|
|
5/5
|
File System
|
Encrypts content of user files
|
1
|
Ransomware
|
|
|
-
Encrypts the content of multiple user files. This is an indicator for ransomware.
|
|
|
5/5
|
Local AV
|
Malicious content was detected by heuristic scan
|
3
|
-
|
|
|
-
Local AV detected the sample itself as "Generic.Ransom.Ryuk2.6B6124B9".
|
|
|
-
Local AV detected a memory dump of process "dwm.exe" as "Generic.Ransom.Ryuk2.F766FA70".
|
|
|
-
Local AV detected a memory dump of process "zzzavxu.exe" as "Generic.Ransom.Ryuk2.F766FA70".
|
|
|
5/5
|
Reputation
|
Known malicious file
|
1
|
Trojan
|
|
|
-
File "C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\zzzavxu.exe" is a known malicious file.
|
|
|
4/5
|
Injection
|
Writes into the memory of another running process
|
1
|
-
|
|
|
-
"c:\users\5p5nrgjn0js halpmcxz\desktop\zzzavxu.exe" modifies memory of "c:\windows\system32\dwm.exe".
|
|
|
4/5
|
Injection
|
Modifies control flow of another process
|
3
|
-
|
|
|
-
"c:\users\5p5nrgjn0js halpmcxz\desktop\zzzavxu.exe" creates thread in "c:\windows\system32\dwm.exe".
|
|
|
-
"c:\users\5p5nrgjn0js halpmcxz\desktop\zzzavxu.exe" creates thread in "c:\windows\system32\taskhost.exe".
|
|
|
-
"c:\users\5p5nrgjn0js halpmcxz\desktop\zzzavxu.exe" creates thread in "c:\windows\system32\taskeng.exe".
|
|
|
4/5
|
YARA
|
YARA match
|
8
|
-
|
|
|
-
Rule "JS_High_Entropy" from ruleset "Generic" has matched on the modified file "C:\Documents and Settings\5p5NrGJn0jS HALPmcxz\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5\IKQEEPZR\ga[1].js.RYK".
|
|
|
-
Rule "JS_High_Entropy" from ruleset "Generic" has matched on the modified file "c:\users\5p5nrgjn0js halpmcxz\appdata\local\microsoft\windows\temporary internet files\low\content.ie5\yg1r61z8\ast[1].js".
|
|
|
-
Rule "JS_High_Entropy" from ruleset "Generic" has matched on the modified file "C:\Documents and Settings\5p5NrGJn0jS HALPmcxz\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5\9QH4S0GZ\528d82a2[1].js.RYK".
|
|
|
-
Rule "JS_High_Entropy" from ruleset "Generic" has matched on the modified file "C:\Documents and Settings\5p5NrGJn0jS HALPmcxz\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5\9QH4S0GZ\advertisement.ad[1].js.RYK".
|
|
|
-
Rule "JS_High_Entropy" from ruleset "Generic" has matched on the modified file "C:\Documents and Settings\5p5NrGJn0jS HALPmcxz\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5\IKQEEPZR\ast[2].js.RYK".
|
|
|
-
Rule "JS_High_Entropy" from ruleset "Generic" has matched on the modified file "C:\Documents and Settings\5p5NrGJn0jS HALPmcxz\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5\YG1R61Z8\adex[1].js.RYK".
|
|
|
-
Rule "JS_High_Entropy" from ruleset "Generic" has matched on the modified file "C:\Documents and Settings\5p5NrGJn0jS HALPmcxz\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5\IKQEEPZR\player[2].js.RYK".
|
|
|
-
Rule "JS_High_Entropy" from ruleset "Generic" has matched on the modified file "C:\Documents and Settings\5p5NrGJn0jS HALPmcxz\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5\IKQEEPZR\player[1].js.RYK".
|
|
|
3/5
|
File System
|
Possibly drops ransom note files
|
1
|
Ransomware
|
|
|
-
Possibly drops ransom note files (creates 148 instances of the file "RyukReadMe.html" in different locations).
