Here you go, thanks
--------------------\\ Lop S&D 4.2.5-0 XP/Vista
Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : Default System BIOS
USER : Owner ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:228 Go (Free:29 Go)
D:\ (Local Disk) - FAT32 - Total:4 Go (Free:0 Go)
E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
F:\ (CD or DVD)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)
"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [3] ( Wed 01/28/2009| 0:02 )
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ FIX
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Each New Axis Love\DASH ROAD.dat
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Each New Axis Love\DASH ROAD.exe
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Each New Axis Love\fast drive.dat
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Each New Axis Love\fast drive.exe
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Each New Axis Love\Plan Meta.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\BARBSIGNUPLOAD.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\bdwlqloh.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\cfjilnwd.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\dwrfgzpl.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\fjtellvj.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\fmmrsfra.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\fxtoarxa.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\gnybapeh.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\izzogaqb.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\jsgypvwx.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\khyvhnce.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\nfbkckag.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\ojmyykhk.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\oqaxjwio.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\qhlzkuae.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\qshtifsm.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\rapbulnl.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\rrbeltfg.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\sblrymdt.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\Show tray.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\tetbcdag.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\tkbkzaqg.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\vdpovnts.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\wadifirz.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\ygzsbyjt.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\ypvvckvs.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\zhhmcmbj.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\ztdwbmgc.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\ztmkacfi.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1\zxvgvrzi.exe
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\BitGrabber\Data
Deleted! - C:\Program Files\BitGrabber\BitGrabber.TRC
Deleted! - C:\DOCUME~1\Owner\Cookies\owner@advertising[1].txt
Deleted! - C:\WINDOWS\Tasks\B78F762D91851F69.job
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Each New Axis Love
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Log Htm Lite Each
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\dumbsa~1
Deleted! - C:\Program Files\dumbsa~1
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\BitGrabber
Deleted! - C:\Program Files\BitGrabber
Deleted! - C:\Program Files\3wPlayer
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
Deleted! - C:\DOCUME~1\Owner\APPLIC~1\Viewpoint
Deleted! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing folders in APPLIC~1
[04/13/2005|12:20] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Identities
[05/20/2005|06:06] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Microsoft
[05/20/2005|05:50] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> SampleView
[04/13/2005|12:43] C:\DOCUME~1\ADMINI~1\APPLIC~1\<DIR> Sun
[12/09/2008|10:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> {3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[07/08/2008|08:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe
[09/12/2005|05:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Adobe Systems
[10/24/2005|06:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Ahead
[11/26/2007|07:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL
[10/10/2007|07:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> AOL OCP
[06/16/2007|12:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple
[12/24/2006|10:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Apple Computer
[08/18/2007|09:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> ATI
[08/16/2005|10:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> CyberLink
[07/20/2008|11:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> DVD Shrink
[06/04/2008|05:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Firefly Studios
[12/09/2007|08:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> FLEXnet
[01/17/2009|04:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Google
[08/04/2007|01:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Grisoft
[06/29/2007|04:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Kontiki
[09/20/2008|09:33] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Lavasoft
[08/16/2006|03:03] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Macrovision
[05/20/2005|05:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> McAfee
[08/20/2005|10:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> McAfee.com
[07/07/2008|10:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Microsoft
[02/17/2007|02:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Napster
[03/15/2008|06:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> OrbNetworks
[05/20/2005|05:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Prism Deploy
[05/20/2005|05:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Pure Networks
[08/23/2005|04:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> QuickTime
[11/28/2005|06:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> River Past G4
[03/16/2008|11:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SimCity Societies
[08/25/2008|04:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Sony
[06/29/2007|08:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> SUPERAntiSpyware.com
[09/09/2008|07:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Symantec
[02/08/2008|01:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> TEMP
[03/15/2008|06:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Winamp Toolbar
[12/13/2006|06:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Windows Genuine Advantage
[04/28/2008|03:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Yahoo!
[04/28/2008|04:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\<DIR> Yahoo! Companion
[04/13/2005|12:20] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Identities
[05/20/2005|06:06] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Microsoft
[05/20/2005|05:50] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> SampleView
[04/13/2005|12:43] C:\DOCUME~1\DEFAUL~1\APPLIC~1\<DIR> Sun
[08/16/2005|09:09] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Macromedia
[08/29/2005|10:08] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Microsoft
[02/03/2006|02:40] C:\DOCUME~1\LOCALS~1\APPLIC~1\<DIR> Mozilla
[04/13/2005|12:20] C:\DOCUME~1\MCX1\APPLIC~1\<DIR> Identities
[06/25/2006|12:29] C:\DOCUME~1\MCX1\APPLIC~1\<DIR> Microsoft
[05/20/2005|05:50] C:\DOCUME~1\MCX1\APPLIC~1\<DIR> SampleView
[04/13/2005|12:43] C:\DOCUME~1\MCX1\APPLIC~1\<DIR> Sun
[01/15/2008|12:14] C:\DOCUME~1\NETWOR~1\APPLIC~1\<DIR> Microsoft
[09/16/2005|12:01] C:\DOCUME~1\Owner\APPLIC~1\<DIR> .BitTornado
[08/27/2008|08:04] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Adobe
[07/08/2008|08:32] C:\DOCUME~1\Owner\APPLIC~1\<DIR> AdobeUM
[05/09/2006|09:57] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Ahead
[08/17/2005|12:20] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Aim
[06/16/2007|12:24] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Apple Computer
[04/15/2007|12:45] C:\DOCUME~1\Owner\APPLIC~1\<DIR> ATI
[02/10/2006|08:39] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Azureus
[01/26/2009|02:11] C:\DOCUME~1\Owner\APPLIC~1\<DIR> BitTorrent
[07/22/2008|11:07] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Canon
[08/16/2005|10:04] C:\DOCUME~1\Owner\APPLIC~1\<DIR> CyberLink
[01/27/2009|11:53] C:\DOCUME~1\Owner\APPLIC~1\<DIR> DNA
[08/21/2005|07:47] C:\DOCUME~1\Owner\APPLIC~1\<DIR> dvdcss
[07/13/2006|11:03] C:\DOCUME~1\Owner\APPLIC~1\<DIR> eFax Messenger
[12/11/2006|01:55] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Flock
[06/18/2007|06:22] C:\DOCUME~1\Owner\APPLIC~1\<DIR> FTW
[12/22/2006|08:08] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Google
[08/04/2007|02:00] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Grisoft
[05/08/2006|12:15] C:\DOCUME~1\Owner\APPLIC~1\<DIR> HBA
[04/05/2007|08:26] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Help
[04/13/2005|12:20] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Identities
[02/07/2008|07:42] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Lavasoft
[08/21/2007|01:35] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Lionhead Studios
[04/11/2006|06:27] C:\DOCUME~1\Owner\APPLIC~1\<DIR> LucasArts
[09/09/2008|07:46] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Macromedia
[08/21/2005|01:09] C:\DOCUME~1\Owner\APPLIC~1\<DIR> McAfee
[07/09/2008|06:28] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Microsoft
[11/30/2008|01:19] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Move Networks
[09/20/2008|11:30] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Mozilla
[09/09/2008|07:48] C:\DOCUME~1\Owner\APPLIC~1\<DIR> My Games
[07/18/2007|01:14] C:\DOCUME~1\Owner\APPLIC~1\<DIR> MySpace
[02/25/2008|02:25] C:\DOCUME~1\Owner\APPLIC~1\<DIR> NetMedia Providers
[10/27/2006|05:31] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Netscape
[11/04/2005|12:54] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Opera
[09/09/2008|07:44] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Petroglyph
[09/30/2005|08:34] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Publish Providers
[05/13/2007|04:16] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Real
[05/20/2005|05:50] C:\DOCUME~1\Owner\APPLIC~1\<DIR> SampleView
[06/18/2008|10:43] C:\DOCUME~1\Owner\APPLIC~1\<DIR> SecuROM
[04/06/2006|07:44] C:\DOCUME~1\Owner\APPLIC~1\<DIR> SlySoft
[02/12/2008|02:52] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Softplicity
[08/25/2008|04:35] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Sony
[12/25/2007|07:34] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Sony Corporation
[11/18/2008|11:50] C:\DOCUME~1\Owner\APPLIC~1\<DIR> SPORE
[08/12/2008|08:12] C:\DOCUME~1\Owner\APPLIC~1\<DIR> SPORE Creature Creator
[04/13/2005|12:43] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Sun
[08/16/2005|08:54] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Symantec
[12/06/2005|02:39] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Template
[06/30/2007|09:10] C:\DOCUME~1\Owner\APPLIC~1\<DIR> TrojanHunter
[01/01/2007|08:33] C:\DOCUME~1\Owner\APPLIC~1\<DIR> vlc
[01/27/2009|03:12] C:\DOCUME~1\Owner\APPLIC~1\<DIR> WTablet
[04/11/2006|06:17] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Xfire
[04/30/2008|08:57] C:\DOCUME~1\Owner\APPLIC~1\<DIR> Yahoo!
--------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks
[01/27/2009 11:19 PM][--a------] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3980681228-1451906632-1211546294-1006.job
[01/27/2009 03:15 AM][--ah-----] C:\WINDOWS\tasks\MP Scheduled Scan.job
[01/27/2009 08:31 PM][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[01/27/2009 03:12 AM][--ah-----] C:\WINDOWS\tasks\SA.DAT
[08/10/2004 02:00 PM][-r-h-----] C:\WINDOWS\tasks\desktop.ini
--------------------\\ Listing Folders in C:\Program Files
[07/23/2007|09:50] C:\Program Files\<DIR> 3DGroove
[12/30/2006|09:31] C:\Program Files\<DIR> 3GP_Converter034
[12/09/2007|08:58] C:\Program Files\<DIR> Adobe
[08/05/2006|09:48] C:\Program Files\<DIR> Ahead
[08/20/2005|01:33] C:\Program Files\<DIR> AIM
[08/18/2007|09:15] C:\Program Files\<DIR> AliveMedia
[05/10/2008|02:17] C:\Program Files\<DIR> Amazon
[10/27/2006|05:30] C:\Program Files\<DIR> AOD
[08/11/2008|01:33] C:\Program Files\<DIR> Apple Software Update
[08/18/2007|09:34] C:\Program Files\<DIR> ATI Technologies
[06/25/2006|01:39] C:\Program Files\<DIR> AviSynth 2.5
[02/10/2006|08:39] C:\Program Files\<DIR> Azureus
[05/20/2005|05:41] C:\Program Files\<DIR> BigFix
[08/29/2008|09:58] C:\Program Files\<DIR> BitTorrent
[12/30/2006|10:58] C:\Program Files\<DIR> Boilsoft MP4 Converter
[11/12/2008|11:41] C:\Program Files\<DIR> Bonjour
[05/11/2008|02:07] C:\Program Files\<DIR> CA Yahoo! Anti-Spy
[06/04/2007|10:39] C:\Program Files\<DIR> CDisplay
[02/11/2006|10:04] C:\Program Files\<DIR> CDKnet
[11/25/2008|12:28] C:\Program Files\<DIR> City of Heroes
[06/30/2007|06:18] C:\Program Files\<DIR> CleanUp!
