmhpgumm.ini
[2007/10/12 15:59:10 | 000,694,552 | -HS- | C] () -- C:\WINDOWS\System32\rftpdprp.ini
[2007/10/10 14:25:05 | 000,694,546 | -HS- | C] () -- C:\WINDOWS\System32\mfkgttgb.ini
[2007/10/10 14:23:58 | 000,694,261 | -HS- | C] () -- C:\WINDOWS\System32\nxefyfse.ini
[2007/10/10 10:18:34 | 000,694,201 | -HS- | C] () -- C:\WINDOWS\System32\lctbeymw.ini
[2007/10/10 04:50:05 | 000,694,090 | -HS- | C] () -- C:\WINDOWS\System32\xjagqvds.ini
[2007/10/07 12:52:56 | 000,693,970 | -HS- | C] () -- C:\WINDOWS\System32\nthwtmij.ini
[2007/10/07 02:27:36 | 000,693,739 | -HS- | C] () -- C:\WINDOWS\System32\kmvmlcxq.ini
[2007/10/07 02:26:32 | 000,693,601 | -HS- | C] () -- C:\WINDOWS\System32\kutuimpw.ini
[2007/10/05 19:09:43 | 000,693,550 | -HS- | C] () -- C:\WINDOWS\System32\smbyjlur.ini
[2007/10/05 19:09:37 | 000,120,852 | ---- | C] () -- C:\WINDOWS\System32\jdeqvixo.dll
[2007/10/05 17:07:29 | 000,693,979 | -HS- | C] () -- C:\WINDOWS\System32\bxfmbgxm.ini
[2007/10/05 17:07:02 | 000,082,964 | ---- | C] () -- C:\WINDOWS\System32\mxgbmfxb.dll
[2007/10/05 17:06:25 | 000,120,852 | ---- | C] () -- C:\WINDOWS\System32\ghtyalip.dll
[2007/10/05 16:43:11 | 000,693,910 | -HS- | C] () -- C:\WINDOWS\System32\sgsiekhe.ini
[2007/10/04 12:24:15 | 000,693,841 | -HS- | C] () -- C:\WINDOWS\System32\xxulcfqi.ini
[2007/10/04 10:15:32 | 000,693,730 | -HS- | C] () -- C:\WINDOWS\System32\rocgiihf.ini
[2007/10/04 08:18:04 | 000,693,541 | -HS- | C] () -- C:\WINDOWS\System32\qxnpajkn.ini
[2007/10/04 06:21:22 | 000,693,490 | -HS- | C] () -- C:\WINDOWS\System32\ulaamkda.ini
[2007/10/04 05:55:55 | 000,693,961 | -HS- | C] () -- C:\WINDOWS\System32\vrqcsxoe.ini
[2007/10/04 05:55:11 | 000,082,964 | ---- | C] () -- C:\WINDOWS\System32\eoxscqrv.dll
[2007/10/04 05:53:43 | 000,693,901 | -HS- | C] () -- C:\WINDOWS\System32\bwtikxqi.ini
[2007/09/30 11:31:11 | 000,693,868 | -HS- | C] () -- C:\WINDOWS\System32\ksyhvqtx.ini
[2007/09/30 11:29:09 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\kpjrrdbk.dll
[2007/09/30 11:29:08 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\gxpteunv.ini
[2007/09/30 11:16:48 | 000,693,850 | -HS- | C] () -- C:\WINDOWS\System32\csebqxoq.ini
[2007/09/30 11:16:16 | 000,082,964 | ---- | C] () -- C:\WINDOWS\System32\qoxqbesc.dll
[2007/09/30 11:15:13 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\gohgceug.dll
[2007/09/30 11:14:04 | 000,693,781 | -HS- | C] () -- C:\WINDOWS\System32\wgoegmfo.ini
[2007/09/29 19:41:13 | 000,693,748 | -HS- | C] () -- C:\WINDOWS\System32\gmnnltvu.ini
[2007/09/29 19:40:07 | 000,693,592 | -HS- | C] () -- C:\WINDOWS\System32\asywrbww.ini
[2007/09/29 16:11:35 | 000,693,559 | -HS- | C] () -- C:\WINDOWS\System32\xcxinmcm.ini
[2007/09/29 16:10:03 | 000,693,421 | -HS- | C] () -- C:\WINDOWS\System32\isghesfs.ini
[2007/09/29 12:35:42 | 000,693,481 | -HS- | C] () -- C:\WINDOWS\System32\gskafhrd.ini
[2007/09/29 12:34:59 | 000,082,964 | ---- | C] () -- C:\WINDOWS\System32\drhfaksg.dll
[2007/09/29 12:33:33 | 000,693,412 | -HS- | C] () -- C:\WINDOWS\System32\pjcuspnk.ini
[2007/09/29 12:16:43 | 000,695,507 | -HS- | C] () -- C:\WINDOWS\System32\jqruyobe.ini
[2007/09/29 12:16:22 | 000,082,964 | ---- | C] () -- C:\WINDOWS\System32\eboyurqj.dll
[2007/09/29 12:15:33 | 000,695,438 | -HS- | C] () -- C:\WINDOWS\System32\suhubkru.ini
[2007/09/29 12:14:34 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\mgmihymw.dll
[2007/09/29 04:27:00 | 000,695,396 | -HS- | C] () -- C:\WINDOWS\System32\dlufyqwh.ini
[2007/09/29 04:26:04 | 000,695,198 | -HS- | C] () -- C:\WINDOWS\System32\rcsewman.ini
[2007/09/26 17:34:13 | 000,695,174 | -HS- | C] () -- C:\WINDOWS\System32\uyipxhph.ini
[2007/09/26 17:31:57 | 000,694,967 | -HS- | C] () -- C:\WINDOWS\System32\egaobntd.ini
[2007/09/26 17:29:33 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\wxkhnvns.dll
[2007/09/26 17:15:42 | 000,694,907 | -HS- | C] () -- C:\WINDOWS\System32\mjalkhqo.ini
[2007/09/26 17:13:18 | 000,694,787 | -HS- | C] () -- C:\WINDOWS\System32\iuduoekv.ini
[2007/09/26 03:01:02 | 000,694,754 | -HS- | C] () -- C:\WINDOWS\System32\gnwmxcsx.ini
[2007/09/24 06:29:46 | 000,694,547 | -HS- | C] () -- C:\WINDOWS\System32\xxpvcyln.ini
[2007/09/24 06:28:35 | 000,694,307 | -HS- | C] () -- C:\WINDOWS\System32\rsycdpsq.ini
[2007/09/22 15:38:31 | 000,694,247 | -HS- | C] () -- C:\WINDOWS\System32\bjihmqbw.ini
[2007/09/22 15:36:29 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\xfmudopd.dll
[2007/09/22 04:07:49 | 000,693,767 | -HS- | C] () -- C:\WINDOWS\System32\uapgnyrm.ini
[2007/09/22 04:05:46 | 000,693,647 | -HS- | C] () -- C:\WINDOWS\System32\bwbdaadg.ini
[2007/09/20 15:54:57 | 000,693,614 | -HS- | C] () -- C:\WINDOWS\System32\umxkkyhl.ini
[2007/09/20 15:52:04 | 000,693,407 | -HS- | C] () -- C:\WINDOWS\System32\slfhyrkp.ini
[2007/09/20 06:56:21 | 000,694,505 | -HS- | C] () -- C:\WINDOWS\System32\xtpoatlg.ini
[2007/09/20 06:55:12 | 000,694,325 | -HS- | C] () -- C:\WINDOWS\System32\kwkdwoby.ini
[2007/09/19 07:43:33 | 000,694,265 | -HS- | C] () -- C:\WINDOWS\System32\fbwvyypk.ini
[2007/09/19 07:41:22 | 000,694,145 | -HS- | C] () -- C:\WINDOWS\System32\umcitunx.ini
[2007/09/19 04:21:52 | 000,694,085 | -HS- | C] () -- C:\WINDOWS\System32\tomyvlti.ini
[2007/09/19 04:20:45 | 000,693,836 | -HS- | C] () -- C:\WINDOWS\System32\ttlywcpo.ini
[2007/09/18 13:19:34 | 000,693,794 | -HS- | C] () -- C:\WINDOWS\System32\ycqjofvl.ini
[2007/09/18 13:16:51 | 000,693,674 | -HS- | C] () -- C:\WINDOWS\System32\fhblenax.ini
[2007/09/18 12:57:57 | 000,693,614 | -HS- | C] () -- C:\WINDOWS\System32\xoeycrad.ini
[2007/09/18 12:55:39 | 000,693,485 | -HS- | C] () -- C:\WINDOWS\System32\nveulujq.ini
[2007/09/17 11:25:48 | 000,693,720 | -HS- | C] () -- C:\WINDOWS\System32\rcecttan.ini
[2007/09/17 11:25:01 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\nattcecr.dll
[2007/09/17 11:24:00 | 000,693,476 | -HS- | C] () -- C:\WINDOWS\System32\jypmqrnu.ini
[2007/09/17 11:13:58 | 000,693,545 | -HS- | C] () -- C:\WINDOWS\System32\gjtjrnfo.ini
[2007/09/17 11:12:54 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\ofnrjtjg.dll
[2007/09/17 11:11:22 | 000,693,485 | -HS- | C] () -- C:\WINDOWS\System32\adfstgaq.ini
[2007/09/17 05:26:35 | 000,694,213 | -HS- | C] () -- C:\WINDOWS\System32\wrgpvqra.ini
[2007/09/17 05:25:27 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\arqvpgrw.dll
[2007/09/17 05:24:10 | 000,694,144 | -HS- | C] () -- C:\WINDOWS\System32\mvsfoskl.ini
[2007/09/15 19:52:44 | 000,694,121 | -HS- | C] () -- C:\WINDOWS\System32\ckvbumly.ini
[2007/09/15 19:51:07 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\jaebdmvm.dll
[2007/09/15 19:51:03 | 000,693,896 | -HS- | C] () -- C:\WINDOWS\System32\qwrcywli.ini
[2007/09/15 12:39:56 | 000,693,835 | -HS- | C] () -- C:\WINDOWS\System32\bmonkprq.ini
[2007/09/15 12:38:39 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\leimolqd.dll
[2007/09/15 12:38:02 | 000,693,715 | -HS- | C] () -- C:\WINDOWS\System32\lqhdkgmr.ini
[2007/09/14 08:30:22 | 000,693,683 | -HS- | C] () -- C:\WINDOWS\System32\bkmpppnp.ini
[2007/09/14 08:25:57 | 000,693,503 | -HS- | C] () -- C:\WINDOWS\System32\tbaharpu.ini
[2007/09/14 07:28:31 | 000,693,545 | -HS- | C] () -- C:\WINDOWS\System32\wpfmnknr.ini
[2007/09/14 07:27:30 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\rnknmfpw.dll
[2007/09/14 07:26:33 | 000,693,484 | -HS- | C] () -- C:\WINDOWS\System32\ygppwbvy.ini
[2007/09/14 07:20:15 | 000,693,545 | -HS- | C] () -- C:\WINDOWS\System32\thyopxit.ini
[2007/09/14 07:19:39 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\tixpoyht.dll
[2007/09/14 07:18:22 | 000,693,484 | -HS- | C] () -- C:\WINDOWS\System32\kuxxgaif.ini
[2007/09/14 07:13:50 | 000,693,544 | -HS- | C] () -- C:\WINDOWS\System32\nrpwynkj.ini
[2007/09/14 07:12:55 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\jknywprn.dll
[2007/09/14 07:11:53 | 000,693,475 | -HS- | C] () -- C:\WINDOWS\System32\keryyesm.ini
[2007/09/14 06:24:17 | 000,695,242 | -HS- | C] () -- C:\WINDOWS\System32\yewilobj.ini
[2007/09/14 06:20:53 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\jboliwey.dll
[2007/09/14 06:18:47 | 000,695,173 | -HS- | C] () -- C:\WINDOWS\System32\ngbyolnn.ini
[2007/09/14 02:33:52 | 000,695,113 | -HS- | C] () -- C:\WINDOWS\System32\novwrckl.ini
[2007/09/14 02:30:28 | 000,694,976 | -HS- | C] () -- C:\WINDOWS\System32\sxjeqfwp.ini
[2007/09/13 19:47:15 | 000,694,924 | -HS- | C] () -- C:\WINDOWS\System32\txoajgxy.ini
[2007/09/13 19:44:06 | 000,694,804 | -HS- | C] () -- C:\WINDOWS\System32\hnxbqnrk.ini
[2007/09/12 02:05:46 | 000,694,819 | -HS- | C] () -- C:\WINDOWS\System32\clacpnfc.ini
[2007/09/12 02:03:43 | 000,694,514 | -HS- | C] () -- C:\WINDOWS\System32\bsdexixf.ini
[2007/09/11 15:45:07 | 000,694,472 | -HS- | C] () -- C:\WINDOWS\System32\iitdcgdh.ini
[2007/09/11 15:44:03 | 000,694,316 | -HS- | C] () -- C:\WINDOWS\System32\swpetqlt.ini
[2007/09/11 04:38:01 | 000,694,291 | -HS- | C] () -- C:\WINDOWS\System32\ipntcrsi.ini
[2007/09/11 04:36:50 | 000,694,135 | -HS- | C] () -- C:\WINDOWS\System32\lnjfjamu.ini
[2007/09/09 16:00:28 | 000,694,084 | -HS- | C] () -- C:\WINDOWS\System32\qwcdlqif.ini
[2007/09/09 15:58:17 | 000,693,904 | -HS- | C] () -- C:\WINDOWS\System32\eqxrmnvx.ini
[2007/09/09 15:55:36 | 000,121,876 | ---- | C] () -- C:\WINDOWS\System32\fxaybnfv.dll
[2007/09/08 05:11:02 | 000,693,863 | -HS- | C] () -- C:\WINDOWS\System32\rbkkmveh.ini
[2007/09/08 05:09:50 | 000,693,664 | -HS- | C] () -- C:\WINDOWS\System32\hbmflpfi.ini
[2007/09/08 05:08:14 | 000,121,876 | ---- | C] () -- C:\WINDOWS\System32\fqyuwbpu.dll
[2007/09/07 20:15:13 | 000,693,604 | -HS- | C] () -- C:\WINDOWS\System32\tsfohbmd.ini
[2007/09/07 20:11:27 | 000,693,475 | -HS- | C] () -- C:\WINDOWS\System32\fjggjvbc.ini
[2007/09/07 20:11:23 | 000,121,876 | ---- | C] () -- C:\WINDOWS\System32\dbrkqcno.dll
[2007/09/07 19:33:29 | 000,693,485 | -HS- | C] () -- C:\WINDOWS\System32\mixejfyl.ini
[2007/09/07 19:31:38 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\lyfjexim.dll
[2007/09/07 19:30:30 | 000,121,876 | ---- | C] () -- C:\WINDOWS\System32\gjlwtuoy.dll
[2007/09/07 17:55:29 | 000,637,858 | -HS- | C] () -- C:\WINDOWS\System32\ehcyodiu.ini
[2007/09/07 17:54:40 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\uidoyche.dll
[2007/09/07 17:20:44 | 000,637,789 | -HS- | C] () -- C:\WINDOWS\System32\drcfmiab.ini
[2007/09/07 17:16:04 | 000,637,651 | -HS- | C] () -- C:\WINDOWS\System32\nkuesvaj.ini
[2007/09/07 17:13:21 | 000,121,876 | ---- | C] () -- C:\WINDOWS\System32\iuvokvjs.dll
[2007/09/07 15:39:49 | 000,637,627 | -HS- | C] () -- C:\WINDOWS\System32\srycruqv.ini
[2007/09/07 04:04:16 | 000,637,480 | -HS- | C] () -- C:\WINDOWS\System32\ahivoyhr.ini
[2007/09/07 03:04:37 | 000,637,300 | -HS- | C] () -- C:\WINDOWS\System32\jeornimo.ini
[2007/09/07 02:18:59 | 000,637,171 | -HS- | C] () -- C:\WINDOWS\System32\xffocalk.ini
[2007/09/07 02:16:31 | 000,637,051 | -HS- | C] () -- C:\WINDOWS\System32\rmryslvi.ini
[2007/09/06 14:36:49 | 000,636,999 | -HS- | C] () -- C:\WINDOWS\System32\ckhpjwwk.ini
[2007/09/04 10:59:05 | 000,738,984 | -HS- | C] () -- C:\WINDOWS\System32\wjhyykxi.ini
[2007/09/04 10:56:33 | 000,738,736 | -HS- | C] () -- C:\WINDOWS\System32\qawotigk.ini
[2007/09/04 04:55:55 | 000,739,120 | -HS- | C] () -- C:\WINDOWS\System32\grfqpsye.ini
[2007/09/04 04:55:19 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\eyspqfrg.dll
[2007/09/02 02:24:43 | 001,291,290 | -HS- | C] () -- C:\WINDOWS\System32\qddmkdvy.ini
[2007/09/02 02:23:23 | 000,120,852 | ---- | C] () -- C:\WINDOWS\System32\tuidhkvr.dll
[2007/09/02 02:22:35 | 001,291,110 | -HS- | C] () -- C:\WINDOWS\System32\fmysdisc.ini
[2007/09/01 18:27:37 | 001,291,086 | -HS- | C] () -- C:\WINDOWS\System32\scirvegq.ini
[2007/09/01 11:12:33 | 000,120,852 | ---- | C] () -- C:\WINDOWS\System32\pvdkvkhi.dll
[2007/09/01 11:12:25 | 001,290,986 | -HS- | C] () -- C:\WINDOWS\System32\mybtxcvs.ini
[2007/09/01 11:10:44 | 001,290,819 | -HS- | C] () -- C:\WINDOWS\System32\eoiimyno.ini
[2007/08/30 16:23:32 | 001,284,240 | -HS- | C] () -- C:\WINDOWS\System32\ixhcevfi.ini
[2007/08/30 05:55:24 | 000,000,466 | -HS- | C] () -- C:\WINDOWS\System32\qbbpbgoi.ini
[2007/08/30 05:50:22 | 000,000,346 | -HS- | C] () -- C:\WINDOWS\System32\chljogry.ini
[2007/08/30 05:37:07 | 001,254,705 | -HS- | C] () -- C:\WINDOWS\System32\ruryrrai.ini
[2007/08/30 05:36:35 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\iarryrur.dll
[2007/08/30 05:35:52 | 001,254,645 | -HS- | C] () -- C:\WINDOWS\System32\pkmpctsw.ini
[2007/08/30 04:28:51 | 001,254,585 | -HS- | C] () -- C:\WINDOWS\System32\ftgwsemq.ini
[2007/08/30 04:26:33 | 001,254,456 | -HS- | C] () -- C:\WINDOWS\System32\yetqnvbn.ini
[2007/08/30 04:09:03 | 001,254,534 | -HS- | C] () -- C:\WINDOWS\System32\urvlqxsu.ini
[2007/08/30 04:07:08 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\usxqlvru.dll
[2007/08/30 04:05:57 | 001,254,465 | -HS- | C] () -- C:\WINDOWS\System32\hfdbsdvm.ini
[2007/08/30 03:53:34 | 001,254,645 | -HS- | C] () -- C:\WINDOWS\System32\jyetvfrh.ini
[2007/08/30 03:53:01 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\hrfvteyj.dll
[2007/08/29 08:49:11 | 001,247,120 | -HS- | C] () -- C:\WINDOWS\System32\bvllsbax.ini
[2007/08/29 08:46:03 | 001,246,973 | -HS- | C] () -- C:\WINDOWS\System32\papsmnhm.ini
[2007/08/28 14:33:49 | 001,246,604 | -HS- | C] () -- C:\WINDOWS\System32\fvnikfmt.ini
[2007/08/28 14:33:12 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\tmfkinvf.dll
[2007/08/28 14:31:35 | 001,246,466 | -HS- | C] () -- C:\WINDOWS\System32\pbabaphg.ini
[2007/08/28 03:06:05 | 001,255,594 | -HS- | C] () -- C:\WINDOWS\System32\srkskqat.ini
[2007/08/24 12:33:30 | 001,255,442 | -HS- | C] () -- C:\WINDOWS\System32\ipgglolo.ini
[2007/08/24 12:30:00 | 001,255,174 | -HS- | C] () -- C:\WINDOWS\System32\ktvqsobt.ini
[2007/08/24 12:11:49 | 001,265,261 | -HS- | C] () -- C:\WINDOWS\System32\tyymmrky.ini
[2007/08/24 12:09:54 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\ykrmmyyt.dll
[2007/08/24 12:09:13 | 001,265,201 | -HS- | C] () -- C:\WINDOWS\System32\kjgbpdgh.ini
[2007/08/23 12:25:40 | 001,265,001 | -HS- | C] () -- C:\WINDOWS\System32\noyjvxpr.ini
[2007/08/23 03:09:30 | 001,254,844 | -HS- | C] () -- C:\WINDOWS\System32\xhlwtoen.ini
[2007/08/23 03:08:10 | 001,254,724 | -HS- | C] () -- C:\WINDOWS\System32\wbxoapra.ini
[2007/08/23 03:06:16 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\pcooxxfl.dll
[2007/08/21 17:03:27 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\rqmvokeu.dll
[2007/08/21 16:56:03 | 001,254,664 | -HS- | C] () -- C:\WINDOWS\System32\wqpdayew.ini
[2007/08/21 16:55:10 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\ellskjxr.ini
[2007/08/21 16:27:13 | 001,238,031 | -HS- | C] () -- C:\WINDOWS\System32\oerqibhb.ini
[2007/08/21 16:27:08 | 000,121,876 | ---- | C] () -- C:\WINDOWS\System32\ghmocqlc.dll
[2007/08/21 16:25:49 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\bhbiqreo.dll
[2007/08/21 15:27:29 | 001,238,238 | -HS- | C] () -- C:\WINDOWS\System32\xfqxrhyo.ini
[2007/08/21 15:26:41 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\oyhrxqfx.dll
[2007/08/21 15:24:58 | 000,121,876 | ---- | C] () -- C:\WINDOWS\System32\wwggkvqk.dll
[2007/08/21 15:24:05 | 001,238,151 | -HS- | C] () -- C:\WINDOWS\System32\fypwvnbv.ini
[2007/08/21 13:34:41 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\sbsihhnr.ini
[2007/08/21 12:21:32 | 000,000,585 | -HS- | C] () -- C:\WINDOWS\System32\envifavf.ini
[2007/08/21 12:20:35 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\fvafivne.dll
[2007/08/21 07:44:36 | 000,000,525 | -HS- | C] () -- C:\WINDOWS\System32\njnynkix.ini
[2007/08/21 07:03:39 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\nphwsvpb.ini
[2007/08/21 06:51:58 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\tqrigvbs.ini
[2007/08/21 06:51:00 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\sbvgirqt.dll
[2007/08/21 06:50:23 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\vcbanxuv.ini
[2007/08/21 06:28:23 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\bvvpspss.ini
[2007/08/21 06:27:31 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\sspspvvb.dll
[2007/08/21 04:33:58 | 001,228,931 | -HS- | C] () -- C:\WINDOWS\System32\uerlxrjr.ini
[2007/08/21 04:33:21 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\rjrxlreu.dll
[2007/08/19 16:18:13 | 000,000,585 | -HS- | C] () -- C:\WINDOWS\System32\ebamvngc.ini
[2007/08/19 16:16:50 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\ffkkdwmd.ini
[2007/08/19 14:40:07 | 000,000,346 | -HS- | C] () -- C:\WINDOWS\System32\qlxgrqpn.ini
[2007/08/19 14:33:41 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\npqrgxlq.dll
[2007/08/19 14:13:52 | 001,229,372 | -HS- | C] () -- C:\WINDOWS\System32\uhxeacax.ini
[2007/08/19 14:11:10 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\xacaexhu.dll
[2007/08/19 14:05:13 | 001,229,294 | -HS- | C] () -- C:\WINDOWS\System32\nwqxtpue.ini
[2007/08/19 04:25:38 | 000,000,705 | -HS- | C] () -- C:\WINDOWS\System32\lnslknic.ini
[2007/08/19 04:23:16 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\iigjqgcw.dll
[2007/08/19 04:23:08 | 000,000,585 | -HS- | C] () -- C:\WINDOWS\System32\nfmslnqa.ini
[2007/08/18 18:05:10 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\hfjxskkq.dll
[2007/08/18 18:04:58 | 000,000,525 | -HS- | C] () -- C:\WINDOWS\System32\alenuyuy.ini
[2007/08/18 13:52:54 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\sjslgdvk.ini
[2007/08/18 11:02:30 | 001,229,158 | -HS- | C] () -- C:\WINDOWS\System32\nwdknoan.ini
[2007/08/18 11:01:52 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\naonkdwn.dll
[2007/08/17 13:04:59 | 001,229,054 | -HS- | C] () -- C:\WINDOWS\System32\mrbtymeu.ini
[2007/08/16 14:50:44 | 001,228,934 | -HS- | C] () -- C:\WINDOWS\System32\proxytsv.ini
[2007/08/16 12:40:31 | 001,229,732 | -HS- | C] () -- C:\WINDOWS\System32\hpwmwpar.ini
[2007/08/16 12:38:11 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\rapwmwph.dll
[2007/08/16 12:37:44 | 001,229,654 | -HS- | C] () -- C:\WINDOWS\System32\wuhohiua.ini
[2007/08/16 12:12:36 | 001,229,594 | -HS- | C] () -- C:\WINDOWS\System32\mbisqfil.ini
[2007/08/16 12:11:18 | 001,229,474 | -HS- | C] () -- C:\WINDOWS\System32\lflnleri.ini
[2007/08/15 14:29:54 | 001,234,161 | -HS- | C] () -- C:\WINDOWS\System32\handyjep.ini
[2007/08/15 12:36:09 | 001,233,973 | -HS- | C] () -- C:\WINDOWS\System32\umbsiqps.ini
[2007/08/15 12:34:11 | 001,233,853 | -HS- | C] () -- C:\WINDOWS\System32\ugfojmos.ini
[2007/08/14 18:48:12 | 001,233,793 | -HS- | C] () -- C:\WINDOWS\System32\iqdfugyu.ini
[2007/08/14 18:45:14 | 001,233,604 | -HS- | C] () -- C:\WINDOWS\System32\gbehnijn.ini
[2007/08/14 18:14:42 | 001,233,820 | -HS- | C] () -- C:\WINDOWS\System32\wxowecdn.ini
[2007/08/14 18:13:30 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\ndcewoxw.dll
[2007/08/14 17:46:49 | 001,233,733 | -HS- | C] () -- C:\WINDOWS\System32\owpsncmx.ini
[2007/08/14 17:44:09 | 001,233,613 | -HS- | C] () -- C:\WINDOWS\System32\ogveclmr.ini
[2007/08/14 17:39:58 | 001,233,613 | -HS- | C] () -- C:\WINDOWS\System32\hfwcnbue.ini
[2007/08/14 17:38:59 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\eubncwfh.dll
[2007/08/14 17:37:44 | 001,233,613 | -HS- | C] () -- C:\WINDOWS\System32\bweiywli.ini
[2007/08/14 17:09:59 | 001,233,853 | -HS- | C] () -- C:\WINDOWS\System32\pfwlxibx.ini
[2007/08/14 17:08:48 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\xbixlwfp.dll
[2007/08/14 17:06:45 | 001,233,784 | -HS- | C] () -- C:\WINDOWS\System32\hyjgtxli.ini
[2007/08/14 15:30:02 | 000,000,465 | -HS- | C] () -- C:\WINDOWS\System32\evbmywxq.ini
[2007/08/14 15:28:11 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\pjmpvbht.ini
[2007/08/14 15:21:34 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\laiuyeqg.ini
[2007/08/14 15:19:21 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\gqeyuial.dll
[2007/08/14 15:16:33 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\xjvakldj.ini
[2007/08/14 14:58:52 | 001,233,852 | -HS- | C] () -- C:\WINDOWS\System32\apylplmw.ini
[2007/08/14 14:58:12 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\wmlplypa.dll
