Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer slow/can hear ads/blue screen of death


  • Please log in to reply
17 replies to this topic

#1 jyeezy

jyeezy

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:41 AM

Posted 08 April 2012 - 09:52 PM

Well where should I start..my computer is extremelyslow,I get the blue screen of death frequently, I cant access my firewall because I get some kind of error, I hear random ads out of nowhere when there are no pop ups (which is going to make me snap one day) and this all happened a couple months ago when I tried to download music from a website.. Help?

I have malwarebytes, and everytime i do a fullscan there are usually 2 infected files, in which i quarantine and remove and restart my comp, but nothing changes.

Help?

-Thanks

BC AdBot (Login to Remove)

 


#2 jyeezy

jyeezy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:41 AM

Posted 08 April 2012 - 10:04 PM

Oh I also get google re-directs and sometimes things dont open even though i double-click them like 20 times.

#3 jyeezy

jyeezy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:41 AM

Posted 08 April 2012 - 10:11 PM

Oh geez i didnt know i have to post alot of logs with my new thread. I will do so tomorrow, sorry for not reading the rules ahead of time.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:41 PM

Posted 08 April 2012 - 10:44 PM

You can post the MBAM logs here. I will move this to Am I Infected.

Can you also run this? is this an XP machine?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 jyeezy

jyeezy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:41 AM

Posted 09 April 2012 - 04:04 PM

You can post the MBAM logs here. I will move this to Am I Infected.

Can you also run this? is this an XP machine?



I have windows vista home basic. What is MBAM and how do I run it? (Sorry im really not too computer savvy)

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:41 PM

Posted 09 April 2012 - 05:40 PM

my bad....malwarebytes =MBAM
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 jyeezy

jyeezy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:41 AM

Posted 10 April 2012 - 01:00 AM

my bad....malwarebytes =MBAM


Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.04.08

Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 7.0.6001.18000
Administrator :: DEOK-PC [administrator]

Protection: Enabled

4/8/2012 11:47:31 PM
mbam-log-2012-04-08 (23-47-31).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 406726
Time elapsed: 3 hour(s), 10 minute(s), 21 second(s)

Memory Processes Detected: 1
C:\Users\Administrator\Librarys\wgesdwx\svchost.exe (Trojan.Agent) -> 3312 -> Delete on reboot.

Memory Modules Detected: 3
C:\Windows\System32\govsrv.dll (RootKit.0Access.H) -> Delete on reboot.
C:\Windows\Temp\rkisrv.dll (Trojan.Agent) -> Delete on reboot.
C:\Windows\Temp\cagals.dll (Trojan.Agent.LTGen) -> Delete on reboot.

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|rkisrv (Trojan.Agent) -> Data: rundll32.exe "C:\Windows\TEMP\rkisrv.dll",LoadBitmapResize -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|mslivemsn (Trojan.Agent) -> Data: C:\Users\Administrator\Librarys\wgesdwx\svchost.exe -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|dplaysvr (Trojan.QHost.BG) -> Data: C:\Windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|cagals (Trojan.Agent.LTGen) -> Data: rundll32.exe "C:\Windows\TEMP\cagals.dll",GraphicsD3D9RegisterResource -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 27
C:\Windows\System32\govsrv.dll (RootKit.0Access.H) -> Quarantined and deleted successfully.
C:\Windows\Temp\rkisrv.dll (Trojan.Agent) -> Delete on reboot.
C:\Windows\Temp\0.062473827586711383.exe (Rogue.FakeHDD) -> Quarantined and deleted successfully.
C:\Windows\Temp\0.33346130404792673.exe (Trojan.FakeAlert.FS) -> Quarantined and deleted successfully.
C:\Windows\Temp\0.403183513273385.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Windows\Temp\0.47927014592842654 (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Windows\Temp\0.4974122381938796 (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Windows\Temp\0.6716083473192758 (Trojan.Agent.H) -> Quarantined and deleted successfully.
C:\Windows\Temp\hki20511.exe (Trojan.Agent.H) -> Quarantined and deleted successfully.
C:\Windows\Temp\5A5F.tmp (Rogue.InternetSecurity) -> Quarantined and deleted successfully.
C:\Windows\Temp\67B7.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Windows\Temp\89B8.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Windows\Temp\mjhpcwujngclswtnpqh.exe (Trojan.Ransom) -> Quarantined and deleted successfully.
C:\Windows\Temp\ttfhrtonehbezmcukgeqszdpy.exe (Trojan.Agent.UAWHGen) -> Quarantined and deleted successfully.
C:\Windows\Temp\cgs8h0.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\ch8l0.exe (Backdoor.Agent.RCGen) -> Quarantined and deleted successfully.
C:\Windows\Temp\ch8l2.exe (Trojan.Ransom) -> Quarantined and deleted successfully.
C:\Windows\Temp\qtdmxxnnkwoy.exe (Trojan.Agent.UAWHGen) -> Quarantined and deleted successfully.
C:\Windows\Temp\wusctpegqmtylt.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\bevshc\setup.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsrB08B.tmp\oexuquj.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Windows\Temp\nsrB08B.tmp\vubjh.dll (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Windows\Temp\0.5170087229164906 (Exploit.Drop.9) -> Quarantined and deleted successfully.
C:\Windows\Temp\0.38758323404561823 (Exploit.Drop.9) -> Quarantined and deleted successfully.
C:\Windows\Fonts\3n1Ak.com (Malware.Generic) -> Quarantined and deleted successfully.
C:\Users\Administrator\Librarys\wgesdwx\svchost.exe (Trojan.Agent) -> Delete on reboot.
C:\Windows\Temp\cagals.dll (Trojan.Agent.LTGen) -> Delete on reboot.

(end)

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:41 PM

Posted 10 April 2012 - 01:02 PM

Ok, good.. Please do these now and see how it is after.
If you haven't restarted the machine after thiso do that now.

Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.




I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.

Edited by boopme, 10 April 2012 - 01:03 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 jyeezy