[01/26/2009|07:03] C:\Program Files\<DIR> Common Files
[06/04/2008|09:07] C:\Program Files\<DIR> Computerbrains
[05/20/2005|05:24] C:\Program Files\<DIR> CONEXANT
[05/20/2005|05:48] C:\Program Files\<DIR> CyberLink
[08/08/2006|02:11] C:\Program Files\<DIR> DDS Converter 2
[06/30/2007|09:09] C:\Program Files\<DIR> Digital Media Reader
[02/08/2008|01:43] C:\Program Files\<DIR> Digital Photo Recovery
[02/04/2006|02:32] C:\Program Files\<DIR> Direct WAV MP3 Splitter
[08/18/2007|09:12] C:\Program Files\<DIR> directx
[07/25/2006|04:05] C:\Program Files\<DIR> Disney
[08/24/2008|08:09] C:\Program Files\<DIR> DivX
[01/27/2009|03:11] C:\Program Files\<DIR> DNA
[04/11/2006|09:57] C:\Program Files\<DIR> DVD Decrypter
[08/31/2007|11:13] C:\Program Files\<DIR> DVD Shrink
[03/02/2008|08:07] C:\Program Files\<DIR> EA GAMES
[12/25/2008|12:58] C:\Program Files\<DIR> Electronic Arts
[03/22/2007|04:43] C:\Program Files\<DIR> Enigma Software Group
[12/25/2005|01:11] C:\Program Files\<DIR> Firaxis Games
[10/04/2006|08:14] C:\Program Files\<DIR> Firefly Studios
[12/11/2006|01:54] C:\Program Files\<DIR> Flock
[11/24/2006|01:03] C:\Program Files\<DIR> GameShadow
[01/17/2009|04:34] C:\Program Files\<DIR> Google
[08/04/2007|01:59] C:\Program Files\<DIR> Grisoft
[02/17/2007|02:52] C:\Program Files\<DIR> Guild Wars
[09/07/2005|07:16] C:\Program Files\<DIR> Hello
[01/26/2009|09:08] C:\Program Files\<DIR> Hijackthis
[11/19/2006|01:59] C:\Program Files\<DIR> Home And Business Attorney
[03/03/2006|03:36] C:\Program Files\<DIR> Ibibi AB
[01/31/2008|11:11] C:\Program Files\<DIR> ImTOO
[12/25/2008|12:56] C:\Program Files\<DIR> InstallShield Installation Information
[08/18/2007|09:54] C:\Program Files\<DIR> Intel
[09/11/2005|09:23] C:\Program Files\<DIR> InterActual
[01/27/2009|03:11] C:\Program Files\<DIR> Internet Explorer
[12/09/2008|10:32] C:\Program Files\<DIR> iPod
[10/26/2007|07:48] C:\Program Files\<DIR> Ipswitch
[12/09/2008|10:32] C:\Program Files\<DIR> iTunes
[11/13/2008|11:26] C:\Program Files\<DIR> Java
[09/20/2008|09:35] C:\Program Files\<DIR> Lavasoft
[03/17/2008|11:37] C:\Program Files\<DIR> Lionhead Studios
[11/17/2005|11:04] C:\Program Files\<DIR> Lionhead Studios Ltd
[09/09/2008|07:44] C:\Program Files\<DIR> LucasArts
[09/09/2008|07:46] C:\Program Files\<DIR> Macromedia
[12/09/2007|11:36] C:\Program Files\<DIR> MagicDisc
[09/15/2005|07:44] C:\Program Files\<DIR> Maxis
[08/21/2005|01:08] C:\Program Files\<DIR> McAfee
[05/20/2005|05:44] C:\Program Files\<DIR> McAfee.com
[02/17/2007|03:02] C:\Program Files\<DIR> McDC++
[01/18/2007|09:54] C:\Program Files\<DIR> MediaCoder
[08/14/2008|02:04] C:\Program Files\<DIR> Messenger
[07/05/2008|09:21] C:\Program Files\<DIR> Microsoft ActiveSync
[04/13/2005|12:21] C:\Program Files\<DIR> microsoft frontpage
[01/19/2006|10:12] C:\Program Files\<DIR> Microsoft Money 2005
[03/28/2007|01:46] C:\Program Files\<DIR> Microsoft Office
[01/12/2008|10:29] C:\Program Files\<DIR> Microsoft Picture It! 10
[08/25/2008|04:30] C:\Program Files\<DIR> Microsoft SQL Server
[03/28/2007|01:44] C:\Program Files\<DIR> Microsoft Works
[03/28/2007|01:40] C:\Program Files\<DIR> Microsoft Works Suite 2002
[11/12/2008|11:34] C:\Program Files\<DIR> MidTen Media
[06/12/2008|01:03] C:\Program Files\<DIR> ModTheSims2.com
[08/27/2006|07:10] C:\Program Files\<DIR> Monte Cristo
[04/13/2005|12:16] C:\Program Files\<DIR> Movie Maker
[01/20/2009|06:27] C:\Program Files\<DIR> Mozilla Firefox
[11/16/2008|07:52] C:\Program Files\<DIR> mp3 software
[12/31/2006|01:03] C:\Program Files\<DIR> Mp4 Converter
[04/13/2005|12:12] C:\Program Files\<DIR> MSN
[08/20/2005|01:33] C:\Program Files\<DIR> MSN Encarta Plus
[04/13/2005|12:13] C:\Program Files\<DIR> MSN Gaming Zone
[04/17/2007|11:59] C:\Program Files\<DIR> MSXML 4.0
[04/24/2006|09:07] C:\Program Files\<DIR> MyAllMovies
[01/12/2008|10:32] C:\Program Files\<DIR> MySpace
[08/15/2007|11:55] C:\Program Files\<DIR> Napster
[04/13/2005|12:16] C:\Program Files\<DIR> NetMeeting
[10/27/2006|05:28] C:\Program Files\<DIR> Netscape
[12/30/2006|04:42] C:\Program Files\<DIR> NO1 DVD Audio Ripper
[09/09/2008|07:58] C:\Program Files\<DIR> Norton AntiVirus
[08/09/2006|12:13] C:\Program Files\<DIR> NVIDIA Corporation
[01/12/2008|11:00] C:\Program Files\<DIR> Online Services
[08/18/2007|09:11] C:\Program Files\<DIR> Outlook Express
[02/07/2008|10:37] C:\Program Files\<DIR> PhotoRescue 3.1.2.10607 PC
[12/25/2006|08:57] C:\Program Files\<DIR> PIXELA
[08/05/2006|09:48] C:\Program Files\<DIR> pspvideo9
[08/27/2006|07:18] C:\Program Files\<DIR> Pure Networks
[12/09/2008|10:31] C:\Program Files\<DIR> QuickTime
[01/12/2008|10:35] C:\Program Files\<DIR> Real
[08/18/2007|09:58] C:\Program Files\<DIR> Realtek
[02/01/2008|07:15] C:\Program Files\<DIR> Red Kawa
[11/25/2008|12:18] C:\Program Files\<DIR> RegCure
[06/30/2007|06:01] C:\Program Files\<DIR> RegFix Mantra
[08/31/2007|06:33] C:\Program Files\<DIR> Riva
[02/07/2008|10:15] C:\Program Files\<DIR> Runtime Software
[12/09/2008|10:22] C:\Program Files\<DIR> Safari
[08/05/2006|09:48] C:\Program Files\<DIR> SecureVideo Plug-in
[02/17/2007|03:01] C:\Program Files\<DIR> Shockwave.com
[12/05/2008|08:36] C:\Program Files\<DIR> Sims2Pack Clean Installer
[09/09/2008|07:51] C:\Program Files\<DIR> Sony
[12/25/2006|08:49] C:\Program Files\<DIR> Sony Corporation
[01/12/2008|10:34] C:\Program Files\<DIR> Sony Handheld
[02/25/2008|02:11] C:\Program Files\<DIR> Sony Setup
[06/04/2006|08:16] C:\Program Files\<DIR> Stardock
[05/19/2008|08:50] C:\Program Files\<DIR> Sun
[09/09/2008|08:02] C:\Program Files\<DIR> Symantec
[09/11/2008|02:10] C:\Program Files\<DIR> SymNetDrv
[12/25/2008|11:18] C:\Program Files\<DIR> Tablet
[11/24/2006|01:03] C:\Program Files\<DIR> The Weather Channel
[02/12/2008|02:52] C:\Program Files\<DIR> TotalAudioConverter
[06/30/2007|09:16] C:\Program Files\<DIR> TrojanHunter 4.7
[08/16/2005|05:44] C:\Program Files\<DIR> Uninstall Information
[06/27/2008|05:28] C:\Program Files\<DIR> VideoLAN
[08/21/2006|09:36] C:\Program Files\<DIR> VideoraXbox360Converter
[01/28/2009|12:03] C:\Program Files\<DIR> Viewpoint
[09/09/2008|07:51] C:\Program Files\<DIR> VSTplugins
[12/11/2005|08:09] C:\Program Files\<DIR> Wave Splitter
[05/04/2008|10:36] C:\Program Files\<DIR> Winamp
[03/15/2008|06:10] C:\Program Files\<DIR> Winamp Remote
[03/15/2008|06:10] C:\Program Files\<DIR> Winamp Toolbar
[01/13/2008|12:00] C:\Program Files\<DIR> Windows Defender
[08/16/2005|05:44] C:\Program Files\<DIR> Windows Media Components
[12/11/2006|10:27] C:\Program Files\<DIR> Windows Media Connect 2
[07/01/2007|02:14] C:\Program Files\<DIR> Windows Media Player
[04/13/2005|12:13] C:\Program Files\<DIR> Windows NT
[04/13/2005|12:13] C:\Program Files\<DIR> Windows Plus
[05/25/2007|08:36] C:\Program Files\<DIR> WinRAR
[11/04/2005|02:03] C:\Program Files\<DIR> Womble Multimedia
[04/13/2005|12:21] C:\Program Files\<DIR> xerox
[10/08/2006|02:26] C:\Program Files\<DIR> Xfire
[09/17/2005|04:17] C:\Program Files\<DIR> Xingtone
[04/28/2008|03:08] C:\Program Files\<DIR> Yahoo!