|
|
|
2/5
|
Anti Analysis
|
Resolves APIs dynamically to possibly evade static detection
|
1
|
-
|
|
|
-
Resolves an unusually high number of APIs.
|
|
|
2/5
|
Information Stealing
|
Reads sensitive browser data
|
1
|
-
|
|
|
-
Trying to read sensitive data of web browser "Internet Explorer / Edge" by file.
|
|
|
2/5
|
Anti Analysis
|
Delays execution
|
1
|
-
|
|
|
-
One thread sleeps more than 5 minutes.
|
|
|
2/5
|
Information Stealing
|
Reads sensitive mail data
|
1
|
-
|
|
|
-
Trying to read sensitive data of mail application "Windows Mail" by file.
|
|
|
1/5
|
Process
|
Creates process with hidden window
|
1
|
-
|
|
|
-
The process "net" starts with hidden window.
|
|
|
1/5
|
Process
|
Creates a page with write and execute permissions
|
1
|
-
|
|
|
-
Allocates a page in a foreign process with "PAGE_EXECUTE_READWRITE" permissions, often used to dynamically unpack code.
|
|
|
1/5
|
Masquerade
|
Changes folder appearance
|
322
|
-
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\application data\application data\history" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\application data\application data\history\low" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\application data\history" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\application data\history\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\application data\history\low" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\application data\history\low\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\application data\microsoft\feeds cache\1nbur4hr" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\application data\microsoft\feeds cache\6asvn7j7" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\application data\microsoft\feeds cache\d68g7bij" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\application data\microsoft\feeds cache\kqmhsvkd" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\application data\microsoft\feeds cache" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\application data\temp\history\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\application data\microsoft\windows mail\stationery" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\application data\temporary internet files" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\application data\temporary internet files\low" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\history" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\history\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\history\low" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\history\low\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\microsoft\feeds cache\1nbur4hr" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\microsoft\feeds cache\6asvn7j7" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\microsoft\feeds cache\d68g7bij" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\microsoft\feeds cache" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\microsoft\feeds cache\kqmhsvkd" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\microsoft\windows mail\stationery" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\temp\history\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\temp\temporary internet files\content.ie5\03j4uqw0" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\temp\temporary internet files\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\temporary internet files" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\temp\temporary internet files\content.ie5\ketajp6d" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\temp\temporary internet files\content.ie5\vb18b0kb" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\temp\temporary internet files\content.ie5\xt1rpyg9" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\temporary internet files\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\temporary internet files\content.ie5\mm5o9xqs" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\temporary internet files\content.ie5\pmmr5k9k" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\temporary internet files\content.ie5\rijuql1c" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\temporary internet files\content.ie5\x9ohk109" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\temporary internet files\low\content.ie5\9qh4s0gz" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\temporary internet files\low\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\temporary internet files\low\content.ie5\abv8l7my" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\temporary internet files\low\content.ie5\ikqeepzr" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\temporary internet files\low" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\history" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\history\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\history\low" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\history\low\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\application data\temporary internet files\low\content.ie5\yg1r61z8" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\microsoft\feeds cache\1nbur4hr" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\microsoft\feeds cache\6asvn7j7" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\microsoft\feeds cache\d68g7bij" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\microsoft\feeds cache" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\microsoft\feeds cache\kqmhsvkd" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\microsoft\windows mail\stationery" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\temp\history\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\temp\temporary internet files\content.ie5\03j4uqw0" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\temp\temporary internet files\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\temp\temporary internet files\content.ie5\ketajp6d" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\temp\temporary internet files\content.ie5\vb18b0kb" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\temp\temporary internet files\content.ie5\xt1rpyg9" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\temporary internet files\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\temporary internet files\content.ie5\mm5o9xqs" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\temporary internet files\content.ie5\pmmr5k9k" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\temporary internet files\content.ie5\rijuql1c" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\temporary internet files\content.ie5\x9ohk109" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\temporary internet files" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\temporary internet files\low\content.ie5\9qh4s0gz" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\temporary internet files\low\content.ie5\abv8l7my" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\temporary internet files\low\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\temporary internet files\low\content.ie5\ikqeepzr" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\temporary internet files\low\content.ie5\yg1r61z8" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\application data\temporary internet files\low" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\history" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\history\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\history\low" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\history\low\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\microsoft\feeds