jyeezy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:41 AM

Posted 10 April 2012 - 11:22 PM

TDSSKiller log

22:45:49.0654 1100 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
22:45:50.0050 1100 ============================================================
22:45:50.0050 1100 Current date / time: 2012/04/09 22:45:50.0050
22:45:50.0050 1100 SystemInfo:
22:45:50.0050 1100
22:45:50.0051 1100 OS Version: 6.0.6001 ServicePack: 1.0
22:45:50.0051 1100 Product type: Workstation
22:45:50.0051 1100 ComputerName: DEOK-PC
22:45:50.0051 1100 UserName: Administrator
22:45:50.0051 1100 Windows directory: C:\Windows
22:45:50.0051 1100 System windows directory: C:\Windows
22:45:50.0051 1100 Processor architecture: Intel x86
22:45:50.0051 1100 Number of processors: 2
22:45:50.0051 1100 Page size: 0x1000
22:45:50.0051 1100 Boot type: Normal boot
22:45:50.0051 1100 ============================================================
22:45:53.0924 1100 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:45:53.0946 1100 \Device\Harddisk0\DR0:
22:45:53.0946 1100 MBR used
22:45:53.0946 1100 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542D800
22:45:53.0985 1100 Initialize success
22:45:53.0986 1100 ============================================================
22:45:55.0602 2512 ============================================================
22:45:55.0602 2512 Scan started
22:45:55.0602 2512 Mode: Manual;
22:45:55.0602 2512 ============================================================
22:45:59.0830 2512 90948502 - ok
22:45:59.0870 2512 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
22:45:59.0888 2512 ACPI - ok
22:46:00.0440 2512 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
22:46:00.0447 2512 adp94xx - ok
22:46:00.0561 2512 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
22:46:00.0566 2512 adpahci - ok
22:46:00.0617 2512 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
22:46:00.0692 2512 adpu160m - ok
22:46:00.0847 2512 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
22:46:00.0859 2512 adpu320 - ok
22:46:01.0003 2512 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
22:46:01.0004 2512 AeLookupSvc - ok
22:46:01.0354 2512 AFD (584109209ab68749e3fb6d9744405879) C:\Windows\system32\drivers\afd.sys
22:46:01.0359 2512 AFD ( Virus.Win32.ZAccess.k ) - infected
22:46:01.0359 2512 AFD - detected Virus.Win32.ZAccess.k (0)
22:46:01.0417 2512 AFGSp50 - ok
22:46:01.0475 2512 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
22:46:01.0483 2512 agp440 - ok
22:46:01.0530 2512 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
22:46:01.0532 2512 aic78xx - ok
22:46:01.0620 2512 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
22:46:01.0712 2512 ALG - ok
22:46:01.0931 2512 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
22:46:01.0932 2512 aliide - ok
22:46:01.0962 2512 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
22:46:01.0964 2512 amdagp - ok
22:46:01.0977 2512 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
22:46:01.0978 2512 amdide - ok
22:46:02.0004 2512 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
22:46:02.0005 2512 AmdK7 - ok
22:46:02.0016 2512 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
22:46:02.0017 2512 AmdK8 - ok
22:46:02.0067 2512 ami0nt - ok
22:46:02.0175 2512 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
22:46:02.0175 2512 Appinfo - ok
22:46:02.0311 2512 Apple Mobile Device (d8e18021f91ad79ca8491cb5a5da22d4) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:46:02.0369 2512 Apple Mobile Device - ok
22:46:02.0457 2512 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
22:46:02.0459 2512 arc - ok
22:46:02.0487 2512 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
22:46:02.0489 2512 arcsas - ok
22:46:02.0601 2512 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:46:02.0635 2512 aspnet_state - ok
22:46:02.0723 2512 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
22:46:02.0724 2512 AsyncMac - ok
22:46:02.0753 2512 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
22:46:02.0753 2512 atapi - ok
22:46:02.0854 2512 AudioEndpointBuilder (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
22:46:02.0856 2512 AudioEndpointBuilder - ok
22:46:02.0866 2512 Audiosrv (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
22:46:02.0868 2512 Audiosrv - ok
22:46:03.0092 2512 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
22:46:03.0102 2512 Beep - ok
22:46:03.0324 2512 BITS (02ed7b4dbc2a3232a389106da7515c3d) C:\Windows\System32\qmgr.dll
22:46:03.0330 2512 BITS - ok
22:46:03.0414 2512 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
22:46:03.0416 2512 blbdrive - ok
22:46:03.0624 2512 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
22:46:03.0657 2512 Bonjour Service - ok
22:46:03.0726 2512 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
22:46:03.0747 2512 bowser - ok
22:46:03.0860 2512 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
22:46:03.0861 2512 BrFiltLo - ok
22:46:03.0898 2512 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
22:46:03.0899 2512 BrFiltUp - ok
22:46:03.0982 2512 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
22:46:03.0984 2512 Browser - ok
22:46:04.0031 2512 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
22:46:04.0033 2512 Brserid - ok
22:46:04.0045 2512 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
22:46:04.0046 2512 BrSerWdm - ok
22:46:04.0059 2512 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
22:46:04.0060 2512 BrUsbMdm - ok
22:46:04.0071 2512 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
22:46:04.0072 2512 BrUsbSer - ok
22:46:04.0111 2512 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
22:46:04.0113 2512 BTHMODEM - ok
22:46:04.0194 2512 c65013264 (31b3fce980fc69ce16a22131e2f27499) C:\Windows\system32\drivers\c6501.sys
22:46:04.0210 2512 c65013264 - ok
22:46:04.0304 2512 catchme - ok
22:46:04.0378 2512 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
22:46:04.0380 2512 cdfs - ok
22:46:04.0416 2512 cdrom - ok
22:46:04.0468 2512 CertPropSvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
22:46:04.0468 2512 CertPropSvc - ok
22:46:04.0516 2512 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
22:46:04.0518 2512 circlass - ok
22:46:04.0560 2512 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
22:46:04.0564 2512 CLFS - ok
22:46:04.0642 2512 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:46:04.0645 2512 clr_optimization_v2.0.50727_32 - ok
22:46:04.0759 2512 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:46:04.0764 2512 clr_optimization_v4.0.30319_32 - ok
22:46:04.0989 2512 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
22:46:04.0990 2512 cmdide - ok
22:46:04.0999 2512 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
22:46:05.0000 2512 Compbatt - ok
22:46:05.0008 2512 COMSysApp - ok
22:46:05.0037 2512 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
22:46:05.0039 2512 crcdisk - ok
22:46:05.0079 2512 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
22:46:05.0080 2512 Crusoe - ok
22:46:05.0114 2512 CryptSvc (6de363f9f99334514c46aec02d3e3678) C:\Windows\system32\cryptsvc.dll
22:46:05.0115 2512 CryptSvc - ok
22:46:05.0136 2512 CrystalSysInfo - ok
22:46:05.0145 2512 CTDevice_Srv - ok
22:46:05.0162 2512 ctsfm2k - ok
22:46:05.0172 2512 CXTUNE - ok
22:46:05.0235 2512 DcomLaunch (301ae00e12408650baddc04dbc832830) C:\Windows\system32\rpcss.dll
22:46:05.0240 2512 DcomLaunch - ok
22:46:05.0343 2512 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys
22:46:05.0376 2512 DfsC - ok
22:46:05.0494 2512 DFSR (fa3463f25f9cc9c3bcf1e7912feff099) C:\Windows\system32\DFSR.exe
22:46:05.0558 2512 DFSR - ok
22:46:05.0752 2512 Dhcp (43a988a9c10333476cb5fb667cbd629d) C:\Windows\System32\dhcpcsvc.dll
22:46:05.0754 2512 Dhcp - ok
22:46:05.0892 2512 DirectUpdate - ok
22:46:05.0988 2512 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
22:46:05.0990 2512 disk - ok
22:46:06.0012 2512 dkeysync - ok
22:46:06.0060 2512 Dnscache (4805d9a6d281c7a7defd9094dec6af7d) C:\Windows\System32\dnsrslvr.dll
22:46:06.0062 2512 Dnscache - ok
22:46:06.0083 2512 dntus26 - ok
22:46:06.0142 2512 dot3svc (5af620a08c614e24206b79e8153cf1a8) C:\Windows\System32\dot3svc.dll
22:46:06.0151 2512 dot3svc - ok
22:46:06.0387 2512 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
22:46:06.0390 2512 Dot4 - ok
22:46:06.0438 2512 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
22:46:06.0439 2512 Dot4Print - ok
22:46:06.0468 2512 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
22:46:06.0470 2512 dot4usb - ok
22:46:06.0510 2512 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
22:46:06.0512 2512 DPS - ok
22:46:06.0799 2512 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
22:46:06.0830 2512 drmkaud - ok
22:46:07.0221 2512 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
22:46:07.0495 2512 DXGKrnl - ok
22:46:07.0834 2512 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
22:46:07.0859 2512 E1G60 - ok
22:46:07.0968 2512 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
22:46:08.0066 2512 EapHost - ok
22:46:08.0148 2512 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
22:46:08.0164 2512 Ecache - ok
22:46:08.0266 2512 elockservice - ok
22:46:08.0560 2512 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
22:46:08.0590 2512 elxstor - ok
22:46:08.0751 2512 EMDMgmt (70b1a86df0c8ead17d2bc332edae2c7c) C:\Windows\system32\emdmgmt.dll
22:46:08.0755 2512 EMDMgmt - ok
22:46:08.0898 2512 ENTECH (fd9fc82f134b1c91004ffc76a5ae494b) C:\Windows\system32\DRIVERS\ENTECH.sys
22:46:08.0908 2512 ENTECH - ok
22:46:08.0966 2512 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
22:46:08.0979 2512 ErrDev - ok
22:46:09.0342 2512 EventSystem (3cb3343d720168b575133a0a20dc2465) C:\Windows\system32\es.dll
22:46:09.0344 2512 EventSystem - ok
22:46:09.0591 2512 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
22:46:09.0601 2512 exfat - ok
22:46:09.0719 2512 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
22:46:09.0739 2512 fastfat - ok
22:46:09.0860 2512 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
22:46:09.0862 2512 fdc - ok
22:46:09.0891 2512 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
22:46:09.0903 2512 fdPHost - ok
22:46:10.0232 2512 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
22:46:10.0257 2512 FDResPub - ok
22:46:10.0406 2512 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
22:46:10.0475 2512 FileInfo - ok
22:46:10.0615 2512 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
22:46:10.0617 2512 Filetrace - ok
22:46:10.0625 2512 fingrd32 - ok
22:46:10.0834 2512 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
22:46:10.0839 2512 flpydisk - ok
22:46:10.0919 2512 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
22:46:10.0963 2512 FltMgr - ok
22:46:11.0229 2512 FontCache3.0.0.0 (c9be08664611ddaf98e2331e9288b00b) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:46:11.0264 2512 FontCache3.0.0.0 - ok
22:46:11.0952 2512 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
22:46:11.0987 2512 Fs_Rec - ok
22:46:12.0367 2512 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
22:46:12.0369 2512 gagp30kx - ok
22:46:12.0935 2512 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:46:12.0937 2512 GEARAspiWDM - ok
22:46:12.0991 2512 ghaio - ok
22:46:13.0197 2512 gpsvc (d9f1113d9401185245573350712f92fc) C:\Windows\System32\gpsvc.dll
22:46:13.0288 2512 gpsvc - ok
22:46:13.0557 2512 HBtnKey - ok
22:46:13.0739 2512 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\drivers\hdaudbus.sys
22:46:13.0764 2512 HDAudBus - ok
22:46:13.0799 2512 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
22:46:13.0801 2512 HidBth - ok
22:46:13.0916 2512 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
22:46:13.0967 2512 HidIr - ok
22:46:14.0340 2512 hidserv (8fa640195279ace21bea91396a0054fc) C:\Windows\System32\hidserv.dll
22:46:14.0341 2512 hidserv - ok
22:46:14.0657 2512 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
22:46:14.0692 2512 HidUsb - ok
22:46:14.0996 2512 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
22:46:14.0997 2512 hkmsvc - ok
22:46:15.0294 2512 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
22:46:15.0339 2512 HpCISSs - ok
22:46:15.0496 2512 HTTP (33b02459e86d0a2b86a6b9fe19139390) C:\Windows\system32\drivers\HTTP.sys
22:46:15.0530 2512 HTTP - ok
22:46:16.0302 2512 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
22:46:16.0380 2512 i2omp - ok
22:46:17.0225 2512 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
22:46:17.0261 2512 i8042prt - ok
22:46:17.0419 2512 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
22:46:17.0510 2512 iaStorV - ok
22:46:17.0632 2512 ibmfilter - ok
22:46:18.0280 2512 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
22:46:18.0391 2512 IDriverT - ok
22:46:19.0281 2512 idsvc (7b630acaed64fef0c3e1cf255cb56686) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:46:19.0417 2512 idsvc - ok
22:46:19.0615 2512 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
22:46:19.0636 2512 iirsp - ok
22:46:19.0865 2512 IKEEXT (a3bc480a2bf8aa8e4dabd2d5dce0afac) C:\Windows\System32\ikeext.dll
22:46:19.0869 2512 IKEEXT - ok
22:46:20.0115 2512 InCDsrvR - ok
22:46:20.0601 2512 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
22:46:20.0643 2512 intelide - ok
22:46:20.0994 2512 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
22:46:21.0066 2512 intelppm - ok
22:46:21.0432 2512 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
22:46:21.0462 2512 IPBusEnum - ok
22:46:21.0832 2512 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:46:21.0858 2512 IpFilterDriver - ok
22:46:22.0129 2512 IpInIp - ok
22:46:22.0974 2512 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
22:46:22.0976 2512 IPMIDRV - ok
22:46:23.0367 2512 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
22:46:23.0369 2512 IPNAT - ok
22:46:23.0803 2512 iPod Service (33642c17c232aa272c68e446a2619899) C:\Program Files\iPod\bin\iPodService.exe
22:46:24.0297 2512 iPod Service - ok
22:46:25.0125 2512 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
22:46:25.0139 2512 IRENUM - ok
22:46:25.0713 2512 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
22:46:25.0723 2512 isapnp - ok
22:46:26.0192 2512 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
22:46:26.0245 2512 iScsiPrt - ok
22:46:26.0752 2512 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
22:46:26.0770 2512 iteatapi - ok
22:46:27.0170 2512 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
22:46:27.0208 2512 iteraid - ok
22:46:27.0466 2512 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
22:46:27.0486 2512 kbdclass - ok
22:46:28.0205 2512 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
22:46:28.0207 2512 kbdhid - ok
22:46:28.0587 2512 KeyIso (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
22:46:28.0588 2512 KeyIso - ok
22:46:29.0144 2512 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
22:46:29.0238 2512 KSecDD - ok
22:46:29.0680 2512 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
22:46:29.0684 2512 KtmRm - ok
22:46:29.0903 2512 L8042Kbd (d8d3f1c1e82117a3776a2d320a7b3694) C:\Windows\system32\DRIVERS\L8042Kbd.sys
22:46:29.0931 2512 L8042Kbd - ok
22:46:30.0044 2512 L8042mou (5262222fb4a7b57b48115016ccfd1f4c) C:\Windows\system32\DRIVERS\L8042mou.Sys
22:46:30.0058 2512 L8042mou - ok
22:46:30.0195 2512 LanmanServer (1925e63c91cf1610ae41bfd539062079) C:\Windows\System32\srvsvc.dll
22:46:30.0198 2512 LanmanServer - ok
22:46:30.0755 2512 LanmanWorkstation (2ae2e1628c5d3f1c0a46a67c9fa1df15) C:\Windows\System32\wkssvc.dll
22:46:30.0759 2512 LanmanWorkstation - ok
22:46:31.0692 2512 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
22:46:31.0727 2512 lltdio - ok
22:46:32.0195 2512 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
22:46:32.0231 2512 lltdsvc - ok
22:46:32.0472 2512 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
22:46:32.0473 2512 lmhosts - ok
22:46:33.0101 2512 LMouKE (96062ec1f26f08ebe056c026667744dd) C:\Windows\system32\DRIVERS\LMouKE.Sys
22:46:33.0111 2512 LMouKE - ok
22:46:34.0115 2512 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
22:46:34.0281 2512 LSI_FC - ok
22:46:34.0782 2512 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
22:46:34.0840 2512 LSI_SAS - ok
22:46:35.0149 2512 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
22:46:35.0170 2512 LSI_SCSI - ok
22:46:35.0734 2512 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
22:46:35.0788 2512 luafv - ok
22:46:36.0039 2512 lvuvc - ok
22:46:36.0197 2512 mafwboot - ok
22:46:36.0657 2512 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
22:46:36.0661 2512 MBAMProtector - ok
22:46:36.0990 2512 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
22:46:37.0351 2512 MBAMService - ok
22:46:37.0536 2512 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\Windows\system32\drivers\mbamswissarmy.sys
22:46:37.0549 2512 MBAMSwissArmy - ok
22:46:37.0738 2512 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
22:46:37.0770 2512 McComponentHostService - ok
22:46:38.0063 2512 mcshield - ok
22:46:38.0323 2512 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
22:46:41.0048 2512 megasas - ok
22:46:42.0163 2512 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
22:46:42.0335 2512 MegaSR - ok
22:46:42.0642 2512 mlkkbdntdriver - ok
22:46:43.0232 2512 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
22:46:43.0233 2512 MMCSS - ok
22:46:43.0817 2512 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
22:46:43.0837 2512 Modem - ok
22:46:44.0141 2512 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
22:46:44.0154 2512 monitor - ok
22:46:44.0789 2512 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
22:46:44.0837 2512 mouclass - ok
22:46:45.0856 2512 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
22:46:45.0908 2512 mouhid - ok
22:46:46.0486 2512 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
22:46:46.0500 2512 MountMgr - ok
22:46:46.0812 2512 MozillaMaintenance (755a0900ba4b9fb59b4ed1f78341693a) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:46:46.0813 2512 MozillaMaintenance - ok
22:46:47.0259 2512 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
22:46:47.0282 2512 mpio - ok
22:46:47.0463 2512 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
22:46:47.0485 2512 mpsdrv - ok
22:46:47.0836 2512 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
22:46:47.0872 2512 Mraid35x - ok
22:46:48.0085 2512 MRESP50 - ok
22:46:48.0643 2512 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
22:46:48.0666 2512 MRxDAV - ok
22:46:49.0224 2512 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:46:49.0293 2512 mrxsmb - ok
22:46:49.0577 2512 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:46:49.0626 2512 mrxsmb10 - ok
22:46:50.0017 2512 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:46:50.0064 2512 mrxsmb20 - ok
22:46:50.0422 2512 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
22:46:50.0539 2512 msahci - ok
22:46:50.0952 2512 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
22:46:50.0994 2512 msdsm - ok
22:46:51.0158 2512 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
22:46:51.0207 2512 MSDTC - ok
22:46:51.0401 2512 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
22:46:51.0454 2512 Msfs - ok
22:46:52.0275 2512 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
22:46:52.0278 2512 msisadrv - ok
22:46:52.0846 2512 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
22:46:52.0850 2512 MSiSCSI - ok
22:46:53.0120 2512 msiserver - ok
22:46:53.0336 2512 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
22:46:53.0356 2512 MSKSSRV - ok
22:46:53.0365 2512 MSMQTriggers - ok
22:46:53.0440 2512 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
22:46:53.0442 2512 MSPCLOCK - ok
22:46:53.0460 2512 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
22:46:53.0461 2512 MSPQM - ok
22:46:53.0536 2512 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
22:46:53.0540 2512 MsRPC - ok
22:46:53.0941 2512 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
22:46:54.0002 2512 mssmbios - ok
22:46:54.0150 2512 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
22:46:54.0151 2512 MSTEE - ok
22:46:54.0466 2512 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\Windows\system32\DRIVERS\ASACPI.sys
22:46:54.0504 2512 MTsensor - ok
22:46:54.0747 2512 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
22:46:54.0748 2512 Mup - ok
22:46:54.0823 2512 napagent (c43b25863fbd65b6d2a142af3ae320ca) C:\Windows\system32\qagentRT.dll
22:46:54.0827 2512 napagent - ok
22:46:55.0013 2512 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
22:46:55.0097 2512 NativeWifiP - ok
22:46:55.0397 2512 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
22:46:55.0467 2512 NDIS - ok
22:46:55.0746 2512 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
22:46:55.0785 2512 NdisTapi - ok
22:46:56.0118 2512 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
22:46:56.0137 2512 Ndisuio - ok
22:46:56.0398 2512 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
22:46:56.0445 2512 NdisWan - ok
22:46:56.0607 2512 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
22:46:56.0650 2512 NDProxy - ok
22:46:57.0842 2512 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
22:46:57.0997 2512 NetBIOS - ok
22:46:59.0237 2512 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
22:46:59.0274 2512 netbt - ok
22:46:59.0626 2512 Netlogon (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
22:46:59.0685 2512 Netlogon - ok
22:47:00.0362 2512 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
22:47:00.0366 2512 Netman - ok
22:47:00.0603 2512 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
22:47:00.0605 2512 netprofm - ok
22:47:01.0055 2512 NetTcpPortSharing (0ad5876ef4e9eb77c8f93eb5b2fff386) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:47:01.0262 2512 NetTcpPortSharing - ok
22:47:01.0531 2512 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
22:47:01.0548 2512 nfrd960 - ok
22:47:01.0856 2512 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
22:47:01.0948 2512 NlaSvc - ok
22:47:02.0469 2512 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
22:47:02.0478 2512 Npfs - ok
22:47:02.0594 2512 npggsvc - ok
22:47:02.0738 2512 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
22:47:02.0752 2512 nsi - ok
22:47:02.0934 2512 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
22:47:02.0967 2512 nsiproxy - ok
22:47:03.0376 2512 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
22:47:03.0436 2512 Ntfs - ok
22:47:03.0845 2512 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
22:47:04.0209 2512 ntrigdigi - ok
22:47:04.0883 2512 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
22:47:04.0933 2512 Null - ok
22:47:05.0419 2512 nvatabus - ok
22:47:05.0581 2512 NVENETFD (1657f3fbd9061526c14ff37e79306f98) C:\Windows\system32\DRIVERS\nvm60x32.sys
22:47:05.0603 2512 NVENETFD - ok
22:47:06.0457 2512 nvlddmkm (69d60d2ecd43d0f9f3accc16926e9128) C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:47:08.0422 2512 nvlddmkm - ok
22:47:08.0932 2512 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
22:47:08.0981 2512 nvraid - ok
22:47:09.0196 2512 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
22:47:09.0211 2512 nvstor - ok
22:47:09.0535 2512 nvsvc (f397a6fa4b83d243ad25a1dc401237a0) C:\Windows\system32\nvvsvc.exe
22:47:09.0627 2512 nvsvc - ok
22:47:10.0219 2512 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
22:47:10.0289 2512 nv_agp - ok
22:47:10.0434 2512 NwlnkFlt - ok
22:47:11.0207 2512 NwlnkFwd - ok
22:47:11.0433 2512 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
22:47:11.0476 2512 ohci1394 - ok
22:47:11.0531 2512 opcenum - ok
22:47:12.0078 2512 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:47:12.0189 2512 ose - ok
22:47:12.0682 2512 p2pimsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
22:47:12.0937 2512 p2pimsvc - ok
22:47:12.0966 2512 p2psvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
22:47:12.0972 2512 p2psvc - ok
22:47:14.0014 2512 PAC207 (4a410c7aea51123519c20d43a20bce96) C:\Windows\system32\DRIVERS\PFC027.SYS
22:47:14.0301 2512 PAC207 - ok
22:47:14.0659 2512 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
22:47:14.0703 2512 Parport - ok
22:47:15.0068 2512 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
22:47:15.0071 2512 partmgr - ok
22:47:15.0196 2512 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
22:47:15.0197 2512 Parvdm - ok
22:47:15.0412 2512 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
22:47:15.0447 2512 PcaSvc - ok
22:47:16.0392 2512 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
22:47:16.0612 2512 pci - ok
22:47:17.0257 2512 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
22:47:17.0259 2512 pciide - ok
22:47:17.0451 2512 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
22:47:17.0455 2512 pcmcia - ok
22:47:17.0805 2512 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
22:47:17.0872 2512 PEAUTH - ok
22:47:18.0168 2512 PEVSystemStart - ok
22:47:18.0475 2512 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
22:47:18.0593 2512 pla - ok
22:47:18.0855 2512 PlugPlay (78f975cb6d18265be6f492edb2d7bc7b) C:\Windows\system32\umpnpmgr.dll
22:47:18.0859 2512 PlugPlay - ok
22:47:19.0324 2512 PNRPAutoReg (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
22:47:19.0330 2512 PNRPAutoReg - ok
22:47:19.0411 2512 PNRPsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
22:47:19.0417 2512 PNRPsvc - ok
22:47:19.0871 2512 PolicyAgent (47b8f37aa18b74d8c2e1bc1a7a2c8f8a) C:\Windows\System32\ipsecsvc.dll
22:47:19.0938 2512 PolicyAgent - ok
22:47:20.0152 2512 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
22:47:20.0169 2512 PptpMiniport - ok
22:47:20.0430 2512 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
22:47:20.0531 2512 Processor - ok
22:47:21.0030 2512 ProfSvc (b627e4fc8585e8843c5905d4d3587a90) C:\Windows\system32\profsvc.dll
22:47:21.0032 2512 ProfSvc - ok
22:47:21.0383 2512 ProtectedStorage (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
22:47:21.0384 2512 ProtectedStorage - ok
22:47:22.0339 2512 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
22:47:22.0361 2512 PSched - ok
22:47:22.0609 2512 pshost - ok
22:47:22.0978 2512 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
22:47:23.0101 2512 ql2300 - ok
22:47:23.0459 2512 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
22:47:23.0480 2512 ql40xx - ok
22:47:23.0853 2512 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
22:47:24.0002 2512 QWAVE - ok
22:47:24.0928 2512 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
22:47:24.0965 2512 QWAVEdrv - ok
22:47:25.0168 2512 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
22:47:25.0170 2512 RasAcd - ok
22:47:25.0306 2512 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
22:47:25.0342 2512 RasAuto - ok
22:47:25.0441 2512 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:47:25.0444 2512 Rasl2tp - ok
22:47:25.0506 2512 RasMan (6e7c284fc5c4ec07ad164d93810385a6) C:\Windows\System32\rasmans.dll
22:47:25.0523 2512 RasMan - ok
22:47:25.0800 2512 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
22:47:25.0829 2512 RasPppoe - ok
22:47:26.0127 2512 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
22:47:26.0173 2512 RasSstp - ok
22:47:26.0564 2512 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
22:47:26.0616 2512 rdbss - ok
22:47:26.0926 2512 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:47:26.0930 2512 RDPCDD - ok
22:47:27.0223 2512 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
22:47:27.0256 2512 rdpdr - ok
22:47:28.0017 2512 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
22:47:28.0064 2512 RDPENCDD - ok
22:47:28.0293 2512 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
22:47:28.0355 2512 RDPWD - ok
22:47:28.0675 2512 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
22:47:28.0751 2512 RemoteAccess - ok
22:47:28.0959 2512 RemoteRegistry (cc4e32400f3c7253400cf8f3f3a0b676) C:\Windows\system32\regsvc.dll
22:47:28.0998 2512 RemoteRegistry - ok
22:47:29.0442 2512 RESMGR - ok
22:47:29.0581 2512 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
22:47:29.0599 2512 RpcLocator - ok
22:47:29.0837 2512 RpcSs (301ae00e12408650baddc04dbc832830) C:\Windows\system32\rpcss.dll
22:47:29.0842 2512 RpcSs - ok
22:47:30.0226 2512 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
22:47:30.0244 2512 rspndr - ok
22:47:30.0411 2512 rt2500 - ok
22:47:30.0600 2512 s217nd5 - ok
22:47:30.0831 2512 SamSs (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
22:47:30.0832 2512 SamSs - ok
22:47:31.0045 2512 sbhooksvc - ok
22:47:31.0467 2512 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
22:47:31.0506 2512 sbp2port - ok
22:47:31.0658 2512 SCardSvr (11387e32642269c7e62e8b52c060b3c6) C:\Windows\System32\SCardSvr.dll
22:47:31.0679 2512 SCardSvr - ok
22:47:31.0974 2512 Schedule (7b587b8a6d4a99f79d2902d0385f29bd) C:\Windows\system32\schedsvc.dll
22:47:31.0979 2512 Schedule - ok
22:47:32.0359 2512 SCPolicySvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
22:47:32.0360 2512 SCPolicySvc - ok
22:47:32.0619 2512 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
22:47:32.0670 2512 SDRSVC - ok
22:47:32.0741 2512 se45mdm - ok
22:47:33.0400 2512 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
22:47:33.0434 2512 secdrv - ok
22:47:33.0928 2512 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
22:47:33.0931 2512 seclogon - ok
22:47:34.0162 2512 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
22:47:34.0164 2512 SENS - ok
22:47:34.0602 2512 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
22:47:34.0610 2512 Serenum - ok
22:47:34.0789 2512 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
22:47:34.0791 2512 Serial - ok
22:47:34.0931 2512 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
22:47:34.0956 2512 sermouse - ok
22:47:35.0279 2512 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
22:47:35.0281 2512 SessionEnv - ok
22:47:35.0524 2512 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
22:47:35.0546 2512 sffdisk - ok
22:47:35.0921 2512 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
22:47:35.0945 2512 sffp_mmc - ok
22:47:36.0222 2512 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
22:47:36.0241 2512 sffp_sd - ok
22:47:36.0381 2512 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
22:47:36.0382 2512 sfloppy - ok
22:47:36.0552 2512 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
22:47:36.0612 2512 SharedAccess - ok
22:47:37.0024 2512 ShellHWDetection (1e3fdb80e40a3ce645f229dfbdfb7694) C:\Windows\System32\shsvcs.dll
22:47:37.0115 2512 ShellHWDetection - ok
22:47:37.0522 2512 Si3132 - ok
22:47:37.0717 2512 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
22:47:37.0719 2512 sisagp - ok
22:47:38.0064 2512 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
22:47:38.0145 2512 SiSRaid2 - ok
22:47:38.0416 2512 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
22:47:38.0442 2512 SiSRaid4 - ok
22:47:39.0641 2512 slsvc (0ba91e1358ad25236863039bb2609a2e) C:\Windows\system32\SLsvc.exe
22:47:40.0571 2512 slsvc - ok
22:47:41.0014 2512 SLUINotify (7c6dc44ca0bfa6291629ab764200d1d4) C:\Windows\system32\SLUINotify.dll
22:47:41.0028 2512 SLUINotify - ok
22:47:41.0224 2512 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
22:47:41.0243 2512 Smb - ok
22:47:41.0658 2512 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
22:47:41.0660 2512 SNMPTRAP - ok
22:47:42.0098 2512 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
22:47:42.0143 2512 spldr - ok
22:47:42.0439 2512 Spooler (3665f79026a3f91fbca63f2c65a09b19) C:\Windows\System32\spoolsv.exe
22:47:42.0480 2512 Spooler - ok
22:47:42.0790 2512 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
22:47:42.0895 2512 srv - ok
22:47:43.0356 2512 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
22:47:43.0403 2512 srv2 - ok
22:47:43.0877 2512 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
22:47:43.0881 2512 srvnet - ok
22:47:44.0453 2512 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
22:47:44.0456 2512 SSDPSRV - ok
22:47:44.0818 2512 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
22:47:44.0820 2512 SstpSvc - ok
22:47:45.0056 2512 ss_mdm - ok
22:47:45.0190 2512 Steam Client Service - ok
22:47:45.0340 2512 stisvc (7dd08a597bc56051f320da0baf69e389) C:\Windows\System32\wiaservc.dll
22:47:45.0345 2512 stisvc - ok
22:47:45.0591 2512 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
22:47:45.0607 2512 swenum - ok
22:47:45.0678 2512 swmidi - ok
22:47:45.0853 2512 swprv (b36c7cdb86f7f7a8e884479219766950) C:\Windows\System32\swprv.dll
22:47:45.0877 2512 swprv - ok
22:47:46.0222 2512 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
22:47:46.0228 2512 Symc8xx - ok
22:47:46.0488 2512 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
22:47:46.0501 2512 Sym_hi - ok
22:47:46.0840 2512 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
22:47:46.0912 2512 Sym_u3 - ok
22:47:47.0486 2512 SysMain (8710a92d0024b03b5fb9540df1f71f1d) C:\Windows\system32\sysmain.dll
22:47:47.0674 2512 SysMain - ok
22:47:47.0997 2512 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
22:47:48.0025 2512 TabletInputService - ok
22:47:48.0196 2512 TapiSrv (680916bb09ee0f3a6aca7c274b0d633f) C:\Windows\System32\tapisrv.dll
22:47:48.0199 2512 TapiSrv - ok
22:47:48.0426 2512 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
22:47:48.0444 2512 TBS - ok
22:47:48.0957 2512 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
22:47:49.0079 2512 Tcpip - ok
22:47:49.0456 2512 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
22:47:49.0461 2512 Tcpip6 - ok
22:47:49.0560 2512 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
22:47:49.0574 2512 tcpipreg - ok
22:47:49.0663 2512 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
22:47:49.0677 2512 TDPIPE - ok
22:47:50.0050 2512 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
22:47:50.0100 2512 TDTCP - ok
22:47:50.0593 2512 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
22:47:50.0627 2512 tdx - ok
22:47:51.0368 2512 TeamViewer5 (98af4de61e75d465aa9edd268a074c58) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
22:47:52.0275 2512 TeamViewer5 - ok
22:47:52.0592 2512 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
22:47:52.0612 2512 TermDD - ok
22:47:52.0832 2512 TermService (d605031e225aaccbceb5b76a4f1603a6) C:\Windows\System32\termsrv.dll
22:47:52.0837 2512 TermService - ok
22:47:53.0190 2512 Themes (1e3fdb80e40a3ce645f229dfbdfb7694) C:\Windows\system32\shsvcs.dll
22:47:53.0373 2512 Themes - ok
22:47:53.0667 2512 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
22:47:53.0668 2512 THREADORDER - ok
22:47:53.0734 2512 TNaviSrv - ok
22:47:53.0770 2512 TPPWRIF - ok
22:47:53.0992 2512 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
22:47:54.0019 2512 TrkWks - ok
22:47:54.0082 2512 TrustedInstaller (16613a1bad034d4ecf957af18b7c2ff5) C:\Windows\servicing\TrustedInstaller.exe
22:47:54.0082 2512 TrustedInstaller - ok
22:47:54.0403 2512 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:47:54.0439 2512 tssecsrv - ok
22:47:54.0673 2512 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
22:47:54.0680 2512 tunmp - ok
22:47:54.0940 2512 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
22:47:54.0953 2512 tunnel - ok
22:47:55.0122 2512 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
22:47:55.0142 2512 uagp35 - ok
22:47:55.0208 2512 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
22:47:55.0238 2512 udfs - ok
22:47:55.0356 2512 uhcd - ok
22:47:55.0936 2512 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
22:47:55.0984 2512 UI0Detect - ok
22:47:56.0497 2512 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
22:47:56.0604 2512 uliagpkx - ok
22:47:56.0828 2512 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
22:47:56.0883 2512 uliahci - ok
22:47:57.0097 2512 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
22:47:57.0117 2512 UlSata - ok
22:47:57.0256 2512 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
22:47:57.0296 2512 ulsata2 - ok
22:47:57.0524 2512 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
22:47:57.0542 2512 umbus - ok
22:47:57.0675 2512 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
22:47:57.0679 2512 upnphost - ok
22:47:57.0910 2512 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
22:47:57.0924 2512 USBAAPL - ok
22:47:58.0127 2512 usbaudio (292a25bb75a568ae2c67169ba2c6365a) C:\Windows\system32\drivers\usbaudio.sys
22:47:58.0146 2512 usbaudio - ok
22:47:58.0223 2512 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
22:47:58.0225 2512 usbccgp - ok
22:47:58.0320 2512 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
22:47:58.0344 2512 usbcir - ok
22:47:58.0587 2512 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
22:47:58.0606 2512 usbehci - ok
22:47:58.0705 2512 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
22:47:58.0744 2512 usbhub - ok
22:47:59.0014 2512 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
22:47:59.0046 2512 usbohci - ok
22:47:59.0354 2512 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
22:47:59.0396 2512 usbprint - ok
22:47:59.0479 2512 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:47:59.0501 2512 USBSTOR - ok
22:47:59.0529 2512 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
22:47:59.0546 2512 usbuhci - ok
22:47:59.0828 2512 usnjsvc (9d19b042a4fd5c02195071ea2fe0c821) C:\Program Files\Windows Live\Messenger\usnsvc.exe
22:47:59.0849 2512 usnjsvc - ok
22:48:00.0155 2512 UxSms (032a0acc3909ae7215d524e29d536797) C:\Windows\System32\uxsms.dll
22:48:00.0177 2512 UxSms - ok
22:48:00.0445 2512 vds (b13bc395b9d6116628f5af47e0802ac4) C:\Windows\System32\vds.exe
22:48:00.0518 2512 vds - ok
22:48:00.0703 2512 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
22:48:00.0723 2512 vga - ok
22:48:00.0774 2512 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
22:48:00.0789 2512 VgaSave - ok
22:48:00.0914 2512 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
22:48:00.0963 2512 viaagp - ok
22:48:01.0364 2512 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
22:48:01.0403 2512 ViaC7 - ok
22:48:01.0913 2512 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
22:48:01.0932 2512 viaide - ok
22:48:01.0955 2512 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
22:48:01.0957 2512 volmgr - ok
22:48:02.0037 2512 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
22:48:02.0073 2512 volmgrx - ok
22:48:02.0383 2512 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
22:48:02.0462 2512 volsnap - ok
22:48:02.0800 2512 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
22:48:02.0858 2512 vsmraid - ok
22:48:03.0241 2512 VSS (d5fb73d19c46ade183f968e13f186b23) C:\Windows\system32\vssvc.exe
22:48:03.0310 2512 VSS - ok
22:48:03.0622 2512 W32Time (1cf9206966a8458cda9a8b20df8ab7d3) C:\Windows\system32\w32time.dll
22:48:03.0626 2512 W32Time - ok
22:48:03.0715 2512 wacommousefilter - ok
22:48:03.0870 2512 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
22:48:03.0908 2512 WacomPen - ok
22:48:04.0115 2512 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:48:04.0129 2512 Wanarp - ok
22:48:04.0141 2512 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
22:48:04.0142 2512 Wanarpv6 - ok
22:48:04.0196 2512 wcncsvc (f3a5c2e1a6533192b070d06ecf6be796) C:\Windows\System32\wcncsvc.dll
22:48:04.0209 2512 wcncsvc - ok
22:48:04.0359 2512 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
22:48:04.0377 2512 WcsPlugInService - ok
22:48:04.0530 2512 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
22:48:04.0572 2512 Wd - ok
22:48:04.0761 2512 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
22:48:04.0816 2512 Wdf01000 - ok
22:48:05.0175 2512 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
22:48:05.0212 2512 WdiServiceHost - ok
22:48:05.0269 2512 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
22:48:05.0271 2512 WdiSystemHost - ok
22:48:05.0409 2512 WebClient (cf9a5f41789b642db967021de06a2713) C:\Windows\System32\webclnt.dll
22:48:05.0452 2512 WebClient - ok
22:48:05.0720 2512 Wecsvc (905214925a88311fce52f66153de7610) C:\Windows\system32\wecsvc.dll
22:48:05.0759 2512 Wecsvc - ok
22:48:05.0846 2512 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
22:48:05.0865 2512 wercplsupport - ok
22:48:05.0983 2512 WerSvc (fd1965aaa112c6818a30ab02742d0461) C:\Windows\System32\WerSvc.dll
22:48:06.0067 2512 WerSvc - ok
22:48:06.0073 2512 WinHttpAutoProxySvc - ok
22:48:06.0295 2512 Winmgmt (00b79a7c984678f24cf052e5beb3a2f5) C:\Windows\system32\wbem\WMIsvc.dll
22:48:06.0330 2512 Winmgmt - ok
22:48:06.0573 2512 WinRM (20fc93fdc916843cfdfcaa7a1b0db16f) C:\Windows\system32\WsmSvc.dll
22:48:06.0688 2512 WinRM - ok
22:48:07.0294 2512 Wlansvc (275f4346e569df56cfb95243bd6f6ff0) C:\Windows\System32\wlansvc.dll
22:48:07.0403 2512 Wlansvc - ok
22:48:07.0668 2512 WLSetupSvc (94a85e956a065e23e0010a6a7826243b) C:\Program Files\Windows Live\installer\WLSetupSvc.exe
22:48:07.0723 2512 WLSetupSvc - ok
22:48:07.0986 2512 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
22:48:08.0007 2512 WmiAcpi - ok
22:48:08.0177 2512 wmiApSrv (aba4cf9f856d9a3a25f4ddd7690a6e9d) C:\Windows\system32\wbem\WmiApSrv.exe
22:48:08.0217 2512 wmiApSrv - ok
22:48:08.0600 2512 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
22:48:08.0651 2512 WMPNetworkSvc - ok
22:48:08.0948 2512 WPCSvc (5d94cd167751294962ba238d82dd1bb8) C:\Windows\System32\wpcsvc.dll
22:48:08.0977 2512 WPCSvc - ok
22:48:09.0081 2512 WPDBusEnum (396d406292b0cd26e3504ffe82784702) C:\Windows\system32\wpdbusenum.dll
22:48:09.0083 2512 WPDBusEnum - ok
22:48:09.0437 2512 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
22:48:09.0438 2512 WpdUsb - ok
22:48:09.0963 2512 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:48:10.0018 2512 WPFFontCache_v0400 - ok
22:48:10.0183 2512 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
22:48:10.0185 2512 ws2ifsl - ok
22:48:10.0239 2512 WSearch - ok
22:48:10.0718 2512 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
22:48:10.0843 2512 wuauserv - ok
22:48:11.0869 2512 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:48:11.0997 2512 WUDFRd - ok
22:48:12.0320 2512 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
22:48:12.0345 2512 wudfsvc - ok
22:48:12.0470 2512 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
22:48:12.0677 2512 YahooAUService - ok
22:48:12.0695 2512 MBR (0x1B8) (a9ad02328504671b3b822070164109dd) \Device\Harddisk0\DR0
22:48:12.0710 2512 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
22:48:12.0710 2512 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
22:48:12.0733 2512 Boot (0x1200) (c1c84e1266d6d0986789838a8030d2a4) \Device\Harddisk0\DR0\Partition0
22:48:12.0783 2512 \Device\Harddisk0\DR0\Partition0 - ok
22:48:12.0784 2512 ============================================================
22:48:12.0784 2512 Scan finished
22:48:12.0784 2512 ============================================================
22:48:12.0801 2184 Detected object count: 2
22:48:12.0801 2184 Actual detected object count: 2
22:49:17.0597 2184 C:\Windows\system32\drivers\afd.sys - copied to quarantine
22:49:17.0665 2184 C:\Windows\$NtUninstallKB60753$\949736906\@ - copied to quarantine
22:49:17.0704 2184 C:\Windows\$NtUninstallKB60753$\949736906\bckfg.tmp - copied to quarantine
22:49:17.0705 2184 C:\Windows\$NtUninstallKB60753$\949736906\cfg.ini - copied to quarantine
22:49:17.0755 2184 C:\Windows\$NtUninstallKB60753$\949736906\Desktop.ini - copied to quarantine
22:49:17.0785 2184 C:\Windows\$NtUninstallKB60753$\949736906\keywords - copied to quarantine
22:49:18.0241 2184 C:\Windows\$NtUninstallKB60753$\949736906\kwrd.dll - copied to quarantine
22:49:18.0449 2184 C:\Windows\$NtUninstallKB60753$\949736906\L\ogejidap - copied to quarantine
22:49:18.0548 2184 C:\Windows\$NtUninstallKB60753$\949736906\lsflt7.ver - copied to quarantine
22:49:18.0549 2184 C:\Windows\$NtUninstallKB60753$\949736906\oemid - copied to quarantine
22:49:18.0577 2184 C:\Windows\$NtUninstallKB60753$\949736906\U\00000001.@ - copied to quarantine
22:49:18.0667 2184 C:\Windows\$NtUninstallKB60753$\949736906\U\00000002.@ - copied to quarantine
22:49:18.0726 2184 C:\Windows\$NtUninstallKB60753$\949736906\U\00000004.@ - copied to quarantine
22:49:18.0824 2184 C:\Windows\$NtUninstallKB60753$\949736906\U\80000000.@ - copied to quarantine
22:49:18.0851 2184 C:\Windows\$NtUninstallKB60753$\949736906\U\80000004.@ - copied to quarantine
22:49:18.0921 2184 C:\Windows\$NtUninstallKB60753$\949736906\U\80000032.@ - copied to quarantine
22:49:18.0978 2184 C:\Windows\$NtUninstallKB60753$\949736906\version - copied to quarantine
22:49:19.0339 2184 VerifyFileNameVersionInfo: GetFileVersionInfoSizeW(C:\Windows\system32\drivers\afd.sys) error 1813
22:49:47.0723 2184 Backup copy not found, trying to cure infected file..
22:49:47.0726 2184 Cure success, using it..
22:49:47.0912 2184 C:\Windows\system32\drivers\afd.sys - will be cured on reboot
22:50:30.0202 2184 C:\Windows\$NtUninstallKB60753$\4275255446 - will be deleted on reboot
22:50:30.0202 2184 C:\Windows\$NtUninstallKB60753$\949736906\@ - will be deleted on reboot
22:50:30.0203 2184 C:\Windows\$NtUninstallKB60753$\949736906\bckfg.tmp - will be deleted on reboot
22:50:30.0203 2184 C:\Windows\$NtUninstallKB60753$\949736906\cfg.ini - will be deleted on reboot
22:50:30.0203 2184 C:\Windows\$NtUninstallKB60753$\949736906\Desktop.ini - will be deleted on reboot
22:50:30.0234 2184 C:\Windows\$NtUninstallKB60753$\949736906\keywords - will be deleted on reboot
22:50:30.0234 2184 C:\Windows\$NtUninstallKB60753$\949736906\kwrd.dll - will be deleted on reboot
22:50:30.0235 2184 C:\Windows\$NtUninstallKB60753$\949736906\lsflt7.ver - will be deleted on reboot
22:50:30.0235 2184 C:\Windows\$NtUninstallKB60753$\949736906\oemid - will be deleted on reboot
22:50:30.0235 2184 C:\Windows\$NtUninstallKB60753$\949736906\U\00000001.@ - will be deleted on reboot
22:50:30.0235 2184 C:\Windows\$NtUninstallKB60753$\949736906\U\00000002.@ - will be deleted on reboot
22:50:30.0236 2184 C:\Windows\$NtUninstallKB60753$\949736906\U\00000004.@ - will be deleted on reboot
22:50:30.0236 2184 C:\Windows\$NtUninstallKB60753$\949736906\U\80000000.@ - will be deleted on reboot
22:50:30.0236 2184 C:\Windows\$NtUninstallKB60753$\949736906\U\80000004.@ - will be deleted on reboot
22:50:30.0236 2184 C:\Windows\$NtUninstallKB60753$\949736906\U\80000032.@ - will be deleted on reboot
22:50:30.0236 2184 C:\Windows\$NtUninstallKB60753$\949736906\version - will be deleted on reboot
22:50:30.0238 2184 AFD ( Virus.Win32.ZAccess.k ) - User select action: Cure
22:50:30.0429 2184 \Device\Harddisk0\DR0\# - copied to quarantine
22:50:30.0429 2184 \Device\Harddisk0\DR0 - copied to quarantine
22:50:32.0077 2184 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
22:50:32.0543 2184 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
22:50:32.0640 2184 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
22:50:33.0001 2184 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
22:50:33.0304 2184 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
22:50:33.0334 2184 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
22:50:33.0798 2184 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
22:50:34.0393 2184 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
22:50:34.0499 2184 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
22:50:34.0641 2184 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
22:50:34.0913 2184 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
22:50:34.0933 2184 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
22:50:35.0147 2184 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
22:50:35.0180 2184 \Device\Harddisk0\DR0 - ok
22:50:35.0636 2184 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
22:51:19.0312 3960 Deinitialize success