[2007/08/14 14:57:13 | 001,233,792 | -HS- | C] () -- C:\WINDOWS\System32\uqpdxwkq.ini
[2007/08/14 13:44:57 | 001,233,733 | -HS- | C] () -- C:\WINDOWS\System32\hkfpkfkm.ini
[2007/08/14 13:42:27 | 001,233,613 | -HS- | C] () -- C:\WINDOWS\System32\gcykqism.ini
[2007/08/14 13:13:41 | 001,233,613 | -HS- | C] () -- C:\WINDOWS\System32\ybpjcoum.ini
[2007/08/14 13:12:54 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\muocjpby.dll
[2007/08/14 13:11:40 | 001,233,613 | -HS- | C] () -- C:\WINDOWS\System32\rtahypaf.ini
[2007/08/14 11:24:03 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\fiofgoes.ini
[2007/08/14 11:22:16 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\seogfoif.dll
[2007/08/14 11:21:40 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\lxuewwhh.ini
[2007/08/14 11:05:53 | 001,214,515 | -HS- | C] () -- C:\WINDOWS\System32\nyxumjnx.ini
[2007/08/14 11:05:09 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\xnjmuxyn.dll
[2007/08/14 11:03:48 | 001,214,455 | -HS- | C] () -- C:\WINDOWS\System32\mpwyjubr.ini
[2007/08/14 04:07:59 | 001,214,395 | -HS- | C] () -- C:\WINDOWS\System32\hjwefpyb.ini
[2007/08/14 04:06:26 | 001,214,275 | -HS- | C] () -- C:\WINDOWS\System32\rkhmrfgu.ini
[2007/08/12 11:30:33 | 001,214,216 | -HS- | C] () -- C:\WINDOWS\System32\aoasuluc.ini
[2007/08/12 11:28:05 | 001,214,036 | -HS- | C] () -- C:\WINDOWS\System32\vytbadgl.ini
[2007/08/12 11:23:27 | 001,214,096 | -HS- | C] () -- C:\WINDOWS\System32\pibtdslq.ini
[2007/08/12 11:22:27 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\qlsdtbip.dll
[2007/08/12 11:21:03 | 001,214,036 | -HS- | C] () -- C:\WINDOWS\System32\htdpybac.ini
[2007/08/12 11:18:47 | 000,120,852 | ---- | C] () -- C:\WINDOWS\System32\dieyydrc.dll
[2007/08/12 09:36:14 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\jtbhuuun.ini
[2007/08/12 09:35:39 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\nuuuhbtj.dll
[2007/08/12 09:35:10 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\hakmvkwk.ini
[2007/08/12 04:49:05 | 000,000,585 | -HS- | C] () -- C:\WINDOWS\System32\hmbshuvl.ini
[2007/08/12 04:48:35 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\lvuhsbmh.dll
[2007/08/11 12:12:11 | 000,000,525 | -HS- | C] () -- C:\WINDOWS\System32\mmgknqba.ini
[2007/08/11 12:10:42 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\ualfsfej.ini
[2007/08/11 12:06:06 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\nrmdfkyx.ini
[2007/08/11 12:05:31 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\xykfdmrn.dll
[2007/08/11 12:05:06 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\jgdrtdlt.ini
[2007/08/11 11:49:24 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\xmrpfchd.ini
[2007/08/11 11:48:39 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\dhcfprmx.dll
[2007/08/11 11:46:02 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\fqnqvhfp.ini
[2007/08/11 11:19:02 | 000,000,705 | -HS- | C] () -- C:\WINDOWS\System32\lbsknfkn.ini
[2007/08/11 11:18:33 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\nkfnksbl.dll
[2007/08/10 18:21:42 | 000,000,645 | -HS- | C] () -- C:\WINDOWS\System32\fbqchkkk.ini
[2007/08/09 14:13:10 | 000,000,525 | -HS- | C] () -- C:\WINDOWS\System32\ebidggkh.ini
[2007/08/09 14:03:55 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\mutwmqcx.ini
[2007/08/09 13:52:29 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\rpykiwud.ini
[2007/08/09 13:51:46 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\duwikypr.dll
[2007/08/09 13:50:37 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\qwesfuln.ini
[2007/08/09 13:32:39 | 001,192,427 | -HS- | C] () -- C:\WINDOWS\System32\gdikwyry.ini
[2007/08/09 13:32:05 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\yrywkidg.dll
[2007/08/09 13:31:27 | 001,192,367 | -HS- | C] () -- C:\WINDOWS\System32\csxoaroq.ini
[2007/08/08 19:02:23 | 001,192,307 | -HS- | C] () -- C:\WINDOWS\System32\ykwsikkh.ini
[2007/08/08 17:47:39 | 001,192,205 | -HS- | C] () -- C:\WINDOWS\System32\atowpvbn.ini
[2007/08/08 17:45:47 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\lijflvgi.dll
[2007/08/08 17:45:03 | 001,192,067 | -HS- | C] () -- C:\WINDOWS\System32\vocspplv.ini
[2007/08/08 16:47:49 | 001,192,043 | -HS- | C] () -- C:\WINDOWS\System32\gvfumirh.ini
[2007/08/08 16:46:22 | 001,191,887 | -HS- | C] () -- C:\WINDOWS\System32\vdnoiumh.ini
[2007/08/08 16:45:13 | 000,121,364 | ---- | C] () -- C:\WINDOWS\System32\uxqdhmfu.dll
[2007/08/07 12:26:09 | 001,191,855 | -HS- | C] () -- C:\WINDOWS\System32\qfgvhwec.ini
[2007/08/07 12:25:25 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\kidqhjvx.exe
[2007/08/06 16:17:26 | 000,001,065 | -HS- | C] () -- C:\WINDOWS\System32\irvursei.ini
[2007/08/06 16:16:35 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\aekabocc.exe
[2007/08/06 16:16:09 | 000,000,885 | -HS- | C] () -- C:\WINDOWS\System32\iqjfmaur.ini
[2007/08/06 16:14:21 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\auchfqid.exe
[2007/08/06 12:35:02 | 000,000,825 | -HS- | C] () -- C:\WINDOWS\System32\xaifdlok.ini
[2007/08/06 12:33:46 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\qrpljuec.exe
[2007/08/04 19:33:17 | 000,000,705 | -HS- | C] () -- C:\WINDOWS\System32\mqdjussc.ini
[2007/08/04 19:32:06 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\xtcsmjbh.exe
[2007/08/04 19:31:07 | 000,120,852 | ---- | C] () -- C:\WINDOWS\System32\yivaoqsd.dll
[2007/08/04 19:31:01 | 000,000,525 | -HS- | C] () -- C:\WINDOWS\System32\ngrjvvmm.ini
[2007/08/04 19:30:12 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\igpxbyii.exe
[2007/08/04 11:21:22 | 000,000,465 | -HS- | C] () -- C:\WINDOWS\System32\rmrgckhc.ini
[2007/08/04 11:18:25 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\tjdyxlnt.exe
[2007/08/04 11:18:04 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\trhfwymu.ini
[2007/08/04 11:15:32 | 000,120,852 | ---- | C] () -- C:\WINDOWS\System32\wfwymjnn.dll
[2007/08/04 11:13:48 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\looypncr.exe
[2007/08/04 11:05:57 | 000,000,525 | -HS- | C] () -- C:\WINDOWS\System32\umasbuvt.ini
[2007/08/04 11:05:27 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\tvubsamu.dll
[2007/08/04 11:05:11 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\qhfphexw.exe
[2007/08/04 11:04:18 | 000,120,852 | ---- | C] () -- C:\WINDOWS\System32\ttixmoud.dll
[2007/08/04 11:04:12 | 000,000,465 | -HS- | C] () -- C:\WINDOWS\System32\cfhwssxw.ini
[2007/08/04 11:03:19 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\svwvxeyx.exe
[2007/08/03 14:11:53 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\rkplinoy.exe
[2007/08/03 14:11:38 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\oaeonysm.ini
[2007/08/03 14:09:01 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\wvtqhbfr.exe
[2007/08/03 14:00:12 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\udkormth.ini
[2007/08/03 13:59:16 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\htmrokdu.dll
[2007/08/03 13:58:43 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\towfbgdf.exe
[2007/08/03 11:05:40 | 001,189,621 | -HS- | C] () -- C:\WINDOWS\System32\wyeenxge.ini
[2007/08/03 11:05:10 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\egxneeyw.dll
[2007/08/03 11:04:47 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\rpvwjsyv.exe
[2007/08/01 11:32:48 | 001,189,517 | -HS- | C] () -- C:\WINDOWS\System32\obasefwm.ini
[2007/08/01 11:30:56 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\khtjrbnu.exe
[2007/07/31 13:48:57 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\icgxrlbp.exe
[2007/07/31 13:26:43 | 000,000,525 | -HS- | C] () -- C:\WINDOWS\System32\ntgulina.ini
[2007/07/31 13:25:17 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\hiirwsvi.exe
[2007/07/31 13:25:04 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\yhbrsohy.ini
[2007/07/31 13:23:12 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\bcdvoqmc.exe
[2007/07/31 12:59:26 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\udqeelpa.ini
[2007/07/31 12:58:25 | 000,125,972 | ---- | C] () -- C:\WINDOWS\System32\apleeqdu.dll
[2007/07/31 12:58:07 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\cmaiygib.exe
[2007/07/31 12:58:04 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\hdtnddpl.ini
[2007/07/31 12:56:41 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\uywiwbkq.exe
[2007/07/31 12:54:28 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\hqhomqxg.ini
[2007/07/31 12:52:53 | 000,125,972 | ---- | C] () -- C:\WINDOWS\System32\gxqmohqh.dll
[2007/07/31 12:52:29 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\sfxssduv.exe
[2007/07/31 12:52:14 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\lhqhhxrx.ini
[2007/07/31 12:50:45 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\huwhpmkh.exe
[2007/07/31 09:19:46 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\duwngmag.ini
[2007/07/31 09:19:04 | 000,125,972 | ---- | C] () -- C:\WINDOWS\System32\gamgnwud.dll
[2007/07/31 09:18:02 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\yneviyap.exe
[2007/07/31 09:17:59 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\upitknwt.ini
[2007/07/31 09:16:58 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\bwwnkbkj.exe
[2007/07/31 09:10:31 | 000,000,685 | -HS- | C] () -- C:\WINDOWS\System32\podrtphs.ini
[2007/07/31 09:08:49 | 000,125,972 | ---- | C] () -- C:\WINDOWS\System32\shptrdop.dll
[2007/07/31 09:07:38 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\ybhjirpc.exe
[2007/07/31 09:07:26 | 001,252,609 | -HS- | C] () -- C:\WINDOWS\System32\cjjesvyg.ini
[2007/07/31 09:05:55 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\hpsmgxma.exe
[2007/07/31 08:33:36 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\maajxgxi.exe
[2007/07/31 08:30:32 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\pobpthpx.exe
[2007/07/31 08:30:02 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\slqlvhmi.ini
[2007/07/31 08:28:04 | 000,125,972 | ---- | C] () -- C:\WINDOWS\System32\imhvlqls.dll
[2007/07/31 08:27:35 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\tqecbinh.exe
[2007/07/31 07:54:10 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\dvkjanjo.ini
[2007/07/31 07:53:23 | 000,125,972 | ---- | C] () -- C:\WINDOWS\System32\ojnajkvd.dll
[2007/07/31 07:53:03 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\pvaxckuh.exe
[2007/07/31 07:53:00 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\ihswfrdy.ini
[2007/07/31 07:51:35 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\eacmrsit.exe
[2007/07/31 07:45:41 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\imvmpvwi.ini
[2007/07/31 07:45:10 | 000,125,972 | ---- | C] () -- C:\WINDOWS\System32\iwvpmvmi.dll
[2007/07/31 07:44:52 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\umohdewv.exe
[2007/07/31 07:44:49 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\tibnrwtf.ini
[2007/07/31 07:43:49 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\xusjfoyp.exe
[2007/07/31 07:39:34 | 000,000,686 | -HS- | C] () -- C:\WINDOWS\System32\qsxjmktq.ini
[2007/07/31 07:38:36 | 000,125,972 | ---- | C] () -- C:\WINDOWS\System32\qtkmjxsq.dll
[2007/07/31 07:37:24 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\wcnracts.exe
[2007/07/31 07:36:47 | 001,252,990 | -HS- | C] () -- C:\WINDOWS\System32\kjblablj.ini
[2007/07/31 07:35:35 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\wrlqovca.exe
[2007/07/31 07:17:50 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\jtdkthhc.ini
[2007/07/31 07:17:20 | 000,125,972 | ---- | C] () -- C:\WINDOWS\System32\chhtkdtj.dll
[2007/07/31 07:17:02 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\lqrvwlmp.exe
[2007/07/31 07:16:54 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\raposqgr.ini
[2007/07/31 07:15:38 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\yniukthh.exe
[2007/07/31 07:12:25 | 000,125,972 | ---- | C] () -- C:\WINDOWS\System32\psstfvay.dll
[2007/07/31 07:11:56 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\iibpqpno.exe
[2007/07/31 03:26:34 | 000,075,124 | -HS- | C] () -- C:\WINDOWS\System32\ycdxjgao.ini
[2007/07/31 03:25:13 | 000,125,972 | ---- | C] () -- C:\WINDOWS\System32\oagjxdcy.dll
[2007/07/31 03:24:35 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\ctwdcrkm.exe
[2007/07/29 05:47:00 | 000,001,045 | -HS- | C] () -- C:\WINDOWS\System32\yldngdah.ini
[2007/07/29 05:45:56 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\kwmbvhka.exe
[2007/07/29 05:45:37 | 000,000,925 | -HS- | C] () -- C:\WINDOWS\System32\ovkonahw.ini
[2007/07/29 05:43:57 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\qvrwbxva.exe
[2007/07/28 19:03:32 | 000,000,866 | -HS- | C] () -- C:\WINDOWS\System32\yycnctwn.ini
[2007/07/28 19:01:54 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\rvvphkfb.exe
[2007/07/28 18:16:15 | 000,000,465 | -HS- | C] () -- C:\WINDOWS\System32\usdxylrl.ini
[2007/07/28 18:15:22 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\ahxbxbcp.exe
[2007/07/28 18:15:12 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\tjtmviuw.ini
[2007/07/28 18:13:50 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\uxtqusha.exe
[2007/07/28 17:12:29 | 001,248,364 | -HS- | C] () -- C:\WINDOWS\System32\kiueipic.ini
[2007/07/28 17:11:55 | 000,125,972 | ---- | C] () -- C:\WINDOWS\System32\cipieuik.dll
[2007/07/28 17:11:38 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\dkfbpamf.exe
[2007/07/28 17:10:16 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\meprerig.dll
[2007/07/28 17:10:15 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\vcstlnwj.ini
[2007/07/28 17:08:09 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\vtahbutg.exe
[2007/07/28 14:59:16 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\vctyxjda.dll
[2007/07/28 14:59:10 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\gjwiearc.ini
[2007/07/28 14:58:34 | 000,125,972 | ---- | C] () -- C:\WINDOWS\System32\craeiwjg.dll
[2007/07/28 14:58:13 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\tjawnhjy.exe
[2007/07/28 14:58:11 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\eltlxrbu.ini
[2007/07/28 14:56:58 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\tpuusvum.exe
[2007/07/28 14:31:10 | 000,000,865 | -HS- | C] () -- C:\WINDOWS\System32\oaahyepi.ini
[2007/07/28 14:30:31 | 000,125,972 | ---- | C] () -- C:\WINDOWS\System32\ipeyhaao.dll
[2007/07/28 14:29:35 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\wwssjwqb.dll
[2007/07/28 14:28:51 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\qsimhaar.exe
[2007/07/27 13:02:14 | 000,000,806 | -HS- | C] () -- C:\WINDOWS\System32\rueubxbj.ini
[2007/07/27 12:58:54 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\tuujlfeg.exe
[2007/07/27 12:58:19 | 001,248,286 | -HS- | C] () -- C:\WINDOWS\System32\twepaeuv.ini
[2007/07/27 12:56:08 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\wacgxfud.exe
[2007/07/27 12:20:16 | 000,001,379 | -HS- | C] () -- C:\WINDOWS\System32\lkfuvkwj.ini
[2007/07/27 12:19:27 | 000,125,972 | ---- | C] () -- C:\WINDOWS\System32\jwkvufkl.dll
[2007/07/27 12:19:09 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\slluskpo.exe
[2007/07/27 12:18:48 | 000,076,176 | -HS- | C] () -- C:\WINDOWS\System32\grrgfmqb.ini
[2007/07/27 12:16:21 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\bkjciukg.exe
[2007/07/26 03:10:18 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\fbaaerwj.dll
[2007/07/26 03:10:13 | 000,031,000 | -HS- | C] () -- C:\WINDOWS\System32\wpkofddm.ini
[2007/07/26 03:09:17 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\xcmihwcy.exe
[2007/07/25 12:32:53 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\isnkbecp.dll
[2007/07/25 12:32:49 | 000,000,805 | -HS- | C] () -- C:\WINDOWS\System32\vcerimae.ini
[2007/07/25 12:31:48 | 000,034,314 | ---- | C] () -- C:\WINDOWS\cookies.ini
[2007/07/25 12:30:35 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\deqtmkia.exe
[2007/07/25 12:30:27 | 001,207,810 | -HS- | C] () -- C:\WINDOWS\System32\epmkfimh.ini
[2007/07/25 12:28:22 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\fpofskfb.dll
[2007/07/25 12:27:45 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\dffbauvy.exe
[2007/07/25 12:07:00 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\lukqmkol.dll
[2007/07/25 12:06:53 | 000,039,060 | -HS- | C] () -- C:\WINDOWS\System32\pfnfidgn.ini
[2007/07/25 12:06:23 | 000,125,972 | ---- | C] () -- C:\WINDOWS\System32\ngdifnfp.dll
[2007/07/25 12:06:07 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\kfnvxxnn.exe
[2007/07/25 03:45:09 | 001,216,142 | -HS- | C] () -- C:\WINDOWS\System32\ywkimhje.ini
[2007/07/25 03:45:03 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\mggeuikb.dll
[2007/07/25 03:44:06 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\tycmkcfm.exe
[2007/07/25 03:26:45 | 000,000,686 | -HS- | C] () -- C:\WINDOWS\System32\qcivbcsv.ini
[2007/07/25 03:24:51 | 000,125,972 | ---- | C] () -- C:\WINDOWS\System32\vscbvicq.dll
[2007/07/25 03:24:17 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\fotakgvt.dll
[2007/07/25 03:23:22 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\wlkyyqcq.exe
[2007/07/25 03:23:01 | 001,216,082 | -HS- | C] () -- C:\WINDOWS\System32\myaavlwv.ini
[2007/07/25 03:19:18 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\ildgjqmk.dll
[2007/07/25 03:18:42 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\apfkvpop.exe
[2007/07/25 03:14:12 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\nqibnulv.dll
[2007/07/25 03:14:07 | 000,000,866 | -HS- | C] () -- C:\WINDOWS\System32\drefundh.ini
[2007/07/25 03:13:28 | 000,125,972 | ---- | C] () -- C:\WINDOWS\System32\hdnuferd.dll
[2007/07/25 03:13:04 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\lgovusoe.exe
[2007/07/25 03:12:32 | 000,000,806 | -HS- | C] () -- C:\WINDOWS\System32\xggubfma.ini
[2007/07/25 03:11:30 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\qjrwdcmq.dll
[2007/07/25 03:10:51 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\vmmkejrd.exe
[2007/07/24 16:53:14 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\yyyxamrs.dll
[2007/07/24 16:53:08 | 000,000,746 | -HS- | C] () -- C:\WINDOWS\System32\gqypekok.ini
[2007/07/24 16:50:29 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\hjothmqw.exe
[2007/07/24 16:49:37 | 001,216,082 | -HS- | C] () -- C:\WINDOWS\System32\avnjdmxw.ini
[2007/07/24 16:49:31 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\wnunoyxy.dll
[2007/07/24 16:47:34 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\kdicuyav.exe
[2007/07/24 16:11:44 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\qxrwnxdp.dll
[2007/07/24 16:11:40 | 001,216,202 | -HS- | C] () -- C:\WINDOWS\System32\dpsfdgud.ini
[2007/07/24 16:11:10 | 000,125,972 | ---- | C] () -- C:\WINDOWS\System32\dugdfspd.dll
[2007/07/24 16:10:42 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\fbtugapl.exe
[2007/07/24 08:39:21 | 000,000,355 | -HS- | C] () -- C:\WINDOWS\System32\ymvmjsms.ini
[2007/07/24 08:38:10 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\wmlcdbpp.exe
[2007/07/24 08:26:29 | 001,216,142 | -HS- | C] () -- C:\WINDOWS\System32\pnhmvguh.ini
[2007/07/24 08:25:26 | 000,125,972 | ---- | C] () -- C:\WINDOWS\System32\hugvmhnp.dll
[2007/07/24 08:25:04 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\firvhssn.dll
[2007/07/24 08:24:44 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\rqxnrvnd.exe
[2007/07/24 08:24:35 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\dinhurck.ini
[2007/07/24 08:23:21 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\rrbvmpsi.dll
[2007/07/24 08:22:55 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\hdroivdk.exe
[2007/07/24 06:09:10 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\ludvmuof.ini
[2007/07/24 06:08:14 | 000,125,972 | ---- | C] () -- C:\WINDOWS\System32\foumvdul.dll
[2007/07/24 06:07:53 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\wmaimrrf.dll