[02/07/2008|10:48] C:\Program Files\<DIR> ZAR
--------------------\\ Listing Folders in C:\Program Files\Common Files
[07/08/2008|08:10] C:\Program Files\Common Files\<DIR> Adobe
[09/12/2005|05:36] C:\Program Files\Common Files\<DIR> Adobe Systems Shared
[05/20/2005|05:41] C:\Program Files\Common Files\<DIR> Ahead
[11/26/2007|07:29] C:\Program Files\Common Files\<DIR> AOL
[12/09/2008|10:32] C:\Program Files\Common Files\<DIR> Apple
[05/20/2005|05:45] C:\Program Files\Common Files\<DIR> DESIGNER
[03/17/2008|11:32] C:\Program Files\Common Files\<DIR> EasyInfo
[05/20/2005|05:47] C:\Program Files\Common Files\<DIR> InstallShield
[08/30/2007|06:34] C:\Program Files\Common Files\<DIR> Java
[09/09/2008|07:46] C:\Program Files\Common Files\<DIR> Macromedia
[08/21/2005|01:08] C:\Program Files\Common Files\<DIR> McAfee
[07/05/2008|09:21] C:\Program Files\Common Files\<DIR> Microsoft Shared
[10/27/2006|05:30] C:\Program Files\Common Files\<DIR> mozilla.org
[04/13/2005|12:16] C:\Program Files\Common Files\<DIR> MSSoap
[12/25/2006|08:49] C:\Program Files\Common Files\<DIR> muvee Technologies
[05/20/2005|05:31] C:\Program Files\Common Files\<DIR> New Boundary
[05/20/2005|05:38] C:\Program Files\Common Files\<DIR> Nullsoft
[05/23/2007|10:41] C:\Program Files\Common Files\<DIR> Real
[05/20/2005|05:47] C:\Program Files\Common Files\<DIR> Roxio Shared
[07/04/2006|12:32] C:\Program Files\Common Files\<DIR> Scanner
[04/13/2005|12:16] C:\Program Files\Common Files\<DIR> Services
[04/13/2005|05:08] C:\Program Files\Common Files\<DIR> SpeechEngines
[08/31/2007|06:33] C:\Program Files\Common Files\<DIR> SWF Studio
[09/09/2008|08:02] C:\Program Files\Common Files\<DIR> Symantec Shared
[11/13/2007|08:51] C:\Program Files\Common Files\<DIR> System
[09/20/2008|09:34] C:\Program Files\Common Files\<DIR> Wise Installation Wizard
[05/23/2007|10:41] C:\Program Files\Common Files\<DIR> xing shared
[09/11/2005|01:40] C:\Program Files\Common Files\<DIR> YGP
--------------------\\ Process
( 57 Processes )
... OK !
--------------------\\ Searching with S_Lop
No Lop folder found !
--------------------\\ Searching for Lop Files - Folders
No Lop folder found !
--------------------\\ Searching within the Registry
..... OK !
--------------------\\ Checking the Hosts file
Hosts file CLEAN
--------------------\\ Searching for hidden files with Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net Rootkit scan 2009-01-28 00:04:28
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Searching for other infections
--------------------\\ Cracks & Keygens ..
C:\DOCUME~1\Owner\My Documents\mark's\Dreamweaver.MX.2004\Dreamweaver.MX.2004\Crack
C:\DOCUME~1\Owner\My Documents\mark's\Dreamweaver.MX.2004\Dreamweaver.MX.2004\Crack\emu.dll
C:\DOCUME~1\Owner\My Documents\mark's\Dreamweaver.MX.2004\Dreamweaver.MX.2004\Crack\MMxpt.dll
C:\DOCUME~1\Owner\My Documents\mark's\Ten Thumbs Typing Tutor v4.3.1\Keygen.exe
[F:6][D:3]-> C:\DOCUME~1\Owner\LOCALS~1\Temp
[F:74][D:0]-> C:\DOCUME~1\Owner\Cookies
[F:9][D:3]-> C:\DOCUME~1\Owner\LOCALS~1\TEMPOR~1\content.IE5
1 - "C:\Lop SD\LopR_1.txt" - Mon 01/26/2009|18:47 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - Wed 01/28/2009| 0:06 - Option : [3]
--------------------\\ Scan completed at 0:06:52
ComboFix 09-01-21.04 - Owner 2009-01-28 0:12:07.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1534.970 [GMT -5:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Owner\Desktop\CFScript.txt
* Created a new restore point
FILE ::
c:\docume~1\Owner\LOCALS~1\Temp\nse42B.tmp
c:\docume~1\Owner\LOCALS~1\Temp\sta11.exe
c:\docume~1\Owner\LOCALS~1\Temp\sta37A.exe
c:\docume~1\Owner\LOCALS~1\Temp\sta7.exe
c:\docume~1\Owner\LOCALS~1\Temp\sta8BF.exe
c:\documents and settings\Owner\Prince-3121 (Retail).[WwW.LiMiTeDiVx.CoM].By KELOLO.zip
c:\windows\system32\kemuzoju.dll
c:\windows\system32\noyukibu.dll
c:\windows\system32\peyobire.dll
c:\windows\system32\tDehQqss.ini
c:\windows\system32\tDehQqss.ini2
c:\windows\system32\vekukedu.dll
c:\windows\system32\wopasufe.dll
c:\windows\system32\yonevena.dll
c:\windows\system32\yunuduha.dll
c:\windows\system32\zosinawo.dll
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\docume~1\Owner\APPLIC~1\.BitTornado
c:\docume~1\Owner\APPLIC~1\.BitTornado\config.gui.ini
c:\docume~1\Owner\APPLIC~1\.BitTornado\datacache\ed86b571fe39389b8630ee9a41701853c97ad6c0
c:\docume~1\Owner\APPLIC~1\.BitTornado\icons\alloc.gif
c:\docume~1\Owner\APPLIC~1\.BitTornado\icons\black.ico
c:\docume~1\Owner\APPLIC~1\.BitTornado\icons\black1.ico
c:\docume~1\Owner\APPLIC~1\.BitTornado\icons\blue.ico
c:\docume~1\Owner\APPLIC~1\.BitTornado\icons\green.ico
c:\docume~1\Owner\APPLIC~1\.BitTornado\icons\green1.ico
c:\docume~1\Owner\APPLIC~1\.BitTornado\icons\icon_bt.ico
c:\docume~1\Owner\APPLIC~1\.BitTornado\icons\icon_done.ico
c:\docume~1\Owner\APPLIC~1\.BitTornado\icons\red.ico
c:\docume~1\Owner\APPLIC~1\.BitTornado\icons\white.ico
c:\docume~1\Owner\APPLIC~1\.BitTornado\icons\yellow.ico
c:\docume~1\Owner\APPLIC~1\.BitTornado\icons\yellow1.ico
c:\docume~1\Owner\APPLIC~1\Azureus
c:\docume~1\Owner\APPLIC~1\Azureus\.certs
c:\docume~1\Owner\APPLIC~1\Azureus\.keystore
c:\docume~1\Owner\APPLIC~1\Azureus\.lock
c:\docume~1\Owner\APPLIC~1\Azureus\active\5A587D7D14AB0F629B0E30E954D3BFE11AC33819.dat
c:\docume~1\Owner\APPLIC~1\Azureus\active\5A587D7D14AB0F629B0E30E954D3BFE11AC33819.dat.bak
c:\docume~1\Owner\APPLIC~1\Azureus\active\C16365845655647BA35D36BC7D0B7EA0C3EB3150.dat
c:\docume~1\Owner\APPLIC~1\Azureus\active\C16365845655647BA35D36BC7D0B7EA0C3EB3150.dat.bak
c:\docume~1\Owner\APPLIC~1\Azureus\azureus.config
c:\docume~1\Owner\APPLIC~1\Azureus\azureus.config.bak
c:\docume~1\Owner\APPLIC~1\Azureus\azureus.statistics
c:\docume~1\Owner\APPLIC~1\Azureus\azureus.statistics.bak
c:\docume~1\Owner\APPLIC~1\Azureus\dht\addresses.dat
c:\docume~1\Owner\APPLIC~1\Azureus\dht\contacts.dat
c:\docume~1\Owner\APPLIC~1\Azureus\dht\diverse.dat
c:\docume~1\Owner\APPLIC~1\Azureus\dht\version.dat
c:\docume~1\Owner\APPLIC~1\Azureus\downloads.config
c:\docume~1\Owner\APPLIC~1\Azureus\downloads.config.bak
c:\docume~1\Owner\APPLIC~1\Azureus\logs\alerts_1.log
c:\docume~1\Owner\APPLIC~1\Azureus\logs\thread_1.log
c:\docume~1\Owner\APPLIC~1\Azureus\torrents\AZU27797.tmp
c:\docume~1\Owner\APPLIC~1\Azureus\torrents\hung_up_grammys_widescressn.VOB-1.torrent
c:\docume~1\Owner\APPLIC~1\Azureus\tracker.config
c:\docume~1\Owner\APPLIC~1\Azureus\tracker.config.bak
c:\docume~1\Owner\APPLIC~1\Azureus\update.log
c:\docume~1\Owner\APPLIC~1\Azureus\update.properties
c:\docume~1\Owner\My Documents\mark's\Dreamweaver.MX.2004
c:\docume~1\Owner\My Documents\mark's\Dreamweaver.MX.2004\Dreamweaver.MX.2004\Books\Dreamweaver MX Bible.pdf
c:\docume~1\Owner\My Documents\mark's\Dreamweaver.MX.2004\Dreamweaver.MX.2004\Books\dw_api.pdf
c:\docume~1\Owner\My Documents\mark's\Dreamweaver.MX.2004\Dreamweaver.MX.2004\Books\dw_getting_started.pdf
c:\docume~1\Owner\My Documents\mark's\Dreamweaver.MX.2004\Dreamweaver.MX.2004\Books\dw_shortcuts_win.swf
c:\docume~1\Owner\My Documents\mark's\Dreamweaver.MX.2004\Dreamweaver.MX.2004\Books\extending_dw.pdf
c:\docume~1\Owner\My Documents\mark's\Dreamweaver.MX.2004\Dreamweaver.MX.2004\Books\timelines.pdf
c:\docume~1\Owner\My Documents\mark's\Dreamweaver.MX.2004\Dreamweaver.MX.2004\Books\using_dw.pdf
c:\docume~1\Owner\My Documents\mark's\Dreamweaver.MX.2004\Dreamweaver.MX.2004\Crack\emu.dll
c:\docume~1\Owner\My Documents\mark's\Dreamweaver.MX.2004\Dreamweaver.MX.2004\Crack\MMxpt.dll
c:\docume~1\Owner\My Documents\mark's\Dreamweaver.MX.2004\Dreamweaver.MX.2004\dwmx2004_trial_en_win.exe
c:\docume~1\Owner\My Documents\mark's\Dreamweaver.MX.2004\Dreamweaver.MX.2004\Serial.txt
c:\docume~1\Owner\My Documents\mark's\Dreamweaver.MX.2004\Updates\dwmx2004_701update_en.exe
c:\docume~1\Owner\My Documents\mark's\Ten Thumbs Typing Tutor v4.3.1
c:\docume~1\Owner\My Documents\mark's\Ten Thumbs Typing Tutor v4.3.1\Keygen.exe
c:\docume~1\Owner\My Documents\mark's\Ten Thumbs Typing Tutor v4.3.1\Ten_Thumbs.exe
c:\documents and settings\Owner\Application Data\DNA
c:\documents and settings\Owner\Application Data\DNA\dht.dat
c:\documents and settings\Owner\Application Data\DNA\dht.dat.old
c:\documents and settings\Owner\Application Data\DNA\dna.lng
c:\documents and settings\Owner\Application Data\DNA\resume.dat
c:\documents and settings\Owner\Application Data\DNA\resume.dat.old
c:\documents and settings\Owner\Application Data\DNA\rss.dat
c:\documents and settings\Owner\Application Data\DNA\rss.dat.old
c:\documents and settings\Owner\Application Data\DNA\settings.dat
c:\documents and settings\Owner\Application Data\DNA\settings.dat.old
c:\documents and settings\Owner\Application Data\Move Networks
c:\documents and settings\Owner\Application Data\Move Networks\BlackBox
c:\documents and settings\Owner\Application Data\Move Networks\MNStatsID.txt
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000020020EA7A01CE5.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000030020E89801C49.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000040020E9B201C63.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000050020EB4101918.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000060020E8DC01BB8.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000070020E99A01854.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000080020E91F0146E.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000090020E91E01BCC.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000000A0052509003C7C.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000000B00315E2902169.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000000C00524E1103BA3.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000000D003157BB01D7A.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000000D00524D90037C7.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000000E0041D94802D42.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000000E00524ED8035BB.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000000F00524DCD03672.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000001000524CD804041.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000110052504E0373B.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000120052505C0322D.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000001300524C76036E0.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000140052637B02568.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000001500524DCB0425E.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000001600528FFA04C37.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000017005250F10425F.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000018005252B6046F1.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000001900524BB9014B8.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000001A00524BF704C5B.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000001B0052565A0543C.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000001C005253B50367A.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000001D0052516603619.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000001E00524F2F0303A.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000001F00525B8303606.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000020005255AA02EC4.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000021005252280369F.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000022005282E703D0B.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000230052522703C16.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000024005254F9039BB.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000250052506C034B4.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000026005254970387A.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000002700525E5603751.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000028005262E902104.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000290052512C043CB.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000002A0052624A03C72.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000002B0052504C0380F.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000002C005250E4032A1.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000002D00525BE4036FF.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000002E00524A8602E5B.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000002F00524F8B0244E.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000030005252BE030EF.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000031005259B703392.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000003200524F4C03685.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000330052538F03C16.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000340052522E02F68.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000350052586603BBD.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000036005268FA03F60.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000003700525E3103FA2.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000003800526F950362B.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000039005253DA03816.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000003A00525F9602B41.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000003B00524CAC03A74.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000003C005252F504C90.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000003D0052500202F21.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000003E00524F5E04952.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000003F0052447B03615.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000040005248ED0408F.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000004100524CF904A5E.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000420052554303B1B.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000043005252CD00F42.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000004400523B1300D96.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000045005200F701344.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000460052571700F8E.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000470052167C0225E.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000004800524F1A0385D.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000049005246650377E.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000004A00524FDC0369E.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000004B0052502D03807.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000004C0052523F0376C.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000004D00526DA402994.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000004E0052490A01737.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000004F00528AA80094C.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000500052499702DC6.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000510052BC2602403.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000520052520800DEF.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000053005252E802E29.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000005400525620010F1.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000055005250E400F28.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000560052547003549.