ESET Scan Log


C:\Program Files\Search Toolbar\SearchToolbar.dll Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\MBR_HardDisk0.mbr Win32/Olmarik.AJL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.04.2012_22.45.50\mbr0000\tdlfs0000\tsk0001.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.04.2012_22.45.50\mbr0000\tdlfs0000\tsk0002.dta Win64/Olmarik.AD trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.04.2012_22.45.50\mbr0000\tdlfs0000\tsk0003.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.04.2012_22.45.50\mbr0000\tdlfs0000\tsk0004.dta Win64/Olmarik.AG trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.04.2012_22.45.50\mbr0000\tdlfs0000\tsk0006.dta a variant of Win32/Rootkit.Kryptik.LH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.04.2012_22.45.50\mbr0000\tdlfs0000\tsk0007.dta Win64/Olmarik.AF trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.04.2012_22.45.50\mbr0000\tdlfs0000\tsk0010.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.04.2012_22.45.50\mbr0000\tdlfs0000\tsk0011.dta Win64/Olmarik.X trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.04.2012_22.45.50\rtkt0000\svc0000\tsk0000.dta Win32/Sirefef.DA trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.04.2012_22.45.50\rtkt0000\zafs0000\tsk0003.dta Win32/Sirefef.DN trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.04.2012_22.45.50\rtkt0000\zafs0000\tsk0012.dta Win32/Sirefef.ES trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.04.2012_22.45.50\rtkt0000\zafs0000\tsk0013.dta Win32/Sirefef.ET trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\09.04.2012_22.45.50\rtkt0000\zafs0000\tsk0014.dta probably a variant of Win32/Olmarik.AVQ trojan cleaned by deleting - quarantined
C:\Users\Administrator\AppData\Local\Temp\amxencwsor.exe MSIL/Adware.SanctionedMedia.A application cleaned by deleting - quarantined
C:\Users\Administrator\AppData\Local\Temp\Inc.class a variant of Java/Exploit.CVE-2011-3544.AW trojan cleaned by deleting - quarantined
C:\Users\Administrator\AppData\Local\Temp\Main.class a variant of Java/Exploit.CVE-2011-3544.BF trojan cleaned by deleting - quarantined
C:\Users\Administrator\AppData\Local\Temp\is1318394555\zgInstaller.exe Win32/Toolbar.Zugo application deleted - quarantined
C:\Users\Administrator\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\5fe93a0e-5edde6fe a variant of Java/Exploit.Blacole.AN trojan deleted - quarantined
C:\Users\Administrator\AppData\Roaming\F1D9816571370B04E5F45AD10CB93733\enemies-names.txt Win32/Adware.AntimalwareDoctor.AE.Gen application cleaned by deleting - quarantined
C:\Users\Administrator\AppData\Roaming\FrostWire\.AppSpecialShare\frostwire-4.21.5.windows.exe Win32/OpenCandy application deleted - quarantined
C:\Users\Administrator\Downloads\flstudio_9.0.3.exe Win32/OpenCandy application deleted - quarantined
C:\Users\Administrator\Downloads\frostwire-4.21.1.windows(2).exe Win32/OpenCandy application deleted - quarantined
C:\Users\Administrator\Downloads\frostwire-4.21.1.windows.exe Win32/OpenCandy application deleted - quarantined
C:\Users\Administrator\Downloads\Setup.exe a variant of Win32/InstallCore.K application cleaned by deleting - quarantined
C:\Users\Administrator\Downloads\SoftonicDownloader_for_microsoft-office-2007-service-pack-2.exe a variant of Win32/SoftonicDownloader.A application cleaned by deleting - quarantined
C:\Users\Administrator\Downloads\SoftonicDownloader_for_microsoft-office-compatibility-pack.exe a variant of Win32/SoftonicDownloader.A application cleaned by deleting - quarantined
C:\Users\Administrator\Downloads\Xvid-Setup-dm-9.exe Win32/Toolbar.Zugo application deleted - quarantined
C:\Windows\System32\Process.exe Win32/PrcView application cleaned by deleting - quarantined
C:\Windows\System32\samfilt.dll Win32/Sirefef.ER trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5E3XYH4W\afr[2].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Windows\System32\drivers\etc\hosts Win32/Qhost trojan cleaned by deleting - quarantined
C:\Windows\Temp\7A4E.tmp Win32/Olmarik.AYD trojan cleaned by deleting - quarantined
C:\Windows\Temp\ecssxxpfoeubn.exe a variant of Win32/Kryptik.ADWV trojan cleaned by deleting - quarantined
C:\Windows\Temp\jar_cache113328417834140859.tmp J2ME/TrojanDownloader.Agent.AA trojan cleaned by deleting - quarantined
C:\Windows\Temp\jar_cache1231442065104049974.tmp a variant of Java/Exploit.CVE-2012-0507.B trojan deleted - quarantined
C:\Windows\Temp\jar_cache1441775996865419820.tmp a variant of Java/Exploit.CVE-2012-0507.B trojan deleted - quarantined
C:\Windows\Temp\jar_cache1685570570147137398.tmp a variant of J2ME/Agent.AA trojan deleted - quarantined
C:\Windows\Temp\jar_cache2367707566067953662.tmp J2ME/TrojanDownloader.Agent.AA trojan cleaned by deleting - quarantined
C:\Windows\Temp\jar_cache3111557178576045786.tmp a variant of J2ME/Agent.AA trojan deleted - quarantined
C:\Windows\Temp\jar_cache3219431884082626861.tmp a variant of J2ME/Agent.AA trojan deleted - quarantined
C:\Windows\Temp\jar_cache3263244551930593055.tmp J2ME/TrojanDownloader.Agent.AA trojan cleaned by deleting - quarantined
C:\Windows\Temp\jar_cache3473598309156642616.tmp a variant of J2ME/Agent.AA trojan deleted - quarantined
C:\Windows\Temp\jar_cache3531940134651600200.tmp a variant of J2ME/Agent.AA trojan deleted - quarantined
C:\Windows\Temp\jar_cache365128524720640018.tmp a variant of J2ME/Agent.AA trojan deleted - quarantined
C:\Windows\Temp\jar_cache3750192026849387365.tmp a variant of J2ME/Agent.AA trojan deleted - quarantined
C:\Windows\Temp\jar_cache3778065426835267634.tmp a variant of Java/TrojanDownloader.OpenStream.NCM trojan deleted - quarantined
C:\Windows\Temp\jar_cache3785685514582957312.tmp Java/TrojanDownloader.Agent.NDR trojan deleted - quarantined
C:\Windows\Temp\jar_cache3827402149102531134.tmp a variant of J2ME/Agent.AA trojan deleted - quarantined
C:\Windows\Temp\jar_cache4123260811807944671.tmp a variant of Java/Exploit.CVE-2012-0507.B trojan deleted - quarantined
C:\Windows\Temp\jar_cache4553786439388271481.tmp a variant of Java/Exploit.CVE-2012-0507.B trojan deleted - quarantined
C:\Windows\Temp\jar_cache4643892054633548360.tmp a variant of Java/Exploit.CVE-2012-0507.B trojan deleted - quarantined
C:\Windows\Temp\jar_cache4696885990055822425.tmp a variant of Java/Exploit.CVE-2012-0507.B trojan deleted - quarantined
C:\Windows\Temp\jar_cache4933345236192226159.tmp a variant of J2ME/Agent.AA trojan deleted - quarantined
C:\Windows\Temp\jar_cache5282948424867255921.tmp a variant of J2ME/Agent.AA trojan deleted - quarantined
C:\Windows\Temp\jar_cache559083127646585355.tmp Java/Exploit.CVE-2012-0507.D trojan cleaned by deleting - quarantined
C:\Windows\Temp\jar_cache5882523212972451289.tmp a variant of Java/TrojanDownloader.OpenStream.NBV trojan deleted - quarantined
C:\Windows\Temp\jar_cache623743638105100444.tmp J2ME/TrojanDownloader.Agent.AA trojan cleaned by deleting - quarantined
C:\Windows\Temp\jar_cache6292151396845342416.tmp probably a variant of Java/Exploit.Agent.FH trojan deleted - quarantined
C:\Windows\Temp\jar_cache6355671683586941817.tmp J2ME/TrojanDownloader.Agent.AA trojan cleaned by deleting - quarantined
C:\Windows\Temp\jar_cache6725323706920558492.tmp a variant of J2ME/Agent.AA trojan deleted - quarantined
C:\Windows\Temp\jar_cache6967089447304727800.tmp a variant of J2ME/Agent.AA trojan deleted - quarantined
C:\Windows\Temp\jar_cache7046172926286065594.tmp a variant of Java/TrojanDownloader.OpenStream.NBV trojan deleted - quarantined
C:\Windows\Temp\jar_cache7476761803903822257.tmp J2ME/TrojanDownloader.Agent.AA trojan cleaned by deleting - quarantined
C:\Windows\Temp\jar_cache7833111979250671825.tmp a variant of J2ME/Agent.AA trojan deleted - quarantined
C:\Windows\Temp\jar_cache8418893883733475652.tmp J2ME/TrojanDownloader.Agent.AA trojan cleaned by deleting - quarantined
C:\Windows\Temp\jar_cache8636876912677154051.tmp J2ME/TrojanDownloader.Agent.AA trojan cleaned by deleting - quarantined
C:\Windows\Temp\jar_cache9138343740947626060.tmp a variant of J2ME/Agent.AA trojan deleted - quarantined
C:\Windows\Temp\temp54.exe a variant of Win32/Kryptik.ADWW trojan cleaned by deleting - quarantined
C:\Windows\Temp\vswurnumovfwiqo.exe a variant of Win32/Kryptik.ADWD trojan cleaned by deleting - quarantined
C:\Windows\Temp\ceqc\setup.exe a variant of Win32/TrojanDownloader.Whizelown.F trojan cleaned by deleting - quarantined
C:\Windows\Temp\deel\setup.exe a variant of Win32/TrojanDownloader.Whizelown.F trojan cleaned by deleting - quarantined
C:\Windows\Temp\hplj\setup.exe a variant of Win32/TrojanDownloader.Whizelown.F trojan cleaned by deleting - quarantined
C:\Windows\Temp\vylo\setup.exe a variant of Win32/TrojanDownloader.Whizelown.F trojan cleaned by deleting - quarantined
C:\Windows\Temp\xogb\setup.exe a variant of Win32/TrojanDownloader.Whizelown.F trojan cleaned by deleting - quarantined