[2007/07/24 06:07:37 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\wydmidrk.exe
[2007/07/24 06:07:34 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\svotfhny.ini
[2007/07/24 06:06:12 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\npaasaae.dll
[2007/07/24 06:05:54 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\wwxnqccu.exe
[2007/07/24 05:57:51 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\auqwmbos.ini
[2007/07/24 05:56:43 | 000,125,972 | ---- | C] () -- C:\WINDOWS\System32\sobmwqua.dll
[2007/07/24 05:56:19 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\jtysjgml.dll
[2007/07/24 05:55:56 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\ogkapvrl.exe
[2007/07/24 05:55:46 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\ctrwvexd.ini
[2007/07/24 05:54:17 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\merlkmxi.dll
[2007/07/24 05:53:59 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\bwbqgpbu.exe
[2007/07/24 05:25:08 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\doxugccp.dll
[2007/07/24 05:25:02 | 000,000,885 | -HS- | C] () -- C:\WINDOWS\System32\ybgidlqr.ini
[2007/07/24 05:24:04 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\rqldigby.dll
[2007/07/24 05:23:42 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\wrvunlpf.exe
[2007/07/24 05:23:24 | 000,000,825 | -HS- | C] () -- C:\WINDOWS\System32\iosaeydy.ini
[2007/07/24 05:22:17 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\lbrfxcov.dll
[2007/07/24 05:21:24 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\ytcgxcxd.exe
[2007/07/24 05:04:21 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\rlgnjwjt.dll
[2007/07/24 05:04:17 | 000,000,765 | -HS- | C] () -- C:\WINDOWS\System32\gnyskrmm.ini
[2007/07/24 05:01:06 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\rbahcxbj.exe
[2007/07/22 17:11:15 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\yuyydkov.exe
[2007/07/22 12:57:57 | 000,000,645 | -HS- | C] () -- C:\WINDOWS\System32\svcsldrt.ini
[2007/07/22 12:56:42 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\ftdpwfyp.dll
[2007/07/22 12:56:23 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\awtyikuv.exe
[2007/07/22 12:56:16 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\nqvtweks.ini
[2007/07/22 12:54:49 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\erxiipyf.dll
[2007/07/22 12:54:13 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\ejlvptri.exe
[2007/07/22 12:39:29 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\fofobnkt.dll
[2007/07/22 12:39:23 | 001,137,532 | -HS- | C] () -- C:\WINDOWS\System32\udrswhkj.ini
[2007/07/22 12:38:43 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\jkhwsrdu.dll
[2007/07/22 12:38:18 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\woiinwen.exe
[2007/07/22 12:37:47 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\pgnslojo.dll
[2007/07/22 12:37:37 | 001,137,463 | -HS- | C] () -- C:\WINDOWS\System32\dchtgoju.ini
[2007/07/22 12:35:58 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\tyohfsup.exe
[2007/07/22 10:12:08 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\hjbpckiy.exe
[2007/07/22 08:00:50 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\oxbrbfuj.dll
[2007/07/22 08:00:44 | 001,137,422 | -HS- | C] () -- C:\WINDOWS\System32\rfglgrum.ini
[2007/07/22 07:57:54 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\gntgmvwr.exe
[2007/07/21 12:27:36 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\jkyjofvl.dll
[2007/07/21 12:26:52 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\uquhduio.exe
[2007/07/21 11:55:26 | 001,137,284 | -HS- | C] () -- C:\WINDOWS\System32\wthmdkfy.ini
[2007/07/21 11:52:48 | 000,124,948 | ---- | C] () -- C:\WINDOWS\System32\debcvxil.dll
[2007/07/21 11:52:07 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\idujodie.dll
[2007/07/21 11:51:46 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\qtcsgtmu.exe
[2007/07/21 11:51:33 | 000,000,645 | -HS- | C] () -- C:\WINDOWS\System32\sxbuudgg.ini
[2007/07/21 11:50:09 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\hcvtajnx.dll
[2007/07/21 11:49:31 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\bmlvqhwf.exe
[2007/07/20 03:59:01 | 000,000,585 | -HS- | C] () -- C:\WINDOWS\System32\jnichhhs.ini
[2007/07/20 03:57:44 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\xthnsnle.dll
[2007/07/20 03:57:10 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\tcoguqfc.exe
[2007/07/20 03:32:34 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\gifsklok.dll
[2007/07/20 03:30:37 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\iwfupbvc.dll
[2007/07/20 03:30:23 | 000,000,465 | -HS- | C] () -- C:\WINDOWS\System32\kbepgkew.ini
[2007/07/20 03:28:45 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\xqcrnpro.ini
[2007/07/20 03:28:44 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\nhxrvqlu.exe
[2007/07/20 03:27:05 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\lqhbbuad.dll
[2007/07/20 03:25:47 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\asolbvfv.exe
[2007/07/20 03:22:37 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\cegfbdub.ini
[2007/07/20 03:20:34 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\budbfgec.dll
[2007/07/20 03:20:12 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\ooyfgqfl.exe
[2007/07/20 03:18:59 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\nkgpwvgx.dll
[2007/07/20 03:17:08 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\bdehgrda.ini
[2007/07/20 03:17:04 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\chhkdbab.dll
[2007/07/20 03:15:56 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\erxdhxdc.exe
[2007/07/20 03:05:47 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\slklqbif.dll
[2007/07/20 03:05:41 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\knaeqjbh.ini
[2007/07/20 03:04:21 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\hbjqeank.dll
[2007/07/20 03:03:42 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\jlmvimgw.exe
[2007/07/20 03:03:31 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\cernslvj.ini
[2007/07/20 03:02:16 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\vobtnnex.dll
[2007/07/20 03:01:57 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\kfkysljv.exe
[2007/07/20 02:58:55 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\plsyfuxx.ini
[2007/07/20 02:58:07 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\xxufyslp.dll
[2007/07/20 02:57:50 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\rgmxbovh.dll
[2007/07/20 02:57:35 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\yavdgyxy.exe
[2007/07/20 02:56:41 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\ennktskk.ini
[2007/07/20 02:56:36 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\vfqlqbfn.dll
[2007/07/20 02:55:37 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\qdatopfu.dll
[2007/07/20 02:54:44 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\dppifauu.exe
[2007/07/20 02:51:01 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\sckpsfki.dll
[2007/07/20 02:50:44 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\xdghengu.dll
[2007/07/20 02:50:22 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\wagvdegc.exe
[2007/07/20 02:40:49 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\vtxfviqs.ini
[2007/07/20 02:40:05 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\sqivfxtv.dll
[2007/07/20 02:39:49 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\desqqajf.dll
[2007/07/20 02:39:24 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\mkuhkqxt.exe
[2007/07/20 02:38:50 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\lqadlcit.ini
[2007/07/20 02:38:44 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\xoxnaomy.dll
[2007/07/20 02:37:49 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\xjwkierp.exe
[2007/07/20 02:28:49 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\krigxqoe.dll
[2007/07/20 02:28:44 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\jdkfwgox.ini
[2007/07/20 02:27:47 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\xogwfkdj.dll
[2007/07/20 02:26:50 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\vsqsnowk.exe
[2007/07/20 02:25:09 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\qxytjkdp.dll
[2007/07/20 02:24:51 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\lvjgfwxv.ini
[2007/07/20 02:24:47 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\gqsiyqay.dll
[2007/07/20 02:23:31 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\uunkdhos.exe
[2007/07/20 02:20:24 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\ltjyyong.exe
[2007/07/19 17:31:44 | 000,000,825 | -HS- | C] () -- C:\WINDOWS\System32\wrhurjfb.ini
[2007/07/19 17:31:02 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\bfjruhrw.dll
[2007/07/19 17:30:47 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\qgjumrag.dll
[2007/07/19 17:30:22 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\xmxasfxq.exe
[2007/07/19 17:07:56 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\aeywonag.dll
[2007/07/19 17:07:48 | 000,000,656 | -HS- | C] () -- C:\WINDOWS\System32\vugilhsa.ini
[2007/07/19 17:05:23 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\rbxjovec.exe
[2007/07/19 17:04:43 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\eqfmhoqr.dll
[2007/07/19 17:04:36 | 000,000,585 | -HS- | C] () -- C:\WINDOWS\System32\cvvkkkxr.ini
[2007/07/19 17:03:10 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\udtplwwx.exe
[2007/07/19 02:35:38 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\evbppysi.dll
[2007/07/19 02:34:38 | 000,000,525 | -HS- | C] () -- C:\WINDOWS\System32\upvtgmbu.ini
[2007/07/19 02:29:22 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\ynjtnxbi.exe
[2007/07/19 02:28:38 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\kmhagxeb.ini
[2007/07/19 02:28:33 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\dhtfiecw.dll
[2007/07/19 02:27:36 | 000,110,612 | ---- | C] () -- C:\WINDOWS\System32\tcjnpypt.dll
[2007/07/19 02:27:18 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\ofgtqcnh.exe
[2007/07/19 02:24:37 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\nanndrte.exe
[2007/07/18 17:02:30 | 000,000,406 | -HS- | C] () -- C:\WINDOWS\System32\qsvtxwtg.ini
[2007/07/18 17:02:26 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\fnjspxtl.dll
[2007/07/18 17:01:36 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\gtwxtvsq.dll
[2007/07/18 17:01:15 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\seondsew.exe
[2007/07/18 16:58:15 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\xpjksasu.dll
[2007/07/18 16:57:51 | 000,110,612 | ---- | C] () -- C:\WINDOWS\System32\iclpswpr.dll
[2007/07/18 16:57:25 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\sfeivjmy.exe
[2007/07/18 16:34:31 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\ddtrovsf.dll
[2007/07/18 16:34:06 | 001,125,081 | -HS- | C] () -- C:\WINDOWS\System32\aylutcsu.ini
[2007/07/18 16:34:01 | 000,110,612 | ---- | C] () -- C:\WINDOWS\System32\vasstojb.dll
[2007/07/18 16:33:20 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\usctulya.dll
[2007/07/18 16:32:50 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\rwatlhoh.exe
[2007/07/18 16:26:09 | 001,125,081 | -HS- | C] () -- C:\WINDOWS\System32\rmxgimwe.ini
[2007/07/18 16:26:04 | 000,110,612 | ---- | C] () -- C:\WINDOWS\System32\eyyaiqll.dll
[2007/07/18 16:25:05 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\ewmigxmr.dll
[2007/07/18 16:24:10 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\qfhhpuhq.exe
[2007/07/18 14:39:10 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\diueiwnw.ini
[2007/07/18 14:37:50 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\wnwieuid.dll
[2007/07/18 14:37:27 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\synvcbhh.dll
[2007/07/18 14:37:07 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\lwdjslbh.exe
[2007/07/18 14:36:35 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\dggwptri.ini
[2007/07/18 14:36:30 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\nwebouhn.dll
[2007/07/18 14:35:16 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\nkjqshlr.exe
[2007/07/18 14:25:29 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\dreeuoba.ini
[2007/07/18 14:24:48 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\aboueerd.dll
[2007/07/18 14:24:27 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\oworexft.dll
[2007/07/18 14:24:05 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\htubomck.exe
[2007/07/18 14:24:03 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\jelrtjdh.ini
[2007/07/18 14:22:51 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\qhfkejpk.dll
[2007/07/18 14:22:19 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\lliimbyq.exe
[2007/07/18 13:43:10 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\laiwhkov.dll
[2007/07/18 13:43:03 | 001,125,141 | -HS- | C] () -- C:\WINDOWS\System32\vnarbsgj.ini
[2007/07/18 13:41:32 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\jgsbranv.dll
[2007/07/18 13:40:09 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\ouxfcvvd.exe
[2007/07/18 13:39:59 | 001,125,081 | -HS- | C] () -- C:\WINDOWS\System32\orjfgikt.ini
[2007/07/18 13:38:10 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\bvbqqbjg.dll
[2007/07/18 13:37:48 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\egvlxrju.exe
[2007/07/18 12:41:35 | 001,102,838 | -HS- | C] () -- C:\WINDOWS\System32\vwqhwcjd.ini
[2007/07/18 12:41:05 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\djcwhqwv.dll
[2007/07/18 12:40:47 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\acipuxjk.dll
[2007/07/18 12:40:25 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\iqtrftuv.exe
[2007/07/11 10:08:59 | 001,102,779 | -HS- | C] () -- C:\WINDOWS\System32\fpqsdrkc.ini
[2007/07/11 10:08:55 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\knchuvaw.dll
[2007/07/11 09:45:42 | 001,102,761 | -HS- | C] () -- C:\WINDOWS\System32\swbanxve.ini
[2007/07/11 09:45:01 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\evxnabws.dll
[2007/07/11 09:44:24 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\jvxmcubf.dll
[2007/07/11 09:43:39 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\uvpfbaku.exe
[2007/07/11 09:43:21 | 001,102,701 | -HS- | C] () -- C:\WINDOWS\System32\trbfkthn.ini
[2007/07/11 09:34:20 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\dqvatqhg.exe
[2007/07/11 06:56:43 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\pmpqluvq.dll
[2007/07/11 06:54:30 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\pcqwkcgl.exe
[2007/07/11 06:52:37 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\kmpjwkyq.ini
[2007/07/11 06:52:35 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\temgndse.dll
[2007/07/11 06:50:00 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\wachxjpx.exe
[2007/07/11 06:12:17 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\bjloivdb.ini
[2007/07/11 06:11:26 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\bdvioljb.dll
[2007/07/11 06:11:11 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\mmuppnej.dll
[2007/07/11 06:10:52 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\dpnqacyd.exe
[2007/07/11 06:10:50 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\eoghdqlr.ini
[2007/07/11 06:09:36 | 000,066,580 | ---- | C] () -- C:\WINDOWS\System32\bkkhtfot.dll
[2007/07/11 06:08:54 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\bbkpfvdk.exe
[2007/07/11 05:22:20 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\oaevorcr.ini
[2007/07/11 05:21:00 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\rcroveao.dll
[2007/07/11 05:19:42 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\wqghlrle.exe
[2007/07/11 05:19:18 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\selatplw.ini
[2007/07/11 05:16:47 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\gwoesbum.exe
[2007/07/11 04:54:16 | 000,000,585 | -HS- | C] () -- C:\WINDOWS\System32\jvfuokro.ini
[2007/07/11 04:53:40 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\orkoufvj.dll
[2007/07/11 04:53:13 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\wyoobmwi.exe
[2007/07/11 04:52:50 | 000,000,525 | -HS- | C] () -- C:\WINDOWS\System32\yhncivvh.ini
[2007/07/11 04:51:18 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\ycwvewal.exe
[2007/07/10 14:48:30 | 000,000,465 | -HS- | C] () -- C:\WINDOWS\System32\ncumcgvn.ini
[2007/07/10 14:47:42 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\rrxkicuq.exe
[2007/07/10 14:47:39 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\kqeyvfmu.ini
[2007/07/10 14:46:20 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\dqpagocl.exe
[2007/07/10 12:48:18 | 000,000,415 | -HS- | C] () -- C:\WINDOWS\System32\xnxbecfc.ini
[2007/07/10 12:47:18 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\cfcebxnx.dll
[2007/07/10 12:46:14 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\deqfooxc.exe
[2007/07/10 12:46:00 | 000,000,295 | -HS- | C] () -- C:\WINDOWS\System32\wftcgsll.ini
[2007/07/10 12:44:39 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\mxvrgcnm.exe
[2007/07/10 12:41:23 | 001,054,302 | -HS- | C] () -- C:\WINDOWS\System32\xwoownsq.ini
[2007/07/10 12:39:59 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\qsnwoowx.dll
[2007/07/10 12:39:42 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\ylakwpjh.exe
[2007/07/09 14:42:42 | 001,054,302 | -HS- | C] () -- C:\WINDOWS\System32\qdoaawrk.ini
[2007/07/09 14:39:56 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\khwhvval.exe
[2007/07/09 14:39:45 | 001,054,122 | -HS- | C] () -- C:\WINDOWS\System32\ohihgnly.ini
[2007/07/09 14:38:29 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\bgwuuevr.exe
[2007/07/09 13:57:41 | 001,054,431 | -HS- | C] () -- C:\WINDOWS\System32\onanrjhp.ini
[2007/07/09 13:56:46 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\phjrnano.dll
[2007/07/09 13:55:30 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\ifveyfri.exe
[2007/07/09 13:55:00 | 001,054,362 | -HS- | C] () -- C:\WINDOWS\System32\kwestipt.ini
[2007/07/09 13:53:39 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\yyybupma.exe
[2007/07/09 13:10:22 | 000,066,068 | ---- | C] () -- C:\WINDOWS\System32\khrxueqq.exe
[2007/07/07 17:52:37 | 000,000,525 | -HS- | C] () -- C:\WINDOWS\System32\glxxiwyq.ini
[2007/07/07 17:41:53 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\yfppuydl.ini
[2007/07/07 17:40:14 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\ldyuppfy.dll
[2007/07/07 17:39:05 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\ogxfkded.ini
[2007/07/07 16:42:45 | 001,054,301 | -HS- | C] () -- C:\WINDOWS\System32\ksvhwdom.ini
[2007/07/07 16:42:12 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\modwhvsk.dll
[2007/07/07 16:41:43 | 001,054,241 | -HS- | C] () -- C:\WINDOWS\System32\xvsijdlm.ini
[2007/07/07 15:41:41 | 001,054,182 | -HS- | C] () -- C:\WINDOWS\System32\qpxsavhi.ini
[2007/07/07 15:26:19 | 001,054,182 | -HS- | C] () -- C:\WINDOWS\System32\tktocnxh.ini
[2007/07/07 15:25:15 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\hxncotkt.dll
[2007/07/07 15:23:59 | 001,054,122 | -HS- | C] () -- C:\WINDOWS\System32\rddlbqev.ini
[2007/07/07 11:54:32 | 001,046,086 | -HS- | C] () -- C:\WINDOWS\System32\kuveobab.ini
[2007/07/07 11:53:22 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\baboevuk.dll
[2007/07/07 11:52:45 | 001,046,007 | -HS- | C] () -- C:\WINDOWS\System32\htjndhlw.ini
[2007/07/07 11:13:14 | 001,045,965 | -HS- | C] () -- C:\WINDOWS\System32\xnlmypdy.ini
[2007/07/06 03:26:15 | 001,054,209 | -HS- | C] () -- C:\WINDOWS\System32\jfeaogas.ini
[2007/07/06 03:25:14 | 001,054,089 | -HS- | C] () -- C:\WINDOWS\System32\nurwnxhj.ini
[2007/07/05 02:19:01 | 001,051,901 | -HS- | C] () -- C:\WINDOWS\System32\qsgxokiq.ini
[2007/07/05 02:17:54 | 001,051,721 | -HS- | C] () -- C:\WINDOWS\System32\eqxsiutb.ini