cache\1nbur4hr" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\microsoft\feeds cache\6asvn7j7" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\microsoft\feeds cache\d68g7bij" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\microsoft\feeds cache" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\microsoft\feeds cache\kqmhsvkd" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\microsoft\windows mail\stationery" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\temp\history\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\temp\temporary internet files\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\temp\temporary internet files\content.ie5\xt1rpyg9" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\temporary internet files\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\temporary internet files\content.ie5\mm5o9xqs" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\temporary internet files\content.ie5\pmmr5k9k" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\temporary internet files\content.ie5\rijuql1c" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\temporary internet files\content.ie5\x9ohk109" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\temp\temporary internet files\content.ie5\03j4uqw0" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\temp\temporary internet files\content.ie5\ketajp6d" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\temp\temporary internet files\content.ie5\vb18b0kb" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\temporary internet files" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\temporary internet files\low\content.ie5\9qh4s0gz" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\temporary internet files\low\content.ie5\abv8l7my" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\temporary internet files\low\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\temporary internet files\low\content.ie5\ikqeepzr" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\temporary internet files\low\content.ie5\yg1r61z8" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\application data\temporary internet files\low" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\history" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\history\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\history\low" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\history\low\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\microsoft\feeds cache\1nbur4hr" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\microsoft\feeds cache\6asvn7j7" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\microsoft\feeds cache\d68g7bij" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\microsoft\feeds cache" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\microsoft\feeds cache\kqmhsvkd" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\microsoft\windows mail\stationery" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\temp\history\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\temp\temporary internet files\content.ie5\03j4uqw0" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\temp\temporary internet files\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\temp\temporary internet files\content.ie5\ketajp6d" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\temp\temporary internet files\content.ie5\vb18b0kb" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\temp\temporary internet files\content.ie5\xt1rpyg9" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\temporary internet files\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\temporary internet files\content.ie5\mm5o9xqs" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\temporary internet files\content.ie5\pmmr5k9k" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\temporary internet files\content.ie5\rijuql1c" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\temporary internet files\content.ie5\x9ohk109" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\temporary internet files" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\temporary internet files\low\content.ie5\9qh4s0gz" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\temporary internet files\low\content.ie5\abv8l7my" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\temporary internet files\low\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\temporary internet files\low\content.ie5\ikqeepzr" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\temporary internet files\low\content.ie5\yg1r61z8" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\application data\temporary internet files\low" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\history" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\history\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\history\low" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\history\low\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\microsoft\feeds cache\1nbur4hr" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\microsoft\feeds cache\6asvn7j7" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\microsoft\feeds cache\d68g7bij" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\microsoft\feeds cache" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\microsoft\feeds cache\kqmhsvkd" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\microsoft\windows mail\stationery" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\temp\history\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\temp\temporary internet files\content.ie5\03j4uqw0" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\temp\temporary internet files\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\temp\temporary internet files\content.ie5\ketajp6d" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\temp\temporary internet files\content.ie5\vb18b0kb" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\temp\temporary internet files\content.ie5\xt1rpyg9" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\temporary internet files\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\temporary internet files\content.ie5\mm5o9xqs" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\temporary internet files\content.ie5\pmmr5k9k" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\temporary internet files\content.ie5\rijuql1c" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\temporary internet files\content.ie5\x9ohk109" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\temporary internet files" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\temporary internet files\low\content.ie5\9qh4s0gz" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\temporary internet files\low\content.ie5\abv8l7my" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\temporary internet files\low\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\temporary internet files\low\content.ie5\ikqeepzr" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\temporary internet files\low\content.ie5\yg1r61z8" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\application data\temporary internet files\low" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\history" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\history\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\history\low" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\history\low\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\microsoft\feeds cache\1nbur4hr" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\microsoft\feeds cache\6asvn7j7" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\microsoft\feeds