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:41 PM

Posted 11 April 2012 - 10:19 AM

WOW!! not fair hogging all the malware from everyone else LOL

WE need to rerun ESET

Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal/regular mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.




Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 jyeezy

jyeezy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:41 AM

Posted 11 April 2012 - 11:04 PM

MBAM Log

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.12.01

Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 7.0.6001.18000
Administrator :: DEOK-PC [administrator]

Protection: Enabled

4/10/2012 11:38:45 PM
mbam-log-2012-04-10 (23-38-45).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 254736
Time elapsed: 44 minute(s), 28 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)









Minitoolbox thingy log

MiniToolBox by Farbar Version: 18-01-2012
Ran by Administrator (administrator) on 11-04-2012 at 01:02:17
Microsoft® Windows Vista™ Home Basic Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

Hosts file not detected in the default directory
========================= IP Configuration: ================================

NVIDIA nForce Networking Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Deok-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : cable.rcn.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : cable.rcn.com
Description . . . . . . . . . . . : NVIDIA nForce Networking Controller
Physical Address. . . . . . . . . : 00-1F-C6-BE-68-DC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::294d:9887:9569:1a7c%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.107(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, April 10, 2012 11:30:03 PM
Lease Expires . . . . . . . . . . : Wednesday, April 11, 2012 11:30:03 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 208.59.247.45
208.59.247.46
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.cable.rcn.com
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: secondary.atw.pa.dns.rcn.net
Address: 208.59.247.45

Name: google.com
Addresses: 74.125.225.132
74.125.225.130
74.125.225.134
74.125.225.131
74.125.225.129
74.125.225.135
74.125.225.128
74.125.225.142
74.125.225.137
74.125.225.133
74.125.225.136



Pinging google.com [74.125.225.136] with 32 bytes of data:

Reply from 74.125.225.136: bytes=32 time=8ms TTL=57

Reply from 74.125.225.136: bytes=32 time=8ms TTL=57



Ping statistics for 74.125.225.136:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 8ms, Maximum = 8ms, Average = 8ms

Server: secondary.atw.pa.dns.rcn.net
Address: 208.59.247.45

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=37ms TTL=55

Reply from 209.191.122.70: bytes=32 time=32ms TTL=55



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 32ms, Maximum = 37ms, Average = 34ms

Server: secondary.atw.pa.dns.rcn.net
Address: 208.59.247.45

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
10 ...00 1f c6 be 68 dc ...... NVIDIA nForce Networking Controller
1 ........................... Software Loopback Interface 1
11 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
12 ...00 00 00 00 00 00 00 e0 isatap.cable.rcn.com
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.107 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.107 276
192.168.1.107 255.255.255.255 On-link 192.168.1.107 276
192.168.1.255 255.255.255.255 On-link 192.168.1.107 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.107 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.107 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 276 fe80::/64 On-link
10 276 fe80::294d:9887:9569:1a7c/128
On-link
1 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 mswsock.dll [File Not found] ()
Catalog9 17 mswsock.dll [File Not found] ()
Catalog9 18 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/10/2012 11:31:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/09/2012 10:56:10 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/09/2012 10:37:42 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/09/2012 03:00:41 AM) (Source: System Restore) (User: )
Description: Failed to create restore point on volume (Process = C:\Windows\system32\svchost.exe -k netsvcs; Descripton = Windows Update; Hr = 0x800423f4).

Error: (04/09/2012 03:00:41 AM) (Source: SPP) (User: )
Description: Shadow copy creation failed because of error reported by ASR Writer.

More info: The parameter is incorrect. (0x80070057).

Error: (04/09/2012 00:17:11 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/08/2012 11:46:43 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/08/2012 10:38:22 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/08/2012 10:34:15 PM) (Source: Application Error) (User: )
Description: Faulting application ecssxxpfoeubn.exe, version 0.0.0.0, time stamp 0x4f82cc74, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x7ffd7000,
process id 0x162c, application start time 0xecssxxpfoeubn.exe0.

Error: (04/08/2012 10:33:59 PM) (Source: Application Error) (User: )
Description: Faulting application wusctpegqmtylt.exe, version 9.63.24.24, time stamp 0x4f833a74, faulting module APPMGMTS.dll, version 6.0.6001.18538, time stamp 0x4cb733dc, exception code 0xc0000135, fault offset 0x00009cfc,
process id 0x1f4, application start time 0xwusctpegqmtylt.exe0.


System errors:
=============
Error: (04/10/2012 11:31:48 PM) (Source: Service Control Manager) (User: )
Description: cdrom

Error: (04/10/2012 11:31:48 PM) (Source: Service Control Manager) (User: )
Description: SSFS0BB9%%126

Error: (04/10/2012 11:31:48 PM) (Source: Service Control Manager) (User: )
Description: NWSLP%%126

Error: (04/10/2012 11:31:48 PM) (Source: Service Control Manager) (User: )
Description: Lktimesync%%126

Error: (04/10/2012 11:31:48 PM) (Source: Service Control Manager) (User: )
Description: Clr_optimization_v2.0.50215_32%%126

Error: (04/10/2012 11:31:48 PM) (Source: Service Control Manager) (User: )
Description: SE2Emdfl%%126

Error: (04/10/2012 11:31:48 PM) (Source: Service Control Manager) (User: )
Description: Tga%%126

Error: (04/10/2012 11:31:48 PM) (Source: Service Control Manager) (User: )
Description: Tapeware%%126

Error: (04/10/2012 11:31:48 PM) (Source: Service Control Manager) (User: )
Description: Hmonitor%%126

Error: (04/10/2012 11:31:48 PM) (Source: Service Control Manager) (User: )
Description: Djsnetcn%%126


Microsoft Office Sessions:
=========================
Error: (04/10/2012 11:31:46 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/09/2012 10:56:10 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/09/2012 10:37:42 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/09/2012 03:00:41 AM) (Source: System Restore)(User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x800423f4

Error: (04/09/2012 03:00:41 AM) (Source: SPP)(User: )
Description: ASR WriterThe parameter is incorrect. (0x80070057)

Error: (04/09/2012 00:17:11 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/08/2012 11:46:43 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/08/2012 10:38:22 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/08/2012 10:34:15 PM) (Source: Application Error)(User: )
Description: ecssxxpfoeubn.exe0.0.0.04f82cc74unknown0.0.0.000000000c00000057ffd7000162c01cd16019a71d9b3

Error: (04/08/2012 10:33:59 PM) (Source: Application Error)(User: )
Description: wusctpegqmtylt.exe9.63.24.244f833a74APPMGMTS.dll6.0.6001.185384cb733dcc000013500009cfc1f401cd160197f25ac3


========================= Memory info: ===================================

Percentage of memory in use: 46%
Total physical RAM: 2045.76 MB
Available physical RAM: 1095.9 MB
Total Pagefile: 4338.06 MB
Available Pagefile: 3063.2 MB
Total Virtual: 2047.88 MB
Available Virtual: 1952.97 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:298.09 GB) (Free:153.19 GB) NTFS

========================= Users: ========================================

User accounts for \\DEOK-PC

Administrator ASPNET Deok
Guest


**** End of log ****

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:41 PM

Posted 12 April 2012 - 02:47 PM

OK, I believe we still have a ZeroAccess rotkit in here that is not coming out.

We need a deeper look. Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 jyeezy

jyeezy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:41 AM

Posted 14 April 2012 - 11:43 AM

OK, I believe we still have a ZeroAccess rotkit in here that is not coming out.

We need a deeper look. Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run skip it and move on.

Let me know if that went well.


I did the DDS scan, and when it finished it says that it has created 2 logs but when i click ok, nothing pops up. I even did a search on my computer with the names they said it was, and couldnt find it. I even ran it twice, nothing happened. As for the GMER, while its scanning, i always get the blue screen error, i ran it 3 times and it happened all 3 times.

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,329 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:41 PM

Posted 14 April 2012 - 08:06 PM

OK, skip GMER try running OTL and posting that.

If you cannot get DDS to work, please try this instead.

Please download OTL by OldTimer and save it to your Desktop.
  • Close all other applications and windows so that you have nothing open.
  • Double click on the Posted Image icon on your desktop.

    Vista/Windows 7 users right-click and select Run As Administrator.
    If you receive a UAC prompt asking if you would like to continue running the program, you should press the Continue button.
  • Under Output, ensure that Minimal Output is selected.
  • Click the "Scan All Users" checkbox.
    Leave the remaining selections to the default settings.
  • Click the Posted Image button.
  • Do not use the computer while the scan is in progress.
  • When the scan is complete, two log files will open in Notepad:
    • OTListIt.txt <- (will be maximized)
    • Extras.txt <- (will be minimized in the Task Bar).
  • Both logs are automatically saved to the Desktop.
  • Please copy and paste the contents of OTListIt.txt and Extras.txt in your next reply.
    If the Extras.txt log is too long, you may need to add a second reply to your thread or upload it as an attachment.
  • Click the red X in the upper right corner to exit OTL.
Important: Be sure to mention that you tried to follow the Prep Guide but were unable to get DDS to run. If OTL did not work, then reply back here.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 jyeezy

jyeezy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:41 AM

Posted 17 April 2012 - 07:24 PM

OTL
OTL logfile created on: 4/16/2012 07:11:52 PM - Run 1
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Administrator\Downloads
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.64 Gb Available Physical Memory | 32.17% Memory free
4.24 Gb Paging File | 2.58 Gb Available in Paging File | 60.95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 134.02 Gb Free Space | 44.96% Space Free | Partition Type: NTFS

Computer Name: DEOK-PC | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Administrator\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
PRC - C:\Program Files\Ask.com\SaUpdate.exe ()
PRC - C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
PRC - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files\Ask.com\SaUpdate.exe ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Program Files\LimeWire\lib\SystemUtilities.dll ()
MOD - C:\Windows\VMix.dll ()


========== Win32 Services (SafeList) ==========

SRV - (wacommousefilter) -- %systemroot%\system32\pmounter.dll File not found
SRV - (uhcd) -- %systemroot%\system32\w200obex.dll File not found
SRV - (TPPWRIF) -- %systemroot%\system32\sprtsvc_dellsupportcenter.dll File not found
SRV - (TNaviSrv) -- %systemroot%\system32\s125mgmt.dll File not found
SRV - (swmidi) -- %systemroot%\system32\mgactrl.dll File not found
SRV - (ss_mdm) -- %systemroot%\system32\SE2Dbus.dll File not found
SRV - (Si3132) -- %systemroot%\system32\pdlnshay.dll File not found
SRV - (se45mdm) -- %systemroot%\system32\cvsnt.dll File not found
SRV - (sbhooksvc) -- %systemroot%\system32\update.dll File not found
SRV - (s217nd5) -- %systemroot%\system32\elbycdio.dll File not found
SRV - (rt2500) -- %systemroot%\system32\SE2Bbus.dll File not found
SRV - (RESMGR) -- %systemroot%\system32\epsonbidirectionalservice.dll File not found
SRV - (pshost) -- %systemroot%\system32\govsrv.dll File not found
SRV - (PEVSystemStart) -- %systemroot%\system32\swmsflt.dll File not found
SRV - (opcenum) -- %systemroot%\system32\pcscnsrv.dll File not found
SRV - (nvatabus) -- %systemroot%\system32\se2Bnd5.dll File not found
SRV - (MSMQTriggers) -- %systemroot%\system32\acedrv05.dll File not found
SRV - (MRESP50) -- %systemroot%\system32\Accelerometer.dll File not found
SRV - (mlkkbdntdriver) -- %systemroot%\system32\avgems.dll File not found
SRV - (mcshield) -- %systemroot%\system32\dmio.dll File not found
SRV - (mafwboot) -- %systemroot%\system32\acedrv07.dll File not found
SRV - (lvuvc) -- %systemroot%\system32\rwbackupsrv.dll File not found
SRV - (InCDsrvR) -- %systemroot%\system32\mstdfrgs.dll File not found
SRV - (ibmfilter) -- %systemroot%\system32\mdvrmng.dll File not found
SRV - (HBtnKey) -- %systemroot%\system32\netwg311.dll File not found
SRV - (ghaio) -- %systemroot%\system32\http.dll File not found
SRV - (fingrd32) -- %systemroot%\system32\CA561.dll File not found
SRV - (elockservice) -- %systemroot%\system32\nvpvrmon.dll File not found
SRV - (dntus26) -- %systemroot%\system32\oracleorahome90agent.dll File not found
SRV - (dkeysync) -- %systemroot%\system32\modemcsa.dll File not found
SRV - (DirectUpdate) -- %systemroot%\system32\steamdvr.dll File not found
SRV - (CXTUNE) -- %systemroot%\system32\jtagserver.dll File not found
SRV - (ctsfm2k) -- %systemroot%\system32\iwebcal.dll File not found
SRV - (CTDevice_Srv) -- %systemroot%\system32\sympxsvc.dll File not found
SRV - (CrystalSysInfo) -- %systemroot%\system32\hsf_dpv.dll File not found
SRV - (ami0nt) -- %systemroot%\system32\GT890x.dll File not found
SRV - (AFGSp50) -- %systemroot%\system32\BrUsbSer.dll File not found
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)


========== Driver Services (SafeList) ==========

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (cdrom) -- system32\DRIVERS\cdrom.sys File not found
DRV - (catchme) -- C:\Users\ADMINI~1\AppData\Local\Temp\catchme.sys File not found
DRV - (90948502) -- File not found
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (LMouKE) -- C:\Windows\System32\drivers\LMouKE.Sys (Logitech, Inc.)
DRV - (L8042mou) -- C:\Windows\System32\drivers\L8042mou.Sys (Logitech, Inc.)
DRV - (L8042Kbd) -- C:\Windows\System32\drivers\L8042Kbd.sys (Logitech, Inc.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (PAC207) -- C:\Windows\System32\drivers\PFC027.SYS (PixArt Imaging Inc.)
DRV - (c65013264) -- C:\Windows\System32\drivers\c6501.sys (C-Media Inc)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm60x32.sys (NVIDIA Corporation)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0B4A10D1-FBD6-451d-BFDA-F03252B05984}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&query={searchTerms}&invocationType=TB50TRie7

IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&query={searchTerms}&invocationType=TB50TRie7
IE - HKCU\..\SearchScopes\{3D41F773-C2A2-4541-8F58-DF94FA1311D3}: "URL" = http://search.yahoo.com/search?ei=utf-8&FR=chr-vmn&type=oovoo2_0yach&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..keyword.URL: "http://urlseek40.vmn.net/search.php?lg=en&type=dns&tbn=oovoo2_0dn&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Administrator\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Administrator\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/04/13 19:35:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/03/03 00:34:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Users\Administrator\AppData\Roaming\Move Networks [2009/12/04 00:45:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{9D596132-7EDE-11E1-826D-B8AC6F996F26}: C:\Users\Administrator\AppData\Local\{9D596132-7EDE-11E1-826D-B8AC6F996F26}\ [2012/04/04 02:37:49 | 000,000,000 | ---D | M]

[2009/06/12 11:37:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions
[2009/06/12 11:37:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2012/03/27 00:30:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\y4khrsqu.default\extensions
[2011/05/02 18:39:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\y4khrsqu.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}(27)
[2012/03/27 00:31:12 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\y4khrsqu.default\extensions\toolbar@ask.com
[2012/03/03 00:34:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/04/13 19:35:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2012/04/04 02:37:49 | 000,000,000 | ---D | M] (Translate This!) -- C:\USERS\ADMINISTRATOR\APPDATA\LOCAL\{9D596132-7EDE-11E1-826D-B8AC6F996F26}
() (No name found) -- C:\USERS\ADMINISTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\Y4KHRSQU.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
[2012/04/13 19:35:55 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/04/14 05:08:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2012/04/09 22:44:38 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/04/09 22:44:38 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\Application\17.0.963.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\Application\17.0.963.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Administrator\AppData\Local\Google\Chrome\Application\17.0.963.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.250.6 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U25 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\Administrator\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

