Killall::

File::
2008-09-06 13:24 . 2008-09-06 13:24 25,088 --a------ C:\WINDOWS\system32\sups.dll
2008-09-06 11:40 . 2008-09-06 11:40 21,504 --a------ C:\WINDOWS\system32\odiw.dll
2008-09-06 10:54 . 2008-09-05 17:07 3,262 --a------ C:\WINDOWS\system32\2.ico
2008-09-06 10:50 . 2008-09-05 17:07 31,232 --a------ C:\x
2008-09-06 10:50 . 2008-09-05 17:07 3,262 --a------ C:\WINDOWS\system32\1.ico
2008-09-06 10:40 . 2008-09-06 10:40 0 --a------ C:\d1.exe
2008-09-06 10:39 . 2008-09-06 10:39 66,048 --a------ C:\uoju.exe
2008-09-06 10:39 . 2008-09-06 10:39 66,048 --a------ C:\oitkxr.exe
2008-09-06 10:39 . 2008-09-06 10:39 34,816 --a------ C:\accq.exe
2008-09-06 10:39 . 2008-09-06 10:39 29,184 --a------ C:\ubcs.exe
2008-09-06 10:39 . 2008-09-06 10:39 10,000 --a------ C:\WINDOWS\system32\gjm86akm34.dll
2008-09-06 10:39 . 2008-09-06 10:39 0 --a------ C:\944064064
2008-09-06 07:27 . 2008-09-06 07:27 155,648 --a------ C:\WINDOWS\system32\CodecBHO.dll
2006-10-03 09:43 2,402,550 ----a-w C:\WINDOWS\inf\SETA1.tmp
2006-10-03 09:43 2,402,550 ----a-w C:\WINDOWS\inf\SET83.tmp
2006-10-03 09:43 2,402,550 ----a-w C:\WINDOWS\inf\SET79.tmp
2006-10-03 09:43 2,402,550 ----a-w C:\WINDOWS\inf\SET64.tmp
2006-10-03 09:43 2,402,550 ----a-w C:\WINDOWS\inf\SET58.tmp
1999-07-07 00:00 6 --sh--r C:\WINDOWS\@@desktop.dat
2006-05-25 05:05 88 --sh--r C:\WINDOWS\system32\2D10762079.sys
2006-06-12 05:09 56 --sh--r C:\WINDOWS\system32\792076102D.sys
C:\WINDOWS\system32\kddwe.exe
C:\WINDOWS\Temp\kddwe.ren

Folder::
2008-09-06 10:50 . 2008-09-07 22:11 <DIR> d-------- C:\Program Files\PCHealthCenter

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C5BF49A2-94F3-42BD-F434-3604812C897D}]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{C5BF49A2-94F3-42BD-F434-3604812C897D}"= -

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"C:\\WINDOWS\\system32\\kddwe.exe"=-
"384546ef"=-
"BM3b767573"=-

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Jnskdfmf9eldfd"=-