[2007/07/04 17:34:37 | 001,051,662 | -HS- | C] () -- C:\WINDOWS\System32\pqixwbrj.ini
[2007/07/04 17:21:41 | 001,051,662 | -HS- | C] () -- C:\WINDOWS\System32\lgqkvpfw.ini
[2007/07/04 17:21:01 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\wfpvkqgl.dll
[2007/07/04 17:19:23 | 001,051,602 | -HS- | C] () -- C:\WINDOWS\System32\wobnqonr.ini
[2007/07/04 17:09:44 | 001,051,662 | -HS- | C] () -- C:\WINDOWS\System32\xbgjylxr.ini
[2007/07/04 17:07:23 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\rxlyjgbx.dll
[2007/07/04 17:04:19 | 001,051,602 | -HS- | C] () -- C:\WINDOWS\System32\cwyblfxo.ini
[2007/07/04 16:47:14 | 001,051,662 | -HS- | C] () -- C:\WINDOWS\System32\ytynpfkn.ini
[2007/07/04 16:46:25 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\nkfpnyty.dll
[2007/07/04 15:39:04 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\cnfqhamb.ini
[2007/07/04 15:30:09 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\vujemfll.ini
[2007/07/04 15:29:27 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\llfmejuv.dll
[2007/07/04 15:29:01 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\eondjjan.ini
[2007/07/04 15:11:05 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\smxnhdjc.ini
[2007/07/04 15:09:38 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\cjdhnxms.dll
[2007/07/04 15:08:54 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\xkgokncf.ini
[2007/07/04 15:00:18 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\eikjehdh.ini
[2007/07/04 14:59:23 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\hdhejkie.dll
[2007/07/04 14:58:38 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\aifbejlv.ini
[2007/07/04 12:12:02 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\ccdtlrab.ini
[2007/07/04 12:08:38 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\barltdcc.dll
[2007/07/04 12:06:25 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\mvhnydpu.ini
[2007/07/04 11:39:13 | 001,032,898 | -HS- | C] () -- C:\WINDOWS\System32\swbmrbex.ini
[2007/07/04 11:38:27 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\xebrmbws.dll
[2007/07/04 11:37:46 | 001,032,838 | -HS- | C] () -- C:\WINDOWS\System32\awvyftaq.ini
[2007/07/04 11:20:58 | 000,585,494 | ---- | C] () -- C:\Documents and Settings\Philip Green\Application Data\NMM-MetaData.db
[2007/07/04 11:03:11 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2007/07/04 08:40:47 | 001,032,788 | -HS- | C] () -- C:\WINDOWS\System32\nlfjtdci.ini
[2007/07/04 08:38:50 | 001,032,659 | -HS- | C] () -- C:\WINDOWS\System32\bvswqckf.ini
[2007/07/04 08:24:36 | 001,032,719 | -HS- | C] () -- C:\WINDOWS\System32\jnfkjkqy.ini
[2007/07/04 08:23:33 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\yqkjkfnj.dll
[2007/07/04 08:21:19 | 001,032,659 | -HS- | C] () -- C:\WINDOWS\System32\pxlbntcf.ini
[2007/07/04 07:55:32 | 001,013,529 | -HS- | C] () -- C:\WINDOWS\System32\awsvkoel.ini
[2007/07/04 07:55:02 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\leokvswa.dll
[2007/07/04 07:54:25 | 001,032,464 | -HS- | C] () -- C:\WINDOWS\System32\umehcbhp.ini
[2007/07/01 10:01:45 | 001,000,107 | -HS- | C] () -- C:\WINDOWS\System32\tpqcdvyg.ini
[2007/06/26 18:40:42 | 000,930,146 | -HS- | C] () -- C:\WINDOWS\System32\ppestubj.ini
[2007/06/26 18:39:19 | 000,929,786 | -HS- | C] () -- C:\WINDOWS\System32\opxdthaf.ini
[2007/06/26 18:31:05 | 000,929,846 | -HS- | C] () -- C:\WINDOWS\System32\uejugudi.ini
[2007/06/26 18:30:30 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\idugujeu.dll
[2007/06/26 18:29:14 | 000,929,786 | -HS- | C] () -- C:\WINDOWS\System32\ujrnhfkb.ini
[2007/06/26 18:19:08 | 000,929,795 | -HS- | C] () -- C:\WINDOWS\System32\vivqalwh.ini
[2007/06/26 18:16:50 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\hwlaqviv.dll
[2007/06/26 17:57:23 | 000,929,855 | -HS- | C] () -- C:\WINDOWS\System32\pessqnma.ini
[2007/06/26 17:56:00 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\amnqssep.dll
[2007/06/26 17:54:17 | 000,929,786 | -HS- | C] () -- C:\WINDOWS\System32\ajamhiap.ini
[2007/06/26 17:40:41 | 000,929,846 | -HS- | C] () -- C:\WINDOWS\System32\xaklcwou.ini
[2007/06/26 17:40:05 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\uowclkax.dll
[2007/06/26 17:39:04 | 000,929,786 | -HS- | C] () -- C:\WINDOWS\System32\msmqtxsy.ini
[2007/06/26 16:49:46 | 000,929,846 | -HS- | C] () -- C:\WINDOWS\System32\gdchpetp.ini
[2007/06/26 16:49:08 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\ptephcdg.dll
[2007/06/26 16:47:26 | 000,929,786 | -HS- | C] () -- C:\WINDOWS\System32\bdlcrfcl.ini
[2007/06/26 16:34:58 | 000,929,846 | -HS- | C] () -- C:\WINDOWS\System32\fiusoayb.ini
[2007/06/26 16:33:59 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\byaosuif.dll
[2007/06/26 16:32:45 | 000,929,786 | -HS- | C] () -- C:\WINDOWS\System32\jxhdkxuf.ini
[2007/06/26 16:10:14 | 000,930,471 | -HS- | C] () -- C:\WINDOWS\System32\dskktway.ini
[2007/06/26 16:09:42 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\yawtkksd.dll
[2007/06/25 08:05:09 | 000,916,310 | -HS- | C] () -- C:\WINDOWS\System32\drwlbgfy.ini
[2007/06/25 08:01:22 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\sokphfym.ini
[2007/06/25 07:28:29 | 000,915,075 | -HS- | C] () -- C:\WINDOWS\System32\tmvyepsi.ini
[2007/06/25 07:27:29 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\ispeyvmt.dll
[2007/06/25 07:26:21 | 000,915,006 | -HS- | C] () -- C:\WINDOWS\System32\gctbgsau.ini
[2007/06/25 06:46:54 | 000,914,947 | -HS- | C] () -- C:\WINDOWS\System32\nfsblpxt.ini
[2007/06/25 06:44:05 | 000,914,827 | -HS- | C] () -- C:\WINDOWS\System32\ilnypixy.ini
[2007/06/24 06:46:17 | 000,000,585 | -HS- | C] () -- C:\WINDOWS\System32\pxdxgrha.ini
[2007/06/24 06:05:01 | 000,000,465 | -HS- | C] () -- C:\WINDOWS\System32\amewmqhv.ini
[2007/06/24 06:03:13 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\igfplclt.ini
[2007/06/24 05:54:10 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\fidfswot.ini
[2007/06/24 05:53:16 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\towsfdif.dll
[2007/06/24 05:52:48 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\oasibsck.ini
[2007/06/24 05:34:22 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\xmpbwexk.ini
[2007/06/24 05:33:44 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\kxewbpmx.dll
[2007/06/24 05:32:41 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\jmhuvcxl.ini
[2007/06/24 05:18:30 | 000,914,587 | -HS- | C] () -- C:\WINDOWS\System32\futyhbqq.ini
[2007/06/24 05:15:52 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\qqbhytuf.dll
[2007/06/24 05:14:28 | 000,914,527 | -HS- | C] () -- C:\WINDOWS\System32\dpnhsxve.ini
[2007/06/24 04:41:53 | 000,914,587 | -HS- | C] () -- C:\WINDOWS\System32\tjsepsux.ini
[2007/06/24 04:40:46 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\xuspesjt.dll
[2007/06/24 04:39:32 | 000,914,527 | -HS- | C] () -- C:\WINDOWS\System32\uadkalgf.ini
[2007/06/24 04:21:20 | 000,914,707 | -HS- | C] () -- C:\WINDOWS\System32\ynjrskfl.ini
[2007/06/24 04:20:16 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\lfksrjny.dll
[2007/06/23 13:35:00 | 000,914,647 | -HS- | C] () -- C:\WINDOWS\System32\vhkwjefr.ini
[2007/06/23 13:33:29 | 000,914,527 | -HS- | C] () -- C:\WINDOWS\System32\ywnucpol.ini
[2007/06/23 13:26:07 | 000,914,587 | -HS- | C] () -- C:\WINDOWS\System32\vxdkwtti.ini
[2007/06/23 13:25:28 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\ittwkdxv.dll
[2007/06/23 13:24:41 | 000,914,527 | -HS- | C] () -- C:\WINDOWS\System32\tbksbwdq.ini
[2007/06/23 13:04:56 | 000,914,827 | -HS- | C] () -- C:\WINDOWS\System32\tehittam.ini
[2007/06/23 13:04:21 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\mattihet.dll
[2007/06/22 07:40:16 | 000,908,784 | -HS- | C] () -- C:\WINDOWS\System32\lnwfhkcc.ini
[2007/06/22 07:38:53 | 000,908,515 | -HS- | C] () -- C:\WINDOWS\System32\xaolnlur.ini
[2007/06/22 07:01:21 | 000,908,574 | -HS- | C] () -- C:\WINDOWS\System32\qhmfxpgw.ini
[2007/06/22 07:00:43 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\wgpxfmhq.dll
[2007/06/22 06:59:40 | 000,908,515 | -HS- | C] () -- C:\WINDOWS\System32\ackobres.ini
[2007/06/22 05:01:29 | 000,908,515 | -HS- | C] () -- C:\WINDOWS\System32\cuvfaihj.ini
[2007/06/22 04:59:29 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\jhiafvuc.dll
[2007/06/22 04:18:55 | 000,908,695 | -HS- | C] () -- C:\WINDOWS\System32\hcsulola.ini
[2007/06/22 04:18:22 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\alolusch.dll
[2007/06/21 14:25:21 | 000,909,023 | -HS- | C] () -- C:\WINDOWS\System32\davlqvjo.ini
[2007/06/21 14:23:05 | 000,908,903 | -HS- | C] () -- C:\WINDOWS\System32\cqnxecsq.ini
[2007/06/21 14:07:50 | 000,908,971 | -HS- | C] () -- C:\WINDOWS\System32\vmekripc.ini
[2007/06/21 14:06:54 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\cpirkemv.dll
[2007/06/21 14:05:38 | 000,908,903 | -HS- | C] () -- C:\WINDOWS\System32\imarqatm.ini
[2007/06/21 13:37:56 | 000,908,963 | -HS- | C] () -- C:\WINDOWS\System32\uihbopbj.ini
[2007/06/21 13:36:56 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\jbpobhiu.dll
[2007/06/21 13:36:26 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\lnkmrwlw.ini
[2007/06/21 13:32:03 | 000,908,903 | -HS- | C] () -- C:\WINDOWS\System32\vcvirxaj.ini
[2007/06/21 13:31:30 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\jaxrivcv.dll
[2007/06/21 13:30:14 | 000,908,903 | -HS- | C] () -- C:\WINDOWS\System32\bnpnwshe.ini
[2007/06/21 13:21:06 | 000,908,963 | -HS- | C] () -- C:\WINDOWS\System32\tuegbbko.ini
[2007/06/21 13:19:56 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\okbbgeut.dll
[2007/06/21 13:17:43 | 000,908,903 | -HS- | C] () -- C:\WINDOWS\System32\hihhfmks.ini
[2007/06/21 12:15:45 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\cigfmlbs.ini
[2007/06/21 12:15:09 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\sblmfgic.dll
[2007/06/21 12:14:46 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\khgkotsn.ini
[2007/06/21 10:38:33 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\ciikunln.ini
[2007/06/21 10:38:00 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\nlnukiic.dll
[2007/06/21 10:37:37 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\lfxcvigq.ini
[2007/06/21 09:09:51 | 000,905,286 | -HS- | C] () -- C:\WINDOWS\System32\dtunqnks.ini
[2007/06/21 09:09:19 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\sknqnutd.dll
[2007/06/21 09:07:46 | 000,905,208 | -HS- | C] () -- C:\WINDOWS\System32\wmeccxnl.ini
[2007/06/20 10:10:41 | 000,000,465 | -HS- | C] () -- C:\WINDOWS\System32\nfqcxsaw.ini
[2007/06/20 10:09:15 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\btgdaxrp.ini
[2007/06/20 09:58:00 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\bmmgttdx.ini
[2007/06/20 09:56:58 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\xdttgmmb.dll
[2007/06/20 09:56:21 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\wigkglrk.ini
[2007/06/20 06:55:43 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\icjwnmgb.dll
[2007/06/20 06:55:38 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\hcvveofo.ini
[2007/06/20 06:54:50 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\ofoevvch.dll
[2007/06/20 06:53:51 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\mkwemagd.ini
[2007/06/20 06:39:13 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\wdqqrdab.ini
[2007/06/20 06:37:50 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\badrqqdw.dll
[2007/06/20 06:36:41 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\euhqroyc.ini
[2007/06/20 06:28:57 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\ogfvxphe.ini
[2007/06/20 06:27:55 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\ehpxvfgo.dll
[2007/06/20 06:27:22 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\jykmblbe.ini
[2007/06/20 06:14:24 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\qjsyfeuh.ini
[2007/06/20 06:13:41 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\huefysjq.dll
[2007/06/20 06:11:39 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\mwvhgtbu.ini
[2007/06/20 06:09:37 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\uosdjvhk.dll
[2007/06/20 05:29:14 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\xgodyspe.ini
[2007/06/20 05:28:40 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\epsydogx.dll
[2007/06/20 05:28:04 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\wyyjksux.ini
[2007/06/20 05:26:42 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\bkvpfdbj.dll
[2007/06/20 05:13:28 | 000,000,825 | -HS- | C] () -- C:\WINDOWS\System32\aekmbwon.ini
[2007/06/20 05:12:54 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\nowbmkea.dll
[2007/06/18 03:04:16 | 000,000,766 | -HS- | C] () -- C:\WINDOWS\System32\scbiijop.ini
[2007/06/17 15:12:28 | 000,000,465 | -HS- | C] () -- C:\WINDOWS\System32\repgwisx.ini
[2007/06/17 15:10:35 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\kiydqbrd.ini
[2007/06/17 14:42:04 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\klwcrypi.ini
[2007/06/17 14:41:27 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\ipyrcwlk.dll
[2007/06/17 14:41:22 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\xwplbgtd.ini
[2007/06/17 14:30:15 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\lagjwppo.ini
[2007/06/17 14:29:34 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\oppwjgal.dll
[2007/06/17 14:29:30 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\qrxjitxn.ini
[2007/06/17 13:45:18 | 000,922,199 | -HS- | C] () -- C:\WINDOWS\System32\trylmtcy.ini
[2007/06/17 13:44:37 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\yctmlyrt.dll
[2007/06/16 12:40:41 | 000,922,130 | -HS- | C] () -- C:\WINDOWS\System32\atxamgnd.ini
[2007/06/16 12:38:25 | 000,125,972 | ---- | C] () -- C:\WINDOWS\System32\klwixsrg.dll
[2007/06/16 12:37:40 | 000,921,950 | -HS- | C] () -- C:\WINDOWS\System32\tjdwncbj.ini
[2007/06/15 18:33:55 | 000,000,465 | -HS- | C] () -- C:\WINDOWS\System32\vrbalufi.ini
[2007/06/15 18:32:34 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\wmemkyra.ini
[2007/06/15 18:19:23 | 000,921,829 | -HS- | C] () -- C:\WINDOWS\System32\uuolotti.ini
[2007/06/15 18:14:20 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\ittolouu.dll
[2007/06/15 18:13:57 | 000,921,770 | -HS- | C] () -- C:\WINDOWS\System32\koawwmmr.ini
[2007/06/15 14:54:41 | 000,921,838 | -HS- | C] () -- C:\WINDOWS\System32\cppsqmlb.ini
[2007/06/15 14:53:27 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\blmqsppc.dll
[2007/06/15 14:52:59 | 000,921,770 | -HS- | C] () -- C:\WINDOWS\System32\qlamxuhe.ini
[2007/06/15 14:36:19 | 000,921,830 | -HS- | C] () -- C:\WINDOWS\System32\qedhkqob.ini
[2007/06/15 14:35:04 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\boqkhdeq.dll
[2007/06/15 14:34:42 | 000,921,770 | -HS- | C] () -- C:\WINDOWS\System32\eqjnkvac.ini
[2007/06/15 14:21:40 | 000,921,830 | -HS- | C] () -- C:\WINDOWS\System32\gbjftmwi.ini
[2007/06/15 14:20:37 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\iwmtfjbg.dll
[2007/06/15 14:20:28 | 000,921,770 | -HS- | C] () -- C:\WINDOWS\System32\qkcidsaf.ini
[2007/06/15 13:03:59 | 000,921,968 | -HS- | C] () -- C:\WINDOWS\System32\wtkmdbow.ini
[2007/06/15 13:03:24 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\wobdmktw.dll
[2007/06/14 14:50:40 | 000,000,465 | -HS- | C] () -- C:\WINDOWS\System32\eknklsxv.ini
[2007/06/14 08:40:56 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\wgvtaviq.ini
[2007/06/14 08:37:27 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\qivatvgw.dll
[2007/06/14 08:37:08 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\phmlfecl.ini
[2007/06/14 07:38:32 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\lkxhnypo.ini
[2007/06/14 07:37:18 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\opynhxkl.dll
[2007/06/14 07:36:48 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\cnjbmclp.ini
[2007/06/14 07:24:26 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\pvmppqko.ini
[2007/06/14 07:23:19 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\okqppmvp.dll
[2007/06/14 07:22:55 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\mpawdquf.ini
[2007/06/14 07:09:10 | 000,000,585 | -HS- | C] () -- C:\WINDOWS\System32\xjyiapdc.ini
[2007/06/14 07:08:40 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\cdpaiyjx.dll
[2007/06/14 07:08:26 | 000,000,525 | -HS- | C] () -- C:\WINDOWS\System32\divkahcm.ini
[2007/06/13 18:11:07 | 000,000,465 | -HS- | C] () -- C:\WINDOWS\System32\yvbtikpv.ini
[2007/06/13 18:08:53 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\puoxllna.ini
[2007/06/13 16:24:35 | 000,931,153 | -HS- | C] () -- C:\WINDOWS\System32\mdjssfby.ini
[2007/06/13 16:23:40 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\ybfssjdm.dll
[2007/06/13 16:23:30 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\winljwqn.ini
[2007/06/13 16:13:15 | 000,000,405 | -HS- | C] () -- C:\WINDOWS\System32\vskctjuo.ini
[2007/06/13 16:12:30 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\oujtcksv.dll
[2007/06/13 16:12:19 | 000,000,345 | -HS- | C] () -- C:\WINDOWS\System32\qutctluu.ini
[2007/06/13 12:55:46 | 000,931,171 | -HS- | C] () -- C:\WINDOWS\System32\fyukgahn.ini
[2007/06/13 12:54:48 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\nhagkuyf.dll
[2007/06/13 12:54:26 | 000,931,084 | -HS- | C] () -- C:\WINDOWS\System32\gmbfmgul.ini
[2007/06/13 12:20:27 | 000,944,596 | -HS- | C] () -- C:\WINDOWS\System32\mqwmxeyx.ini
[2007/06/13 12:18:45 | 000,124,436 | ---- | C] () -- C:\WINDOWS\System32\xyexmwqm.dll
[2007/06/13 12:18:12 | 000,062,516 | ---- | C] () -- C:\WINDOWS\System32\wgedhoky.dll
[2007/06/12 12:09:41 | 000,944,528 | -HS- | C] () -- C:\WINDOWS\System32\fvlxghxj.ini
[2007/06/10 17:52:00 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\ugpmvskm.dll
[2007/06/10 16:45:51 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\lwbqlaci.dll
[2007/06/10 16:32:42 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\ojloogsm.dll
[2007/06/10 15:53:05 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\ebnritit.dll
[2007/06/10 15:36:53 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\axtlbllw.dll
[2007/06/10 03:24:52 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\nqfonnep.dll
[2007/06/07 16:46:37 | 000,058,420 | ---- | C] () -- C:\WINDOWS\System32\abaufawy.dll
[2007/06/06 13:36:39 | 000,002,580 | ---- | C] () -- C:\WINDOWS\System32\plthbihe.exe
[2007/06/06 13:36:34 | 000,115,894 | -HS- | C] () -- C:\WINDOWS\System32\kkqaaqyd.ini
[2007/06/06 13:35:48 | 000,055,316 | ---- | C] () -- C:\WINDOWS\System32\fcbdmbcw.dll
[2007/05/27 12:09:38 | 000,131,604 | ---- | C] () -- C:\WINDOWS\System32\jwxauagi.dll
[2007/05/16 18:10:05 | 000,131,604 | ---- | C] () -- C:\WINDOWS\System32\mesxxlcg.dll
[2007/05/16 17:55:44 | 000,131,604 | ---- | C] () -- C:\WINDOWS\System32\mxfeqfnc.dll
[2007/05/12 18:26:18 | 000,131,604 | ---- | C] () -- C:\WINDOWS\System32\thmmkmon.dll
[2007/05/12 18:05:41 | 000,131,604 | ---- | C] () -- C:\WINDOWS\System32\jydbpnbw.dll
[2007/05/12 14:09:31 | 000,131,604 | ---- | C] () -- C:\WINDOWS\System32\ygpfnmky.dll
[2007/05/12 13:37:05 | 000,131,604 | ---- | C] () -- C:\WINDOWS\System32\fwnidcxl.dll
[2007/05/12 11:47:47 | 000,131,604 | ---- | C] () -- C:\WINDOWS\System32\ntfmqehq.dll
[2007/05/09 08:41:24 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/05/03 08:14:06 | 000,091,067 | ---- | C] () -- C:\WINDOWS\hpiins01.dat
[2007/05/03 08:14:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpimdl01.dat
[2007/04/27 17:28:28 | 000,131,604 | ---- | C] () -- C:\WINDOWS\System32\audrcrri.dll
[2007/04/27 17:27:59 | 000,049,204 | ---- | C] () -- C:\WINDOWS\System32\vhipaiyf.dll
[2007/04/25 14:31:46 | 000,004,461 | -HS- | C] () -- C:\WINDOWS\System32\brwnuwnx.ini
[2007/04/25 14:30:44 | 000,049,204 | ---- | C] () -- C:\WINDOWS\System32\cxnbxmwu.dll
[2007/04/25 11:46:34 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\xflhdqis.dll
[2007/04/25 11:43:24 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\drakgfmw.dll
[2007/04/25 06:16:45 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\xwiyrivg.dll