cache\d68g7bij" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\microsoft\feeds cache" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\microsoft\feeds cache\kqmhsvkd" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\microsoft\windows mail\stationery" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\temp\history\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\temp\temporary internet files\content.ie5\03j4uqw0" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\temp\temporary internet files\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\temp\temporary internet files\content.ie5\ketajp6d" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\temp\temporary internet files\content.ie5\vb18b0kb" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\temp\temporary internet files\content.ie5\xt1rpyg9" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\temporary internet files\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\temporary internet files\content.ie5\mm5o9xqs" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\temporary internet files\content.ie5\pmmr5k9k" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\temporary internet files\content.ie5\rijuql1c" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\temporary internet files\content.ie5\x9ohk109" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\temporary internet files" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\temporary internet files\low\content.ie5\9qh4s0gz" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\temporary internet files\low\content.ie5\abv8l7my" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\temporary internet files\low\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\temporary internet files\low\content.ie5\ikqeepzr" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\temporary internet files\low\content.ie5\yg1r61z8" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\application data\temporary internet files\low" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\history" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\history\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\history\low" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\history\low\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\microsoft\feeds cache\1nbur4hr" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\microsoft\feeds cache\6asvn7j7" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\microsoft\feeds cache\d68g7bij" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\microsoft\feeds cache" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\microsoft\feeds cache\kqmhsvkd" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\microsoft\windows mail\stationery" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\temp\history\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\temp\temporary internet files\content.ie5\03j4uqw0" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\temp\temporary internet files\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\temp\temporary internet files\content.ie5\ketajp6d" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\temp\temporary internet files\content.ie5\vb18b0kb" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\temp\temporary internet files\content.ie5\xt1rpyg9" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\temporary internet files\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\temporary internet files\content.ie5\mm5o9xqs" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\temporary internet files\content.ie5\pmmr5k9k" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\temporary internet files\content.ie5\rijuql1c" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\temporary internet files\content.ie5\x9ohk109" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\temporary internet files" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\temporary internet files\low\content.ie5\9qh4s0gz" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\temporary internet files\low\content.ie5\abv8l7my" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\temporary internet files\low\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\temporary internet files\low\content.ie5\yg1r61z8" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\temporary internet files\low" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\history" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\history\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\history\low" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\history\low\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\microsoft\feeds cache\1nbur4hr" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\microsoft\feeds cache\6asvn7j7" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\microsoft\feeds cache\d68g7bij" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\microsoft\feeds cache" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\microsoft\feeds cache\kqmhsvkd" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\application data\temporary internet files\low\content.ie5\ikqeepzr" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\microsoft\windows mail\stationery" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\temp\history\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\temp\temporary internet files\content.ie5\03j4uqw0" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\temp\temporary internet files\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\temp\temporary internet files\content.ie5\ketajp6d" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\temp\temporary internet files\content.ie5\vb18b0kb" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\temp\temporary internet files\content.ie5\xt1rpyg9" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\temporary internet files\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\temporary internet files\content.ie5\mm5o9xqs" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\temporary internet files\content.ie5\pmmr5k9k" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\temporary internet files\content.ie5\rijuql1c" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\temporary internet files\content.ie5\x9ohk109" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\temporary internet files" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\temporary internet files\low\content.ie5\9qh4s0gz" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\temporary internet files\low\content.ie5\abv8l7my" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\temporary internet files\low\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\temporary internet files\low\content.ie5\ikqeepzr" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\temporary internet files\low\content.ie5\yg1r61z8" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\application data\temporary internet files\low" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\history" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\history\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\history\low" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\history\low\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\microsoft\feeds cache\1nbur4hr" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\microsoft\feeds cache\6asvn7j7" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\microsoft\feeds cache\d68g7bij" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\microsoft\feeds cache" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\microsoft\feeds cache\kqmhsvkd" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\microsoft\windows