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000570052519901792.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000058005253FF028E5.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000059005252B1025DD.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000006C00204B6D00358.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000006D0020E8DA02A45.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000006E0020ED00029AD.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000006F0020E9EA021E0.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000700020E8E000DF7.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000070005254F202A5B.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000710020EB13018D9.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000710052628C02DF4.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000720020EA7101821.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000072005260C20339F.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000007300525B5402B6B.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000007400109D7500DF0.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000007500109DC501448.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000770052617903D48.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000078005254500326A.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000C70020E68C01693.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000C90020E9AD00B7F.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000CA0020E56400E93.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000CB0020EA880188D.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000000CC0020FD49025CD.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000034500204BB90036E.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000003460020D0840036E.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000003470020EA7902350.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000003480020FC0300D03.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000349003166B901F60.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000034A003176C501A6D.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000034B005259FD0146B.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000034C0041DB9700C81.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000034D00524E64035DA.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000034E00524EA203F55.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000034F005245ED0302A.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000035000524C0104B97.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000035100523BCA04A49.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000003520052525202E5A.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000003530052389F02F40.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000354005244E604B33.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000035500524EDE04B30.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000003560052437804A8A.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000357005254AF02F84.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000358005255EE02B39.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000359005250C002822.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000035A0052567E0318E.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000035B0052466F032B5.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000035C005252D002F60.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000035D005257CD02F32.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000035E00524F7002DAC.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000035F005252FD02C87.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000003600052569702CFB.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000361005243E702CAE.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004430020E9B001AEA.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004440020EA8701AB2.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004450020EAF400FA1.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004460020E6EF008A3.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004460052520601076.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000044700315D6C0129D.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004480020EB3800F2C.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004480041DF66015C6.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004490020EA7D01063.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000044900525279019C3.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000044A0020E40B00AF0.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000044A005258B00110B.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000044B0020BC5500881.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000044B0052318400F27.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000044D0020EA2D0105D.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000044E0020E16400B00.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004520020E6EA01CF1.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004530020E81D011AC.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004540020E15501320.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004550020E915011C8.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004560020E7CE00D6D.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004560052476F0145E.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004570020E8AC0107F.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004570052553B019BD.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000045800524F8000FB2.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000045900524C9705798.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000045A005236480117E.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000045B0051F41F00DB2.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000045C0052472C01001.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000045D00524EA8010D7.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000045E00522BF901CB9.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000045F0052089E0149D.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000460005250CD01788.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000046100521987013B8.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004620052506A01986.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000046300524D9F01018.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000046400524E9C01233.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000046500524CA301964.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000046600524DE002542.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004670052482101375.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000046800524EBE00F0D.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000046900524E4A010AD.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000046A00524A4600FBD.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000046B00505DE6004E0.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000047000204B6000363.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004710020EB71002C8.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004720020E99301F11.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000047200525241033D2.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004730020DDA800D04.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000047300525350016E7.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000047400315E2B0160D.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004740052525E01C06.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004750041DFB801413.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004750052539D01875.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000047600525379022A5.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000047700524FA7014A7.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000478005251ED0236E.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004790052519501DC0.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000047A005252070108D.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000047B005252C2015BF.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000047C0052559A01892.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000047D005250F60291C.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000047E0052486502E48.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000047F0052508702434.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004800052540F02A61.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000048100524AD3018A7.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000048200524852033DE.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000048300524B7101A4A.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004840052505D017DC.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004850052512E0133E.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004860052543101301.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000487005254BE012E5.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000488005250210195E.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000048900521EAC01922.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000048A00524F6701C51.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000048B0052545E016D2.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000048C0020E7D400F0A.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000048C00523D4101347.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000048D0020EA8801003.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000048D0052551801410.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000048E0020C40C01451.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000048E00522825019E4.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000048F0020E9A80121D.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000048F0052541001793.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004900041DE11010E5.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004900052512501614.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000491005255A502145.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004920010977E00AF6.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000493001098DA0101A.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004930052548301E1D.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004940010970000CEC.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004950010981100B3D.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000049500524D1001875.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000049600109D4701834.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000497001097B9019B4.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004980010983100E64.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004990010930500F09.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000049B001095A200AD2.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004E40020F19A0149F.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004E50020EAA501CEF.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004E60020EA2401D3B.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004E70020ED6D01344.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004E800315E7D00B81.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004E90041CE58012E4.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004EA00521F34012C7.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004EB0051D6860062A.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004EC00524DCA0064A.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004ED005252AE015CF.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004EE005252DC0197C.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004EF0020E9710132F.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004EF0052510B02507.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004F00020E9B80190F.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004F0005250A702F42.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004F10020EA1801D28.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004F1005250E60309A.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004F20020ED49022B5.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004F20052522703301.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004F3001099EB01971.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004F3005249A10341D.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004F400415FF902C89.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004F400518EC1032BC.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004F50050F8E3019F7.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004F600517A2F0180A.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004F70050B6FE01376.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004F80050FBCF01367.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004F9005091D3004CC.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004FA00508A6F004C7.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004FB005099FC003F6.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004FC0050BA8301D29.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004FD0050B06A00463.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004FE00509AE5015F5.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000004FF005092B7004D0.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000050000510C8201214.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF00000501005113DA028E9.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF0000050200510F0C01128.qss
c:\documents and settings\Owner\Application Data\Move Networks\QMCache00\EB7D4FBB11A24075A2F26CC0D66B9DFF000005030052396603CC9.qss
c:\documents and settings\Owner\Application Data\WTablet
c:\documents and settings\Owner\Application Data\WTablet\Wacom_Tablet.dat
c:\documents and settings\Owner\Prince-3121 (Retail).[WwW.LiMiTeDiVx.CoM].By KELOLO.zip
c:\program files\Azureus
c:\program files\Azureus\az_output.log
c:\program files\Azureus\plugins\azplugins\azplugins_1.8.6.jar
c:\program files\Azureus\plugins\azupdater\azupdater_1.8.3.zip
c:\program files\Azureus\plugins\azupdater\azupdaterpatcher_1.8.2.jar
c:\program files\Azureus\plugins\azupdater\azupdaterpatcher_1.8.3.jar
c:\program files\Azureus\plugins\azupdater\Azureus2_2.3.0.6_P2.pax
c:\program files\Azureus\plugins\azupdater\plugin.properties
c:\program files\Azureus\plugins\azupdater\plugin.properties_1.8.3
c:\program files\Azureus\plugins\azupdater\Updater.jar
c:\program files\Azureus\plugins\azupdater\Updater.jar.bak
c:\program files\Azureus\plugins\rating\rating_1.2.jar
c:\program files\Azureus\Uninstall.exe
c:\program files\DNA
c:\program files\DNA\btdna.exe
c:\program files\DNA\DNAcpl.cpl
c:\program files\DNA\plugins\npbtdna.dll
c:\windows\system32\kemuzoju.dll
c:\windows\system32\noyukibu.dll
c:\windows\system32\peyobire.dll
c:\windows\system32\vekukedu.dll
c:\windows\system32\wopasufe.dll
c:\windows\system32\yonevena.dll
c:\windows\system32\yunuduha.dll
c:\windows\system32\zosinawo.dll
.
((((((((((((((((((((((((( Files Created from 2008-12-28 to 2009-01-28 )))))))))))))))))))))))))))))))
.