[2007/04/25 06:15:25 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\protjypn.dll
[2007/04/25 05:08:30 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\nyxatkyr.dll
[2007/04/24 06:37:14 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\qooplgyv.dll
[2007/04/24 06:36:07 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\aajqunks.dll
[2007/04/24 06:18:18 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\amldcwme.dll
[2007/04/24 06:17:31 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\lcfpkvvn.dll
[2007/04/24 05:12:46 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\ihstnigp.dll
[2007/04/23 10:08:21 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\cvarcpcj.dll
[2007/04/23 10:07:04 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\frguwdof.dll
[2007/04/23 03:42:49 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\hlfligiv.dll
[2007/04/23 03:41:56 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\htlauecg.dll
[2007/04/22 19:30:51 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\sqbcynwh.dll
[2007/04/22 19:29:52 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\dgwcngrd.dll
[2007/04/22 17:30:17 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\fxvcqtvn.dll
[2007/04/22 11:08:33 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\gatriijt.dll
[2007/04/22 03:41:38 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\oxenpjvt.dll
[2007/04/22 03:40:49 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\gytuibby.dll
[2007/04/21 10:09:53 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\bgrcusjt.dll
[2007/04/21 10:09:15 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\nerktavm.dll
[2007/04/21 09:55:27 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\jsuxvxkh.dll
[2007/04/21 09:54:28 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\tjjgdads.dll
[2007/04/21 08:42:11 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\snogdhvj.dll
[2007/04/21 08:40:39 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\oruwwtbw.dll
[2007/04/21 07:13:39 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\hqbduqno.dll
[2007/04/20 07:32:00 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\arpetwib.dll
[2007/04/20 05:14:05 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\qywfbget.dll
[2007/04/20 05:13:18 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\utbmkcwq.dll
[2007/04/19 05:13:16 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\qiijaidw.dll
[2007/04/18 16:47:59 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\jwsasukw.dll
[2007/04/18 08:50:11 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\kgujiyrk.dll
[2007/04/18 07:20:15 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\hsgedule.dll
[2007/04/18 07:19:21 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\lrvbpxgj.dll
[2007/04/18 07:01:18 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\mlbvesre.dll
[2007/04/18 07:00:05 | 000,125,460 | ---- | C] () -- C:\WINDOWS\System32\vtlejjbm.dll
[2007/04/18 06:58:48 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\soaorjqe.dll
[2007/04/18 05:47:38 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\jykxofnn.dll
[2007/04/18 05:46:40 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\tqejercw.dll
[2007/04/18 04:01:46 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\uxuunprr.dll
[2007/04/16 12:11:29 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\rlvanqnh.dll
[2007/04/16 12:09:41 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\jilkttwg.dll
[2007/04/15 10:31:35 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\ucccnxsc.dll
[2007/04/15 10:30:40 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\hnhjjorn.dll
[2007/04/15 02:24:33 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\amcajpfc.dll
[2007/04/14 18:00:42 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\saekudje.dll
[2007/04/14 17:58:08 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\hnsmarfx.dll
[2007/04/14 17:27:53 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\lesnwtxb.dll
[2007/04/14 17:25:58 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\uiljqkss.dll
[2007/04/14 15:53:27 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\lrvwkvoh.dll
[2007/04/14 15:52:19 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\wfomqhey.dll
[2007/04/14 14:31:46 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\dslytggk.dll
[2007/04/14 14:30:07 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\vgoxkuue.dll
[2007/04/14 14:18:02 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\kridasgn.dll
[2007/04/14 14:16:06 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\lcgemgkj.dll
[2007/04/14 13:25:02 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\blullnlv.dll
[2007/04/14 13:23:40 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\hubnfnec.dll
[2007/04/14 11:33:16 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\gbpjsxlk.dll
[2007/04/14 11:27:11 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\wxjedjyr.dll
[2007/04/14 11:26:20 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\tasijuso.dll
[2007/04/14 09:18:31 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\fmfibbba.dll
[2007/04/14 09:16:43 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\rxoitisj.dll
[2007/04/14 07:26:58 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\pxgygmgq.dll
[2007/04/14 06:02:45 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\vibfexbb.dll
[2007/04/14 06:00:58 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\trdinfnp.dll
[2007/04/13 02:04:31 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\hqcwewty.dll
[2007/04/12 12:31:17 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\wvpirurd.dll
[2007/04/12 12:30:17 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\kyhkbuya.dll
[2007/04/12 02:49:15 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\gsdqbiit.dll
[2007/04/12 01:39:58 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\uuqpxiyo.dll
[2007/04/12 01:38:52 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\jxniaegu.dll
[2007/04/11 18:53:23 | 000,123,972 | ---- | C] () -- C:\WINDOWS\System32\vsyggswg.dll
[2007/04/10 16:23:16 | 000,048,708 | ---- | C] () -- C:\WINDOWS\System32\otcnjuwx.dll
[2007/04/02 17:27:54 | 000,132,116 | ---- | C] () -- C:\WINDOWS\System32\giwjwxpn.dll
[2007/04/02 17:08:27 | 000,132,116 | ---- | C] () -- C:\WINDOWS\System32\fmbxkgub.dll
[2007/04/01 13:43:07 | 000,076,412 | ---- | C] () -- C:\WINDOWS\System32\girbogwh.dll
[2007/03/28 12:20:01 | 000,076,412 | ---- | C] () -- C:\WINDOWS\System32\uthdnuym.dll
[2007/03/28 12:19:38 | 000,048,708 | ---- | C] () -- C:\WINDOWS\System32\giiclqft.dll
[2007/03/26 06:52:05 | 000,076,412 | ---- | C] () -- C:\WINDOWS\System32\ynkcpdcg.dll
[2007/03/22 12:06:36 | 000,076,412 | ---- | C] () -- C:\WINDOWS\System32\uhvrcfpt.dll
[2007/03/20 06:47:13 | 000,076,412 | ---- | C] () -- C:\WINDOWS\System32\xscykolw.dll
[2007/03/17 06:31:17 | 000,132,116 | ---- | C] () -- C:\WINDOWS\System32\qihyalfd.dll
[2007/03/16 17:31:43 | 000,076,412 | ---- | C] () -- C:\WINDOWS\System32\hrpdxxxf.dll
[2007/03/13 05:45:35 | 000,076,412 | ---- | C] () -- C:\WINDOWS\System32\grmfjxpb.dll
[2007/03/11 12:49:18 | 000,076,412 | ---- | C] () -- C:\WINDOWS\System32\gqskpvgm.dll
[2007/03/10 13:18:19 | 000,076,412 | ---- | C] () -- C:\WINDOWS\System32\fjtpskbe.dll
[2007/03/06 04:58:24 | 000,076,412 | ---- | C] () -- C:\WINDOWS\System32\uwmopaxg.dll
[2007/03/03 04:58:35 | 000,076,412 | ---- | C] () -- C:\WINDOWS\System32\kbavguex.dll
[2007/03/02 13:41:28 | 000,044,177 | ---- | C] () -- C:\WINDOWS\System32\sqjvlwtw.dll
[2007/03/02 13:41:15 | 000,048,660 | ---- | C] () -- C:\WINDOWS\System32\mpgabgbx.dll
[2007/02/26 15:52:15 | 000,076,412 | ---- | C] () -- C:\WINDOWS\System32\fueamned.dll
[2007/02/24 11:41:53 | 000,076,412 | ---- | C] () -- C:\WINDOWS\System32\ocuknofr.dll
[2007/02/19 04:23:05 | 000,132,116 | ---- | C] () -- C:\WINDOWS\System32\ufclbuvk.dll
[2007/02/17 04:26:41 | 000,076,412 | ---- | C] () -- C:\WINDOWS\System32\xbcxojkv.dll
[2007/02/16 14:37:44 | 000,132,116 | ---- | C] () -- C:\WINDOWS\System32\xbwcdoog.dll
[2007/02/16 14:37:28 | 000,044,177 | ---- | C] () -- C:\WINDOWS\System32\jrqjoqra.dll
[2007/02/10 04:13:16 | 000,076,412 | ---- | C] () -- C:\WINDOWS\System32\thuoledd.dll
[2007/02/07 12:59:49 | 000,076,412 | ---- | C] () -- C:\WINDOWS\System32\ndvjqhuf.dll
[2007/02/05 18:06:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\webica.ini
[2007/02/05 02:45:42 | 000,076,412 | ---- | C] () -- C:\WINDOWS\System32\tqmrvcun.dll
[2007/01/29 14:11:11 | 000,044,165 | ---- | C] () -- C:\WINDOWS\System32\nkvwfwhd.dll
[2007/01/27 06:27:06 | 000,076,412 | ---- | C] () -- C:\WINDOWS\System32\vxbrkolo.dll
[2007/01/25 07:09:10 | 000,076,412 | ---- | C] () -- C:\WINDOWS\System32\chmtqwtl.dll
[2007/01/18 06:58:55 | 000,076,412 | ---- | C] () -- C:\WINDOWS\System32\egdjlsyl.dll
[2007/01/13 05:34:10 | 000,081,684 | ---- | C] () -- C:\WINDOWS\System32\mkwqbmmh.dll
[2007/01/11 09:07:55 | 000,081,684 | ---- | C] () -- C:\WINDOWS\System32\mmqblyck.dll
[2007/01/06 06:48:10 | 000,081,684 | ---- | C] () -- C:\WINDOWS\System32\malyexdb.dll
[2007/01/05 14:13:29 | 000,081,684 | ---- | C] () -- C:\WINDOWS\System32\bfiennfd.dll
[2006/12/29 07:12:37 | 000,060,436 | ---- | C] () -- C:\WINDOWS\System32\jcinoyoa.dll
[2006/12/28 14:25:20 | 000,081,684 | ---- | C] () -- C:\WINDOWS\System32\xvvpaiad.dll
[2006/12/28 14:24:39 | 000,044,060 | ---- | C] () -- C:\WINDOWS\System32\pgtkrnlo.dll
[2006/12/22 02:50:09 | 000,081,684 | ---- | C] () -- C:\WINDOWS\System32\dcwmpqqx.dll
[2006/12/18 10:02:44 | 000,126,996 | ---- | C] () -- C:\WINDOWS\System32\oaqfmjcd.dll
[2006/12/18 06:00:05 | 000,126,996 | ---- | C] () -- C:\WINDOWS\System32\srdwxlgl.dll
[2006/12/17 12:00:09 | 000,060,436 | ---- | C] () -- C:\WINDOWS\System32\xcqinuxa.dll
[2006/12/16 18:12:19 | 000,044,052 | ---- | C] () -- C:\WINDOWS\System32\xvdhtnsk.dll
[2006/12/16 18:01:47 | 000,126,996 | ---- | C] () -- C:\WINDOWS\System32\wtrujsxp.dll
[2006/12/10 12:58:12 | 000,126,996 | ---- | C] () -- C:\WINDOWS\System32\poxvutyc.dll
[2006/12/10 08:13:21 | 000,126,996 | ---- | C] () -- C:\WINDOWS\System32\danimbnc.dll
[2006/12/03 08:13:44 | 000,126,996 | ---- | C] () -- C:\WINDOWS\System32\ycfbibxy.dll
[2006/11/29 10:00:55 | 000,060,436 | ---- | C] () -- C:\WINDOWS\System32\jcuclnfw.dll
[2006/11/29 03:40:48 | 000,042,516 | ---- | C] () -- C:\WINDOWS\System32\yuthafru.dll
[2006/11/27 12:08:35 | 000,088,340 | ---- | C] () -- C:\WINDOWS\System32\gbvspjna.exe
[2006/11/25 07:27:59 | 000,126,996 | ---- | C] () -- C:\WINDOWS\System32\shstgtjw.dll
[2006/11/24 06:02:24 | 000,126,996 | ---- | C] () -- C:\WINDOWS\System32\qlmoqvsi.dll
[2006/11/24 04:43:45 | 000,060,436 | ---- | C] () -- C:\WINDOWS\System32\lynksarb.dll
[2006/11/23 11:57:20 | 000,038,420 | ---- | C] () -- C:\WINDOWS\System32\qqhwuclp.dll
[2006/11/17 14:10:46 | 000,110,612 | ---- | C] () -- C:\WINDOWS\System32\stkeryop.exe
[2006/11/17 05:28:19 | 000,126,996 | ---- | C] () -- C:\WINDOWS\System32\nqnblout.dll
[2006/11/17 05:27:48 | 000,110,612 | ---- | C] () -- C:\WINDOWS\System32\nesxrahe.exe
[2006/11/17 05:25:08 | 000,110,612 | ---- | C] () -- C:\WINDOWS\System32\slbbpvts.exe
[2006/11/10 18:16:06 | 000,118,804 | ---- | C] () -- C:\WINDOWS\System32\ejybskxg.dll
[2006/11/10 18:15:29 | 000,110,612 | ---- | C] () -- C:\WINDOWS\System32\iscisuul.exe
[2006/11/05 12:49:00 | 000,118,804 | ---- | C] () -- C:\WINDOWS\System32\xourjiqn.dll
[2006/11/05 12:48:35 | 000,110,612 | ---- | C] () -- C:\WINDOWS\System32\mugmiggc.exe
[2006/11/05 12:48:15 | 000,060,436 | ---- | C] () -- C:\WINDOWS\System32\mrgjeqmx.dll
[2006/10/27 04:01:45 | 000,069,652 | ---- | C] () -- C:\WINDOWS\System32\bpjvngmk.exe
[2006/10/14 06:22:05 | 000,045,525 | ---- | C] () -- C:\WINDOWS\System32\nvjclebx.dll
[2006/10/14 06:20:04 | 000,045,525 | ---- | C] () -- C:\WINDOWS\System32\wqkxnftg.dll
[2006/10/14 06:18:28 | 000,098,324 | ---- | C] () -- C:\WINDOWS\System32\kmthbgkb.dll
[2006/10/12 06:55:45 | 000,149,504 | ---- | C] () -- C:\WINDOWS\UNWISE.EXE
[2006/10/01 06:54:13 | 000,045,525 | ---- | C] () -- C:\WINDOWS\System32\qyjwbubs.dll
[2006/10/01 06:53:46 | 000,086,068 | ---- | C] () -- C:\WINDOWS\System32\xphwwpmo.dll
[2006/10/01 06:52:43 | 000,143,380 | ---- | C] () -- C:\WINDOWS\System32\mjhverfm.exe
[2006/09/15 22:25:06 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\SlpApi42.dll
[2006/09/14 08:02:15 | 000,106,516 | ---- | C] () -- C:\WINDOWS\System32\twmagrjk.dll
[2006/09/13 11:20:49 | 000,106,516 | ---- | C] () -- C:\WINDOWS\System32\xvjxqgku.dll
[2006/08/30 09:01:56 | 000,102,420 | ---- | C] () -- C:\WINDOWS\System32\mnetcftw.dll
[2006/08/29 06:22:42 | 000,102,420 | ---- | C] () -- C:\WINDOWS\System32\lprblger.dll
[2006/08/29 06:22:33 | 000,013,844 | ---- | C] () -- C:\WINDOWS\System32\lektxuaf.exe
[2006/08/15 16:30:43 | 000,102,420 | ---- | C] () -- C:\WINDOWS\System32\toqyvcbd.dll
[2006/08/15 16:30:41 | 000,012,308 | ---- | C] () -- C:\WINDOWS\System32\owrxwokb.exe
[2006/08/12 08:37:34 | 000,102,420 | ---- | C] () -- C:\WINDOWS\System32\jgavwije.dll
[2006/08/10 15:07:45 | 000,102,420 | ---- | C] () -- C:\WINDOWS\System32\djeikhyq.dll
[2006/08/10 08:41:08 | 000,102,420 | ---- | C] () -- C:\WINDOWS\System32\mdgsxrel.dll
[2006/08/09 10:52:44 | 000,102,420 | ---- | C] () -- C:\WINDOWS\System32\yiotvvar.dll
[2006/08/08 09:16:11 | 000,102,420 | ---- | C] () -- C:\WINDOWS\System32\rhflqeru.dll
[2006/08/07 08:30:33 | 000,102,420 | ---- | C] () -- C:\WINDOWS\System32\yhkpqiok.dll
[2006/08/06 08:52:24 | 000,102,420 | ---- | C] () -- C:\WINDOWS\System32\cxnhhbnp.dll
[2006/08/05 13:25:25 | 000,102,420 | ---- | C] () -- C:\WINDOWS\System32\jcvuvbql.dll
[2006/08/05 08:54:53 | 000,102,420 | ---- | C] () -- C:\WINDOWS\System32\cifcegeh.dll
[2006/08/03 08:03:18 | 000,102,420 | ---- | C] () -- C:\WINDOWS\System32\niiwxwds.dll
[2006/08/02 11:29:57 | 000,102,420 | ---- | C] () -- C:\WINDOWS\System32\wtltqkhl.dll
[2006/07/26 04:52:54 | 000,065,556 | ---- | C] () -- C:\WINDOWS\System32\dtemkdyn.exe
[2006/07/25 10:19:35 | 000,065,556 | ---- | C] () -- C:\WINDOWS\System32\hsjpgxxw.exe
[2006/07/25 09:53:20 | 000,065,556 | ---- | C] () -- C:\WINDOWS\System32\dwjgrcpa.exe
[2006/07/23 15:26:52 | 000,017,750 | ---- | C] () -- C:\WINDOWS\System32\xnugpdsa.exe
[2006/07/22 13:05:03 | 000,017,750 | ---- | C] () -- C:\WINDOWS\System32\fdutcxuc.exe
[2006/07/22 13:04:42 | 000,098,324 | ---- | C] () -- C:\WINDOWS\System32\spgsefnk.dll
[2006/07/22 07:51:29 | 000,098,324 | ---- | C] () -- C:\WINDOWS\System32\vuiwvseb.dll
[2006/07/22 07:51:26 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\DP.sys
[2006/07/22 07:51:14 | 000,017,750 | ---- | C] () -- C:\WINDOWS\System32\otttleav.exe
[2006/07/19 11:59:32 | 000,098,324 | ---- | C] () -- C:\WINDOWS\System32\pedudcxi.dll
[2006/07/01 15:53:40 | 000,679,956 | ---- | C] () -- C:\WINDOWS\System32\idqtscnx.dll
[2006/07/01 14:38:08 | 000,679,956 | ---- | C] () -- C:\WINDOWS\System32\snpyegir.dll
[2006/07/01 14:15:47 | 000,679,956 | ---- | C] () -- C:\WINDOWS\System32\wpndnbpp.dll
[2006/05/27 10:55:30 | 000,098,324 | ---- | C] () -- C:\WINDOWS\System32\rblmvmxt.dll
[2006/04/04 21:48:00 | 000,038,925 | -HS- | C] () -- C:\WINDOWS\System32\pmnnn.dll
[2006/04/04 21:47:30 | 000,038,925 | -HS- | C] () -- C:\WINDOWS\System32\awvvw.dll
[2006/04/04 21:46:57 | 000,038,925 | -HS- | C] () -- C:\WINDOWS\System32\vtsqo.dll
[2005/12/07 06:31:00 | 000,202,752 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll
[2005/09/16 10:07:52 | 000,013,312 | ---- | C] () -- C:\Documents and Settings\Philip Green\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/07/18 07:24:03 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2005/06/07 12:17:42 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/05/31 16:19:30 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/05/31 16:18:18 | 000,117,360 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/05/31 15:42:04 | 000,003,000 | R--- | C] () -- C:\WINDOWS\System32\SetupNT.sys
[2005/05/31 15:31:14 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/05/31 15:25:50 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/08/04 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/04 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 07:00:00 | 000,432,688 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 07:00:00 | 000,067,660 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/04 07:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2004/08/04 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2009/06/19 14:44:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\acccore
[2012/08/09 13:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Aqymd
[2007/09/25 19:49:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Datalayer
[2012/08/03 14:06:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Duxeq
[2008/04/30 15:07:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\EasyChat
[2012/07/28 17:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Ehawy
[2012/11/19 10:05:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\ExpressFiles
[2012/02/02 14:19:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\FreeAudioPack
[2012/08/03 14:06:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Gucop
[2009/05/11 07:25:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\HCM Updater
[2007/02/05 18:19:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\ICAClient
[2007/05/03 08:53:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Image Zone Express
[2006/10/12 07:07:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\InterTrust
[2008/04/25 07:04:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Leadertech
[2012/02/02 08:29:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\MPEG Streamclip
[2008/01/26 17:14:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Nokia
[2008/03/21 12:51:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Nokia Multimedia Player
[2012/09/24 11:41:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Ovwayn
[2007/03/08 11:08:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\PC Suite
[2012/02/02 14:12:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\PriceGong
[2006/05/31 10:27:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Samsung
[2012/02/02 14:38:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\searchquband
[2006/10/01 06:53:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\SearchToolbarCorp
[2010/12/09 10:59:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\SignupShield
[2007/01/11 09:25:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Sports Interactive
[2011/08/28 17:10:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\TeamViewer
[2012/08/09 13:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Veenih
[2008/03/20 11:37:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Viewpoint
[2012/11/21 19:23:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Waykwy
[2009/03/25 16:44:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Windows Live Writer
[2012/07/28 17:43:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Ylxu
[2012/08/09 13:12:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Philip Green\Application Data\Yrar
[2012/07/28 17:47:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\6F638BBA4A60CE47005034E6E56C34C7
[2009/06/19 14:40:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2012/02/02 08:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Aiseesoft Studio
[2007/07/04 11:10:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2007/07/04 11:15:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009/06/19 14:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/03/03 08:12:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Zylom
[2010/04/11 08:49:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/01/15 13:06:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2012/11/21 19:25:47 | 000,000,290 | ---- | M] () -- C:\WINDOWS\Tasks\Express Files Updater.job