mail\stationery" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\temp\history\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\temp\temporary internet files\content.ie5\03j4uqw0" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\temp\temporary internet files\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\temp\temporary internet files\content.ie5\ketajp6d" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\temp\temporary internet files\content.ie5\vb18b0kb" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\temp\temporary internet files\content.ie5\xt1rpyg9" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\temporary internet files\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\temporary internet files\content.ie5\mm5o9xqs" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\temporary internet files\content.ie5\pmmr5k9k" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\temporary internet files\content.ie5\rijuql1c" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\temporary internet files\content.ie5\x9ohk109" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\temporary internet files" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\temporary internet files\low\content.ie5\9qh4s0gz" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\temporary internet files\low\content.ie5\abv8l7my" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\temporary internet files\low\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\temporary internet files\low\content.ie5\ikqeepzr" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\temporary internet files\low\content.ie5\yg1r61z8" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\local\temporary internet files\low" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\taskbar" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\roaming\microsoft\internet explorer\quick launch" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\application data\microsoft\internet explorer\quick launch" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\application data\microsoft\internet explorer\quick launch\user pinned\taskbar" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\contacts" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\desktop" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\documents" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\documents\my music" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\documents\my pictures" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\documents\my shapes" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\documents\my videos" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\downloads" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\favorites" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\favorites\links" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\links" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\application data\application data\history" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\application data\application data\history\low" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\application data\history" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\application data\history\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\application data\history\low" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\application data\history\low\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\application data\microsoft\feeds cache" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\application data\temp\history\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\application data\temporary internet files" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\application data\temporary internet files\low" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\history" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\history\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\history\low" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\history\low\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\microsoft\feeds cache\1nbur4hr" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\microsoft\feeds cache\6asvn7j7" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\microsoft\feeds cache\d68g7bij" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\microsoft\feeds cache" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\microsoft\feeds cache\kqmhsvkd" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\microsoft\windows mail\stationery" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\temp\history\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\temp\temporary internet files\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\temporary internet files\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\temporary internet files\content.ie5\mm5o9xqs" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\temporary internet files\content.ie5\pmmr5k9k" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\temporary internet files\content.ie5\rijuql1c" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\temporary internet files\content.ie5\x9ohk109" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\temporary internet files" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\temporary internet files\low\content.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\application data\temporary internet files\low" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\history" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\history\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\history\low" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\history\low\history.ie5" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\microsoft\feeds cache\1nbur4hr" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\microsoft\feeds cache\6asvn7j7" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\microsoft\feeds cache\d68g7bij" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\microsoft\feeds cache" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\microsoft\feeds cache\kqmhsvkd" has a changed appearance.
|
|
|
-
Folder "c:\documents and settings\5p5nrgjn0js halpmcxz\local settings\application data\application data\application data\application data\application data\application data\application data\microsoft\windows mail\stationery" has a changed appearance.
|
|
|
1/5
|
Persistence
|
Installs system startup script or application
|
2
|
-
|
|
|
-
Adds "c:\documents and settings\5p5nrgjn0js halpmcxz\appdata\roaming\microsoft\windows\start menu\programs\startup\ryukreadme.html" to Windows startup folder.
|
|
|
-
Adds "c:\documents and settings\5p5nrgjn0js halpmcxz\application data\microsoft\windows\start menu\programs\startup\ryukreadme.html" to Windows startup folder.
|
|
|
1/5
|
File System
|
Creates an unusually large number of files
|
1
|
-
|
|
|
-
Creates an unusually large number of files.
|
|
|
1/5
|
Static
|
Unparsable sections in file
|
2
|
-
|
|
|
-
Static analyzer was unable to parse the analyzed file: C:\Documents and Settings\5p5NrGJn0jS HALPmcxz\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temp\DOFJFpLhODvfDEn.pdf.RYK.
|
|
|
-
Static analyzer was unable to completely parse the analyzed file: c:\users\5p5nrgjn0js halpmcxz\appdata\local\microsoft\windows mail\stationery\peacock.htm.
|
|
|
1/5
|
Process
|
Process crashed
|
2
|
-
|
|
|
-
Process "c:\windows\system32\dwm.exe" crashed.
|
|
|
-
Process "c:\windows\system32\taskhost.exe" crashed.
|
|
|
0/5
|
Process
|
Enumerates running processes
|
1
|
-
|
|
|
-
Enumerates running processes.
|
|
|