Hosts file not found
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files\uTorrentBar\prxtbuTo0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [C6501Sound] RunDll32 c6501.cpl,CMICtrlWnd File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PAC207_Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)
O4 - Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {F53E8C5B-347E-4638-89BE-94639E22E21A} http://www.limeusa.com/append/application/LimeUsaCtrl-MFC9.CAB (LimeUSA 컨트롤)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.59.247.45 208.59.247.46
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{46350C20-98C1-4C3E-82CD-165A8BB6120C}: DhcpNameServer = 208.59.247.45 208.59.247.46
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{6c759e31-ba56-11dd-8f04-001fc6be68dc}\Shell - "" = AutoRun
O33 - MountPoints2\{6c759e31-ba56-11dd-8f04-001fc6be68dc}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk /p \??\E:)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2012/04/12 23:29:58 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\4th semester
[2012/04/12 23:29:41 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\U of I
[2012/04/12 23:28:55 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\Music
[2012/04/12 21:49:44 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Documents\LimeWire
[2012/04/09 22:49:17 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/04/04 02:37:49 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\{9D596132-7EDE-11E1-826D-B8AC6F996F26}
[2012/04/03 14:34:30 | 000,000,000 | -HSD | C] -- C:\found.000
[2012/03/27 00:30:59 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/03/26 23:45:09 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Librarys
[2012/03/18 10:40:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/03/18 10:40:03 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/04/16 19:11:28 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3171449-1554940463-3514634807-500UA.job
[2012/04/16 19:01:30 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/16 19:01:30 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/16 19:01:29 | 000,000,310 | -HS- | M] () -- C:\Windows\tasks\oerbartu.job
[2012/04/16 19:01:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/16 02:27:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At6.job
[2012/04/16 02:27:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At5.job
[2012/04/16 02:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At954.job
[2012/04/16 02:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At906.job
[2012/04/16 02:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At860.job
[2012/04/16 02:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At794.job
[2012/04/16 02:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At783.job
[2012/04/16 02:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At680.job
[2012/04/16 02:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At668.job
[2012/04/16 02:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At603.job
[2012/04/16 02:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At555.job
[2012/04/16 02:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At459.job
[2012/04/16 02:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At411.job
[2012/04/16 02:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At360.job
[2012/04/16 02:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At323.job
[2012/04/16 02:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At267.job
[2012/04/16 02:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1065.job
[2012/04/16 02:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At102.job
[2012/04/16 02:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At101.job
[2012/04/16 02:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1002.job
[2012/04/16 02:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At978.job
[2012/04/16 02:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At930.job
[2012/04/16 02:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At861.job
[2012/04/16 02:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At743.job
[2012/04/16 02:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At738.job
[2012/04/16 02:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At638.job
[2012/04/16 02:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At387.job
[2012/04/16 02:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At312.job
[2012/04/16 02:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At291.job
[2012/04/16 01:27:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At4.job
[2012/04/16 01:27:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At3.job
[2012/04/16 01:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At99.job
[2012/04/16 01:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At953.job
[2012/04/16 01:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At905.job
[2012/04/16 01:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At858.job
[2012/04/16 01:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At792.job
[2012/04/16 01:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At781.job
[2012/04/16 01:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At676.job
[2012/04/16 01:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At666.job
[2012/04/16 01:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At602.job
[2012/04/16 01:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At554.job
[2012/04/16 01:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At458.job
[2012/04/16 01:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At410.job
[2012/04/16 01:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At358.job
[2012/04/16 01:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At321.job
[2012/04/16 01:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At266.job
[2012/04/16 01:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1064.job
[2012/04/16 01:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1001.job
[2012/04/16 01:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At100.job
[2012/04/16 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At977.job
[2012/04/16 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At929.job
[2012/04/16 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At859.job
[2012/04/16 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At741.job
[2012/04/16 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At737.job
[2012/04/16 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At636.job
[2012/04/16 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At386.job
[2012/04/16 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At310.job
[2012/04/16 01:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At290.job
[2012/04/16 00:58:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At674.job
[2012/04/16 00:58:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At626.job
[2012/04/16 00:56:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At952.job
[2012/04/16 00:56:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At928.job
[2012/04/16 00:55:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At856.job
[2012/04/16 00:55:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At319.job
[2012/04/16 00:55:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At289.job
[2012/04/16 00:54:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At553.job
[2012/04/16 00:52:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At779.job
[2012/04/16 00:52:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At736.job
[2012/04/16 00:50:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At409.job
[2012/04/16 00:50:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At385.job
[2012/04/16 00:38:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1000.job
[2012/04/16 00:38:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At976.job
[2012/04/16 00:36:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1063.job
[2012/04/16 00:32:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At904.job
[2012/04/16 00:32:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At857.job
[2012/04/16 00:30:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At790.job
[2012/04/16 00:30:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At739.job
[2012/04/16 00:27:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At2.job
[2012/04/16 00:27:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At1.job
[2012/04/16 00:26:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At98.job
[2012/04/16 00:26:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At97.job
[2012/04/16 00:26:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At664.job
[2012/04/16 00:20:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At356.job
[2012/04/16 00:20:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At308.job
[2012/04/16 00:13:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At457.job
[2012/04/16 00:11:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At265.job
[2012/04/16 00:08:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At601.job
[2012/04/15 23:27:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At48.job
[2012/04/15 23:27:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At47.job
[2012/04/15 23:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At975.job
[2012/04/15 23:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At927.job
[2012/04/15 23:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At902.job
[2012/04/15 23:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At846.job
[2012/04/15 23:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At576.job
[2012/04/15 23:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At480.job
[2012/04/15 23:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At432.job
[2012/04/15 23:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At384.job
[2012/04/15 23:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At365.job
[2012/04/15 23:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At288.job
[2012/04/15 23:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At144.job
[2012/04/15 23:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At143.job
[2012/04/15 23:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1086.job
[2012/04/15 23:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1038.job
[2012/04/15 23:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1023.job
[2012/04/15 23:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At999.job
[2012/04/15 23:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At96.job
[2012/04/15 23:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At951.job
[2012/04/15 23:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At95.job
[2012/04/15 23:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At903.job
[2012/04/15 23:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At855.job
[2012/04/15 23:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At788.job
[2012/04/15 23:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At777.job
[2012/04/15 23:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At671.job
[2012/04/15 23:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At662.job
[2012/04/15 23:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At600.job
[2012/04/15 23:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At552.job
[2012/04/15 23:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At456.job
[2012/04/15 23:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At408.job
[2012/04/15 23:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At354.job
[2012/04/15 23:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At317.job
[2012/04/15 23:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At264.job
[2012/04/15 23:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1062.job
[2012/04/15 22:27:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At46.job
[2012/04/15 22:27:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At45.job
[2012/04/15 22:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At974.job
[2012/04/15 22:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At926.job
[2012/04/15 22:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At900.job
[2012/04/15 22:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At844.job
[2012/04/15 22:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At623.job
[2012/04/15 22:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At575.job
[2012/04/15 22:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At479.job
[2012/04/15 22:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At431.job
[2012/04/15 22:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At383.job
[2012/04/15 22:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At363.job
[2012/04/15 22:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At287.job
[2012/04/15 22:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At142.job
[2012/04/15 22:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At141.job
[2012/04/15 22:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1085.job
[2012/04/15 22:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1037.job
[2012/04/15 22:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1022.job
[2012/04/15 22:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At998.job
[2012/04/15 22:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At950.job
[2012/04/15 22:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At94.job
[2012/04/15 22:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At93.job
[2012/04/15 22:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At901.job
[2012/04/15 22:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At854.job
[2012/04/15 22:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At786.job
[2012/04/15 22:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At775.job
[2012/04/15 22:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At669.job
[2012/04/15 22:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At660.job
[2012/04/15 22:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At599.job
[2012/04/15 22:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At551.job
[2012/04/15 22:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At455.job
[2012/04/15 22:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At407.job
[2012/04/15 22:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At352.job
[2012/04/15 22:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At315.job
[2012/04/15 22:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At263.job
[2012/04/15 22:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1061.job
[2012/04/15 21:27:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At44.job
[2012/04/15 21:27:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At43.job
[2012/04/15 21:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At973.job
[2012/04/15 21:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At925.job
[2012/04/15 21:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At898.job
[2012/04/15 21:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At842.job
[2012/04/15 21:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At622.job
[2012/04/15 21:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At574.job
[2012/04/15 21:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At478.job
[2012/04/15 21:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At430.job
[2012/04/15 21:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At382.job
[2012/04/15 21:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At361.job
[2012/04/15 21:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At286.job
[2012/04/15 21:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At140.job
[2012/04/15 21:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At139.job
[2012/04/15 21:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1084.job
[2012/04/15 21:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1036.job
[2012/04/15 21:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1021.job
[2012/04/15 21:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At997.job
[2012/04/15 21:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At949.job
[2012/04/15 21:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At92.job
[2012/04/15 21:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At91.job
[2012/04/15 21:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At899.job
[2012/04/15 21:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At853.job
[2012/04/15 21:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At784.job
[2012/04/15 21:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At773.job
[2012/04/15 21:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At667.job
[2012/04/15 21:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At658.job
[2012/04/15 21:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At598.job
[2012/04/15 21:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At550.job
[2012/04/15 21:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At454.job
[2012/04/15 21:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At406.job
[2012/04/15 21:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At350.job
[2012/04/15 21:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At313.job
[2012/04/15 21:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At262.job
[2012/04/15 21:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1060.job
[2012/04/15 20:27:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At42.job
[2012/04/15 20:27:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At41.job
[2012/04/15 20:11:59 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{9EFAB2CC-C91E-4B8E-8EAE-20C79287011E}.job
[2012/04/14 20:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At972.job
[2012/04/14 20:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At924.job
[2012/04/14 20:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At896.job
[2012/04/14 20:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At840.job
[2012/04/14 20:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At621.job
[2012/04/14 20:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At573.job
[2012/04/14 20:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At477.job
[2012/04/14 20:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At429.job
[2012/04/14 20:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At381.job
[2012/04/14 20:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At359.job
[2012/04/14 20:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At285.job
[2012/04/14 20:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At138.job
[2012/04/14 20:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At137.job
[2012/04/14 20:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1083.job
[2012/04/14 20:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1035.job
[2012/04/14 20:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1020.job
[2012/04/14 20:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At996.job
[2012/04/14 20:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At948.job
[2012/04/14 20:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At90.job
[2012/04/14 20:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At897.job
[2012/04/14 20:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At89.job
[2012/04/14 20:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At852.job
[2012/04/14 20:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At782.job
[2012/04/14 20:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At771.job
[2012/04/14 20:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At665.job
[2012/04/14 20:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At656.job
[2012/04/14 20:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At597.job
[2012/04/14 20:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At549.job
[2012/04/14 20:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At453.job
[2012/04/14 20:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At405.job
[2012/04/14 20:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At348.job
[2012/04/14 20:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At311.job
[2012/04/14 20:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At261.job
[2012/04/14 20:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1059.job
[2012/04/14 19:27:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At40.job
[2012/04/14 19:27:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At39.job
[2012/04/14 19:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At971.job
[2012/04/14 19:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At923.job
[2012/04/14 19:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At894.job
[2012/04/14 19:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At838.job
[2012/04/14 19:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At620.job
[2012/04/14 19:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At572.job
[2012/04/14 19:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At476.job
[2012/04/14 19:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At428.job
[2012/04/14 19:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At380.job
[2012/04/14 19:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At357.job
[2012/04/14 19:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At284.job
[2012/04/14 19:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At136.job
[2012/04/14 19:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At135.job
[2012/04/14 19:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1082.job
[2012/04/14 19:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1034.job
[2012/04/14 19:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1019.job
[2012/04/14 19:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At995.job
[2012/04/14 19:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At947.job
[2012/04/14 19:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At895.job
[2012/04/14 19:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At88.job
[2012/04/14 19:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At87.job
[2012/04/14 19:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At851.job
[2012/04/14 19:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At780.job
[2012/04/14 19:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At769.job
[2012/04/14 19:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At663.job
[2012/04/14 19:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At654.job
[2012/04/14 19:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At596.job
[2012/04/14 19:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At548.job
[2012/04/14 19:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At452.job
[2012/04/14 19:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At404.job
[2012/04/14 19:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At346.job
[2012/04/14 19:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At309.job
[2012/04/14 19:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At260.job
[2012/04/14 19:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1058.job
[2012/04/14 18:27:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At38.job
[2012/04/14 18:27:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At37.job
[2012/04/14 18:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At970.job
[2012/04/14 18:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At922.job
[2012/04/14 18:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At892.job
[2012/04/14 18:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At619.job
[2012/04/14 18:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At571.job
[2012/04/14 18:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At475.job
[2012/04/14 18:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At427.job
[2012/04/14 18:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At379.job
[2012/04/14 18:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At355.job
[2012/04/14 18:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At283.job
[2012/04/14 18:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At134.job
[2012/04/14 18:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At133.job
[2012/04/14 18:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1081.job
[2012/04/14 18:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1033.job
[2012/04/14 18:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1018.job
[2012/04/14 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At994.job
[2012/04/14 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At946.job
[2012/04/14 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At893.job
[2012/04/14 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At86.job
[2012/04/14 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At850.job
[2012/04/14 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At85.job
[2012/04/14 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At778.job
[2012/04/14 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At768.job
[2012/04/14 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At661.job
[2012/04/14 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At643.job
[2012/04/14 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At595.job
[2012/04/14 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At547.job
[2012/04/14 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At451.job
[2012/04/14 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At403.job
[2012/04/14 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At344.job
[2012/04/14 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At307.job
[2012/04/14 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At259.job
[2012/04/14 18:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1057.job
[2012/04/14 15:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At967.job
[2012/04/14 15:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At919.job
[2012/04/14 15:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At886.job
[2012/04/14 15:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At616.job
[2012/04/14 15:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At568.job
[2012/04/14 15:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At472.job
[2012/04/14 15:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At424.job
[2012/04/14 15:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At376.job
[2012/04/14 15:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At349.job
[2012/04/14 15:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At280.job
[2012/04/14 15:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At128.job
[2012/04/14 15:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At127.job
[2012/04/14 15:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1078.job
[2012/04/14 15:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1030.job
[2012/04/14 15:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1015.job
[2012/04/14 15:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At991.job
[2012/04/14 15:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At943.job
[2012/04/14 15:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At887.job
[2012/04/14 15:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At847.job
[2012/04/14 15:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At80.job
[2012/04/14 15:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At79.job
[2012/04/14 15:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At772.job
[2012/04/14 15:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At763.job
[2012/04/14 15:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At655.job
[2012/04/14 15:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At637.job
[2012/04/14 15:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At592.job
[2012/04/14 15:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At544.job
[2012/04/14 15:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At448.job
[2012/04/14 15:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At400.job
[2012/04/14 15:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At338.job
[2012/04/14 15:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At304.job
[2012/04/14 15:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At256.job
[2012/04/14 15:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1054.job
[2012/04/14 14:27:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At30.job
[2012/04/14 14:27:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At29.job
[2012/04/14 14:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At966.job
[2012/04/14 14:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At918.job
[2012/04/14 14:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At884.job
[2012/04/14 14:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At615.job
[2012/04/14 14:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At567.job
[2012/04/14 14:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At471.job
[2012/04/14 14:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At423.job
[2012/04/14 14:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At375.job
[2012/04/14 14:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At347.job
[2012/04/14 14:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At279.job
[2012/04/14 14:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At126.job
[2012/04/14 14:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At125.job
[2012/04/14 14:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1077.job
[2012/04/14 14:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1029.job
[2012/04/14 14:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1014.job
[2012/04/14 14:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At990.job
[2012/04/14 14:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At942.job
[2012/04/14 14:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At885.job
[2012/04/14 14:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At845.job
[2012/04/14 14:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At78.job
[2012/04/14 14:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At770.job
[2012/04/14 14:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At77.job
[2012/04/14 14:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At761.job
[2012/04/14 14:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At653.job
[2012/04/14 14:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At635.job
[2012/04/14 14:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At591.job
[2012/04/14 14:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At543.job
[2012/04/14 14:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At447.job
[2012/04/14 14:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At399.job
[2012/04/14 14:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At336.job
[2012/04/14 14:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At303.job
[2012/04/14 14:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At255.job
[2012/04/14 14:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1053.job
[2012/04/14 13:27:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At28.job
[2012/04/14 13:27:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At27.job
[2012/04/14 13:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At965.job
[2012/04/14 13:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At917.job
[2012/04/14 13:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At882.job
[2012/04/14 13:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At614.job
[2012/04/14 13:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At566.job
[2012/04/14 13:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At470.job
[2012/04/14 13:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At422.job
[2012/04/14 13:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At374.job
[2012/04/14 13:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At345.job
[2012/04/14 13:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At278.job
[2012/04/14 13:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At124.job
[2012/04/14 13:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At123.job
[2012/04/14 13:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1076.job
[2012/04/14 13:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1028.job
[2012/04/14 13:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1013.job
[2012/04/14 13:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At989.job
[2012/04/14 13:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At941.job
[2012/04/14 13:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At883.job
[2012/04/14 13:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At843.job
[2012/04/14 13:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At766.job
[2012/04/14 13:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At76.job
[2012/04/14 13:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At758.job
[2012/04/14 13:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At75.job
[2012/04/14 13:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At652.job
[2012/04/14 13:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At634.job
[2012/04/14 13:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At590.job
[2012/04/14 13:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At542.job
[2012/04/14 13:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At446.job
[2012/04/14 13:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At398.job
[2012/04/14 13:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At334.job
[2012/04/14 13:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At302.job
[2012/04/14 13:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At254.job
[2012/04/14 13:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1052.job
[2012/04/14 12:27:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At26.job
[2012/04/14 12:27:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At25.job
[2012/04/14 12:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At964.job
[2012/04/14 12:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At916.job
[2012/04/14 12:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At880.job
[2012/04/14 12:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At803.job
[2012/04/14 12:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At685.job
[2012/04/14 12:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At613.job
[2012/04/14 12:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At565.job
[2012/04/14 12:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At469.job
[2012/04/14 12:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At421.job
[2012/04/14 12:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At373.job
[2012/04/14 12:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At343.job
[2012/04/14 12:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At277.job
[2012/04/14 12:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At122.job
[2012/04/14 12:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At121.job
[2012/04/14 12:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1075.job
[2012/04/14 12:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1012.job
[2012/04/14 12:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At988.job
[2012/04/14 12:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At940.job
[2012/04/14 12:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At881.job
[2012/04/14 12:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At841.job
[2012/04/14 12:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At764.job
[2012/04/14 12:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At756.job
[2012/04/14 12:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At74.job
[2012/04/14 12:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At73.job
[2012/04/14 12:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At651.job
[2012/04/14 12:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At633.job
[2012/04/14 12:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At589.job
[2012/04/14 12:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At541.job
[2012/04/14 12:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At445.job
[2012/04/14 12:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At397.job
[2012/04/14 12:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At332.job
[2012/04/14 12:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At301.job
[2012/04/14 12:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At253.job
[2012/04/14 12:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1051.job
[2012/04/14 11:27:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At24.job
[2012/04/14 11:27:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At23.job
[2012/04/14 11:11:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3171449-1554940463-3514634807-500Core.job
[2012/04/14 11:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At963.job
[2012/04/14 11:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At915.job
[2012/04/14 11:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At878.job
[2012/04/14 11:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At801.job
[2012/04/14 11:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At683.job
[2012/04/14 11:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At612.job
[2012/04/14 11:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At564.job
[2012/04/14 11:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At468.job
[2012/04/14 11:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At420.job
[2012/04/14 11:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At372.job
[2012/04/14 11:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At341.job
[2012/04/14 11:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At276.job
[2012/04/14 11:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At120.job
[2012/04/14 11:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At119.job
[2012/04/14 11:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1074.job
[2012/04/14 11:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1011.job
[2012/04/14 11:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At987.job
[2012/04/14 11:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At939.job
[2012/04/14 11:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At879.job
[2012/04/14 11:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At839.job
[2012/04/14 11:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At762.job
[2012/04/14 11:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At754.job
[2012/04/14 11:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At72.job
[2012/04/14 11:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At71.job
[2012/04/14 11:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At650.job
[2012/04/14 11:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At632.job
[2012/04/14 11:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At540.job
[2012/04/14 11:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At444.job
[2012/04/14 11:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At396.job
[2012/04/14 11:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At330.job
[2012/04/14 11:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At300.job
[2012/04/14 11:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At252.job
[2012/04/14 11:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1050.job
[2012/04/14 10:27:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At22.job
[2012/04/14 10:27:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At21.job
[2012/04/14 10:00:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At914.job
[2012/04/14 10:00:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At681.job
[2012/04/14 10:00:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At611.job
[2012/04/14 10:00:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At563.job
[2012/04/14 10:00:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At467.job
[2012/04/14 10:00:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At339.job
[2012/04/14 10:00:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At118.job
[2012/04/14 10:00:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1073.job
[2012/04/14 10:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At986.job
[2012/04/14 10:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At837.job
[2012/04/14 10:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At649.job
[2012/04/14 10:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At631.job
[2012/04/14 10:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At443.job
[2012/04/14 10:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At962.job
[2012/04/14 10:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At876.job
[2012/04/14 10:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At799.job
[2012/04/14 10:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At419.job
[2012/04/14 10:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At371.job
[2012/04/14 10:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At275.job
[2012/04/14 10:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At117.job
[2012/04/14 10:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1010.job
[2012/04/14 10:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At938.job
[2012/04/14 10:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At877.job
[2012/04/14 10:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At760.job
[2012/04/14 10:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At753.job
[2012/04/14 10:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At70.job
[2012/04/14 10:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At69.job
[2012/04/14 10:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At395.job
[2012/04/14 10:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At328.job
[2012/04/14 10:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At299.job
[2012/04/14 10:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At251.job
[2012/04/14 10:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1049.job
[2012/04/14 03:27:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At8.job
[2012/04/14 03:27:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At7.job
[2012/04/14 03:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At955.job
[2012/04/14 03:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At907.job
[2012/04/14 03:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At862.job
[2012/04/14 03:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At796.job
[2012/04/14 03:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At785.job
[2012/04/14 03:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At682.job
[2012/04/14 03:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At670.job
[2012/04/14 03:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At604.job
[2012/04/14 03:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At556.job
[2012/04/14 03:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At460.job
[2012/04/14 03:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At412.job
[2012/04/14 03:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At362.job
[2012/04/14 03:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At325.job
[2012/04/14 03:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At268.job
[2012/04/14 03:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1066.job
[2012/04/14 03:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At104.job