========== Purity Check ==========

< End of report >

#7
Buddierdl

Posted 23 November 2012 - 08:12 AM

Trusted Helper

Malware Removal
2,524 posts

Hi Fred 1973,

Let's start to clean up your machine.

Step 1: Run OTL fix.

Start OTLPE as you did previously from CD
Copy the attached Fix.txt to a USB

Insert your USB drive with fix.txt on it
Start OTLPE
Drag and drop fix.txt into the Custom scans and fixes box
If you cannot drag and drop for some reason. Then press the Run Fix button and a dialogue box will pop up asking for the location - select the file on your USB drive
Then click the Run Fix button at the top
Let the program run unhindered, reboot when it is done to normal mode if possible.

If you can now boot to normal mode, continue with these steps:

Step 2: Run RogueKiller.

Download RogueKiller and save it on your desktop.
Quit all programs
Start RogueKiller.exe.
Wait until Prescan has finished ...
Click on Scan

Wait for the end of the scan.
The report has been created on the desktop.
Click on the Delete button.

The report has been created on the desktop.

Next click on the ShortcutsFix

The report has been created on the desktop.

Please post: All RKreport.txt text files located on your desktop.

Step 3: Get a fresh OTL log.

Download OTL to your Desktop

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Please check the box next to Scan All Users.
Please check the button next to "Use SafeList" in the "Extra Registry" box.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
[list]
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

Things I need in your next reply:

RogueKiller logs
OTL log
Extras log
What are your current symptoms?

Attached Files

fix.txt 157.51KB 64 downloads

#8
Fred1973

Posted 23 November 2012 - 01:35 PM

New Member

Topic Starter
Member
6 posts

Hi thanks for the next steps, when i downloaded the fix and ran it on OTLPE i hit a problem, the below box appeared

OTLPE: OTLPE.exe - Unable To Locate Component
This application has failed to start because ConnAPI.DLL was not found. Re-installing the application may fix this problem.

I still tried to go onto my normal mode but again the virus took over my screen so i could not do the next step. Any advice would be great to what i can do next and sorry that im not the most helpful.

#9
Buddierdl

Posted 23 November 2012 - 02:46 PM

Trusted Helper

Malware Removal
2,524 posts

Hi Fred1973,

Don't worry about the problems. The virus is making things hard for us but we can get around it. Please turn off your computer and try Step 1 from my previous post again, and see if you get the error again.

#10
Fred1973

Posted 23 November 2012 - 06:10 PM

New Member

Topic Starter
Member
6 posts

Hi thanks again and here is all the files you asked for, i had a slight problem with the first few runs of roguekiller hence why i have 5 reports, the last 2 are the last 2 which i ran (pretty obvious i know) btu i have included them all just incase you needed them, sorry if you dont and im just posting rubbish.

report one
RogueKiller V8.3.1 [Nov 23 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 2) 32 bits version
Started in : Normal mode
User : Philip Green [Admin rights]
Mode : Scan -- Date : 11/23/2012 23:22:03

¤¤¤ Bad processes : 2 ¤¤¤
[][DLL] explorer.exe -- C:\WINDOWS\explorer.exe : c:\windows\system32\n -> UNLOADED
[][DLL] rundll32.exe -- C:\WINDOWS\system32\rundll32.exe : C:\Documents and Settings\Philip Green\Application Data\cacaps.dll -> KILLED [TermProc]

¤¤¤ Registry Entries : 10 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : Baowixzou ("C:\Documents and Settings\Philip Green\Application Data\Ylxu\cyqio.exe") -> FOUND
[RUN][SUSP PATH] HKCU\[...]\Run : Ugkom ("C:\Documents and Settings\Philip Green\Application Data\Duxeq\vyyvi.exe") -> FOUND
[RUN][RESIDUE] HKLM\[...]\Run : cacaps ("C:\WINDOWS\system32\rundll32.exe" "C:\Documents and Settings\Philip Green\Application Data\cacaps.dll",WriteLongToFile) -> FOUND
[RUN][SUSP PATH] HKLM\[...]\Run : svñhîst (C:\DOCUME~1\PHILIP~1\LOCALS~1\Temp\tmp897e7baa\longlong.exe) -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-746137067-287218729-725345543-1004[...]\Run : Baowixzou ("C:\Documents and Settings\Philip Green\Application Data\Ylxu\cyqio.exe") -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-746137067-287218729-725345543-1004[...]\Run : Ugkom ("C:\Documents and Settings\Philip Green\Application Data\Duxeq\vyyvi.exe") -> FOUND
[HJPOL] HKCU\[...]\System : DisableTaskMgr (1) -> FOUND
[HJPOL] HKLM\[...]\System : DisableTaskMgr (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ INPROC][SUSP PATH] HKCR\[...]\InprocServer32 : (C:\Documents and Settings\Philip Green\Local Settings\Application Data\{b936be3d-72bf-79e2-41b3-d1eb67539cbf}\n) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FILE] n : C:\WINDOWS\Installer\{b936be3d-72bf-79e2-41b3-d1eb67539cbf}\n --> FOUND
[ZeroAccess][FILE] @ : C:\WINDOWS\Installer\{b936be3d-72bf-79e2-41b3-d1eb67539cbf}\@ --> FOUND
[ZeroAccess][FOLDER] U : C:\WINDOWS\Installer\{b936be3d-72bf-79e2-41b3-d1eb67539cbf}\U --> FOUND
[ZeroAccess][FOLDER] L : C:\WINDOWS\Installer\{b936be3d-72bf-79e2-41b3-d1eb67539cbf}\L --> FOUND

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

ÿþ1

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: HDS728080PLAT20 +++++
--- User ---
[MBR] a8f63eec555b93342b8c9b5853a3261f
[BSP] 5d7f299ad92007006df8e04978bb6fe4 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 78520 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_11232012_02d2322.txt >>
RKreport[1]_S_11232012_02d2322.txt

report two
RogueKiller V8.3.1 [Nov 23 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 2) 32 bits version
Started in : Normal mode
User : Philip Green [Admin rights]
Mode : Remove -- Date : 11/23/2012 23:24:04

¤¤¤ Bad processes : 2 ¤¤¤
[][DLL] explorer.exe -- C:\WINDOWS\explorer.exe : c:\windows\system32\n -> UNLOADED
[][DLL] rundll32.exe -- C:\WINDOWS\system32\rundll32.exe : C:\Documents and Settings\Philip Green\Application Data\cacaps.dll -> KILLED [TermProc]

¤¤¤ Registry Entries : 10 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : Baowixzou ("C:\Documents and Settings\Philip Green\Application Data\Ylxu\cyqio.exe") -> DELETED
[RUN][SUSP PATH] HKCU\[...]\Run : Ugkom ("C:\Documents and Settings\Philip Green\Application Data\Duxeq\vyyvi.exe") -> DELETED
[RUN][RESIDUE] HKLM\[...]\Run : cacaps ("C:\WINDOWS\system32\rundll32.exe" "C:\Documents and Settings\Philip Green\Application Data\cacaps.dll",WriteLongToFile) -> DELETED
[RUN][SUSP PATH] HKLM\[...]\Run : svñhîst (C:\DOCUME~1\PHILIP~1\LOCALS~1\Temp\tmp897e7baa\longlong.exe) -> DELETED
[RUN][SUSP PATH] HKUS\S-1-5-21-746137067-287218729-725345543-1004[...]\Run : Baowixzou ("C:\Documents and Settings\Philip Green\Application Data\Ylxu\cyqio.exe") -> DELETED
[RUN][SUSP PATH] HKUS\S-1-5-21-746137067-287218729-725345543-1004[...]\Run : Ugkom ("C:\Documents and Settings\Philip Green\Application Data\Duxeq\vyyvi.exe") -> DELETED
[HJPOL] HKCU\[...]\System : DisableTaskMgr (1) -> DELETED
[HJPOL] HKLM\[...]\System : DisableTaskMgr (1) -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ INPROC][SUSP PATH] HKCR\[...]\InprocServer32 : (C:\Documents and Settings\Philip Green\Local Settings\Application Data\{b936be3d-72bf-79e2-41b3-d1eb67539cbf}\n) -> REPLACED (C:\WINDOWS\system32\shell32.dll)

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FILE] n : C:\WINDOWS\Installer\{b936be3d-72bf-79e2-41b3-d1eb67539cbf}\n --> REMOVED AT REBOOT
[ZeroAccess][FILE] @ : C:\WINDOWS\Installer\{b936be3d-72bf-79e2-41b3-d1eb67539cbf}\@ --> REMOVED
[Del.Parent][FILE] 00000001.@ : C:\WINDOWS\Installer\{b936be3d-72bf-79e2-41b3-d1eb67539cbf}\U\00000001.@ --> REMOVED
[Del.Parent][FILE] 80000000.@ : C:\WINDOWS\Installer\{b936be3d-72bf-79e2-41b3-d1eb67539cbf}\U\80000000.@ --> REMOVED
[Del.Parent][FILE] 800000cb.@ : C:\WINDOWS\Installer\{b936be3d-72bf-79e2-41b3-d1eb67539cbf}\U\800000cb.@ --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\WINDOWS\Installer\{b936be3d-72bf-79e2-41b3-d1eb67539cbf}\U --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\WINDOWS\Installer\{b936be3d-72bf-79e2-41b3-d1eb67539cbf}\L --> REMOVED