2009-01-26 18:39 . 2009-01-28 00:06 <DIR> d-------- C:\Lop SD
2009-01-05 17:33 . 2009-01-05 17:33 3,751,995 --a------ c:\windows\system32\GPhotos.scr
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-28 05:03 --------- d-----w c:\program files\Viewpoint
2009-01-17 09:34 --------- d-----w c:\program files\Google
2009-01-16 11:53 127,857 --sha-w c:\windows\system32\yozehuwu.dll
2009-01-15 23:47 127,869 --sha-w c:\windows\system32\pemugobo.dll
2008-12-26 04:18 --------- d-----w c:\program files\Tablet
2008-12-25 17:59 6,944 ----a-w c:\windows\system32\ealregsnapshot1.reg
2008-12-25 17:58 --------- d-----w c:\program files\Electronic Arts
2008-12-25 17:56 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-25 17:50 85,199 ------w c:\windows\system32\sesozuha.dll
2008-12-25 05:50 84,609 ------w c:\windows\system32\vuhofafa.dll
2008-12-24 17:50 84,202 ------w c:\windows\system32\gagisaso.dll
2008-12-24 05:50 84,725 ------w c:\windows\system32\gawejeya.dll
2008-12-23 17:49 84,565 ------w c:\windows\system32\gulalene.dll
2008-12-23 05:49 83,065 ------w c:\windows\system32\pejemika.dll
2008-12-22 17:49 85,072 ------w c:\windows\system32\verefama.dll
2008-12-22 05:49 85,285 ------w c:\windows\system32\derotufe.dll
2008-12-21 17:49 87,223 ------w c:\windows\system32\mimedefa.dll
2008-12-21 05:48 87,233 ------w c:\windows\system32\zatomefe.dll
2008-12-20 17:48 83,199 ------w c:\windows\system32\neloluni.dll
2008-12-20 05:48 87,258 ------w c:\windows\system32\lamekizi.dll
2008-12-19 17:48 85,267 ------w c:\windows\system32\sukeguwa.dll
2008-12-19 05:47 85,096 ------w c:\windows\system32\mupumutu.dll
2008-12-18 17:47 83,248 ------w c:\windows\system32\bulusira.dll
2008-12-18 05:47 89,753 ------w c:\windows\system32\dapotado.dll
2008-12-17 17:47 88,669 ------w c:\windows\system32\puborala.dll
2008-12-17 05:47 88,674 ------w c:\windows\system32\nutepofe.dll
2008-12-16 16:47 89,851 ------w c:\windows\system32\zetanafo.dll
2008-12-16 04:46 88,218 ------w c:\windows\system32\beyebazu.dll
2008-12-15 15:46 85,565 ------w c:\windows\system32\zetifaro.dll
2008-12-15 03:45 85,733 ------w c:\windows\system32\ravosozo.dll
2008-12-14 02:44 85,758 ------w c:\windows\system32\giponutu.dll
2008-12-13 14:44 85,748 ------w c:\windows\system32\tihifipa.dll
2008-12-13 02:44 85,183 ------w c:\windows\system32\bajiwuyu.dll
2008-12-12 14:44 85,640 ------w c:\windows\system32\nakizeju.dll
2008-12-12 02:44 85,794 ------w c:\windows\system32\yivimefe.dll
2008-12-12 00:56 85,694 ------w c:\windows\system32\modisemi.dll
2008-12-11 12:36 85,586 ------w c:\windows\system32\kepidaha.dll
2008-12-11 11:57 333,184 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-11 00:36 84,602 ------w c:\windows\system32\kileruno.dll
2008-12-10 23:36 85,728 ------w c:\windows\system32\pusodebe.dll
2008-12-10 11:36 87,129 ------w c:\windows\system32\tofakavi.dll
2008-12-10 03:32 --------- d-----w c:\program files\iTunes
2008-12-10 03:32 --------- d-----w c:\program files\iPod
2008-12-10 03:32 --------- d-----w c:\program files\Common Files\Apple
2008-12-10 03:32 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-10 03:31 --------- d-----w c:\program files\QuickTime
2008-12-10 03:22 --------- d-----w c:\program files\Safari
2008-12-09 23:41 94,463 ----a-w c:\windows\system32\huvagobi.dll
2008-12-09 23:41 87,163 ------w c:\windows\system32\sikemaha.dll
2008-12-09 11:41 94,895 ----a-w c:\windows\system32\mesakopi.dll
2008-12-09 11:41 88,712 ------w c:\windows\system32\turovepi.dll
2008-12-08 23:41 93,801 ----a-w c:\windows\system32\pivejehu.dll
2008-12-08 10:35 88,761 ------w c:\windows\system32\jinujone.dll
2008-12-07 22:34 88,686 ------w c:\windows\system32\wigafipe.dll
2008-12-07 10:34 88,192 ------w c:\windows\system32\sutuyeju.dll
2008-12-06 22:34 88,140 ------w c:\windows\system32\tahilato.dll
2008-12-06 10:34 87,642 ------w c:\windows\system32\buwidodu.dll
2008-12-06 01:36 --------- d-----w c:\program files\Sims2Pack Clean Installer
2008-12-05 09:33 88,761 ------w c:\windows\system32\pigatedu.dll
2008-12-04 21:33 85,045 ------w c:\windows\system32\kekifodo.dll
2008-12-03 21:32 85,557 ------w c:\windows\system32\kewupupe.dll
2008-12-03 09:32 86,581 ------w c:\windows\system32\yimilolo.dll
2008-12-02 21:32 86,581 ------w c:\windows\system32\fajuzosi.dll
2008-12-02 09:32 86,581 ------w c:\windows\system32\dusipunu.dll
2008-12-01 20:31 86,580 ------w c:\windows\system32\maremagu.dll
2008-12-01 08:31 88,116 ------w c:\windows\system32\bejeturo.dll
2008-11-30 20:30 88,116 ------w c:\windows\system32\vopapopu.dll
2008-11-30 08:30 88,116 ------w c:\windows\system32\tujikabu.dll
2008-11-29 20:30 88,116 ------w c:\windows\system32\getareku.dll
2008-11-29 08:30 88,116 ------w c:\windows\system32\zelayira.dll
2008-11-28 20:29 88,116 ------w c:\windows\system32\lojuvake.dll
2008-11-27 20:29 86,580 ------w c:\windows\system32\vemuyuwi.dll
2008-11-27 08:29 86,580 ------w c:\windows\system32\vitifise.dll
2008-11-26 20:29 86,580 ------w c:\windows\system32\zivedomo.dll
2008-11-26 08:29 87,092 ------w c:\windows\system32\pohepalo.dll
2008-11-25 20:29 87,092 ------w c:\windows\system32\fabapufu.dll
2008-11-21 06:11 86,068 ------w c:\windows\system32\sinahuti.dll
2008-11-20 18:06 86,068 ------w c:\windows\system32\pimewate.dll
2008-11-19 16:16 86,068 ------w c:\windows\system32\buhovawu.dll
2008-11-19 04:16 86,068 ------w c:\windows\system32\yadimulo.dll
2008-11-13 16:26 410,976 ----a-w c:\windows\system32\deploytk.dll
2008-11-06 20:33 68,096 ----a-w c:\windows\system32\ifktmvko.dll
2008-11-03 16:36 67,584 ----a-w c:\windows\system32\kxneexhr.dll
2008-11-03 16:36 123,904 ----a-w c:\windows\system32\spbampuv.dll
2008-11-03 16:36 123,904 ----a-w c:\windows\system32\gjpcki.dll
2008-11-02 20:18 67,584 ----a-w c:\windows\system32\wfxviwgd.dll
2008-11-02 20:15 123,904 ----a-w c:\windows\system32\vnsyrm.dll
2008-11-02 20:15 123,904 ----a-w c:\windows\system32\pnluaiva.dll
2008-11-01 20:17 67,584 ------w c:\windows\system32\wgouctdi.dll
2008-11-01 20:14 123,904 ----a-w c:\windows\system32\ujdeciqp.dll
2008-11-01 20:14 123,904 ----a-w c:\windows\system32\emjiez.dll
2008-10-31 20:19 123,904 ----a-w c:\windows\system32\tbvtnr.dll
2008-10-31 20:19 123,904 ----a-w c:\windows\system32\bivtmpcs.dll
2008-10-31 20:16 67,584 ----a-w c:\windows\system32\jggeyyno.dll
2008-10-30 20:13 123,904 ----a-w c:\windows\system32\jrlifkok.dll
2008-10-30 20:13 123,904 ----a-w c:\windows\system32\deeebi.dll
2008-10-30 02:45 123,904 ----a-w c:\windows\system32\wgxwoqlc.dll
2008-10-30 02:45 123,904 ----a-w c:\windows\system32\eqgwes.dll
2008-10-30 02:42 67,584 ----a-w c:\windows\system32\mqpaxmki.dll
2007-12-05 23:04 284 -c--a-w c:\documents and settings\Owner\Application Data\ViewerApp.dat
.