[2012/04/14 03:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At103.job
[2012/04/14 03:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1003.job
[2012/04/14 03:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At979.job
[2012/04/14 03:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At931.job
[2012/04/14 03:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At863.job
[2012/04/14 03:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At745.job
[2012/04/14 03:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At740.job
[2012/04/14 03:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At640.job
[2012/04/14 03:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At388.job
[2012/04/14 03:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At314.job
[2012/04/14 03:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At292.job
[2012/04/13 16:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At968.job
[2012/04/13 16:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At920.job
[2012/04/13 16:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At888.job
[2012/04/13 16:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At617.job
[2012/04/13 16:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At569.job
[2012/04/13 16:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At473.job
[2012/04/13 16:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At425.job
[2012/04/13 16:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At377.job
[2012/04/13 16:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At351.job
[2012/04/13 16:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At281.job
[2012/04/13 16:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At130.job
[2012/04/13 16:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At129.job
[2012/04/13 16:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1079.job
[2012/04/13 16:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1031.job
[2012/04/13 16:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1016.job
[2012/04/13 16:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At992.job
[2012/04/13 16:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At944.job
[2012/04/13 16:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At889.job
[2012/04/13 16:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At848.job
[2012/04/13 16:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At82.job
[2012/04/13 16:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At81.job
[2012/04/13 16:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At774.job
[2012/04/13 16:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At765.job
[2012/04/13 16:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At657.job
[2012/04/13 16:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At639.job
[2012/04/13 16:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At593.job
[2012/04/13 16:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At545.job
[2012/04/13 16:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At449.job
[2012/04/13 16:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At401.job
[2012/04/13 16:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At340.job
[2012/04/13 16:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At305.job
[2012/04/13 16:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At257.job
[2012/04/13 16:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1055.job
[2012/04/13 15:27:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At32.job
[2012/04/13 15:27:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At31.job
[2012/04/13 11:28:01 | 201,992,545 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/04/12 23:21:43 | 000,000,000 | ---- | M] () -- C:\Users\Administrator\defogger_reenable
[2012/04/12 04:27:00 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At10.job
[2012/04/12 04:27:00 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At9.job
[2012/04/12 04:00:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At787.job
[2012/04/12 04:00:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At672.job
[2012/04/12 04:00:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At269.job
[2012/04/12 04:00:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At293.job
[2012/04/12 04:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At956.job
[2012/04/12 04:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At908.job
[2012/04/12 04:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At864.job
[2012/04/12 04:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At798.job
[2012/04/12 04:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At684.job
[2012/04/12 04:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At605.job
[2012/04/12 04:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At557.job
[2012/04/12 04:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At461.job
[2012/04/12 04:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At413.job
[2012/04/12 04:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At364.job
[2012/04/12 04:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At327.job
[2012/04/12 04:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1067.job
[2012/04/12 04:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At106.job
[2012/04/12 04:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At105.job
[2012/04/12 04:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1004.job
[2012/04/12 04:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At980.job
[2012/04/12 04:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At932.job
[2012/04/12 04:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At865.job
[2012/04/12 04:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At747.job
[2012/04/12 04:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At742.job
[2012/04/12 04:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At642.job
[2012/04/12 04:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At58.job
[2012/04/12 04:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At437.job
[2012/04/12 04:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At389.job
[2012/04/12 04:00:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At316.job
[2012/04/09 22:43:12 | 000,000,000 | -HS- | M] () -- C:\Windows\System32\dds_trash_log.cmd
[2012/04/07 17:03:02 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At969.job
[2012/04/07 17:03:02 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At890.job
[2012/04/07 17:03:02 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At426.job
[2012/04/07 17:03:02 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At378.job
[2012/04/07 17:03:02 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At282.job
[2012/04/07 17:03:02 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At131.job
[2012/04/07 17:03:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At993.job
[2012/04/07 17:03:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At945.job
[2012/04/07 17:03:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At891.job
[2012/04/07 17:03:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At849.job
[2012/04/07 17:03:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At84.job
[2012/04/07 17:03:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At83.job
[2012/04/07 17:03:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At776.job
[2012/04/07 17:03:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At767.job
[2012/04/07 17:03:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At659.job
[2012/04/07 17:03:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At641.job
[2012/04/07 17:03:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At594.job
[2012/04/07 17:03:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At546.job
[2012/04/07 17:03:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At450.job
[2012/04/07 17:03:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At402.job
[2012/04/07 17:03:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At342.job
[2012/04/07 17:03:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At306.job
[2012/04/07 17:03:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At258.job
[2012/04/07 17:03:02 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1056.job
[2012/04/07 17:00:40 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At474.job
[2012/04/07 17:00:40 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1032.job
[2012/04/07 17:00:16 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At921.job
[2012/04/07 17:00:16 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At618.job
[2012/04/07 17:00:15 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At570.job
[2012/04/07 17:00:15 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At353.job
[2012/04/07 17:00:15 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At132.job
[2012/04/07 17:00:15 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1080.job
[2012/04/07 17:00:15 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1017.job
[2012/04/07 16:46:33 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At34.job
[2012/04/07 16:27:24 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At33.job
[2012/04/05 17:27:03 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At36.job
[2012/04/05 17:27:03 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At35.job
[2012/04/05 13:28:04 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At1141.job
[2012/04/05 13:28:03 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At1140.job
[2012/04/05 13:28:01 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At1139.job
[2012/04/05 13:28:00 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At1138.job
[2012/04/05 13:27:59 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At1137.job
[2012/04/05 13:27:58 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At1136.job
[2012/04/05 13:27:57 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At1135.job
[2012/04/05 13:27:56 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At1134.job
[2012/04/05 13:27:55 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At1133.job
[2012/04/05 13:27:54 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At1132.job
[2012/04/05 13:27:53 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At1131.job
[2012/04/05 13:27:52 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At1130.job
[2012/04/05 13:27:51 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At1129.job
[2012/04/05 13:27:50 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At1128.job
[2012/04/05 13:27:49 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At1127.job
[2012/04/05 13:27:48 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At1126.job
[2012/04/05 13:27:47 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At1125.job
[2012/04/05 13:27:45 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At1124.job
[2012/04/05 13:27:44 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At1123.job
[2012/04/05 13:27:43 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At1122.job
[2012/04/05 13:27:42 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At1121.job
[2012/04/05 13:27:41 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At1120.job
[2012/04/05 13:27:40 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At1119.job
[2012/04/05 13:27:39 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At1118.job
[2012/04/05 13:27:38 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1117.job
[2012/04/05 13:27:37 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1116.job
[2012/04/05 13:27:35 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1115.job
[2012/04/05 13:27:34 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1114.job
[2012/04/05 13:27:33 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1113.job
[2012/04/05 13:27:32 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1112.job
[2012/04/05 13:27:30 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1111.job
[2012/04/05 13:27:29 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1110.job
[2012/04/05 13:27:28 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1109.job
[2012/04/05 13:27:27 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1108.job
[2012/04/05 13:27:25 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1107.job
[2012/04/05 13:27:24 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1106.job
[2012/04/05 13:27:23 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1105.job
[2012/04/05 13:27:22 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1104.job
[2012/04/05 13:27:20 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1103.job
[2012/04/05 13:27:19 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1102.job
[2012/04/05 13:27:18 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1101.job
[2012/04/05 13:27:17 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1100.job
[2012/04/05 13:27:15 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1099.job
[2012/04/05 13:27:14 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1098.job
[2012/04/05 13:27:13 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1097.job
[2012/04/05 13:27:11 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1096.job
[2012/04/05 13:27:10 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1095.job
[2012/04/05 13:27:09 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1094.job
[2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/03/31 15:45:43 | 000,000,270 | ---- | M] () -- C:\Windows\tasks\At1093.job
[2012/03/31 15:45:42 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1092.job
[2012/03/31 15:45:37 | 000,000,338 | ---- | M] () -- C:\Windows\tasks\At1089.job
[2012/03/31 14:55:24 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1072.job
[2012/03/31 14:55:24 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1071.job
[2012/03/31 14:55:24 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1070.job
[2012/03/31 14:55:24 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1069.job
[2012/03/31 14:55:24 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1068.job
[2012/03/31 14:55:23 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1048.job
[2012/03/31 14:55:23 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1047.job
[2012/03/31 14:55:23 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1046.job
[2012/03/31 14:55:23 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At1045.job
[2012/03/31 14:27:17 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1044.job
[2012/03/31 14:27:15 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1043.job
[2012/03/31 14:27:14 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1042.job
[2012/03/31 14:27:13 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1041.job
[2012/03/31 14:27:12 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1040.job
[2012/03/31 14:27:10 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At1039.job
[2012/03/30 06:00:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At982.job
[2012/03/30 06:00:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At934.job
[2012/03/30 06:00:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At869.job
[2012/03/30 06:00:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At751.job
[2012/03/30 06:00:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At746.job
[2012/03/30 06:00:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At645.job
[2012/03/30 06:00:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At627.job
[2012/03/30 06:00:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At62.job
[2012/03/30 06:00:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At61.job
[2012/03/30 06:00:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At439.job
[2012/03/30 06:00:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At391.job
[2012/03/30 06:00:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At320.job
[2012/03/30 06:00:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At295.job
[2012/03/30 06:00:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At145.job
[2012/03/30 06:00:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At958.job
[2012/03/30 06:00:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At910.job
[2012/03/30 06:00:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At868.job
[2012/03/30 06:00:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At802.job
[2012/03/30 06:00:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At791.job
[2012/03/30 06:00:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At675.job
[2012/03/30 06:00:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At607.job
[2012/03/30 06:00:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At559.job
[2012/03/30 06:00:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At463.job
[2012/03/30 06:00:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At415.job
[2012/03/30 06:00:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At367.job
[2012/03/30 06:00:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At331.job
[2012/03/30 06:00:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At271.job
[2012/03/30 06:00:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At110.job
[2012/03/30 06:00:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At109.job
[2012/03/30 06:00:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1006.job
[2012/03/30 05:27:17 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\At12.job
[2012/03/30 05:27:17 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At11.job
[2012/03/30 05:00:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At981.job
[2012/03/30 05:00:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At933.job
[2012/03/30 05:00:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At867.job
[2012/03/30 05:00:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At749.job
[2012/03/30 05:00:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At744.job
[2012/03/30 05:00:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At644.job
[2012/03/30 05:00:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At625.job
[2012/03/30 05:00:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At60.job
[2012/03/30 05:00:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At59.job
[2012/03/30 05:00:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At438.job
[2012/03/30 05:00:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At390.job
[2012/03/30 05:00:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At318.job
[2012/03/30 05:00:15 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At294.job
[2012/03/30 05:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At957.job
[2012/03/30 05:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At909.job
[2012/03/30 05:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At866.job
[2012/03/30 05:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At800.job
[2012/03/30 05:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At789.job
[2012/03/30 05:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At686.job
[2012/03/30 05:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At673.job
[2012/03/30 05:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At606.job
[2012/03/30 05:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At558.job
[2012/03/30 05:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At462.job
[2012/03/30 05:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At414.job
[2012/03/30 05:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At366.job
[2012/03/30 05:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At329.job
[2012/03/30 05:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At270.job
[2012/03/30 05:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At108.job
[2012/03/30 05:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At107.job
[2012/03/30 05:00:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1005.job
[2012/03/30 03:27:30 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At1027.job
[2012/03/30 03:27:28 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At1026.job
[2012/03/30 03:27:27 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At1025.job
[2012/03/30 03:27:26 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At1024.job
[2012/03/27 10:45:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At985.job
[2012/03/27 10:45:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At984.job
[2012/03/27 10:45:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At983.job
[2012/03/27 10:44:58 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1009.job
[2012/03/27 10:44:58 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1008.job
[2012/03/27 10:44:58 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At1007.job
[2012/03/26 23:45:02 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At961.job
[2012/03/26 23:45:02 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At960.job
[2012/03/26 23:45:02 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At959.job
[2012/03/26 23:45:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At913.job
[2012/03/26 23:45:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At912.job
[2012/03/26 23:45:01 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At911.job
[2012/03/26 23:45:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At937.job
[2012/03/26 23:45:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At936.job
[2012/03/26 23:45:01 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At935.job
[2012/03/26 23:45:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At874.job
[2012/03/26 23:45:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At872.job
[2012/03/26 23:45:00 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At870.job
[2012/03/26 23:45:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At875.job
[2012/03/26 23:45:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At873.job
[2012/03/26 23:45:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At871.job
[2012/03/26 23:44:58 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At797.job
[2012/03/26 23:44:58 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At795.job
[2012/03/26 23:44:58 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At793.job
[2012/03/26 23:44:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At759.job
[2012/03/26 23:44:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At757.job
[2012/03/26 23:44:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At755.job
[2012/03/26 23:44:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At752.job
[2012/03/26 23:44:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At750.job
[2012/03/26 23:44:56 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At748.job
[2012/03/25 23:36:50 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At836.job
[2012/03/25 23:36:49 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At835.job
[2012/03/25 23:36:48 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At834.job
[2012/03/25 23:36:46 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At833.job
[2012/03/25 23:36:45 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At832.job
[2012/03/25 23:36:44 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At831.job
[2012/03/25 23:36:43 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At830.job
[2012/03/25 23:36:42 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At829.job
[2012/03/25 23:36:41 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At828.job
[2012/03/25 23:36:40 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At827.job
[2012/03/25 23:36:38 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At826.job
[2012/03/25 23:36:37 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At825.job
[2012/03/25 23:36:36 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At824.job
[2012/03/25 23:36:34 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At823.job
[2012/03/25 23:36:33 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At822.job
[2012/03/25 23:36:32 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At821.job
[2012/03/25 23:36:30 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At820.job
[2012/03/25 23:36:29 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At819.job
[2012/03/25 23:36:28 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At818.job
[2012/03/25 23:36:27 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At817.job
[2012/03/25 23:36:26 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At816.job
[2012/03/25 23:36:24 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At815.job
[2012/03/25 23:36:23 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At814.job
[2012/03/25 23:36:22 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At813.job
[2012/03/25 23:36:20 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At812.job
[2012/03/25 23:36:19 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At811.job
[2012/03/25 23:36:18 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At810.job
[2012/03/25 23:36:17 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At809.job
[2012/03/25 23:36:15 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At808.job
[2012/03/25 23:36:14 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At807.job
[2012/03/25 23:36:13 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At806.job
[2012/03/25 23:36:12 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At805.job
[2012/03/25 23:36:11 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At804.job
[2012/03/24 00:27:57 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At735.job
[2012/03/24 00:27:55 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At734.job
[2012/03/24 00:27:54 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At733.job
[2012/03/24 00:27:53 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At732.job
[2012/03/24 00:27:52 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At731.job
[2012/03/24 00:27:51 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At730.job
[2012/03/24 00:27:50 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At729.job
[2012/03/24 00:27:49 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At728.job
[2012/03/24 00:27:48 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At727.job
[2012/03/24 00:27:47 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At726.job
[2012/03/24 00:27:46 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At725.job
[2012/03/24 00:27:45 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At724.job
[2012/03/24 00:27:44 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At723.job
[2012/03/24 00:27:43 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At722.job
[2012/03/24 00:27:42 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At721.job
[2012/03/24 00:27:41 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At720.job
[2012/03/24 00:27:39 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At719.job
[2012/03/24 00:27:39 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At718.job
[2012/03/24 00:27:37 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At717.job
[2012/03/24 00:27:36 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At716.job
[2012/03/24 00:27:35 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At715.job
[2012/03/24 00:27:34 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At714.job
[2012/03/24 00:27:33 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At713.job
[2012/03/24 00:27:32 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At712.job
[2012/03/24 00:27:31 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At711.job
[2012/03/24 00:27:29 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At710.job
[2012/03/24 00:27:28 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At709.job
[2012/03/24 00:27:27 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At708.job
[2012/03/24 00:27:26 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At707.job
[2012/03/24 00:27:25 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At706.job
[2012/03/24 00:27:24 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At705.job
[2012/03/24 00:27:23 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At704.job
[2012/03/24 00:27:21 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At703.job
[2012/03/24 00:27:20 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At702.job
[2012/03/24 00:27:19 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At701.job
[2012/03/24 00:27:18 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At700.job
[2012/03/24 00:27:16 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At699.job
[2012/03/24 00:27:15 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At698.job
[2012/03/24 00:27:14 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At697.job
[2012/03/24 00:27:13 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At696.job
[2012/03/24 00:27:11 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At695.job
[2012/03/24 00:27:10 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At694.job
[2012/03/24 00:27:09 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At693.job
[2012/03/24 00:27:08 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At692.job
[2012/03/24 00:27:07 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At691.job
[2012/03/24 00:27:05 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At690.job
[2012/03/24 00:27:04 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At689.job
[2012/03/24 00:27:03 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At688.job
[2012/03/22 21:25:05 | 000,008,013 | -HS- | M] () -- C:\Users\Administrator\Desktop\Folder.jpg
[2012/03/22 21:25:05 | 000,002,286 | -HS- | M] () -- C:\Users\Administrator\Desktop\AlbumArtSmall.jpg
[2012/03/22 05:45:20 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At679.job
[2012/03/22 05:45:20 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At678.job
[2012/03/22 05:45:20 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At677.job
[2012/03/22 05:45:20 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At648.job
[2012/03/22 05:45:20 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At647.job
[2012/03/22 05:45:20 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At646.job
[2012/03/22 05:45:20 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At630.job
[2012/03/22 05:45:20 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At629.job
[2012/03/22 05:45:20 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\At628.job
[2012/03/22 05:43:01 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At687.job
[2012/03/19 21:16:37 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At610.job
[2012/03/19 21:16:37 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At609.job
[2012/03/19 21:16:37 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At608.job
[2012/03/19 20:29:51 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\At624.job
[2012/03/19 20:29:18 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At588.job
[2012/03/19 20:29:16 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At587.job
[2012/03/19 20:29:15 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At586.job
[2012/03/19 20:29:14 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At585.job
[2012/03/19 20:29:13 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At584.job
[2012/03/19 20:29:12 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At583.job
[2012/03/19 20:29:10 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At582.job
[2012/03/19 20:29:09 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At581.job
[2012/03/19 20:29:08 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At580.job
[2012/03/19 20:29:06 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At579.job
[2012/03/19 20:29:05 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At578.job
[2012/03/19 20:29:03 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At577.job
[2012/03/19 18:42:50 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At562.job
[2012/03/19 18:42:50 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At561.job
[2012/03/19 18:42:50 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\At560.job
[2012/03/19 18:37:58 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At539.job
[2012/03/19 18:37:57 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At538.job
[2012/03/19 18:37:56 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At537.job
[2012/03/19 18:37:55 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At536.job
[2012/03/19 18:37:54 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At535.job
[2012/03/19 18:37:52 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At534.job
[2012/03/19 18:37:51 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At533.job
[2012/03/19 18:37:50 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At532.job
[2012/03/19 18:37:48 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At531.job
[2012/03/19 18:37:47 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At530.job
[2012/03/19 18:37:45 | 000,000,272 | ---- | M] () -- C:\Windows\tasks\At529.job
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/04/12 23:21:43 | 000,000,000 | ---- | C] () -- C:\Users\Administrator\defogger_reenable
[2012/04/05 13:28:04 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At1141.job
[2012/04/05 13:28:03 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At1140.job
[2012/04/05 13:28:01 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At1139.job
[2012/04/05 13:28:00 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At1138.job
[2012/04/05 13:27:59 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At1137.job
[2012/04/05 13:27:58 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At1136.job
[2012/04/05 13:27:57 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At1135.job
[2012/04/05 13:27:56 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At1134.job
[2012/04/05 13:27:55 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At1133.job
[2012/04/05 13:27:54 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At1132.job
[2012/04/05 13:27:53 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At1131.job
[2012/04/05 13:27:52 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At1130.job
[2012/04/05 13:27:51 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At1129.job
[2012/04/05 13:27:50 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At1128.job
[2012/04/05 13:27:49 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At1127.job
[2012/04/05 13:27:48 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At1126.job
[2012/04/05 13:27:47 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At1125.job
[2012/04/05 13:27:45 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At1124.job
[2012/04/05 13:27:44 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At1123.job
[2012/04/05 13:27:43 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At1122.job
[2012/04/05 13:27:42 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At1121.job
[2012/04/05 13:27:41 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At1120.job
[2012/04/05 13:27:40 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At1119.job
[2012/04/05 13:27:39 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At1118.job
[2012/04/05 13:27:38 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1117.job
[2012/04/05 13:27:37 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1116.job
[2012/04/05 13:27:35 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1115.job
[2012/04/05 13:27:34 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1114.job
[2012/04/05 13:27:33 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1113.job
[2012/04/05 13:27:32 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1112.job
[2012/04/05 13:27:30 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1111.job
[2012/04/05 13:27:29 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1110.job
[2012/04/05 13:27:28 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1109.job
[2012/04/05 13:27:27 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1108.job
[2012/04/05 13:27:25 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1107.job
[2012/04/05 13:27:24 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1106.job
[2012/04/05 13:27:23 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1105.job
[2012/04/05 13:27:22 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1104.job
[2012/04/05 13:27:20 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1103.job
[2012/04/05 13:27:19 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1102.job
[2012/04/05 13:27:18 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1101.job
[2012/04/05 13:27:17 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1100.job
[2012/04/05 13:27:15 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1099.job
[2012/04/05 13:27:14 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1098.job
[2012/04/05 13:27:13 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1097.job
[2012/04/05 13:27:11 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1096.job
[2012/04/05 13:27:10 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1095.job
[2012/04/05 13:27:09 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1094.job
[2012/03/31 15:45:43 | 000,000,270 | ---- | C] () -- C:\Windows\tasks\At1093.job
[2012/03/31 15:45:40 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At1092.job
[2012/03/31 15:45:34 | 000,000,338 | ---- | C] () -- C:\Windows\tasks\At1089.job
[2012/03/31 14:27:49 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1086.job
[2012/03/31 14:27:48 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1085.job
[2012/03/31 14:27:47 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1084.job
[2012/03/31 14:27:46 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1083.job
[2012/03/31 14:27:45 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1082.job
[2012/03/31 14:27:45 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1081.job
[2012/03/31 14:27:44 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1080.job
[2012/03/31 14:27:43 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1079.job
[2012/03/31 14:27:42 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1078.job
[2012/03/31 14:27:41 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1077.job
[2012/03/31 14:27:40 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1076.job
[2012/03/31 14:27:40 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1075.job
[2012/03/31 14:27:39 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1074.job
[2012/03/31 14:27:38 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1073.job
[2012/03/31 14:27:38 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1072.job
[2012/03/31 14:27:37 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1071.job
[2012/03/31 14:27:36 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1070.job
[2012/03/31 14:27:36 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1069.job
[2012/03/31 14:27:35 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1068.job
[2012/03/31 14:27:34 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1067.job
[2012/03/31 14:27:34 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1066.job
[2012/03/31 14:27:33 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1065.job
[2012/03/31 14:27:32 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1064.job
[2012/03/31 14:27:31 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1063.job
[2012/03/31 14:27:31 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At1062.job
[2012/03/31 14:27:30 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At1061.job
[2012/03/31 14:27:30 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At1060.job
[2012/03/31 14:27:29 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At1059.job
[2012/03/31 14:27:28 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At1058.job
[2012/03/31 14:27:27 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At1057.job
[2012/03/31 14:27:27 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At1056.job
[2012/03/31 14:27:26 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At1055.job
[2012/03/31 14:27:25 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At1054.job
[2012/03/31 14:27:24 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At1053.job
[2012/03/31 14:27:24 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At1052.job
[2012/03/31 14:27:23 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At1051.job
[2012/03/31 14:27:22 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At1050.job
[2012/03/31 14:27:21 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At1049.job
[2012/03/31 14:27:21 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At1048.job
[2012/03/31 14:27:20 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At1047.job
[2012/03/31 14:27:19 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At1046.job
[2012/03/31 14:27:18 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At1045.job
[2012/03/31 14:27:17 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1044.job
[2012/03/31 14:27:15 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1043.job
[2012/03/31 14:27:14 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1042.job
[2012/03/31 14:27:13 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1041.job
[2012/03/31 14:27:12 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1040.job
[2012/03/31 14:27:10 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At1039.job
[2012/03/30 03:27:48 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1038.job
[2012/03/30 03:27:47 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1037.job
[2012/03/30 03:27:46 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1036.job
[2012/03/30 03:27:45 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1035.job
[2012/03/30 03:27:43 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1034.job
[2012/03/30 03:27:40 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1033.job
[2012/03/30 03:27:39 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1032.job
[2012/03/30 03:27:38 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1031.job
[2012/03/30 03:27:37 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1030.job
[2012/03/30 03:27:35 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1029.job
[2012/03/30 03:27:31 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1028.job
[2012/03/30 03:27:30 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At1027.job
[2012/03/30 03:27:28 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At1026.job
[2012/03/30 03:27:27 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At1025.job
[2012/03/30 03:27:26 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At1024.job
[2012/03/27 00:53:35 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1023.job
[2012/03/27 00:53:33 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1022.job
[2012/03/27 00:53:31 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1021.job
[2012/03/27 00:53:30 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1020.job
[2012/03/27 00:53:26 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1019.job
[2012/03/27 00:53:22 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1018.job
[2012/03/27 00:53:20 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1017.job
[2012/03/27 00:53:19 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1016.job
[2012/03/27 00:53:18 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1015.job
[2012/03/27 00:53:16 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1014.job