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

ÿþ1

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: HDS728080PLAT20 +++++
--- User ---
[MBR] a8f63eec555b93342b8c9b5853a3261f
[BSP] 5d7f299ad92007006df8e04978bb6fe4 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 78520 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_11232012_02d2324.txt >>
RKreport[1]_S_11232012_02d2322.txt ; RKreport[2]_D_11232012_02d2324.txt

report 3
RogueKiller V8.3.1 [Nov 23 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 2) 32 bits version
Started in : Normal mode
User : Philip Green [Admin rights]
Mode : Scan -- Date : 11/23/2012 23:32:39

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 4 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : Baowixzou ("C:\Documents and Settings\Philip Green\Application Data\Ylxu\cyqio.exe") -> FOUND
[RUN][SUSP PATH] HKCU\[...]\Run : Ugkom ("C:\Documents and Settings\Philip Green\Application Data\Duxeq\vyyvi.exe") -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-746137067-287218729-725345543-1004[...]\Run : Baowixzou ("C:\Documents and Settings\Philip Green\Application Data\Ylxu\cyqio.exe") -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-746137067-287218729-725345543-1004[...]\Run : Ugkom ("C:\Documents and Settings\Philip Green\Application Data\Duxeq\vyyvi.exe") -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FILE] n : C:\WINDOWS\Installer\{b936be3d-72bf-79e2-41b3-d1eb67539cbf}\n --> FOUND
[ZeroAccess][FOLDER] U : C:\WINDOWS\Installer\{b936be3d-72bf-79e2-41b3-d1eb67539cbf}\U --> FOUND

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

ÿþ1

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: +++++
--- User ---
[MBR] a8f63eec555b93342b8c9b5853a3261f
[BSP] 5d7f299ad92007006df8e04978bb6fe4 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 78520 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[3]_S_11232012_02d2332.txt >>
RKreport[1]_S_11232012_02d2322.txt ; RKreport[2]_D_11232012_02d2324.txt ; RKreport[3]_S_11232012_02d2332.txt

report 4
RogueKiller V8.3.1 [Nov 23 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 2) 32 bits version
Started in : Normal mode
User : Philip Green [Admin rights]
Mode : Remove -- Date : 11/23/2012 23:34:38

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 4 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : Baowixzou ("C:\Documents and Settings\Philip Green\Application Data\Ylxu\cyqio.exe") -> DELETED
[RUN][SUSP PATH] HKCU\[...]\Run : Ugkom ("C:\Documents and Settings\Philip Green\Application Data\Duxeq\vyyvi.exe") -> DELETED
[RUN][SUSP PATH] HKUS\S-1-5-21-746137067-287218729-725345543-1004[...]\Run : Baowixzou ("C:\Documents and Settings\Philip Green\Application Data\Ylxu\cyqio.exe") -> DELETED
[RUN][SUSP PATH] HKUS\S-1-5-21-746137067-287218729-725345543-1004[...]\Run : Ugkom ("C:\Documents and Settings\Philip Green\Application Data\Duxeq\vyyvi.exe") -> DELETED

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FILE] n : C:\WINDOWS\Installer\{b936be3d-72bf-79e2-41b3-d1eb67539cbf}\n --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\WINDOWS\Installer\{b936be3d-72bf-79e2-41b3-d1eb67539cbf}\U --> REMOVED

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

ÿþ1

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: +++++
--- User ---
[MBR] a8f63eec555b93342b8c9b5853a3261f
[BSP] 5d7f299ad92007006df8e04978bb6fe4 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 78520 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[4]_D_11232012_02d2334.txt >>
RKreport[1]_S_11232012_02d2322.txt ; RKreport[2]_D_11232012_02d2324.txt ; RKreport[3]_S_11232012_02d2332.txt ; RKreport[4]_D_11232012_02d2334.txt

report 5
RogueKiller V8.3.1 [Nov 23 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 2) 32 bits version
Started in : Normal mode
User : Philip Green [Admin rights]
Mode : Shortcuts HJfix -- Date : 11/23/2012 23:44:46

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 30 / Fail 0
Quick launch: Success 0 / Fail 0
Programs: Success 20 / Fail 0
Start menu: Success 0 / Fail 0
User folder: Success 1239 / Fail 0
My documents: Success 14 / Fail 14
My favorites: Success 2 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 0 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 96 / Fail 0
Backup: [NOT FOUND]

Drives:
[A:] \Device\Floppy0 -- 0x2 --> Skipped
[C:] \Device\HarddiskVolume1 -- 0x3 --> Restored
[D:] \Device\CdRom0 -- 0x5 --> Skipped

¤¤¤ Infection : ZeroAccess ¤¤¤

Finished : << RKreport[5]_SC_11232012_02d2344.txt >>
RKreport[1]_S_11232012_02d2322.txt ; RKreport[2]_D_11232012_02d2324.txt ; RKreport[3]_S_11232012_02d2332.txt ; RKreport[4]_D_11232012_02d2334.txt ; RKreport[5]_SC_11232012_02d2344.txt

OLT report
OTL logfile created on: 11/23/2012 11:49:43 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Philip Green\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

479.48 Mb Total Physical Memory | 300.16 Mb Available Physical Memory | 62.60% Memory free
1.10 Gb Paging File | 0.87 Gb Available in Paging File | 79.22% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76.68 Gb Total Space | 39.31 Gb Free Space | 51.27% Space Free | Partition Type: NTFS

Computer Name: PHILIP | User Name: Philip Green | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/23 23:48:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Philip Green\Desktop\OTL.exe
PRC - [2012/03/22 19:56:27 | 000,453,240 | ---- | M] (http://www.express-files.com/) -- C:\Program Files\ExpressFiles\ExpressFiles.exe
PRC - [2012/03/22 19:56:27 | 000,172,664 | ---- | M] (http://www.express-files.com/) -- C:\Program Files\ExpressFiles\EFupdater.exe
PRC - [2012/01/18 13:02:04 | 000,508,136 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2010/11/20 21:00:00 | 035,048,115 | ---- | M] () -- C:\WINDOWS\system32\WmInit.exe
PRC - [2009/07/24 01:15:18 | 000,253,952 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Program Files\T-Mobile\web'n'walk Manager\DataCardMonitor.exe
PRC - [2007/12/21 00:18:18 | 000,389,215 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson SpeedTouch\ST330\service\st330service.exe
PRC - [2007/12/21 00:18:17 | 000,557,149 | ---- | M] (THOMSON Telecom Belgium) -- C:\Program Files\Thomson SpeedTouch\ST330\diagnostics\diagnostics.exe
PRC - [2007/06/13 10:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/04 21:38:18 | 000,112,336 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2007/01/04 21:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/11/28 00:12:24 | 002,658,304 | ---- | M] () -- C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
PRC - [2006/10/23 12:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2006/09/26 00:52:48 | 000,050,736 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\1200932265\ee\aolsoftware.exe
PRC - [2006/06/27 15:21:14 | 001,449,984 | ---- | M] (Time Information Services Ltd.) -- C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
PRC - [2006/06/09 09:37:18 | 000,471,552 | ---- | M] (Nokia Corporation) -- C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
PRC - [2006/06/05 12:59:18 | 000,174,080 | ---- | M] (Nokia.) -- C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
PRC - [2003/04/02 13:56:34 | 000,131,072 | ---- | M] (Philips PC Cameras) -- C:\Program Files\Philips ToUcam Camera\VProperty.exe

========== Modules (No Company Name) ==========

MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/11/20 21:00:00 | 035,048,115 | ---- | M] () -- C:\WINDOWS\system32\WmInit.exe
MOD - [2007/12/21 00:18:18 | 004,222,976 | ---- | M] () -- C:\Program Files\Thomson SpeedTouch\ST330\service\qt-mt332.dll
MOD - [2007/12/21 00:18:17 | 004,222,976 | ---- | M] () -- C:\Program Files\Thomson SpeedTouch\ST330\diagnostics\qt-mt332.dll
MOD - [2007/12/21 00:18:17 | 000,364,544 | ---- | M] () -- C:\Program Files\Thomson SpeedTouch\ST330\diagnostics\qwt.dll
MOD - [2006/11/28 00:12:24 | 002,658,304 | ---- | M] () -- C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
MOD - [2006/11/27 17:09:04 | 000,068,864 | ---- | M] () -- C:\Program Files\VSAdd-in\VSAdd-in_1.dll
MOD - [2005/11/11 08:15:18 | 000,204,800 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\bin\HpqUtil.dll
MOD - [2004/08/04 12:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2004/08/04 12:00:00 | 000,015,360 | ---- | M] () -- C:\WINDOWS\system32\tsd32.dll
MOD - [2004/08/04 12:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll

========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\DOCUME~1\PHILIP~1\LOCALS~1\Temp\DAT6F3.tmp.exe -- (zgmtotxwd)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2007/12/21 00:18:18 | 000,389,215 | ---- | M] () [Auto | Running] -- C:\Program Files/Thomson SpeedTouch/ST330/service/st330service.exe -- (st330service)
SRV - [2007/01/04 21:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/10/23 12:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2006/06/05 12:59:18 | 000,174,080 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe -- (ServiceLayer)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\tveojhbr.sys -- (tveojhbr)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\dvcvlqia.sys -- (dvcvlqia)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\Drivers\DP.sys -- (DP1112)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2009/08/05 22:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2008/05/05 16:42:18 | 000,101,376 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/02/22 15:33:02 | 000,114,304 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2008/02/22 15:33:02 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2008/02/22 15:33:00 | 000,087,936 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2008/02/11 16:07:00 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\tcpipBM.sys -- (tcpipBM)
DRV - [2007/12/21 00:18:18 | 000,032,000 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\stppp.sys -- (stppp)
DRV - [2007/12/21 00:18:18 | 000,030,464 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\st330.sys -- (ST330)
DRV - [2007/12/21 00:18:18 | 000,012,672 | ---- | M] (THOMSON Telecom Belgium) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\stbus.sys -- (STBUS)
DRV - [2006/07/24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006/05/29 07:26:38 | 000,127,488 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcd.sys -- (Nokia USB Phone Parent)
DRV - [2006/05/29 07:26:36 | 000,013,312 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcj.sys -- (Nokia USB Port)
DRV - [2006/05/29 07:26:36 | 000,013,312 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdcm.sys -- (Nokia USB Modem)
DRV - [2006/05/29 07:26:36 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdc.sys -- (Nokia USB Generic)
DRV - [2005/02/23 13:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2004/09/29 07:35:30 | 000,219,136 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2004/09/29 07:34:24 | 000,702,592 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/09/29 07:33:50 | 001,036,928 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/05/22 15:44:44 | 000,670,203 | R--- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Intels51.sys -- (Intels51)
DRV - [2003/01/10 21:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw)
DRV - [2001/08/17 13:04:46 | 000,223,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\camdrv21.sys -- (camvid20)
DRV - [2000/10/25 12:27:24 | 000,003,000 | R--- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\SetupNT.sys -- (SetupNT)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...nType=tb50trie7
IE - HKLM\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://www.mywebsear...r={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://dts.search-re...q={searchTerms}

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-746137067-287218729-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default = 95 49 08 A3 A4 A9 99 44 82 62 9B 0B 2C 4A 7E A0 [binary data]
IE - HKU\S-1-5-21-746137067-287218729-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sky.com
IE - HKU\S-1-5-21-746137067-287218729-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.orange.co.uk/iesearch/
IE - HKU\S-1-5-21-746137067-287218729-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sky.com/
IE - HKU\S-1-5-21-746137067-287218729-725345543-1004\..\URLSearchHook: {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll (America Online, Inc.)
IE - HKU\S-1-5-21-746137067-287218729-725345543-1004\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
IE - HKU\S-1-5-21-746137067-287218729-725345543-1004\..\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}: "URL" = http://vshare.toolba...Terms}&srch=dsp
IE - HKU\S-1-5-21-746137067-287218729-725345543-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKU\S-1-5-21-746137067-287218729-725345543-1004\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...nType=tb50trie7
IE - HKU\S-1-5-21-746137067-287218729-725345543-1004\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://www.mywebsear...r={searchTerms}
IE - HKU\S-1-5-21-746137067-287218729-725345543-1004\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKU\S-1-5-21-746137067-287218729-725345543-1004\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3008668
IE - HKU\S-1-5-21-746137067-287218729-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-746137067-287218729-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

O1 HOSTS File: ([2012/11/24 00:05:09 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (Reg Error: Value error.) - {46A4E9D9-B30E-452A-8157-DBBEC8573B03} - C:\Program Files\VSAdd-in\VSAdd-in_1.dll ()
O2 - BHO: (AOLSearchHook Class) - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll (America Online, Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Reg Error: Value error.) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\system32\ddcbbyy.dll File not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Productivity 3.1 Toolbar) - {9427041a-a8dc-4d06-9a68-93873486e957} - C:\Program Files\Productivity_3.1\prxtbPro0.dll (Conduit Ltd.)
O2 - BHO: (Reg Error: Value error.) - {DF941BC7-DD2A-484E-BD2C-8B8FF174D1EB} - C:\WINDOWS\AppPatch\ysscp.dll File not found
O3 - HKLM\..\Toolbar: (&VSAdd-in) - {74DD705D-6834-439C-A735-A6DBE2677452} - C:\Program Files\VSAdd-in\VSAdd-in_1.dll ()
O3 - HKLM\..\Toolbar: (Productivity 3.1 Toolbar) - {9427041a-a8dc-4d06-9a68-93873486e957} - C:\Program Files\Productivity_3.1\prxtbPro0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-746137067-287218729-725345543-1004\..\Toolbar\WebBrowser: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - No CLSID value found.
O3 - HKU\S-1-5-21-746137067-287218729-725345543-1004\..\Toolbar\WebBrowser: (&VSAdd-in) - {74DD705D-6834-439C-A735-A6DBE2677452} - C:\Program Files\VSAdd-in\VSAdd-in_1.dll ()
O3 - HKU\S-1-5-21-746137067-287218729-725345543-1004\..\Toolbar\WebBrowser: (Productivity 3.1 Toolbar) - {9427041A-A8DC-4D06-9A68-93873486E957} - C:\Program Files\Productivity_3.1\prxtbPro0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files\T-Mobile\web'n'walk Manager\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKLM..\Run: [diagnostics] C:\Program Files\Thomson SpeedTouch\ST330\diagnostics\diagnostics.exe (THOMSON Telecom Belgium)
O4 - HKLM..\Run: [ExpressFiles] C:\Program Files\ExpressFiles\ExpressFiles.exe (http://www.express-files.com/)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1200932265\ee\aolsoftware.exe (America Online, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe ()
O4 - HKLM..\Run: [ToUcamVProperty] C:\Program Files\Philips ToUcam Camera\VProperty.exe (Philips PC Cameras)
O4 - HKLM..\Run: [Windows Media] C:\WINDOWS\system32\WmInit.exe ()
O4 - HKU\S-1-5-21-746137067-287218729-725345543-1004..\Run: [Aim6] C:\Program Files\AIM6\aim6.exe (AOL LLC)
O4 - HKU\S-1-5-21-746137067-287218729-725345543-1004..\Run: [Baowixzou] C:\Documents and Settings\Philip Green\Application Data\Ylxu\cyqio.exe ()
O4 - HKU\S-1-5-21-746137067-287218729-725345543-1004..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-21-746137067-287218729-725345543-1004..\Run: [Ugkom] C:\Documents and Settings\Philip Green\Application Data\Duxeq\vyyvi.exe ()
O4 - HKU\S-1-5-21-746137067-287218729-725345543-1004..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WTGU.lnk = File not found
O4 - Startup: C:\Documents and Settings\Philip Green\Start Menu\Programs\Startup\SmartCapture.lnk = C:\WINDOWS\Seiko\slpcap.exe (Seiko Instruments USA Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-746137067-287218729-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Search - http://edits.mywebse...?p=ZKxdm171YYGB File not found
O9 - Extra Button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.sky.com File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O15 - HKU\S-1-5-21-746137067-287218729-725345543-1004\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfar...etup1.0.1.0.cab (Reg Error: Key error.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4E0C4855-F98B-4126-8198-CE5A6D3E5FE9}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ddcbbyy: DllName - (ddcbbyy.dll) - File not found
O20 - Winlogon\Notify\ysscp: DllName - (C:\WINDOWS\AppPatch\ysscp.dll) - File not found
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O28 - HKLM ShellExecuteHooks: {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\system32\ddcbbyy.dll File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/05/31 20:28:47 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{2903824e-3e26-11de-9e3b-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{2903824e-3e26-11de-9e3b-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{2903824e-3e26-11de-9e3b-00038a000015}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{5a4f9e70-77ef-11de-9ef7-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{5a4f9e70-77ef-11de-9ef7-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5a4f9e70-77ef-11de-9ef7-00038a000015}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{5a4f9e72-77ef-11de-9ef7-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{5a4f9e72-77ef-11de-9ef7-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5a4f9e72-77ef-11de-9ef7-00038a000015}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{b8ed360e-6fa7-11de-9ed8-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{b8ed360e-6fa7-11de-9ed8-00038a000015}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b8ed360e-6fa7-11de-9ed8-00038a000015}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/11/23 23:48:41 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Philip Green\Desktop\OTL.exe
[2012/11/23 23:20:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philip Green\Desktop\RK_Quarantine
[2012/11/23 23:08:37 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/11/02 16:28:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philip Green\Desktop\eBay33
[2012/11/02 16:28:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Philip Green\Desktop\eils
[2012/10/30 21:59:22 | 000,696,760 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/10/30 21:59:22 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/07/31 18:27:41 | 000,433,152 | ---- | C] (Electronic Arts Inc.) -- C:\Documents and Settings\Philip Green\Application Data\cacaps.dll
[2012/07/28 22:47:44 | 000,439,808 | ---- | C] (BitTorrent, Inc.) -- C:\Documents and Settings\Philip Green\Application Data\mresy.dll

========== Files - Modified Within 30 Days ==========

[2012/11/24 00:05:09 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012/11/23 23:48:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Philip Green\Desktop\OTL.exe
[2012/11/23 23:25:32 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\Express Files Updater.job
[2012/11/23 23:25:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/11/23 23:19:53 | 000,752,128 | ---- | M] () -- C:\Documents and Settings\Philip Green\Desktop\RogueKiller.exe
[2012/11/23 23:10:26 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/11/23 22:56:58 | 000,013,744 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/11/23 18:47:32 | 000,140,827 | ---- | M] () -- C:\WINDOWS\System32\drivers\str.sys
[2012/11/18 23:53:17 | 000,000,887 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WTGU.lnk
[2012/10/30 21:59:22 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/10/30 21:59:22 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/10/28 20:04:05 | 000,067,796 | ---- | M] () -- C:\Documents and Settings\Philip Green\Desktop\538770_10151175032821100_1544543661_n.jpg
[2012/10/28 16:34:40 | 000,432,688 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/10/28 16:34:40 | 000,067,660 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

========== Files Created - No Company Name ==========

[2012/11/23 23:19:52 | 000,752,128 | ---- | C] () -- C:\Documents and Settings\Philip Green\Desktop\RogueKiller.exe
[2012/10/11 15:16:19 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Philip Green\ŸŸ
[2012/08/31 18:28:47 | 000,006,116 | ---- | C] () -- C:\Documents and Settings\Philip Green\Application Data\cscet.dll
[2012/08/06 20:26:29 | 000,140,827 | ---- | C] () -- C:\WINDOWS\System32\drivers\str.sys
[2012/02/03 19:26:55 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Philip Green\Ÿ7Ÿ7
[2012/02/02 13:27:12 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011/06/20 19:54:15 | 000,120,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\16427B.sys
[2010/01/24 23:24:52 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Philip Green\Ÿ8Ÿ8
[2008/12/30 20:52:32 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2007/07/04 16:20:58 | 000,585,494 | ---- | C] () -- C:\Documents and Settings\Philip Green\Application Data\NMM-MetaData.db
[2005/09/16 15:07:52 | 000,013,312 | ---- | C] () -- C:\Documents and Settings\Philip Green\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2012/11/19 15:08:57 | 000,002,048 | --S- | M] () -- C:\Documents and Settings\Philip Green\Local Settings\Application Data\{b936be3d-72bf-79e2-41b3-d1eb67539cbf}\@
[2009/02/09 10:20:33 | 000,045,568 | --S- | M] () -- C:\Documents and Settings\Philip Green\Local Settings\Application Data\{b936be3d-72bf-79e2-41b3-d1eb67539cbf}\n
[2009/02/09 10:20:33 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Philip Green\Local Settings\Application Data\{b936be3d-72bf-79e2-41b3-d1eb67539cbf}\L
[2012/11/10 21:07:01 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Philip Green\Local Settings\Application Data\{b936be3d-72bf-79e2-41b3-d1eb67539cbf}\U
[2012/11/10 21:07:01 | 000,000,928 | ---- | M] () -- C:\Documents and Settings\Philip Green\Local Settings\Application Data\{b936be3d-72bf-79e2-41b3-d1eb67539cbf}\U\00000001.@
[2012/10/29 21:56:31 | 000,011,776 | ---- | M] () -- C:\Documents and Settings\Philip Green\Local Settings\Application Data\{b936be3d-72bf-79e2-41b3-d1eb67539cbf}\U\80000000.@
[2012/09/25 10:01:43 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\Philip Green\Local Settings\Application Data\{b936be3d-72bf-79e2-41b3-d1eb67539cbf}\U\800000cb.@
[2009/03/19 19:47:11 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"ThreadingModel" = Both
"" = C:\WINDOWS\system32\shell32.dll -- [2008/07/03 13:16:57 | 008,454,656 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009/12/22 05:42:48 | 001,506,304 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 10:20:33 | 000,473,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = \\.\globalroot\systemroot\Installer\{b936be3d-72bf-79e2-41b3-d1eb67539cbf}\n.
"ThreadingModel" = Both

< End of report >

extras

OTL Extras logfile created on: 11/23/2012 11:49:43 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Philip Green\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

479.48 Mb Total Physical Memory | 300.16 Mb Available Physical Memory | 62.60% Memory free
1.10 Gb Paging File | 0.87 Gb Available in Paging File | 79.22% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 76.68 Gb Total Space | 39.31 Gb Free Space | 51.27% Space Free | Partition Type: NTFS

Computer Name: PHILIP | User Name: Philip Green | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{09BDEEF0-5590-457D-89A9-5DB2742F9BBF}" = 32 Bit HP CIO Components Installer
"{0B3125F0-0CB5-42B6-80E4-75715489ACC0}" = Touchdown Madness
"{0B568EF0-5280-4E27-BE21-74D15F0BD8AF}" = Samsung PC Studio 3
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{0D80391C-0A72-43BB-9BC2-143F63CC111D}" = Nokia PC Connectivity Solution
"{0E94871C-623C-464F-A117-B8474BFF84E1}" = Nokia MTP driver
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{14C35072-D7D0-4B29-B5BF-C94E426D77E9}" = Sky Broadband
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{195F2C6C-A343-4b10-B1A4-3F00AB9E9DD9}" = Fax
"{19FDB8E4-59AD-4330-9667-E8DCAF018DD3}" = Unload
"{1E460998-5C2C-4ACF-A9AA-3629BD9C06C2}" = Samsung PC Studio
"{1E5E2F9A-17D3-45CA-8FF0-B0C2927D4B03}" = MobileMe Control Panel
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{20B30DC1-E423-4939-B51D-05C58B0F9BBB}" = HP Photosmart All-In-One Driver Software 10.0 Rel .2
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java™ 6 Update 35
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{29ED20C9-5E15-4969-9279-25BF3727A3DA}" = iTunes
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java™ 6 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{40FD99B4-63C3-49EE-A3BE-5D87762F3F2D}" = ArcSoft PhotoBase 3
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{531317A5-586A-4E36-87C1-CA823447B375}" = Nokia PC Suite
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5CCABD37-479D-4304-B1A5-67952C25F8F2}" = Nokia Software Launcher
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{64945A96-ECA1-4FBE-8C9B-0492298AA8E7}" = My Friend Pingu
"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6882DD11-33B8-4DEA-8305-7E765BF74BD3}" = Nokia Connectivity Cable Driver
"{6B437F94-056F-4791-AF2C-0D10E2706AF0}" = PanoStandAlone
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7148F0A8-6813-11D6-A77B-00B0D0142030}" = Java 2 Runtime Environment, SE v1.4.2_03
"{729DF902-05F9-4C00-9E6D-411119824E5F}" = hpiCamDrvQFolder
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{923C8F79-D70B-4E53-B278-41AD6560C55C}" = ArcSoft VideoImpression 1.6
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}" = Apple Mobile Device Support
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{AE0E4375-91CC-4A50-B205-A37B957B7F2B}" = Smart Label Printer 6.2
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{b9be267c-e096-4cce-a4fd-f24eec004938}" = PS_AIO_02_ProductContext
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BE009302-8937-402f-A6CE-8DDC1C20A480}" = CameraUserGuides
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{c4549405-195f-4450-8865-6be9dc5ad136}" = PS_AIO_02_Software_Min
"{C708333C-B1B9-43be-B797-49FEC7A8D15B}" = C5200
"{C9849786-7F71-41af-BF85-E0C25DE3D263}" = CameraDrivers
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{cd0b9359-b716-4fd0-8e0a-09b3e312e8a4}" = PS_AIO_02_Software
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{cef78f86-19a8-4bbd-91fa-e9b6b2d37348}" = C5200_Help
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{D7CAE58E-26DE-49B7-A75D-EAEDF76726BE}" = HP Photosmart Essential
"{D92FF8EB-BD77-40AE-B68B-A6BFC6F8661D}" = Windows Live Family Safety
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E933F71E-E82C-4E65-81FF-C6FC07E5DB4E}" = Philips ToUcam Fun Camera
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{FB172CE8-F5C0-4731-92FF-E93A0B075A7C}" = HP Photosmart Cameras 6.0
"3271E907F27C989F2C244ACB3D32020E3DD3CA6F" = Windows Driver Package - Nokia Modem (06/12/2006 6.81.0.21)
"6194C28A8F62DD817EA1B918E6E46E806A21B452" = Windows Driver Package - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
"65B6FE5418CE28F4D72543FB2D964C3CEC83F161" = Windows Driver Package - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AIM Search" = AIM Search
"Aiseesoft DVD to iPhone Suite_is1" = Aiseesoft DVD to iPhone Suite
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F30&SUBSYS_205514F1" = PCI SoftV92 Modem
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"ie8" = Windows Internet Explorer 8
"IndustryPlayer 5" = IndustryPlayer 5
"IrfanView" = IrfanView (remove only)
"MetaFrame Presentation Server Web Client for Win32" = MetaFrame Presentation Server Web Client for Win32
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Plus500" = Plus500
"Productivity_3.1 Toolbar" = Productivity 3.1 Toolbar
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Shockwave" = Shockwave
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SpeedTouch 330" = SpeedTouch 330
"SysInfo" = Creative System Information
"UP286_is1" = Ultimate Paint 2.88
"USYP_is1" = SysProtect 1.3.146.0
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-746137067-287218729-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ExpressFiles" = ExpressFiles
"Live Security Platinum" = Live Security Platinum
"Sickest Adder v2.1" = Sickest Adder v2.1

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10/25/2012 7:14:49 AM | Computer Name = PHILIP | Source = Bonjour Service | ID = 100
Description = 352: ERROR: read_msg errno 10053 (An established connection was aborted
by the software in your host machine.)

Error - 10/29/2012 2:24:15 PM | Computer Name = PHILIP | Source = Microsoft Office 10 | ID = 1000
Description = Faulting application winword.exe, version 10.0.2627.0, faulting module
winword.exe, version 10.0.2627.0, fault address 0x002c41cd.

Error - 10/30/2012 8:01:30 AM | Computer Name = PHILIP | Source = Bonjour Service | ID = 100
Description = ERROR: mDNSPlatformReadTCP - recv: 10053

Error - 10/30/2012 8:01:30 AM | Computer Name = PHILIP | Source = Bonjour Service | ID = 100
Description = 352: ERROR: read_msg errno 10053 (An established connection was aborted
by the software in your host machine.)

Error - 10/30/2012 12:59:07 PM | Computer Name = PHILIP | Source = Microsoft Office 10 | ID = 2000
Description = Accepted Safe Mode action : Microsoft Word.

Error - 10/30/2012 2:51:30 PM | Computer Name = PHILIP | Source = Windows Live Messenger | ID = 1000
Description =

Error - 10/30/2012 6:01:44 PM | Computer Name = PHILIP | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module flash10i.ocx, version 10.1.82.76, fault address 0x0008717a.

Error - 10/30/2012 8:47:48 PM | Computer Name = PHILIP | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/23/2012 7:25:53 PM | Computer Name = PHILIP | Source = Application Error | ID = 1000
Description = Faulting application ctfmon.exe, version 5.1.2600.2180, faulting module
unknown, version 0.0.0.0, fault address 0xdc150b49.

Error - 11/23/2012 7:26:59 PM | Computer Name = PHILIP | Source = WinMgmt | ID = 28
Description = WinMgmt could not initialize the core parts. This could be due to
a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient
disk space or insufficient memory.

[ Application Events ]
Error - 10/25/2012 7:14:49 AM | Computer Name = PHILIP | Source = Bonjour Service | ID = 100
Description = 352: ERROR: read_msg errno 10053 (An established connection was aborted
by the software in your host machine.)

Error - 10/29/2012 2:24:15 PM | Computer Name = PHILIP | Source = Microsoft Office 10 | ID = 1000
Description = Faulting application winword.exe, version 10.0.2627.0, faulting module
winword.exe, version 10.0.2627.0, fault address 0x002c41cd.

Error - 10/30/2012 8:01:30 AM | Computer Name = PHILIP | Source = Bonjour Service | ID = 100
Description = ERROR: mDNSPlatformReadTCP - recv: 10053

Error - 10/30/2012 8:01:30 AM | Computer Name = PHILIP | Source = Bonjour Service | ID = 100
Description = 352: ERROR: read_msg errno 10053 (An established connection was aborted
by the software in your host machine.)

Error - 10/30/2012 12:59:07 PM | Computer Name = PHILIP | Source = Microsoft Office 10 | ID = 2000
Description = Accepted Safe Mode action : Microsoft Word.

Error - 10/30/2012 2:51:30 PM | Computer Name = PHILIP | Source = Windows Live Messenger | ID = 1000
Description =

Error - 10/30/2012 6:01:44 PM | Computer Name = PHILIP | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module flash10i.ocx, version 10.1.82.76, fault address 0x0008717a.

Error - 10/30/2012 8:47:48 PM | Computer Name = PHILIP | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 11/23/2012 7:25:53 PM | Computer Name = PHILIP | Source = Application Error | ID = 1000
Description = Faulting application ctfmon.exe, version 5.1.2600.2180, faulting module
unknown, version 0.0.0.0, fault address 0xdc150b49.

Error - 11/23/2012 7:26:59 PM | Computer Name = PHILIP | Source = WinMgmt | ID = 28
Description = WinMgmt could not initialize the core parts. This could be due to
a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient
disk space or insufficient memory.

[ System Events ]
Error - 11/21/2012 9:04:46 AM | Computer Name = PHILIP | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the zgmtotxwd service to
connect.

Error - 11/21/2012 9:04:49 AM | Computer Name = PHILIP | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 11/23/2012 2:45:28 PM | Computer Name = PHILIP | Source = Service Control Manager | ID = 7000
Description = The DP1112 service failed to start due to the following error: %%2

Error - 11/23/2012 2:45:28 PM | Computer Name = PHILIP | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the zgmtotxwd service to
connect.

Error - 11/23/2012 2:45:54 PM | Computer Name = PHILIP | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 11/23/2012 2:46:10 PM | Computer Name = PHILIP | Source = DCOM | ID = 10010
Description = The server {0002DF01-0000-0000-C000-000000000046} did not register
with DCOM within the required timeout.

Error - 11/23/2012 6:56:32 PM | Computer Name = PHILIP | Source = Service Control Manager | ID = 7000
Description = The DP1112 service failed to start due to the following error: %%2

Error - 11/23/2012 6:56:54 PM | Computer Name = PHILIP | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 11/23/2012 6:57:09 PM | Computer Name = PHILIP | Source = DCOM | ID = 10010
Description = The server {0002DF01-0000-0000-C000-000000000046} did not register
with DCOM within the required timeout.

Error - 11/23/2012 7:00:51 PM | Computer Name = PHILIP | Source = Service Control Manager | ID = 7023
Description = The Computer Browser service terminated with the following error:
%%1460

< End of report >

again sorry if i have posted stuff you didnt need just thought it would be safer to post everything

No symptons at the minute that i can see the virus has gone thank you

#11
Buddierdl

Posted 24 November 2012 - 01:11 PM

Trusted Helper

Malware Removal
2,524 posts

Hi Fred 1973,

We're getting closer. Try these steps in normal mode.

Note: You have a backdoor infection.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the trojan has been identified and can be killed, because of its backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. There is no way for us to know exactly what the malware has done to your machine to give itself access, nor how it may have damaged critical files. Additionally, it is quite possible that changes made to the system by the malware may impact negatively on your computer during the removal process. Many experts in the security community believe that once infected with this type of trojan, the best and safest course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall

That being said, I can still help you clean out the malware as best as I can without going that route (though there is no guarantee that it will work right or be totally safe after disinfection), so if you decide that you don't want to do a format and reinstall of Windows, then please follow the instructions below:

Step 1: Run OTL fix.

Start OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

:Commands
[createrestorepoint]

:OTL
MOD - [2010/11/20 21:00:00 | 035,048,115 | ---- | M] () -- C:\WINDOWS\system32\WmInit.exe
MOD - [2006/11/27 17:09:04 | 000,068,864 | ---- | M] () -- C:\Program Files\VSAdd-in\VSAdd-in_1.dll

SRV - File not found [Auto | Stopped] -- C:\DOCUME~1\PHILIP~1\LOCALS~1\Temp\DAT6F3.tmp.exe -- (zgmtotxwd)
SRV - [2007/01/04 21:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)

DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\tveojhbr.sys -- (tveojhbr)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\dvcvlqia.sys -- (dvcvlqia)
DRV - File not found [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\Drivers\DP.sys -- (DP1112)

IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
IE - HKLM\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://www.mywebsear...r={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKU\S-1-5-21-746137067-287218729-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default = 95 49 08 A3 A4 A9 99 44 82 62 9B 0B 2C 4A 7E A0 [binary data]

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}

IE - HKU\S-1-5-21-746137067-287218729-725345543-1004\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
IE - HKU\S-1-5-21-746137067-287218729-725345543-1004\..\SearchScopes\{043C5167-00BB-4324-AF7E-62013FAEDACF}: "URL" = http://vshare.toolba...Terms}&srch=dsp
IE - HKU\S-1-5-21-746137067-287218729-725345543-1004\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://www.mywebsear...r={searchTerms}
IE - HKU\S-1-5-21-746137067-287218729-725345543-1004\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKU\S-1-5-21-746137067-287218729-725345543-1004\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT3008668

FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

O2 - BHO: (Reg Error: Value error.) - {46A4E9D9-B30E-452A-8157-DBBEC8573B03} - C:\Program Files\VSAdd-in\VSAdd-in_1.dll ()
O2 - BHO: (Reg Error: Value error.) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\system32\ddcbbyy.dll File not found
O2 - BHO: (Productivity 3.1 Toolbar) - {9427041a-a8dc-4d06-9a68-93873486e957} - C:\Program Files\Productivity_3.1\prxtbPro0.dll (Conduit Ltd.)
O2 - BHO: (Reg Error: Value error.) - {DF941BC7-DD2A-484E-BD2C-8B8FF174D1EB} - C:\WINDOWS\AppPatch\ysscp.dll File not found

O3 - HKLM\..\Toolbar: (&VSAdd-in) - {74DD705D-6834-439C-A735-A6DBE2677452} - C:\Program Files\VSAdd-in\VSAdd-in_1.dll ()
O3 - HKLM\..\Toolbar: (Productivity 3.1 Toolbar) - {9427041a-a8dc-4d06-9a68-93873486e957} - C:\Program Files\Productivity_3.1\prxtbPro0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-746137067-287218729-725345543-1004\..\Toolbar\WebBrowser: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - No CLSID value found.
O3 - HKU\S-1-5-21-746137067-287218729-725345543-1004\..\Toolbar\WebBrowser: (&VSAdd-in) - {74DD705D-6834-439C-A735-A6DBE2677452} - C:\Program Files\VSAdd-in\VSAdd-in_1.dll ()
O3 - HKU\S-1-5-21-746137067-287218729-725345543-1004\..\Toolbar\WebBrowser: (Productivity 3.1 Toolbar) - {9427041A-A8DC-4D06-9A68-93873486E957} - C:\Program Files\Productivity_3.1\prxtbPro0.dll (Conduit Ltd.)

O4 - HKLM..\Run: [Windows Media] C:\WINDOWS\system32\WmInit.exe ()
O4 - HKU\S-1-5-21-746137067-287218729-725345543-1004..\Run: [Baowixzou] C:\Documents and Settings\Philip Green\Application Data\Ylxu\cyqio.exe ()
O4 - HKU\S-1-5-21-746137067-287218729-725345543-1004..\Run: [Ugkom] C:\Documents and Settings\Philip Green\Application Data\Duxeq\vyyvi.exe ()

O8 - Extra context menu item: &Search - http://edits.mywebse...?p=ZKxdm171YYGB File not found

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfar...etup1.0.1.0.cab (Reg Error: Key error.)

O20 - Winlogon\Notify\ddcbbyy: DllName - (ddcbbyy.dll) - File not found
O20 - Winlogon\Notify\ysscp: DllName - (C:\WINDOWS\AppPatch\ysscp.dll) - File not found

O28 - HKLM ShellExecuteHooks: {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\system32\ddcbbyy.dll File not found

[2012/07/31 18:27:41 | 000,433,152 | ---- | C] (Electronic Arts Inc.) -- C:\Documents and Settings\Philip Green\Application Data\cacaps.dll
[2012/07/28 22:47:44 | 000,439,808 | ---- | C] (BitTorrent, Inc.) -- C:\Documents and Settings\Philip Green\Application Data\mresy.dll

[2012/11/23 18:47:32 | 000,140,827 | ---- | M] () -- C:\WINDOWS\System32\drivers\str.sys

[2012/10/11 15:16:19 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Philip Green\ŸŸ
[2012/08/31 18:28:47 | 000,006,116 | ---- | C] () -- C:\Documents and Settings\Philip Green\Application Data\cscet.dll
[2012/08/06 20:26:29 | 000,140,827 | ---- | C] () -- C:\WINDOWS\System32\drivers\str.sys
[2012/02/03 19:26:55 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Philip Green\Ÿ7Ÿ7

[2011/06/20 19:54:15 | 000,120,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\16427B.sys
[2010/01/24 23:24:52 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Philip Green\Ÿ8Ÿ8

:Files
C:\Documents and Settings\Philip Green\Local Settings\Application Data\{b936be3d-72bf-79e2-41b3-d1eb67539cbf}
C:\Program Files\VSAdd-in
C:\Program Files\Productivity_3.1

:Reg
[HKU\S-1-5-21-746137067-287218729-725345543-1004\SOFTWARE\Microsoft\Internet Explorer\Main]
Default=- 

:Commands
[emptytemp]

Then click the Run Fix button at the top
Let the program run unhindered.
Post the log it produces in your next reply.

Step 2: Run adwCleaner.

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced at C:\ADWCleaner[XX].txt please attach that

Step 3: Get a fresh OTL log.

Open OTL

Select the Scan All Users box in the middle on the top of the window
Click the Run Scan button. Post the log it produces in your next reply.

Things I need in your next reply:

OTL fix log
New OTL scan log
Is your computer running any better now?

#12
Fred1973

Posted 27 November 2012 - 08:23 AM

New Member

Topic Starter
Member
6 posts

hi sorry i havent replied sooner i will run these checks later this evening but a quick question is there any way i can get a copy of the os without having to buy a new one as i dont have the disc or the label with my number on? As i'd much rather just start again from fresh than run the risk of having any fraud done to me. Sorry again for the delay is response.

#13
Buddierdl

Posted 27 November 2012 - 12:12 PM

Trusted Helper

Malware Removal
2,524 posts

Hi Fred1973,

You can recovery your license key for Windows XP with Magical Jelly Bean Key Finder. You would just need the free version (I recommend the zip file installation without the AVG toolbar junk).

As far as a CD, I think your only option is to buy one somewhere, or possibly contact the computer manufacturer.

#14
Essexboy

Posted 02 December 2012 - 03:52 PM

GeekU Moderator

Retired Staff
69,964 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.