((((((((((((((((((((((((((((( snapshot@2009-01-26_19.22.00.89 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-10-22 09:47:25 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP2QFE\tzchange.exe
+ 2008-10-23 10:06:59 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP3GDR\tzchange.exe
+ 2008-10-23 10:17:49 62,976 ----a-w c:\windows\$hf_mig$\KB955839\SP3QFE\tzchange.exe
+ 2007-11-30 12:39:22 17,272 ----a-w c:\windows\$hf_mig$\KB955839\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w c:\windows\$hf_mig$\KB955839\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w c:\windows\$hf_mig$\KB955839\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w c:\windows\$hf_mig$\KB955839\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w c:\windows\$hf_mig$\KB955839\update\updspapi.dll
+ 2008-10-23 12:51:04 284,160 ----a-w c:\windows\$hf_mig$\KB956802\SP2QFE\gdi32.dll
+ 2008-10-23 12:36:14 286,720 ----a-w c:\windows\$hf_mig$\KB956802\SP3GDR\gdi32.dll
+ 2008-10-23 12:43:42 286,720 ----a-w c:\windows\$hf_mig$\KB956802\SP3QFE\gdi32.dll
+ 2008-07-08 13:02:01 17,272 ----a-w c:\windows\$hf_mig$\KB956802\spmsg.dll
+ 2008-07-08 13:02:02 231,288 ----a-w c:\windows\$hf_mig$\KB956802\spuninst.exe
+ 2008-07-08 13:02:01 26,488 ----a-w c:\windows\$hf_mig$\KB956802\update\spcustom.dll
+ 2008-07-09 07:38:29 755,576 ----a-w c:\windows\$hf_mig$\KB956802\update\update.exe
+ 2008-07-09 07:38:37 382,840 ----a-w c:\windows\$hf_mig$\KB956802\update\updspapi.dll
- 2006-05-05 09:41:45 453,120 -c--a-w c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2008-10-24 11:10:42 453,632 ----a-w c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2008-08-26 07:24:28 124,928 -c----w c:\windows\ie7updates\KB958215-IE7\advpack.dll
+ 2008-08-26 07:24:28 347,136 -c----w c:\windows\ie7updates\KB958215-IE7\dxtmsft.dll
+ 2008-08-26 07:24:28 214,528 -c----w c:\windows\ie7updates\KB958215-IE7\dxtrans.dll
+ 2008-08-26 07:24:28 133,120 -c----w c:\windows\ie7updates\KB958215-IE7\extmgr.dll
+ 2008-08-26 07:24:28 63,488 -c----w c:\windows\ie7updates\KB958215-IE7\icardie.dll
+ 2008-08-25 08:37:59 70,656 -c----w c:\windows\ie7updates\KB958215-IE7\ie4uinit.exe
+ 2008-08-26 07:24:28 153,088 -c----w c:\windows\ie7updates\KB958215-IE7\ieakeng.dll
+ 2008-08-26 07:24:28 230,400 -c----w c:\windows\ie7updates\KB958215-IE7\ieaksie.dll
+ 2008-08-23 05:54:51 161,792 -c----w c:\windows\ie7updates\KB958215-IE7\ieakui.dll
+ 2008-08-26 07:24:28 383,488 -c----w c:\windows\ie7updates\KB958215-IE7\ieapfltr.dll
+ 2008-08-26 07:24:29 384,512 -c----w c:\windows\ie7updates\KB958215-IE7\iedkcs32.dll
+ 2008-10-03 17:41:15 6,066,176 -c----w c:\windows\ie7updates\KB958215-IE7\ieframe.dll
+ 2008-08-26 07:24:29 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\iernonce.dll
+ 2008-08-26 07:24:29 267,776 -c----w c:\windows\ie7updates\KB958215-IE7\iertutil.dll
+ 2008-08-25 08:38:00 13,824 -c----w c:\windows\ie7updates\KB958215-IE7\ieudinit.exe
+ 2008-08-23 05:56:15 635,848 -c----w c:\windows\ie7updates\KB958215-IE7\iexplore.exe
+ 2008-08-26 07:24:30 27,648 -c----w c:\windows\ie7updates\KB958215-IE7\jsproxy.dll
+ 2008-08-26 07:24:30 459,264 -c----w c:\windows\ie7updates\KB958215-IE7\msfeeds.dll
+ 2008-08-26 07:24:30 52,224 -c----w c:\windows\ie7updates\KB958215-IE7\msfeedsbs.dll
+ 2008-08-26 07:24:30 477,696 -c----w c:\windows\ie7updates\KB958215-IE7\mshtmled.dll
+ 2008-08-26 07:24:30 193,024 -c----w c:\windows\ie7updates\KB958215-IE7\msrating.dll
+ 2008-08-26 07:24:30 671,232 -c----w c:\windows\ie7updates\KB958215-IE7\mstime.dll
+ 2008-08-26 07:24:30 102,912 -c----w c:\windows\ie7updates\KB958215-IE7\occache.dll
+ 2008-08-26 07:24:30 44,544 -c----w c:\windows\ie7updates\KB958215-IE7\pngfilt.dll
+ 2007-03-06 01:22:39 213,216 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w c:\windows\ie7updates\KB958215-IE7\spuninst\updspapi.dll
+ 2008-08-26 07:24:30 105,984 -c----w c:\windows\ie7updates\KB958215-IE7\url.dll
+ 2008-08-26 07:24:31 1,159,680 -c----w c:\windows\ie7updates\KB958215-IE7\urlmon.dll
+ 2008-08-26 07:24:31 233,472 -c----w c:\windows\ie7updates\KB958215-IE7\webcheck.dll
+ 2008-08-26 07:24:31 826,368 -c----w c:\windows\ie7updates\KB958215-IE7\wininet.dll
+ 2008-08-27 08:24:32 3,593,216 -c----w c:\windows\ie7updates\KB960714-IE7\mshtml.dll
+ 2007-03-06 01:22:39 213,216 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:47 371,424 -c----w c:\windows\ie7updates\KB960714-IE7\spuninst\updspapi.dll
+ 2009-01-27 08:02:16 32,768 ----a-r c:\windows\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe
- 2008-08-26 07:24:28 124,928 ----a-w c:\windows\system32\advpack.dll
+ 2008-10-16 20:38:34 124,928 ----a-w c:\windows\system32\advpack.dll
- 2008-07-19 02:10:48 94,920 ----a-w c:\windows\system32\cdm.dll
+ 2008-10-16 19:09:44 92,696 ----a-w c:\windows\system32\cdm.dll
- 2008-08-26 07:24:28 124,928 -c--a-w c:\windows\system32\dllcache\advpack.dll
+ 2008-10-16 20:38:34 124,928 -c--a-w c:\windows\system32\dllcache\advpack.dll
- 2008-07-19 02:10:48 94,920 -c--a-w c:\windows\system32\dllcache\cdm.dll
+ 2008-10-16 19:09:44 92,696 -c--a-w c:\windows\system32\dllcache\cdm.dll
- 2008-08-26 07:24:28 347,136 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-10-16 20:38:34 347,136 -c--a-w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-08-26 07:24:28 214,528 -c--a-w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-10-16 20:38:34 214,528 -c--a-w c:\windows\system32\dllcache\dxtrans.dll
- 2008-08-26 07:24:28 133,120 -c--a-w c:\windows\system32\dllcache\extmgr.dll
+ 2008-10-16 20:38:35 133,120 -c--a-w c:\windows\system32\dllcache\extmgr.dll
- 2008-02-20 06:51:05 282,624 -c----w c:\windows\system32\dllcache\gdi32.dll
+ 2008-10-23 13:01:36 283,648 -c----w c:\windows\system32\dllcache\gdi32.dll
- 2008-08-26 07:24:28 63,488 -c----w c:\windows\system32\dllcache\icardie.dll
+ 2008-10-16 20:38:35 63,488 -c----w c:\windows\system32\dllcache\icardie.dll
- 2008-08-25 08:37:59 70,656 -c--a-w c:\windows\system32\dllcache\ie4uinit.exe
+ 2008-10-16 13:11:09 70,656 -c--a-w c:\windows\system32\dllcache\ie4uinit.exe
- 2008-08-26 07:24:28 153,088 -c--a-w c:\windows\system32\dllcache\ieakeng.dll
+ 2008-10-16 20:38:35 153,088 -c--a-w c:\windows\system32\dllcache\ieakeng.dll
- 2008-08-26 07:24:28 230,400 -c--a-w c:\windows\system32\dllcache\ieaksie.dll
+ 2008-10-16 20:38:35 230,400 -c--a-w c:\windows\system32\dllcache\ieaksie.dll
- 2008-08-23 05:54:51 161,792 -c--a-w c:\windows\system32\dllcache\ieakui.dll
+ 2008-10-15 07:04:53 161,792 -c--a-w c:\windows\system32\dllcache\ieakui.dll
- 2008-08-26 07:24:28 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll
+ 2008-10-16 20:38:35 383,488 -c----w c:\windows\system32\dllcache\ieapfltr.dll
- 2008-08-26 07:24:29 384,512 -c--a-w c:\windows\system32\dllcache\iedkcs32.dll
+ 2008-10-16 20:38:35 384,512 -c--a-w c:\windows\system32\dllcache\iedkcs32.dll
- 2008-10-03 17:41:15 6,066,176 -c----w c:\windows\system32\dllcache\ieframe.dll
+ 2008-10-16 20:38:37 6,066,176 -c----w c:\windows\system32\dllcache\ieframe.dll
- 2008-08-26 07:24:29 44,544 -c--a-w c:\windows\system32\dllcache\iernonce.dll
+ 2008-10-16 20:38:37 44,544 -c--a-w c:\windows\system32\dllcache\iernonce.dll
- 2008-08-26 07:24:29 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll
+ 2008-10-16 20:38:37 267,776 -c----w c:\windows\system32\dllcache\iertutil.dll
- 2008-08-25 08:38:00 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe
+ 2008-10-16 13:11:09 13,824 -c----w c:\windows\system32\dllcache\ieudinit.exe
- 2008-08-23 05:56:15 635,848 -c--a-w c:\windows\system32\dllcache\iexplore.exe
+ 2008-10-15 07:06:26 633,632 -c--a-w c:\windows\system32\dllcache\iexplore.exe
- 2008-08-26 07:24:30 27,648 -c--a-w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-10-16 20:38:37 27,648 -c--a-w c:\windows\system32\dllcache\jsproxy.dll
- 2006-10-19 01:03:58 100,864 -c--a-w c:\windows\system32\dllcache\logagent.exe
+ 2008-06-18 06:09:22 100,864 -c--a-w c:\windows\system32\dllcache\logagent.exe
- 2006-05-05 09:41:45 453,120 -c----w c:\windows\system32\dllcache\mrxsmb.sys
+ 2008-10-24 11:10:42 453,632 -c----w c:\windows\system32\dllcache\mrxsmb.sys
- 2008-08-26 07:24:30 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll
+ 2008-10-16 20:38:37 459,264 -c----w c:\windows\system32\dllcache\msfeeds.dll
- 2008-08-26 07:24:30 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll
+ 2008-10-16 20:38:37 52,224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-08-27 08:24:32 3,593,216 -c--a-w c:\windows\system32\dllcache\mshtml.dll
+ 2008-12-13 06:40:02 3,593,216 -c--a-w c:\windows\system32\dllcache\mshtml.dll
- 2008-08-26 07:24:30 477,696 -c--a-w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-10-16 20:38:38 477,696 -c--a-w c:\windows\system32\dllcache\mshtmled.dll
- 2008-08-26 07:24:30 193,024 -c--a-w c:\windows\system32\dllcache\msrating.dll
+ 2008-10-16 20:38:38 193,024 -c--a-w c:\windows\system32\dllcache\msrating.dll
- 2008-08-26 07:24:30 671,232 -c--a-w c:\windows\system32\dllcache\mstime.dll
+ 2008-10-16 20:38:39 671,232 -c--a-w c:\windows\system32\dllcache\mstime.dll
- 2007-06-26 06:08:16 1,104,896 -c----w c:\windows\system32\dllcache\msxml3.dll
+ 2008-09-04 16:42:02 1,106,944 -c----w c:\windows\system32\dllcache\msxml3.dll
- 2008-08-26 07:24:30 102,912 -c--a-w c:\windows\system32\dllcache\occache.dll
+ 2008-10-16 20:38:39 102,912 -c--a-w c:\windows\system32\dllcache\occache.dll