[2012/03/27 00:53:15 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1013.job
[2012/03/27 00:53:14 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1012.job
[2012/03/27 00:53:13 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1011.job
[2012/03/27 00:53:12 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1010.job
[2012/03/27 00:53:11 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1009.job
[2012/03/27 00:53:10 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1008.job
[2012/03/27 00:53:10 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1007.job
[2012/03/27 00:53:09 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1006.job
[2012/03/27 00:53:08 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1005.job
[2012/03/27 00:53:07 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1004.job
[2012/03/27 00:53:05 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1003.job
[2012/03/27 00:53:04 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1002.job
[2012/03/27 00:53:03 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1001.job
[2012/03/27 00:53:02 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At1000.job
[2012/03/27 00:53:00 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At999.job
[2012/03/27 00:52:58 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At998.job
[2012/03/27 00:52:57 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At997.job
[2012/03/27 00:52:55 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At996.job
[2012/03/27 00:52:54 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At995.job
[2012/03/27 00:52:52 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At994.job
[2012/03/27 00:52:50 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At993.job
[2012/03/27 00:52:44 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At992.job
[2012/03/27 00:52:39 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At991.job
[2012/03/27 00:52:36 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At990.job
[2012/03/27 00:52:34 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At989.job
[2012/03/27 00:52:32 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At988.job
[2012/03/27 00:52:28 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At987.job
[2012/03/27 00:52:21 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At986.job
[2012/03/27 00:52:12 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At985.job
[2012/03/27 00:52:09 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At984.job
[2012/03/27 00:52:08 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At983.job
[2012/03/27 00:52:06 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At982.job
[2012/03/27 00:52:04 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At981.job
[2012/03/27 00:52:02 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At980.job
[2012/03/27 00:52:00 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At979.job
[2012/03/27 00:51:59 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At978.job
[2012/03/27 00:51:57 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At977.job
[2012/03/27 00:51:37 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At976.job
[2012/03/25 23:39:24 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At975.job
[2012/03/25 23:39:24 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At974.job
[2012/03/25 23:39:23 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At973.job
[2012/03/25 23:39:23 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At972.job
[2012/03/25 23:39:22 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At971.job
[2012/03/25 23:39:21 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At970.job
[2012/03/25 23:39:20 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At969.job
[2012/03/25 23:39:19 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At968.job
[2012/03/25 23:39:18 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At967.job
[2012/03/25 23:39:17 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At966.job
[2012/03/25 23:39:15 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At965.job
[2012/03/25 23:39:12 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At964.job
[2012/03/25 23:39:09 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At963.job
[2012/03/25 23:39:07 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At962.job
[2012/03/25 23:39:06 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At961.job
[2012/03/25 23:39:04 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At960.job
[2012/03/25 23:39:03 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At959.job
[2012/03/25 23:39:03 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At958.job
[2012/03/25 23:39:02 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At957.job
[2012/03/25 23:39:01 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At956.job
[2012/03/25 23:39:01 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At955.job
[2012/03/25 23:39:00 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At954.job
[2012/03/25 23:38:59 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At953.job
[2012/03/25 23:38:58 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At952.job
[2012/03/25 23:38:57 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At951.job
[2012/03/25 23:38:57 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At950.job
[2012/03/25 23:38:56 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At949.job
[2012/03/25 23:38:55 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At948.job
[2012/03/25 23:38:54 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At947.job
[2012/03/25 23:38:53 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At946.job
[2012/03/25 23:38:52 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At945.job
[2012/03/25 23:38:51 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At944.job
[2012/03/25 23:38:50 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At943.job
[2012/03/25 23:38:49 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At942.job
[2012/03/25 23:38:48 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At941.job
[2012/03/25 23:38:48 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At940.job
[2012/03/25 23:38:47 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At939.job
[2012/03/25 23:38:47 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At938.job
[2012/03/25 23:38:46 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At937.job
[2012/03/25 23:38:45 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At936.job
[2012/03/25 23:38:45 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At935.job
[2012/03/25 23:38:44 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At934.job
[2012/03/25 23:38:42 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At933.job
[2012/03/25 23:38:41 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At932.job
[2012/03/25 23:38:41 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At931.job
[2012/03/25 23:38:40 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At930.job
[2012/03/25 23:38:40 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At929.job
[2012/03/25 23:38:39 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At928.job
[2012/03/25 23:38:11 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At927.job
[2012/03/25 23:38:11 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At926.job
[2012/03/25 23:38:10 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At925.job
[2012/03/25 23:38:09 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At924.job
[2012/03/25 23:38:08 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At923.job
[2012/03/25 23:38:08 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At922.job
[2012/03/25 23:38:07 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At921.job
[2012/03/25 23:38:07 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At920.job
[2012/03/25 23:38:06 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At919.job
[2012/03/25 23:38:06 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At918.job
[2012/03/25 23:38:06 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At917.job
[2012/03/25 23:38:05 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At916.job
[2012/03/25 23:38:04 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At915.job
[2012/03/25 23:38:04 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At914.job
[2012/03/25 23:38:03 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At913.job
[2012/03/25 23:38:03 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At912.job
[2012/03/25 23:38:02 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At911.job
[2012/03/25 23:38:02 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At910.job
[2012/03/25 23:38:01 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At909.job
[2012/03/25 23:38:00 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At908.job
[2012/03/25 23:37:59 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At907.job
[2012/03/25 23:37:57 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At906.job
[2012/03/25 23:37:56 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At905.job
[2012/03/25 23:37:54 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At904.job
[2012/03/25 23:37:53 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At903.job
[2012/03/25 23:37:52 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At902.job
[2012/03/25 23:37:51 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At901.job
[2012/03/25 23:37:50 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At900.job
[2012/03/25 23:37:48 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At899.job
[2012/03/25 23:37:47 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At898.job
[2012/03/25 23:37:46 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At896.job
[2012/03/25 23:37:46 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At897.job
[2012/03/25 23:37:45 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At895.job
[2012/03/25 23:37:44 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At894.job
[2012/03/25 23:37:42 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At893.job
[2012/03/25 23:37:41 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At892.job
[2012/03/25 23:37:40 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At891.job
[2012/03/25 23:37:39 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At890.job
[2012/03/25 23:37:38 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At889.job
[2012/03/25 23:37:37 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At888.job
[2012/03/25 23:37:36 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At887.job
[2012/03/25 23:37:34 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At886.job
[2012/03/25 23:37:33 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At885.job
[2012/03/25 23:37:32 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At884.job
[2012/03/25 23:37:32 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At883.job
[2012/03/25 23:37:31 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At882.job
[2012/03/25 23:37:30 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At880.job
[2012/03/25 23:37:30 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At881.job
[2012/03/25 23:37:29 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At879.job
[2012/03/25 23:37:28 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At878.job
[2012/03/25 23:37:28 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At877.job
[2012/03/25 23:37:27 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At876.job
[2012/03/25 23:37:26 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At875.job
[2012/03/25 23:37:25 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At874.job
[2012/03/25 23:37:25 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At873.job
[2012/03/25 23:37:24 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At872.job
[2012/03/25 23:37:24 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At871.job
[2012/03/25 23:37:23 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At870.job
[2012/03/25 23:37:21 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At869.job
[2012/03/25 23:37:20 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At868.job
[2012/03/25 23:37:19 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At867.job
[2012/03/25 23:37:17 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At866.job
[2012/03/25 23:37:17 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At865.job
[2012/03/25 23:37:16 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At864.job
[2012/03/25 23:37:15 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At862.job
[2012/03/25 23:37:15 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At863.job
[2012/03/25 23:37:14 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At861.job
[2012/03/25 23:37:13 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At860.job
[2012/03/25 23:37:12 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At859.job
[2012/03/25 23:37:10 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At858.job
[2012/03/25 23:37:09 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At857.job
[2012/03/25 23:37:07 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At856.job
[2012/03/25 23:37:07 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At855.job
[2012/03/25 23:37:06 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At854.job
[2012/03/25 23:37:05 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At853.job
[2012/03/25 23:37:04 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At852.job
[2012/03/25 23:37:03 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At851.job
[2012/03/25 23:37:02 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At850.job
[2012/03/25 23:37:02 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At849.job
[2012/03/25 23:37:01 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At848.job
[2012/03/25 23:37:01 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At847.job
[2012/03/25 23:37:00 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At846.job
[2012/03/25 23:36:59 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At844.job
[2012/03/25 23:36:59 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At845.job
[2012/03/25 23:36:58 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At843.job
[2012/03/25 23:36:57 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At842.job
[2012/03/25 23:36:57 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At841.job
[2012/03/25 23:36:55 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At840.job
[2012/03/25 23:36:55 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At839.job
[2012/03/25 23:36:52 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At838.job
[2012/03/25 23:36:51 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At837.job
[2012/03/25 23:36:50 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At836.job
[2012/03/25 23:36:49 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At835.job
[2012/03/25 23:36:48 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At834.job
[2012/03/25 23:36:46 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At833.job
[2012/03/25 23:36:45 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At832.job
[2012/03/25 23:36:44 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At831.job
[2012/03/25 23:36:43 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At830.job
[2012/03/25 23:36:42 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At829.job
[2012/03/25 23:36:41 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At828.job
[2012/03/25 23:36:40 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At827.job
[2012/03/25 23:36:38 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At826.job
[2012/03/25 23:36:37 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At825.job
[2012/03/25 23:36:36 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At824.job
[2012/03/25 23:36:34 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At823.job
[2012/03/25 23:36:33 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At822.job
[2012/03/25 23:36:32 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At821.job
[2012/03/25 23:36:30 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At820.job
[2012/03/25 23:36:29 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At819.job
[2012/03/25 23:36:28 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At818.job
[2012/03/25 23:36:27 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At817.job
[2012/03/25 23:36:26 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At816.job
[2012/03/25 23:36:24 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At815.job
[2012/03/25 23:36:23 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At814.job
[2012/03/25 23:36:22 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At813.job
[2012/03/25 23:36:20 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At812.job
[2012/03/25 23:36:19 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At811.job
[2012/03/25 23:36:18 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At810.job
[2012/03/25 23:36:17 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At809.job
[2012/03/25 23:36:15 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At808.job
[2012/03/25 23:36:14 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At807.job
[2012/03/25 23:36:13 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At806.job
[2012/03/25 23:36:12 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At805.job
[2012/03/25 23:36:11 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At804.job
[2012/03/25 23:36:10 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At803.job
[2012/03/25 23:36:09 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At802.job
[2012/03/25 23:36:08 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At801.job
[2012/03/25 23:36:06 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At800.job
[2012/03/25 23:36:05 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At799.job
[2012/03/25 23:36:04 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At798.job
[2012/03/25 23:36:03 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At797.job
[2012/03/25 23:36:03 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At796.job
[2012/03/25 23:36:01 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At795.job
[2012/03/25 23:35:59 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At794.job
[2012/03/25 23:35:57 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At793.job
[2012/03/25 23:35:56 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At792.job
[2012/03/25 23:35:53 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At791.job
[2012/03/25 23:35:51 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At790.job
[2012/03/25 23:35:50 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At789.job
[2012/03/25 23:35:49 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At788.job
[2012/03/25 23:35:48 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At787.job
[2012/03/25 23:35:46 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At785.job
[2012/03/25 23:35:46 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At786.job
[2012/03/25 23:35:45 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At784.job
[2012/03/25 23:35:44 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At783.job
[2012/03/25 23:35:41 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At781.job
[2012/03/25 23:35:41 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At782.job
[2012/03/25 23:35:39 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At780.job
[2012/03/25 23:35:37 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At779.job
[2012/03/25 23:35:34 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At778.job
[2012/03/25 23:35:33 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At777.job
[2012/03/25 23:35:32 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At776.job
[2012/03/25 23:35:31 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At775.job
[2012/03/25 23:35:29 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At774.job
[2012/03/25 23:35:28 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At773.job
[2012/03/25 23:35:26 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At772.job
[2012/03/25 23:35:25 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At771.job
[2012/03/25 23:35:23 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At770.job
[2012/03/25 23:35:22 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At769.job
[2012/03/25 23:35:21 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At768.job
[2012/03/25 23:35:20 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At767.job
[2012/03/25 23:35:18 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At766.job
[2012/03/25 23:35:16 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At765.job
[2012/03/25 23:35:13 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At764.job
[2012/03/25 23:35:10 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At763.job
[2012/03/25 23:35:06 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At762.job
[2012/03/25 23:35:01 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At761.job
[2012/03/25 23:34:59 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At760.job
[2012/03/25 23:34:59 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At759.job
[2012/03/25 23:34:56 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At758.job
[2012/03/25 23:34:54 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At757.job
[2012/03/25 23:34:50 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At756.job
[2012/03/25 23:34:47 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At755.job
[2012/03/25 23:34:42 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At754.job
[2012/03/25 23:34:36 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At753.job
[2012/03/25 23:34:31 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At752.job
[2012/03/25 23:34:21 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At751.job
[2012/03/25 23:34:06 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At750.job
[2012/03/25 23:34:04 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At749.job
[2012/03/25 23:34:04 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At748.job
[2012/03/25 23:34:03 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At747.job
[2012/03/25 23:34:02 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At746.job
[2012/03/25 23:34:01 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At745.job
[2012/03/25 23:34:01 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At744.job
[2012/03/25 23:34:00 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At743.job
[2012/03/25 23:33:59 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At742.job
[2012/03/25 23:33:57 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At741.job
[2012/03/25 23:33:55 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At740.job
[2012/03/25 23:33:51 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At739.job
[2012/03/25 23:33:49 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At738.job
[2012/03/25 23:33:48 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At737.job
[2012/03/25 23:33:42 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At736.job
[2012/03/24 00:27:57 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At735.job
[2012/03/24 00:27:55 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At734.job
[2012/03/24 00:27:54 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At733.job
[2012/03/24 00:27:53 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At732.job
[2012/03/24 00:27:52 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At731.job
[2012/03/24 00:27:51 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At730.job
[2012/03/24 00:27:50 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At729.job
[2012/03/24 00:27:49 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At728.job
[2012/03/24 00:27:48 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At727.job
[2012/03/24 00:27:47 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At726.job
[2012/03/24 00:27:46 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At725.job
[2012/03/24 00:27:45 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At724.job
[2012/03/24 00:27:44 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At723.job
[2012/03/24 00:27:43 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At722.job
[2012/03/24 00:27:42 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At721.job
[2012/03/24 00:27:41 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At720.job
[2012/03/24 00:27:39 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At719.job
[2012/03/24 00:27:39 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At718.job
[2012/03/24 00:27:37 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At717.job
[2012/03/24 00:27:36 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At716.job
[2012/03/24 00:27:35 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At715.job
[2012/03/24 00:27:34 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At714.job
[2012/03/24 00:27:33 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At713.job
[2012/03/24 00:27:32 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At712.job
[2012/03/24 00:27:31 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At711.job
[2012/03/24 00:27:29 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At710.job
[2012/03/24 00:27:28 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At709.job
[2012/03/24 00:27:27 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At708.job
[2012/03/24 00:27:26 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At707.job
[2012/03/24 00:27:25 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At706.job
[2012/03/24 00:27:24 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At705.job
[2012/03/24 00:27:23 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At704.job
[2012/03/24 00:27:21 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At703.job
[2012/03/24 00:27:20 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At702.job
[2012/03/24 00:27:19 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At701.job
[2012/03/24 00:27:18 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At700.job
[2012/03/24 00:27:16 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At699.job
[2012/03/24 00:27:15 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At698.job
[2012/03/24 00:27:14 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At697.job
[2012/03/24 00:27:13 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At696.job
[2012/03/24 00:27:11 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At695.job
[2012/03/24 00:27:10 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At694.job
[2012/03/24 00:27:09 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At693.job
[2012/03/24 00:27:08 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At692.job
[2012/03/24 00:27:07 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At691.job
[2012/03/24 00:27:05 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At690.job
[2012/03/24 00:27:04 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At689.job
[2012/03/24 00:27:03 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At688.job
[2012/03/22 21:25:05 | 000,008,013 | -HS- | C] () -- C:\Users\Administrator\Desktop\Folder.jpg
[2012/03/22 21:25:05 | 000,002,286 | -HS- | C] () -- C:\Users\Administrator\Desktop\AlbumArtSmall.jpg
[2012/03/22 05:43:01 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At687.job
[2012/03/22 05:42:57 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At686.job
[2012/03/22 05:42:55 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At685.job
[2012/03/22 05:42:53 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At684.job
[2012/03/22 05:42:51 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At683.job
[2012/03/22 05:42:49 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At682.job
[2012/03/22 05:42:47 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At681.job
[2012/03/22 05:42:46 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At680.job
[2012/03/22 05:42:43 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At679.job
[2012/03/22 05:42:41 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At678.job
[2012/03/22 05:42:39 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At677.job
[2012/03/22 05:42:36 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At676.job
[2012/03/22 05:42:34 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At675.job
[2012/03/22 05:42:32 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At674.job
[2012/03/22 05:42:30 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At673.job
[2012/03/22 05:42:28 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At672.job
[2012/03/22 05:42:25 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At671.job
[2012/03/22 05:42:22 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At670.job
[2012/03/22 05:42:19 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At669.job
[2012/03/22 05:42:14 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At668.job
[2012/03/22 05:42:09 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At667.job
[2012/03/22 05:42:05 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At666.job
[2012/03/22 05:42:01 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At665.job
[2012/03/22 05:41:58 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At664.job
[2012/03/22 05:41:54 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At663.job
[2012/03/22 05:41:49 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At662.job
[2012/03/22 05:41:47 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At661.job
[2012/03/22 05:41:43 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At660.job
[2012/03/22 05:41:41 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At659.job
[2012/03/22 05:41:40 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At658.job
[2012/03/22 05:41:38 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At657.job
[2012/03/22 05:41:36 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At656.job
[2012/03/22 05:41:33 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At655.job
[2012/03/22 05:41:31 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At654.job
[2012/03/22 05:41:29 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At653.job
[2012/03/22 05:41:27 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At652.job
[2012/03/22 05:41:25 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At651.job
[2012/03/22 05:41:23 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At650.job
[2012/03/22 05:41:21 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At649.job
[2012/03/22 05:41:17 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At648.job
[2012/03/22 05:41:15 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At647.job
[2012/03/22 05:40:45 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At646.job
[2012/03/22 05:40:37 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At645.job
[2012/03/22 05:40:30 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At644.job
[2012/03/22 05:40:26 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At643.job
[2012/03/22 05:40:21 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At642.job
[2012/03/22 05:40:19 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At641.job
[2012/03/22 05:40:18 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At640.job
[2012/03/22 05:40:16 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At639.job
[2012/03/22 05:40:13 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At638.job
[2012/03/22 05:40:10 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At637.job
[2012/03/22 05:40:08 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At636.job
[2012/03/22 05:40:04 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At635.job
[2012/03/22 05:40:02 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At634.job
[2012/03/22 05:39:59 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At633.job
[2012/03/22 05:39:58 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At632.job
[2012/03/22 05:39:55 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At631.job
[2012/03/22 05:39:52 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At630.job
[2012/03/22 05:39:49 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At629.job
[2012/03/22 05:39:41 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At628.job
[2012/03/22 05:39:36 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At627.job
[2012/03/22 05:39:31 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At626.job
[2012/03/22 05:38:46 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At625.job
[2012/03/19 20:29:51 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At623.job
[2012/03/19 20:29:51 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\At624.job
[2012/03/19 20:29:49 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At622.job
[2012/03/19 20:29:48 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At621.job
[2012/03/19 20:29:48 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At620.job
[2012/03/19 20:29:47 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At619.job
[2012/03/19 20:29:47 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At618.job
[2012/03/19 20:29:46 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At617.job
[2012/03/19 20:29:45 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At616.job
[2012/03/19 20:29:44 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At615.job
[2012/03/19 20:29:43 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At614.job
[2012/03/19 20:29:43 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At613.job
[2012/03/19 20:29:42 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At612.job
[2012/03/19 20:29:41 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At611.job
[2012/03/19 20:29:40 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At610.job
[2012/03/19 20:29:40 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At609.job
[2012/03/19 20:29:39 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At608.job
[2012/03/19 20:29:38 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At607.job
[2012/03/19 20:29:38 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At606.job
[2012/03/19 20:29:36 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At605.job
[2012/03/19 20:29:35 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At604.job
[2012/03/19 20:29:35 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At603.job
[2012/03/19 20:29:34 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At602.job
[2012/03/19 20:29:33 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At601.job
[2012/03/19 20:29:32 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At600.job
[2012/03/19 20:29:31 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At599.job
[2012/03/19 20:29:29 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At598.job
[2012/03/19 20:29:28 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At597.job
[2012/03/19 20:29:27 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At596.job
[2012/03/19 20:29:26 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At595.job
[2012/03/19 20:29:25 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At594.job
[2012/03/19 20:29:24 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At593.job
[2012/03/19 20:29:23 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At592.job
[2012/03/19 20:29:22 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At591.job
[2012/03/19 20:29:21 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At590.job
[2012/03/19 20:29:19 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At589.job
[2012/03/19 20:29:18 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At588.job
[2012/03/19 20:29:16 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At587.job
[2012/03/19 20:29:15 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At586.job
[2012/03/19 20:29:14 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At585.job
[2012/03/19 20:29:13 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At584.job
[2012/03/19 20:29:12 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At583.job
[2012/03/19 20:29:10 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At582.job
[2012/03/19 20:29:09 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At581.job
[2012/03/19 20:29:08 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At580.job
[2012/03/19 20:29:06 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At579.job
[2012/03/19 20:29:05 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At578.job
[2012/03/19 20:29:03 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At577.job
[2012/03/19 18:38:43 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At576.job
[2012/03/19 18:38:42 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At575.job
[2012/03/19 18:38:41 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At574.job
[2012/03/19 18:38:40 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At573.job
[2012/03/19 18:38:39 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At572.job
[2012/03/19 18:38:39 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At571.job
[2012/03/19 18:38:38 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At570.job
[2012/03/19 18:38:37 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At569.job
[2012/03/19 18:38:36 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At568.job
[2012/03/19 18:38:36 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At567.job
[2012/03/19 18:38:34 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At566.job
[2012/03/19 18:38:31 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At565.job
[2012/03/19 18:38:27 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At564.job
[2012/03/19 18:38:23 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At563.job
[2012/03/19 18:38:22 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At562.job
[2012/03/19 18:38:21 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At561.job
[2012/03/19 18:38:20 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At560.job
[2012/03/19 18:38:20 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At559.job
[2012/03/19 18:38:19 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At558.job
[2012/03/19 18:38:18 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At557.job
[2012/03/19 18:38:17 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At556.job
[2012/03/19 18:38:16 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At555.job
[2012/03/19 18:38:15 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At554.job
[2012/03/19 18:38:15 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\At553.job
[2012/03/19 18:38:14 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At552.job
[2012/03/19 18:38:12 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At551.job
[2012/03/19 18:38:12 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At550.job
[2012/03/19 18:38:11 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At549.job
[2012/03/19 18:38:10 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At548.job
[2012/03/19 18:38:08 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At547.job
[2012/03/19 18:38:07 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At546.job
[2012/03/19 18:38:06 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At545.job
[2012/03/19 18:38:05 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At544.job
[2012/03/19 18:38:04 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At543.job
[2012/03/19 18:38:03 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At542.job
[2012/03/19 18:38:01 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At541.job
[2012/03/19 18:38:00 | 000,000,340 | ---- | C] () -- C:\Windows\tasks\At540.job
[2012/03/19 18:37:58 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At539.job
[2012/03/19 18:37:57 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At538.job
[2012/03/19 18:37:56 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At537.job
[2012/03/19 18:37:55 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At536.job
[2012/03/19 18:37:54 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At535.job
[2012/03/19 18:37:52 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At534.job
[2012/03/19 18:37:51 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At533.job
[2012/03/19 18:37:50 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At532.job
[2012/03/19 18:37:48 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At531.job
[2012/03/19 18:37:47 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At530.job
[2012/03/19 18:37:45 | 000,000,272 | ---- | C] () -- C:\Windows\tasks\At529.job
[2012/02/26 11:29:14 | 000,000,001 | ---- | C] () -- C:\ProgramData\7xuu3YBD.exe_.b
[2012/01/08 13:45:45 | 000,012,228 | -HS- | C] () -- C:\Users\Administrator\AppData\Local\job0c0r2vnmw
[2012/01/08 13:45:45 | 000,012,228 | -HS- | C] () -- C:\ProgramData\job0c0r2vnmw
[2012/01/02 04:29:21 | 000,011,550 | -HS- | C] () -- C:\Users\Administrator\AppData\Local\023dk45ia10f34608670dfrpdm0o820wgx6xe87584i
[2012/01/02 04:29:21 | 000,011,550 | -HS- | C] () -- C:\ProgramData\023dk45ia10f34608670dfrpdm0o820wgx6xe87584i
[2011/12/21 18:39:41 | 000,011,434 | -HS- | C] () -- C:\Users\Administrator\AppData\Local\8l81hj4q37h261
[2011/12/21 18:39:41 | 000,011,434 | -HS- | C] () -- C:\ProgramData\8l81hj4q37h261
[2011/12/16 22:07:27 | 000,003,644 | -HS- | C] () -- C:\Users\Administrator\AppData\Local\xhjvql3i4yxp4ume2wny4f745o4j
[2011/12/16 22:07:27 | 000,003,644 | -HS- | C] () -- C:\ProgramData\xhjvql3i4yxp4ume2wny4f745o4j
[2011/12/15 17:08:54 | 000,000,000 | ---- | C] () -- C:\ProgramData\7xuu3YBD.exe.b
[2011/12/15 12:46:40 | 000,000,001 | ---- | C] () -- C:\Windows\System32\3n1Ak.com.b
[2011/12/15 12:37:44 | 000,000,112 | ---- | C] () -- C:\ProgramData\R4TCkv516.dat
[2011/12/14 20:32:26 | 000,011,166 | -HS- | C] () -- C:\Users\Administrator\AppData\Local\313628r8x660a371c644s3pff3f0
[2011/12/14 20:32:26 | 000,011,166 | -HS- | C] () -- C:\ProgramData\313628r8x660a371c644s3pff3f0
[2011/12/12 00:08:03 | 000,000,691 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\GetValue.vbs
[2011/12/12 00:08:03 | 000,000,035 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\SetValue.bat
[2011/12/12 00:03:20 | 000,075,776 | ---- | C] () -- C:\Windows\System32\WS2Fix.exe
[2011/12/12 00:03:19 | 000,051,200 | ---- | C] () -- C:\Windows\System32\dumphive.exe
[2011/12/12 00:03:19 | 000,040,960 | ---- | C] () -- C:\Windows\System32\swsc.exe
[2011/06/01 21:09:35 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/06/01 21:09:35 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/06/01 21:09:35 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/06/01 21:09:35 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/06/01 21:09:35 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/05/02 21:39:03 | 000,010,280 | -HS- | C] () -- C:\ProgramData\1080647302
[2011/05/02 21:39:03 | 000,010,280 | -HS- | C] () -- C:\Users\Administrator\AppData\Local\0o7l0g3c1o417th51a72l7ia164x0qlgr83h0
[2011/05/02 21:38:58 | 000,011,690 | -HS- | C] () -- C:\ProgramData\0o7l0g3c1o417th51a72l7ia164x0qlgr83h0
[2010/06/29 16:47:25 | 000,000,120 | ---- | C] () -- C:\Users\Administrator\AppData\Local\Tnisitam.dat
[2010/06/29 16:47:25 | 000,000,000 | ---- | C] () -- C:\Users\Administrator\AppData\Local\Idixucenafidacos.bin

========== Alternate Data Streams ==========

@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >

Extra

OTL Extras logfile created on: 4/16/2012 07:11:52 PM - Run 1
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\Administrator\Downloads
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.64 Gb Available Physical Memory | 32.17% Memory free
4.24 Gb Paging File | 2.58 Gb Available in Paging File | 60.95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298.09 Gb Total Space | 134.02 Gb Free Space | 44.96% Space Free | Partition Type: NTFS

Computer Name: DEOK-PC | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"UpdatesDisableNotify" = 0x00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{28ADEDE1-A4D5-42D8-9B05-BF7C283C4059}" = protocol=6 | dir=in | app=c:\windows\system32\svchost.exe |
"{28ADEDE1-A4D5-42D8-9B05-BF7C283C4060}" = protocol=6 | dir=out | app=c:\windows\system32\svchost.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 25
"{29ED20C9-5E15-4969-9279-25BF3727A3DA}" = iTunes
"{30120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System (Beta)
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5A13987D-55F4-4271-A40E-76AC9B1B38FD}" = OpenOffice.org 3.2
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}" = Apple Mobile Device Support
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"4Media ISO Burner" = 4Media ISO Burner
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"CCleaner" = CCleaner
"C-Media C6501 Like Sound Driver" = C-Media CM6501 Like Sound Driver
"ESET Online Scanner" = ESET Online Scanner v3
"FrostWire" = FrostWire 4.21.1
"LimeUSA" = ¶óÀÓUSA
"LimeWire" = LimeWire 5.1.3
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"Search Toolbar" = Search Toolbar
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"StarCraft II" = StarCraft II
"Steam App 240" = Counter-Strike: Source
"Steam App 38830" = CrimeCraft GangWars
"TeamViewer 5" = TeamViewer 5
"uTorrent" = µTorrent
"uTorrentBar Toolbar" = uTorrentBar Toolbar
"ViewpointMediaPlayer" = Viewpoint Media Player
"Warcraft III" = Warcraft III
"WinRAR archiver" = WinRAR archiver
"World of Warcraft" = World of Warcraft
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"Google Chrome" = Google Chrome
"Move Media Player" = Move Media Player
"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/12/2012 10:46:53 PM | Computer Name = Deok-PC | Source = WinMgmt | ID = 10
Description =

Error - 4/13/2012 11:32:28 AM | Computer Name = Deok-PC | Source = WinMgmt | ID = 10
Description =

Error - 4/13/2012 12:29:49 PM | Computer Name = Deok-PC | Source = WinMgmt | ID = 10
Description =

Error - 4/13/2012 08:36:24 PM | Computer Name = Deok-PC | Source = WinMgmt | ID = 10
Description =

Error - 4/13/2012 08:38:43 PM | Computer Name = Deok-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 4/14/2012 10:55:50 AM | Computer Name = Deok-PC | Source = WinMgmt | ID = 10
Description =

Error - 4/14/2012 06:40:13 PM | Computer Name = Deok-PC | Source = WinMgmt | ID = 10
Description =

Error - 4/15/2012 09:12:19 PM | Computer Name = Deok-PC | Source = WinMgmt | ID = 10
Description =

Error - 4/16/2012 08:02:55 PM | Computer Name = Deok-PC | Source = WinMgmt | ID = 10
Description =

Error - 4/16/2012 08:03:33 PM | Computer Name = Deok-PC | Source = Windows Search Service | ID = 3013
Description =

[ System Events ]
Error - 4/16/2012 08:02:56 PM | Computer Name = Deok-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 4/16/2012 08:02:56 PM | Computer Name = Deok-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 4/16/2012 08:02:56 PM | Computer Name = Deok-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 4/16/2012 08:02:56 PM | Computer Name = Deok-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 4/16/2012 08:02:56 PM | Computer Name = Deok-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 4/16/2012 08:02:56 PM | Computer Name = Deok-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 4/16/2012 08:02:56 PM | Computer Name = Deok-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 4/16/2012 08:10:36 PM | Computer Name = Deok-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 4/16/2012 08:10:36 PM | Computer Name = Deok-PC | Source = Microsoft-Windows-Servicing | ID = 4375
Description =

Error - 4/16/2012 08:12:21 PM | Computer Name = Deok-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =


< End of report >




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users