- 2008-08-26 07:24:30 44,544 -c--a-w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-10-16 20:38:39 44,544 -c--a-w c:\windows\system32\dllcache\pngfilt.dll
- 2008-08-28 10:04:17 333,056 -c----w c:\windows\system32\dllcache\srv.sys
+ 2008-12-11 11:57:21 333,184 -c----w c:\windows\system32\dllcache\srv.sys
- 2006-08-21 13:52:08 246,814 -c----w c:\windows\system32\dllcache\strmdll.dll
+ 2008-10-03 10:15:47 247,326 -c----w c:\windows\system32\dllcache\strmdll.dll
- 2008-08-26 07:24:30 105,984 -c--a-w c:\windows\system32\dllcache\url.dll
+ 2008-10-16 20:38:39 105,984 -c--a-w c:\windows\system32\dllcache\url.dll
- 2008-08-26 07:24:31 1,159,680 -c--a-w c:\windows\system32\dllcache\urlmon.dll
+ 2008-10-16 20:38:39 1,160,192 -c--a-w c:\windows\system32\dllcache\urlmon.dll
- 2008-08-26 07:24:31 233,472 -c--a-w c:\windows\system32\dllcache\webcheck.dll
+ 2008-10-16 20:38:39 233,472 -c--a-w c:\windows\system32\dllcache\webcheck.dll
- 2008-08-26 07:24:31 826,368 -c--a-w c:\windows\system32\dllcache\wininet.dll
+ 2008-10-16 20:38:40 826,368 -c--a-w c:\windows\system32\dllcache\wininet.dll
- 2006-10-19 02:47:20 937,984 -c--a-w c:\windows\system32\dllcache\WMNetMgr.dll
+ 2008-06-18 10:03:08 938,496 -c--a-w c:\windows\system32\dllcache\WMNetmgr.dll
- 2006-10-19 02:47:22 2,450,944 -c--a-w c:\windows\system32\dllcache\wmvcore.dll
+ 2008-06-18 10:03:14 2,458,112 -c--a-w c:\windows\system32\dllcache\WMVCore.dll
- 2008-07-19 02:09:44 563,912 -c--a-w c:\windows\system32\dllcache\wuapi.dll
+ 2008-10-16 19:12:20 561,688 -c--a-w c:\windows\system32\dllcache\wuapi.dll
- 2008-07-19 02:10:42 53,448 -c--a-w c:\windows\system32\dllcache\wuauclt.exe
+ 2008-10-16 19:09:44 51,224 -c--a-w c:\windows\system32\dllcache\wuauclt.exe
- 2008-07-19 02:09:42 1,811,656 -c--a-w c:\windows\system32\dllcache\wuaueng.dll
+ 2008-10-16 19:13:40 1,809,944 -c--a-w c:\windows\system32\dllcache\wuaueng.dll
- 2008-07-19 02:09:46 325,832 -c--a-w c:\windows\system32\dllcache\wucltui.dll
+ 2008-10-16 19:12:22 323,608 -c--a-w c:\windows\system32\dllcache\wucltui.dll
- 2008-07-19 02:10:20 36,552 -c--a-w c:\windows\system32\dllcache\wups.dll
+ 2008-10-16 19:08:58 34,328 -c--a-w c:\windows\system32\dllcache\wups.dll
- 2008-07-19 02:09:44 205,000 -c--a-w c:\windows\system32\dllcache\wuweb.dll
+ 2008-10-16 19:13:40 202,776 -c--a-w c:\windows\system32\dllcache\wuweb.dll
- 2006-05-05 09:41:45 453,120 ----a-w c:\windows\system32\drivers\mrxsmb.sys
+ 2008-10-24 11:10:42 453,632 ----a-w c:\windows\system32\drivers\mrxsmb.sys
- 2008-08-26 07:24:28 347,136 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-10-16 20:38:34 347,136 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-08-26 07:24:28 214,528 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-10-16 20:38:34 214,528 ----a-w c:\windows\system32\dxtrans.dll
- 2008-08-26 07:24:28 133,120 ----a-w c:\windows\system32\extmgr.dll
+ 2008-10-16 20:38:35 133,120 ----a-w c:\windows\system32\extmgr.dll
- 2008-02-20 06:51:05 282,624 ----a-w c:\windows\system32\gdi32.dll
+ 2008-10-23 13:01:36 283,648 ----a-w c:\windows\system32\gdi32.dll
- 2008-08-26 07:24:28 63,488 ----a-w c:\windows\system32\icardie.dll
+ 2008-10-16 20:38:35 63,488 ----a-w c:\windows\system32\icardie.dll
- 2008-08-25 08:37:59 70,656 ----a-w c:\windows\system32\ie4uinit.exe
+ 2008-10-16 13:11:09 70,656 ----a-w c:\windows\system32\ie4uinit.exe
- 2008-08-26 07:24:28 153,088 ----a-w c:\windows\system32\ieakeng.dll
+ 2008-10-16 20:38:35 153,088 ----a-w c:\windows\system32\ieakeng.dll
- 2008-08-26 07:24:28 230,400 ----a-w c:\windows\system32\ieaksie.dll
+ 2008-10-16 20:38:35 230,400 ----a-w c:\windows\system32\ieaksie.dll
- 2008-08-23 05:54:51 161,792 ----a-w c:\windows\system32\ieakui.dll
+ 2008-10-15 07:04:53 161,792 ----a-w c:\windows\system32\ieakui.dll
- 2008-08-26 07:24:28 383,488 ----a-w c:\windows\system32\ieapfltr.dll
+ 2008-10-16 20:38:35 383,488 ----a-w c:\windows\system32\ieapfltr.dll
- 2008-08-26 07:24:29 384,512 ----a-w c:\windows\system32\iedkcs32.dll
+ 2008-10-16 20:38:35 384,512 ----a-w c:\windows\system32\iedkcs32.dll
- 2008-10-03 17:41:15 6,066,176 ----a-w c:\windows\system32\ieframe.dll
+ 2008-10-16 20:38:37 6,066,176 ----a-w c:\windows\system32\ieframe.dll
- 2008-08-26 07:24:29 44,544 ----a-w c:\windows\system32\iernonce.dll
+ 2008-10-16 20:38:37 44,544 ----a-w c:\windows\system32\iernonce.dll
- 2008-08-26 07:24:29 267,776 ----a-w c:\windows\system32\iertutil.dll
+ 2008-10-16 20:38:37 267,776 ----a-w c:\windows\system32\iertutil.dll
- 2008-08-25 08:38:00 13,824 ----a-w c:\windows\system32\ieudinit.exe
+ 2008-10-16 13:11:09 13,824 ----a-w c:\windows\system32\ieudinit.exe
- 2008-08-26 07:24:30 27,648 ----a-w c:\windows\system32\jsproxy.dll
+ 2008-10-16 20:38:37 27,648 ----a-w c:\windows\system32\jsproxy.dll
- 2006-10-19 01:03:58 100,864 ----a-w c:\windows\system32\logagent.exe
+ 2008-06-18 06:09:22 100,864 ----a-w c:\windows\system32\logagent.exe
+ 2009-01-09 22:35:30 20,853,704 ----a-w c:\windows\system32\MRT.exe
- 2008-08-26 07:24:30 459,264 ----a-w c:\windows\system32\msfeeds.dll
+ 2008-10-16 20:38:37 459,264 ----a-w c:\windows\system32\msfeeds.dll
- 2008-08-26 07:24:30 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
+ 2008-10-16 20:38:37 52,224 ----a-w c:\windows\system32\msfeedsbs.dll
- 2008-08-27 08:24:32 3,593,216 ----a-w c:\windows\system32\mshtml.dll
+ 2008-12-13 06:40:02 3,593,216 ----a-w c:\windows\system32\mshtml.dll
- 2008-08-26 07:24:30 477,696 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-10-16 20:38:38 477,696 ----a-w c:\windows\system32\mshtmled.dll
- 2008-08-26 07:24:30 193,024 ----a-w c:\windows\system32\msrating.dll
+ 2008-10-16 20:38:38 193,024 ----a-w c:\windows\system32\msrating.dll
- 2008-08-26 07:24:30 671,232 ----a-w c:\windows\system32\mstime.dll
+ 2008-10-16 20:38:39 671,232 ----a-w c:\windows\system32\mstime.dll
- 2007-06-26 06:08:16 1,104,896 ----a-w c:\windows\system32\msxml3.dll
+ 2008-09-04 16:42:02 1,106,944 ----a-w c:\windows\system32\msxml3.dll
- 2007-05-08 19:03:04 1,275,392 ----a-w c:\windows\system32\msxml4.dll
+ 2008-09-30 21:43:34 1,286,152 ----a-w c:\windows\system32\msxml4.dll
- 2008-08-26 07:24:30 102,912 ----a-w c:\windows\system32\occache.dll
+ 2008-10-16 20:38:39 102,912 ----a-w c:\windows\system32\occache.dll
- 2008-08-26 07:24:30 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-10-16 20:38:39 44,544 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-10-16 19:08:58 34,328 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.2.6001.788\wups.dll
+ 2008-10-16 19:09:44 43,544 ----a-w c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.2.6001.788\wups2.dll
- 2007-11-30 11:18:51 17,272 ------w c:\windows\system32\spmsg.dll
+ 2007-11-30 12:39:22 17,272 ------w c:\windows\system32\spmsg.dll
- 2006-08-21 13:52:08 246,814 ----a-w c:\windows\system32\strmdll.dll
+ 2008-10-03 10:15:47 247,326 ----a-w c:\windows\system32\strmdll.dll
- 2008-07-14 11:09:18 62,976 ------w c:\windows\system32\tzchange.exe
+ 2008-10-22 09:47:07 62,976 ------w c:\windows\system32\tzchange.exe
- 2008-08-26 07:24:30 105,984 ----a-w c:\windows\system32\url.dll
+ 2008-10-16 20:38:39 105,984 ----a-w c:\windows\system32\url.dll
- 2008-08-26 07:24:31 1,159,680 ----a-w c:\windows\system32\urlmon.dll
+ 2008-10-16 20:38:39 1,160,192 ----a-w c:\windows\system32\urlmon.dll
- 2008-08-26 07:24:31 233,472 ----a-w c:\windows\system32\webcheck.dll
+ 2008-10-16 20:38:39 233,472 ----a-w c:\windows\system32\webcheck.dll
- 2008-08-26 07:24:31 826,368 ----a-w c:\windows\system32\wininet.dll
+ 2008-10-16 20:38:40 826,368 ----a-w c:\windows\system32\wininet.dll
- 2006-10-19 02:47:20 937,984 ----a-w c:\windows\system32\wmnetmgr.dll
+ 2008-06-18 10:03:08 938,496 ----a-w c:\windows\system32\WMNetmgr.dll
- 2006-10-19 02:47:22 2,450,944 ----a-w c:\windows\system32\wmvcore.dll
+ 2008-06-18 10:03:14 2,458,112 ----a-w c:\windows\system32\WMVCore.dll
- 2008-07-19 02:09:44 563,912 ----a-w c:\windows\system32\wuapi.dll
+ 2008-10-16 19:12:20 561,688 ----a-w c:\windows\system32\wuapi.dll
- 2008-07-19 02:10:42 53,448 ----a-w c:\windows\system32\wuauclt.exe
+ 2008-10-16 19:09:44 51,224 ----a-w c:\windows\system32\wuauclt.exe
- 2008-07-19 02:09:42 1,811,656 ----a-w c:\windows\system32\wuaueng.dll
+ 2008-10-16 19:13:40 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
- 2008-07-19 02:09:46 325,832 ----a-w c:\windows\system32\wucltui.dll
+ 2008-10-16 19:12:22 323,608 ----a-w c:\windows\system32\wucltui.dll
- 2008-07-19 02:10:20 36,552 ----a-w c:\windows\system32\wups.dll
+ 2008-10-16 19:08:58 34,328 ----a-w c:\windows\system32\wups.dll
- 2008-07-19 02:10:40 45,768 ----a-w c:\windows\system32\wups2.dll
+ 2008-10-16 19:09:44 43,544 ----a-w c:\windows\system32\wups2.dll
- 2008-07-19 02:09:44 205,000 ----a-w c:\windows\system32\wuweb.dll
+ 2008-10-16 19:13:40 202,776 ----a-w c:\windows\system32\wuweb.dll
- 2009-01-27 00:16:39 16,384 -csha-w c:\windows\Temp\Cookies\index.dat
+ 2009-01-27 08:12:06 16,384 -csha-w c:\windows\Temp\Cookies\index.dat
- 2009-01-27 00:16:39 16,384 -csha-w c:\windows\Temp\History\History.IE5\index.dat
+ 2009-01-27 08:12:06 16,384 -csha-w c:\windows\Temp\History\History.IE5\index.dat
+ 2009-01-27 08:12:11 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_54c.dat
+ 2009-01-27 08:12:13 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_8a0.dat
+ 2009-01-27 08:12:13 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_924.dat
- 2009-01-27 00:16:39 32,768 -csha-w c:\windows\Temp\Temporary Internet Files\Content.IE5\index.dat
+ 2009-01-27 08:12:06 32,768 -csha-w c:\windows\Temp\Temporary Internet Files\Content.IE5\index.dat
+ 2008-09-30 21:42:08 1,286,152 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9870.0_x-ww_a32d74cf\msxml4.dll
+ 2008-09-30 21:45:12 91,656 ----a-w c:\windows\WinSxS\x86_Microsoft.MSXML2R_6bd6b9abf345378f_4.1.1.0_x-ww_2a41bceb\msxml4r.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-10 15360]
"H/PC Connection Agent"="c:\progra~1\MI3AA1~1\wcescomm.exe" [2006-06-20 1207080]
"Google Update"="c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-01-04 133104]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 204288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"!AVG Anti-Spyware"="c:\program files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 6731312]
"ShowWnd"="ShowWnd.exe" [2003-09-19 c:\windows\ShowWnd.exe]
"High Definition Audio Property Page Shortcut"="HDAudPropShortcut.exe" [2004-08-12 c:\windows\system32\Hdaudpropshortcut.exe]
"SoundMan"="SOUNDMAN.EXE" [2005-01-05 c:\windows\SOUNDMAN.EXE]
"AlcWzrd"="ALCWZRD.EXE" [2005-01-31 c:\windows\ALCWZRD.EXE]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{F2A0229A-C4CA-4789-B606-973D24DCDD1C}"= "c:\progra~1\mcafee\mcafee antispyware\mssshell.dll" [2005-07-17 155769]
path=
backup=
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
--a------ 2007-06-11 04:25 6731312 c:\program files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
--a------ 2008-10-01 11:57 111936 c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
--a------ 2008-07-22 12:34 2772992 c:\program files\Electronic Arts\EADM\Core.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
--a----t- 2009-01-04 12:24 133104 c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-11-20 13:20 290088 c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Portfolio]
--a--c--- 2004-06-23 21:22 729088 c:\program files\Microsoft Works\WksSb.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
--a--c--- 2001-08-16 23:41 28738 c:\program files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]
--a------ 2008-01-07 15:02 495616 c:\program files\Winamp Remote\bin\OrbTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-11-04 10:30 413696 c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
--a------ 2002-09-14 01:42 212992 c:\windows\SMINST\Recguard.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder]
--a--c--- 2005-03-09 10:49 966656 c:\windows\creator\remind_xp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
--a------ 2006-11-10 11:35 90112 c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-11-13 11:26 136600 c:\program files\Java\jre6\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
-ra------ 2006-03-30 15:45 313472 c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2008-01-15 17:54 37376 c:\program files\Winamp\winampa.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
--a------ 2006-11-03 19:20 866584 c:\program files\Windows Defender\MSASCui.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WorksFUD]
--a--c--- 2001-10-05 19:34 24576 c:\program files\Microsoft Works\wkfud.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotkey]
--a--c--- 2004-05-17 20:30 543232 c:\windows\zHotkey.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Netscape\\Netscape\\Netscp.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\MidTen Media\\Comic Collector Live\\CCL.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Symantec\\LiveUpdate\\AUPDATE.EXE"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R4 TabletServiceWacom;TabletServiceWacom;c:\windows\system32\Wacom_Tablet.exe [2008-12-25 1373480]
R4 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2007-10-10 24652]
R4 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
QWAVE REG_MULTI_SZ QWAVE
.
Contents of the 'Scheduled Tasks' folder
2009-01-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2009-01-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3980681228-1451906632-1211546294-1006.job
- c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-01-04 12:24]
2009-01-27 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 19:20]
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-BitTorrent DNA - c:\program files\DNA\btdna.exe
MSConfigStartUp-axis love poll lite - c:\documents and settings\All Users\Application Data\each new axis love\fast drive.exe
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.yahoo.com/uSearchMigratedDefaultURL =
hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page =
hxxp://www.yahoo.com/mSearch Bar =
hxxp://us.rd.yahoo.com/customize/ie/def ... earch.htmluInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) =
hxxp://us.rd.yahoo.com/customize/ie/def ... .yahoo.comIE: &Winamp Toolbar Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\5kfmn57h.default\
FF - prefs.js: browser.search.defaulturl -
hxxp://search.yahoo.com/search?fr=ffsp1&p=FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage -
www.yahoo.comFF - prefs.js: keyword.URL -
hxxp://search.yahoo.com/search?fr=ffds1&p=FF - plugin: c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\5kfmn57h.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp071101000055.dll
FF - plugin: c:\documents and settings\Owner\Local Settings\Application Data\Google\Update\1.2.133.33\npGoogleOneClick7.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-01-28 00:19:16
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-3980681228-1451906632-1211546294-1006\Software\Microsoft\Windows Mobile Disc\S*a*m*s*u*n*g* *B*l*a*c*k*J*a*c*k*"!\CriticalAppInstall\ActiveSync]
"Name"="ActiveSync"
"DisplayName"="Microsoft ActiveSync"
"Param1"="ActiveSync"
"Type"="wellknown"
"Order"=dword:00000001
"State"=dword:0000000b
[HKEY_USERS\S-1-5-21-3980681228-1451906632-1211546294-1006\Software\Microsoft\Windows Mobile Disc\S*a*m*s*u*n*g* *B*l*a*c*k*J*a*c*k*"!\CriticalAppInstall\IESettings]
"Name"="IESettings"
"Type"="IESettings"
"Order"=dword:00000004
"State"=dword:0000000b
[HKEY_USERS\S-1-5-21-3980681228-1451906632-1211546294-1006\Software\Microsoft\Windows Mobile Disc\S*a*m*s*u*n*g* *B*l*a*c*k*J*a*c*k*"!\CriticalAppInstall\MediaFiles]
"Name"="MediaFiles"
"Type"="MediaFiles"
"Order"=dword:00000003
"State"=dword:0000000b
[HKEY_USERS\S-1-5-21-3980681228-1451906632-1211546294-1006\Software\Microsoft\Windows Mobile Disc\S*a*m*s*u*n*g* *B*l*a*c*k*J*a*c*k*"!\CriticalAppInstall\NPW]
"Name"="NPW"
"Param1"="NPW"
"Type"="wellknown"
"Order"=dword:00000002
"State"=dword:0000000b
[HKEY_USERS\S-1-5-21-3980681228-1451906632-1211546294-1006\Software\Microsoft\Windows Mobile Disc\S*a*m*s*u*n*g* *B*l*a*c*k*J*a*c*k*"!\CriticalAppInstall\Outlook]
"Name"="Outlook"
"DisplayName"="Microsoft Outlook"
"Param1"="Outlook"
"Type"="wellknown"
"Order"=dword:00000000
"State"=dword:00000002
[HKEY_USERS\S-1-5-21-3980681228-1451906632-1211546294-1006\Software\SecuROM\License information*]
"datasecu"=hex:a0,f1,d4,c2,bb,78,7e,60,50,6a,5d,6f,84,78,9d,a7,78,71,0e,34,b4,
fd,75,8b,6c,89,b4,2e,31,a1,03,d1,d1,c9,d3,10,2c,f1,d9,0c,1e,22,58,db,92,82,\
"rkeysecu"=hex:3e,80,9e,c4,40,b4,90,83,87,8e,33,49,64,ac,f8,d9
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(788)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-01-28 0:22:35
ComboFix-quarantined-files.txt 2009-01-28 05:21:18
ComboFix2.txt 2009-01-27 00:24:38
ComboFix3.txt 2007-10-09 15:29:25
Pre-Run: 32,048,177,152 bytes free
Post-Run: 32,026,542,080 bytes free
3776 --- E O F --- 2009-01-27 08:04:09
Logfile of HijackThis v1.99.1
Scan saved at 12:27:07 AM, on 1/28/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MI3AA1~1\wcescomm.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\progra~1\mcafee\MCAFEE~1\MssSrv.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\ehome\RMSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\imapi.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Hijackthis\Scanner.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.com/customize/ie/def ... earch.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://us.rd.yahoo.com/customize/ie/def ... .yahoo.comR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://go.microsoft.com/fwlink/?LinkId=488R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! ¤u¨ã¦C - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [ShowWnd] ShowWnd.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MI3AA1~1\wcescomm.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver -
res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Share in Hello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
O9 - Extra 'Tools' menuitem: Share in H&ello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/kos/eng/partne ... nicode.cabO16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoftware.com/activescan ... asinst.cabO16 - DPF: {9E17A5F9-2B9C-4C66-A592-199A4BA1FBC8} (AIM UPF Control) -
http://pictures04.aim.com/ygp/aol/plugi ... .5.1.8.cabO16 - DPF: {BC18E6DF-BE57-4580-93E8-F228F9A133AA} (MaxisSimCity4LotTeleX Control) -
http://simcity.ea.com/exchange/lots/tel ... tTeleX.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/s ... wflash.cabO20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: McAfee AntiSpyware Real-Time Scanner (McAfeeAntiSpyware) - McAfee, Inc. - c:\progra~1\mcafee\MCAFEE~1\MssSrv.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\WINDOWS\system32\Wacom_Tablet.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe