Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected "Trojan.Agent/Gen-Symmi, Gen-Zbot..." Unable to Remove with SAS or MBAM


  • This topic is locked This topic is locked
25 replies to this topic

#1 katzandmice

katzandmice

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:01:53 AM

Posted 28 December 2013 - 12:24 PM

The title is just the begining. Three days ago, computer literally stopped working (well, it was actually limping along very slowly). Ran MBAM, which found 128 threats, cleaned and removed everything, rebooted, no changes in performance. I have tried  SuperAntiSpyware (found 929 items) and TDSSKiller. TDSSKIller did find one rootkit (?) which was successfully removed, yet on restart, nothing really changed. I have since ran RKill followed by SAS and rebooting with no real success. The only way I am even getting my computer to run is by having ran RKill and not rebooting as well as keeping Task Manager open and repeatedly terminating a process named "updov.exe". CPU usage is continuosly running at 97-100%. I cannot boot up in any Safe Mode - when I try, I get the "blue screen" and a message to run check disk. On the first attempt in Safe Mode, I ran check disk (it took over 8 hours to run), it found and repaired one bad sector; however, subsequent attempts to boot in Safe Mode all result in the "blue screen" and same message (Unfortunately, I don't have the exact text from the message, other that what I wrote above). I have SAS Pro running in the background and at the bottom right of my screen I have a list of multiple Trojan.Agent/Gen-Symmi.Process, Z-Bot.Process items in the "Real-Time Protection Blocked Item Alert List"; however, running SAS results in only 7 cookies as threats (all of which are allowed by me). I think it's time to run ComboFix, but I will leave that decision to one of the wonderful volunteers at Bleepingcomputer.com to decide.

 

The latest RKill txt log is just below (the DDS.txt log will follow the RKill txt log):

 

Rkill 2.6.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/27/2013 11:19:25 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Documents and Settings\Owner\Application Data\Bokyqeom\updov.exe (PID: 2296) [UP-HEUR]
 * C:\WINDOWS\system32\okfiecce.exe (PID: 2508) [WD-HEUR]
 * C:\WINDOWS\system32\zoapus.exe (PID: 3000) [WD-HEUR]
 * C:\WINDOWS\system32\urbek.exe (PID: 3140) [WD-HEUR]
 * C:\WINDOWS\system32\woowara.exe (PID: 3208) [WD-HEUR]
 * C:\WINDOWS\system32\otbiax.exe (PID: 3264) [WD-HEUR]
 * C:\WINDOWS\system32\fyado.exe (PID: 3300) [WD-HEUR]
 * C:\WINDOWS\system32\elomm.exe (PID: 3324) [WD-HEUR]
 * C:\WINDOWS\system32\alarxi.exe (PID: 3352) [WD-HEUR]
 * C:\WINDOWS\system32\otanhanu.exe (PID: 3376) [WD-HEUR]
 * C:\WINDOWS\system32\uxolsa.exe (PID: 3400) [WD-HEUR]
 * C:\WINDOWS\system32\isvulay.exe (PID: 3432) [WD-HEUR]
 * C:\WINDOWS\system32\zeyteky.exe (PID: 3460) [WD-HEUR]
 * C:\WINDOWS\system32\ewoxynaxa.exe (PID: 3484) [WD-HEUR]
 * C:\WINDOWS\system32\ifgope.exe (PID: 3508) [WD-HEUR]
 * C:\WINDOWS\system32\efpaerzueb.exe (PID: 3536) [WD-HEUR]

16 proccesses terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Reparse Point/Junctions Found (Most likely legitimate)!

     * C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.ConfigUXv2\3.0.335.0__540d4816ead86321 => C:\WINDOWS\WinSxS\MSIL_Intuit.Spc.Esd.WinClient.Application.ConfigUXv2_540d4816ead86321_3.0.335.0_x-ww_29a6be0d [Dir]
     * C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.ConfigUXv2\3.1.31.0__540d4816ead86321 => C:\WINDOWS\WinSxS\MSIL_Intuit.Spc.Esd.WinClient.Application.ConfigUXv2_540d4816ead86321_3.1.31.0_x-ww_8b778a47 [Dir]
     * C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.Update\3.0.335.0__540d4816ead86321 => C:\WINDOWS\WinSxS\MSIL_Intuit.Spc.Esd.WinClient.Application.Update_540d4816ead86321_3.0.335.0_x-ww_e51d7605 [Dir]
     * C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.Update\3.1.31.0__540d4816ead86321 => C:\WINDOWS\WinSxS\MSIL_Intuit.Spc.Esd.WinClient.Application.Update_540d4816ead86321_3.1.31.0_x-ww_46ee423f [Dir]
     * C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a => C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492 [Dir]
     * C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.ConfigUXv4\v4.0_4.0.66.0__3ff6b78e2989595a => C:\WINDOWS\WinSxS\MSIL_Intuit.Spc.Esd.WinClient.Application.ConfigUXv4_3ff6b78e2989595a_4.0.66.0_x-ww_7acf93b2 [Dir]
     * C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.ConfigUXv4\v4.0_4.0.78.0__3ff6b78e2989595a => C:\WINDOWS\WinSxS\MSIL_Intuit.Spc.Esd.WinClient.Application.ConfigUXv4_3ff6b78e2989595a_4.0.78.0_x-ww_aa528373 [Dir]
     * C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.Update\v4.0_4.0.66.0__3ff6b78e2989595a => C:\WINDOWS\WinSxS\MSIL_Intuit.Spc.Esd.WinClient.Application.Update_3ff6b78e2989595a_4.0.66.0_x-ww_d938aa2c [Dir]
     * C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.Update\v4.0_4.0.78.0__3ff6b78e2989595a => C:\WINDOWS\WinSxS\MSIL_Intuit.Spc.Esd.WinClient.Application.Update_3ff6b78e2989595a_4.0.78.0_x-ww_8bb99ed [Dir]
     * C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35 => C:\WINDOWS\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5 [Dir]

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1 localhost

Program finished at: 12/27/2013 11:22:01 PM
Execution time: 0 hours(s), 2 minute(s), and 35 seconds(s)

 

DDS.Txt (log)

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6000.17055  BrowserJavaVersion: 1.6.0_20
Run by Owner at 11:37:16 on 2013-12-28
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.3198.1972 [GMT -5:00]
.
AV: Norton AntiVirus *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\Program Files\Quick PDF Tools\QuickPDFTCP0721.exe
C:\Program Files\Digital Media Reader\shwiconem.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAFA.EXE
C:\Program Files\VERIZONDM\bin\sprtcmd.exe
C:\Program Files\Sapro Systems WinCalendarV3\WinCalendarV3_SysTray.exe
C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\VERIZONDM\bin\sprtsvc.exe
C:\Program Files\VERIZONDM\bin\tgsrvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\msdtc.exe
C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Owner\Application Data\Bokyqeom\updov.exe
C:\Documents and Settings\Owner\Application Data\Bokyqeom\updov.exe
C:\Documents and Settings\Owner\Application Data\Bokyqeom\updov.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton antivirus\norton antivirus\engine\18.5.0.125\ips\ipsbho.dll
BHO: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - <orphaned>
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: DeLorme Send To GPS: {FBAAD182-3C7A-4BC4-A5E9-207B8E0F02FD} - c:\program files\delorme\sendtogps\PNPluginForIE.dll
TB: &Google: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
TB: &Google: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
TB: TurboTax ItsDeductible: {35CE0AE2-3411-4BB8-A16A-BEE30B282A26} - c:\program files\intuit\ido\IDOToolbar.dll
EB: {C92041C1-6D22-4069-BA0E-66246AA752B0} - <orphaned>
EB: Real.com: {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\shdocvw.dll
uRun: [WinCalendarV3] "c:\program files\sapro systems wincalendarv3\WinCalendarV3_SysTray.exe /q /c"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [Olawwiykm] "c:\documents and settings\owner\application data\ifugceon\ceunga.exe"
uRun: [Ylutygugpenoco] "c:\documents and settings\owner\application data\uqeftyel\irotuw.exe"
uRun: [Ahdeypsixa] "c:\documents and settings\owner\application data\ulbygu\lerae.exe"
uRun: [Onuzfidynaforiy] "c:\documents and settings\owner\application data\kowaciw\obpenu.exe"
uRun: [Vuwyopuwzihyc] "c:\documents and settings\owner\application data\umfeuni\efibi.exe"
uRun: [Efpinoopmeitg] "c:\documents and settings\owner\application data\bokyqeom\updov.exe"
mRun: [SunKistEM] "c:\program files\digital media reader\shwiconem.exe"
mRun: [EPSON Stylus CX7800 Series] "c:\windows\system32\spool\drivers\w32x86\3\E_FATIAFA.EXE" /P26 "EPSON Stylus CX7800 Series" /O6 "USB001" /M "Stylus CX7800"
mRun: [VERIZONDM] "c:\program files\verizondm\bin\sprtcmd.exe" /P VERIZONDM
mRun: [WinCalendarV3] "c:\program files\sapro systems wincalendarv3\WinCalendarV3_SysTray.exe" /q /c
mRun: [PMBVolumeWatcher] c:\program files\sony\playmemories home\PMBVolumeWatcher.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Carbonite Backup] c:\program files\carbonite\carbonite backup\CarboniteUI.exe
mRun: [Wyfeu] "c:\documents and settings\owner\application data\ytmuen\afoqyn.exe"
mRun: [Kaelpuqouhgiwoe] "c:\documents and settings\owner\application data\afdesuoz\medei.exe"
mRun: [Fyemtahak] "c:\documents and settings\owner\application data\sihuydb\toepoz.exe"
mRun: [Buuhyf] "c:\documents and settings\owner\application data\yvkiag\ryuhk.exe"
mRun: [Ipakernobeugedx] "c:\documents and settings\owner\application data\oloktuir\olykxuy.exe"
mRun: [Oznyz] "c:\documents and settings\owner\application data\wauddyy\amfour.exe"
mRun: [Ramemit] "c:\documents and settings\owner\application data\qilavy\dyemluq.exe"
mRun: [Olawwiykm] "c:\documents and settings\owner\application data\ifugceon\ceunga.exe"
mRun: [Daqoy] "c:\documents and settings\owner\application data\nuheek\erwuzy.exe"
mRun: [Yxpid] "c:\documents and settings\owner\application data\waypez\qowyyn.exe"
mRun: [Adbiuw] "c:\documents and settings\owner\application data\zoecvey\osbanyq.exe"
mRun: [Muygifa] "c:\documents and settings\owner\application data\fenyuw\abquuwl.exe"
mRun: [Avqyidat] "c:\documents and settings\owner\application data\nypeluh\ykuxyme.exe"
mRun: [Utxovuibbeorp] "c:\documents and settings\owner\application data\loovig\izzoezk.exe"
mRun: [Aroldya] "c:\documents and settings\owner\application data\attyfu\izqyli.exe"
mRun: [Okebiwix] "c:\documents and settings\owner\application data\lizywa\yvkaodm.exe"
mRun: [Memukaatinvuyda] "c:\documents and settings\owner\application data\weogynte\seotqee.exe"
mRun: [Yzxaguiqnelexav] "c:\documents and settings\owner\application data\ywykobaw\egovpo.exe"
mRun: [Yzuvifcyovwureu] "c:\documents and settings\owner\application data\niosycik\awevysp.exe"
mRun: [Xekuesnexye] "c:\documents and settings\owner\application data\quovhi\asahe.exe"
mRun: [Weihavzeucest] "c:\documents and settings\owner\application data\byuvfica\pesuun.exe"
mRun: [Ihonozucwiakka] "c:\documents and settings\owner\application data\gaewino\yfyha.exe"
mRun: [Madeowu] "c:\documents and settings\owner\application data\waonmo\qytyfux.exe"
mRun: [Goawugastoxoka] "c:\documents and settings\owner\application data\uhylyqi\iwyzi.exe"
mRun: [Xeepyxveatar] "c:\documents and settings\owner\application data\vebaedxi\byexh.exe"
mRun: [Dedyugecyda] "c:\documents and settings\owner\application data\okivuh\ypator.exe"
mRun: [Efolofviy] "c:\documents and settings\owner\application data\cyniel\gaoqiz.exe"
mRun: [Gyezsyk] "c:\documents and settings\owner\application data\cyuzyfxa\ahyns.exe"
mRun: [Irfecualfon] "c:\documents and settings\owner\application data\yxlohi\himel.exe"
mRun: [Vuwyopuwzihyc] "c:\documents and settings\owner\application data\umfeuni\efibi.exe"
mRun: [Kacam] "c:\documents and settings\owner\application data\ewupnyik\apfoa.exe"
mRun: [Amgeqeeqwobym] "c:\documents and settings\owner\application data\isxiow\acnuoq.exe"
mRun: [Uwyxaquzi] "c:\documents and settings\owner\application data\memyunnu\cocuyw.exe"
mRun: [Ofvuciemocugy] "c:\documents and settings\owner\application data\oquztaz\ciutsi.exe"
mRun: [Kuokhiniamig] "c:\documents and settings\owner\application data\ygbiecbi\ozoxa.exe"
mRun: [Ecogzaqaizruh] "c:\documents and settings\owner\application data\uxqeuh\kyqaz.exe"
mRun: [Qaifmylyulygaf] "c:\documents and settings\owner\application data\etvexi\gievok.exe"
mRun: [Icsuu] "c:\documents and settings\owner\application data\nyehoka\umdae.exe"
mRun: [Updeqylasaoc] "c:\documents and settings\owner\application data\zoemgik\egahwyc.exe"
mRun: [Womazidyepol] "c:\documents and settings\owner\application data\irapfuty\xokokil.exe"
mRun: [Tayghaxaoqti] "c:\documents and settings\owner\application data\izoselyw\eswux.exe"
mRun: [Nuqyy] "c:\documents and settings\owner\application data\yklaix\zyehgeu.exe"
mRun: [Onuzfidynaforiy] "c:\documents and settings\owner\application data\kowaciw\obpenu.exe"
mRun: [Odhowyyfriy] "c:\documents and settings\owner\application data\ynluwuak\olkequk.exe"
mRun: [Lytyyvxo] "c:\documents and settings\owner\application data\atyqqoe\azoker.exe"
mRun: [Duebutilmoiv] "c:\documents and settings\owner\application data\qawauso\axize.exe"
mRun: [Cyalecdunup] "c:\documents and settings\owner\application data\oxxeunzy\ifypir.exe"
mRun: [Ebmusycyo] "c:\documents and settings\owner\application data\goyxagol\ylzae.exe"
mRun: [Sacoxoc] "c:\documents and settings\owner\application data\gehoozri\ibryoca.exe"
mRun: [Sianqyyg] "c:\documents and settings\owner\application data\ezwiatpe\reabokn.exe"
mRun: [Ixsohoucovg] "c:\documents and settings\owner\application data\usnegefa\voafve.exe"
mRun: [Evutucpykoirvi] "c:\documents and settings\owner\application data\uqmuuk\tohuy.exe"
mRun: [Efpinoopmeitg] "c:\documents and settings\owner\application data\bokyqeom\updov.exe"
mRun: [Cifiizkaogu] "c:\documents and settings\owner\application data\kusiurit\ycxao.exe"
mRun: [Ekagebb] "c:\documents and settings\owner\application data\puxugofi\nipiix.exe"
mRun: [Syehidsouq] "c:\documents and settings\owner\application data\wuzucini\yfloy.exe"
mRun: [Ymlyly] "c:\documents and settings\owner\application data\fyvyupyt\kasasa.exe"
mRun: [Omyqkazeuz] "c:\documents and settings\owner\application data\ulezvium\tabeyz.exe"
mRun: [Qywouxonizhe] "c:\documents and settings\owner\application data\ukoxam\gaahcao.exe"
mRun: [Xeneumycfueq] "c:\documents and settings\owner\application data\ifsityh\foulo.exe"
mRun: [Uckaitynubziy] "c:\documents and settings\owner\application data\ydurluo\omfege.exe"
mRun: [Ogsiyfipakvuyde] "c:\documents and settings\owner\application data\yqnoahow\piysg.exe"
dRun: [WinCalendarV3] "c:\program files\sapro systems wincalendarv3\WinCalendarV3_SysTray.exe" /q /c
dRunOnce: [RunNarrator] Narrator.exe
uPolicies-Explorer: ForceActiveDesktopOn = 0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: &AOL Toolbar search - <no file>
IE: &Google Search - c:\program files\google\GoogleToolbar2.dll/cmsearch.html
IE: &Search - <no file>
IE: &Translate English Word - c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
IE: Backward Links - c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar2.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\google\GoogleToolbar2.dll/cmtrans.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - {35CE0AE2-3411-4BB8-A16A-BEE30B282A26}
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {E6EF5071-7647-4E85-9785-87B6CF5CB561} - {C92041C1-6D22-4069-BA0E-66246AA752B0}
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
Trusted Zone: turbotax.com
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{26C8D01F-3B8E-4BDD-AB9E-2282156249F0} : DHCPNameServer = 192.168.1.1 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
Notify: AtiExtEvent - Ati2evxx.dll
AppInit_DLLs= c:\progra~1\sk-ena~1\psupport.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - <orphaned>
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\ynca2p9k.default\
FF - prefs.js: browser.search.defaulturl - hxxp://websearch.searchguru.info/?pid=518&r=2013/12/18&hid=2474224359641992190&lg=EN&cc=US&unqvl=43&l=1&q=
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxps://cw411.checkfreeweb.com/pcw411/wps?rq=home&sp=1299
FF - prefs.js: keyword.URL -
FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\ipsffplgn\components\IPSFFPl.dll
FF - plugin: c:\documents and settings\owner\local settings\application data\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1204144.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_117.dll
.
============= SERVICES / DRIVERS ===============
.
.
=============== File Associations ===============
.
FileExt: .reg: Regedit.Document - HKCR\Unknown\Shell=c:\windows\system32\rundll32.exe c:\windows\system32\shell32.dll,OpenAs_RunDLL %1 [default=openas]
.
=============== Created Last 30 ================
.
2013-12-28 15:24:13    72192    ----a-w-    c:\windows\system32\tasklist.exe
2013-12-28 08:26:50    252288    ----a-r-    c:\windows\system32\cpnprt2.cid
2013-12-28 01:24:03    --------    d-----w-    C:\TDSSKiller_Quarantine
2013-12-27 22:47:51    217795    ----a-w-    c:\windows\system32\hemoivvoib.exe
2013-12-27 22:47:46    --------    d-----w-    c:\documents and settings\owner\application data\Wuzucini
2013-12-27 22:47:29    217795    ----a-w-    c:\windows\system32\woowara.exe
2013-12-27 22:47:11    --------    d-----w-    c:\documents and settings\owner\application data\Puxugofi
2013-12-27 22:46:39    217795    ----a-w-    c:\windows\system32\zoapus.exe
2013-12-27 22:46:31    --------    d-----w-    c:\documents and settings\owner\application data\Kusiurit
2013-12-27 22:45:27    217795    ----a-w-    c:\windows\system32\isvulay.exe
2013-12-27 22:45:22    --------    d-----w-    c:\documents and settings\owner\application data\Bokyqeom
2013-12-27 22:45:05    217795    ----a-w-    c:\windows\system32\urbek.exe
2013-12-27 22:44:54    --------    d-----w-    c:\documents and settings\owner\application data\Uqmuuk
2013-12-27 18:52:26    217795    ----a-w-    c:\windows\system32\efpaerzueb.exe
2013-12-27 18:52:15    --------    d-----w-    c:\documents and settings\owner\application data\Usnegefa
2013-12-27 18:52:04    217795    ----a-w-    c:\windows\system32\fyado.exe
2013-12-27 18:51:47    --------    d-----w-    c:\documents and settings\owner\application data\Ezwiatpe
2013-12-27 18:50:56    217795    ----a-w-    c:\windows\system32\axehweewu.exe
2013-12-27 18:50:21    --------    d-----w-    c:\documents and settings\owner\application data\Gehoozri
2013-12-27 18:49:09    217795    ----a-w-    c:\windows\system32\vefoosisex.exe
2013-12-27 18:49:06    --------    d-----w-    c:\documents and settings\owner\application data\Goyxagol
2013-12-27 18:48:27    217795    ----a-w-    c:\windows\system32\otanhanu.exe
2013-12-27 18:48:18    --------    d-----w-    c:\documents and settings\owner\application data\Oxxeunzy
2013-12-27 18:47:54    217795    ----a-w-    c:\windows\system32\alarxi.exe
2013-12-27 18:47:46    --------    d-----w-    c:\documents and settings\owner\application data\Qawauso
2013-12-27 18:47:02    217795    ----a-w-    c:\windows\system32\ewoxynaxa.exe
2013-12-27 18:46:59    --------    d-----w-    c:\documents and settings\owner\application data\Atyqqoe
2013-12-27 18:46:31    217795    ----a-w-    c:\windows\system32\otbiax.exe
2013-12-27 18:46:26    --------    d-----w-    c:\documents and settings\owner\application data\Ynluwuak
2013-12-27 16:29:02    218791    ----a-w-    c:\windows\system32\okfiecce.exe
2013-12-27 16:28:53    --------    d-----w-    c:\documents and settings\owner\application data\Ulezvium
2013-12-27 16:28:26    218791    ----a-w-    c:\windows\system32\ifgope.exe
2013-12-27 16:27:54    --------    d-----w-    c:\documents and settings\owner\application data\Yqnoahow
2013-12-27 16:27:35    218791    ----a-w-    c:\windows\system32\uxolsa.exe
2013-12-27 16:27:19    --------    d-----w-    c:\documents and settings\owner\application data\Ifsityh
2013-12-27 16:26:22    218791    ----a-w-    c:\windows\system32\elomm.exe
2013-12-27 16:26:11    --------    d-----w-    c:\documents and settings\owner\application data\Ukoxam
2013-12-27 16:25:40    218791    ----a-w-    c:\windows\system32\zeyteky.exe
2013-12-27 16:25:32    --------    d-----w-    c:\documents and settings\owner\application data\Ydurluo
2013-12-27 16:24:54    218791    ----a-w-    c:\windows\system32\woevzoyg.exe
2013-12-27 16:24:48    --------    d-----w-    c:\documents and settings\owner\application data\Kowaciw
2013-12-27 15:29:59    --------    d-----w-    c:\documents and settings\owner\application data\Cyuzyfxa
2013-12-27 15:28:04    --------    d-----w-    c:\documents and settings\owner\application data\Equnduw
2013-12-27 15:28:03    --------    d-----w-    c:\documents and settings\owner\application data\Moizxe
2013-12-27 15:28:03    --------    d-----w-    c:\documents and settings\owner\application data\Guezboto
2013-12-27 15:28:03    --------    d-----w-    c:\documents and settings\owner\application data\Ecidiqq
2013-12-27 15:28:02    --------    d-----w-    c:\documents and settings\owner\application data\Qyxaiqz
2013-12-27 15:28:02    --------    d-----w-    c:\documents and settings\owner\application data\Ogirofxu
2013-12-27 15:28:02    --------    d-----w-    c:\documents and settings\owner\application data\Afqoro
2013-12-27 10:52:34    218791    ----a-w-    c:\windows\system32\geehzusu.exe
2013-12-27 10:51:55    218791    ----a-w-    c:\windows\system32\ygekpiuc.exe
2013-12-27 10:50:58    218791    ----a-w-    c:\windows\system32\etucaroh.exe
2013-12-27 10:49:52    218791    ----a-w-    c:\windows\system32\lifialhyb.exe
2013-12-27 10:49:15    218791    ----a-w-    c:\windows\system32\icezy.exe
2013-12-27 10:48:23    218791    ----a-w-    c:\windows\system32\kewifame.exe
2013-12-27 10:47:44    218791    ----a-w-    c:\windows\system32\ydfaunum.exe
2013-12-27 10:46:57    218791    ----a-w-    c:\windows\system32\zofeatu.exe
2013-12-27 10:46:13    218791    ----a-w-    c:\windows\system32\uptyzaazqa.exe
2013-12-27 10:45:23    218791    ----a-w-    c:\windows\system32\ymoqt.exe
2013-12-27 10:44:14    218791    ----a-w-    c:\windows\system32\iwguezabh.exe
2013-12-27 10:43:25    218791    ----a-w-    c:\windows\system32\raegbuviz.exe
2013-12-27 10:42:33    218791    ----a-w-    c:\windows\system32\niefdasi.exe
2013-12-25 18:57:55    --------    d-----w-    c:\documents and settings\owner\application data\SUPERAntiSpyware.com
2013-12-25 18:56:16    --------    d-----w-    c:\program files\SUPERAntiSpyware
2013-12-25 18:56:16    --------    d-----w-    c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2013-12-24 20:02:46    --------    d-----w-    c:\documents and settings\owner\application data\Heylekxo
2013-12-24 19:58:40    --------    d-----w-    c:\documents and settings\owner\application data\Soikizu
2013-12-24 19:57:41    --------    d-----w-    c:\documents and settings\owner\application data\Houhwexa
2013-12-24 19:56:00    --------    d-----w-    c:\documents and settings\owner\application data\Bewena
2013-12-24 19:53:12    --------    d-----w-    c:\documents and settings\owner\application data\Soaqaru
2013-12-24 19:51:54    --------    d-----w-    c:\documents and settings\owner\application data\Qyorqi
2013-12-24 19:47:44    --------    d-----w-    c:\documents and settings\owner\application data\Liuhib
2013-12-24 19:37:31    --------    d-----w-    c:\documents and settings\owner\application data\Vyduehta
2013-12-24 19:34:24    --------    d-----w-    c:\documents and settings\owner\application data\Yrvaece
2013-12-24 19:28:06    --------    d-----w-    c:\documents and settings\owner\application data\Ycdaozl
2013-12-24 19:26:20    --------    d-----w-    c:\documents and settings\owner\application data\Kookcuom
2013-12-24 19:23:13    --------    d-----w-    c:\documents and settings\owner\application data\Gaudhoqe
2013-12-24 19:21:58    --------    d-----w-    c:\documents and settings\owner\application data\Powywo
2013-12-24 19:21:21    --------    d-----w-    c:\documents and settings\owner\application data\Ogutovy
2013-12-24 19:14:33    --------    d-----w-    c:\documents and settings\owner\application data\Uturmo
2013-12-24 19:13:28    --------    d-----w-    c:\documents and settings\owner\application data\Fidoyr
2013-12-24 19:08:59    --------    d-----w-    c:\documents and settings\owner\application data\Ygkiizem
2013-12-24 19:07:44    --------    d-----w-    c:\documents and settings\owner\application data\Uqmaeka
2013-12-24 19:06:01    --------    d-----w-    c:\documents and settings\owner\application data\Cauhawo
2013-12-24 18:57:10    --------    d-----w-    c:\documents and settings\owner\application data\Ihzudu
2013-12-24 18:56:09    --------    d-----w-    c:\documents and settings\owner\application data\Teunoqg
2013-12-24 18:53:07    --------    d-----w-    c:\documents and settings\owner\application data\Kidixiy
2013-12-24 18:52:12    --------    d-----w-    c:\documents and settings\owner\application data\Epxavub
2013-12-24 18:50:44    --------    d-----w-    c:\documents and settings\owner\application data\Movoxiha
2013-12-24 18:47:29    81721    ----a-w-    c:\documents and settings\owner\local settings\application data\owgggoia.exe
2013-12-18 17:23:03    --------    d-----w-    c:\documents and settings\all users\application data\QuickSet
2013-12-18 17:22:59    --------    d-----w-    c:\program files\Sk-Enabler
2013-12-18 17:22:43    --------    d-----w-    c:\documents and settings\owner\AppData
2013-12-18 17:22:43    --------    d-----w-    c:\documents and settings\all users\application data\suurff aNdd keeep
2013-12-18 17:22:42    --------    d-----w-    c:\program files\suurff aNdd keeep
2013-12-18 17:22:36    --------    d-----w-    c:\documents and settings\all users\application data\5cbe860b382c8b34
2013-12-18 17:22:04    --------    d-----w-    c:\documents and settings\all users\application data\InstallMate
2013-12-18 17:17:27    --------    d-----w-    c:\program files\TornTV.com
2013-12-07 22:08:46    --------    d-----w-    c:\program files\Construction Master Pro for Windows
.
==================== Find3M  ====================
.
2013-10-09 13:42:29    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-09 13:42:29    692616    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
.
============= FINISH: 11:48:08.45 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:53 AM

Posted 28 December 2013 - 03:07 PM

Hello and welcome.  Please follow these guidelines while we work on your PC:
  • Malware removal is a sometimes lengthy and tedious process. Please stick with the thread until I’ve given you the “All clear.”  Absence of symptoms does not mean your machine is clean! 
  • Please do not run any scans or install/uninstall any applications without being directed to do so.
  • Please note that the forum is very busy and if I don't hear from you within five days this thread will be closed.
  • icon11.gif   Please download Farbar Recovery Scan Tool and save it to your desktop.
     
    Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

  • Threads are closed after 5 days of inactivity.

    ASAP & UNITE Member


    The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


    #3 katzandmice

    katzandmice
    • Topic Starter

    • Members
    • 21 posts
    • OFFLINE
    •  
    • Local time:01:53 AM

    Posted 28 December 2013 - 07:50 PM

    Rest assured, I'm not running anything until we get this fixed! Thank you for your help. I downloaded the Farbar Recovery Scan Tool and tried to run it. It started scanning and then just quit after about 4 minutes. There is no FRST.txt or Addition.txt files that I can find (I assumed they would be on the desktop since that is where the program was downloaded to). I cannot even get my Start menu to open to search for these files - they just aren't on the desktop. I was able to search my C:/ drive by using the "run" (browse) command in Task Manager and found the FRST folder and a subfolder named "Logs"; however, there are no files of any kind in the logs folder. Based on your advice/direction to not run anything unless directed, I have not attempted to run FRST again. Note: I am posting this update from a different computer that is not infected - trying to use the infected PC would require a long time to complete!



    #4 RPMcMurphy

    RPMcMurphy

      Bleeping *^#@%~


    • Malware Response Team
    • 3,970 posts
    • OFFLINE
    •  
    • Gender:Male
    • Local time:01:53 AM

    Posted 28 December 2013 - 10:08 PM

    Please try running FRST again, but this time from the Safe Mode


    Threads are closed after 5 days of inactivity.

    ASAP & UNITE Member


    The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


    #5 katzandmice

    katzandmice
    • Topic Starter

    • Members
    • 21 posts
    • OFFLINE
    •  
    • Local time:01:53 AM

    Posted 28 December 2013 - 11:51 PM

    Tried to reboot in Safe Mode. Computer will still not boot in Safe Mode (see problem description in my original post). Received the following message:

    A problem has been detected and windows has been shut down to prevent damage to your computer.

     

    If this is the first time you've seen this stop error screen, restart your computer. If this screen appears again, follow  these steps:

     

    Check for viruses on your computer. Remove any newly installed hard drives or hard drive controllers. Check you hard drive to make sure it is properly configured and terminated. Run CHKDSK /F to check for hard drive corruption, and then restart your computer.

     

    Technical information:

     

    ***STOP: 0x0000007B (0xF78BE528, 0xC0000034, 0x00000000, 0x00000000)

     

    Note: This happens in all Safe Modes (I tried this yesterday, plus I tried the option to use the last known configuration (or settings) that worked; none of them would reboot - each one resulted in the same blue screen). Also, I ran CHKDSK yesterday, it took over 8 hours to run and the results showed that one bad sector was found and repaired. However; I'm not sure of the "/F" in the directions to run CHKDSK /F statement. There are no newly installed hard drives or hard drive controllers.

     

    Computer is currently sitting at this "windows has been shutdown" blue screen state.



    #6 RPMcMurphy

    RPMcMurphy

      Bleeping *^#@%~


    • Malware Response Team
    • 3,970 posts
    • OFFLINE
    •  
    • Gender:Male
    • Local time:01:53 AM

    Posted 29 December 2013 - 09:44 AM

    Please try this:

    icon11.gif  Please download OTM

    • Save it to your desktop.
    • Please double-click OTM to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
    • Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

      :Files
      c:\windows\system32\hemoivvoib.exe
      c:\documents and settings\owner\application data\Wuzucini
      c:\windows\system32\woowara.exe
      c:\documents and settings\owner\application data\Puxugofi
      c:\windows\system32\zoapus.exe
      c:\documents and settings\owner\application data\Kusiurit
      c:\windows\system32\isvulay.exe
      c:\documents and settings\owner\application data\Bokyqeom
      c:\windows\system32\urbek.exe
      c:\documents and settings\owner\application data\Uqmuuk
      c:\windows\system32\efpaerzueb.exe
      c:\documents and settings\owner\application data\Usnegefa
      c:\windows\system32\fyado.exe
      c:\documents and settings\owner\application data\Ezwiatpe
      c:\windows\system32\axehweewu.exe
      c:\documents and settings\owner\application data\Gehoozri
      c:\windows\system32\vefoosisex.exe
      c:\documents and settings\owner\application data\Goyxagol
      c:\windows\system32\otanhanu.exe
      c:\documents and settings\owner\application data\Oxxeunzy
      c:\windows\system32\alarxi.exe
      c:\documents and settings\owner\application data\Qawauso
      c:\windows\system32\ewoxynaxa.exe
      c:\documents and settings\owner\application data\Atyqqoe
      c:\windows\system32\otbiax.exe
      c:\documents and settings\owner\application data\Ynluwuak
      c:\windows\system32\okfiecce.exe
      c:\documents and settings\owner\application data\Ulezvium
      c:\windows\system32\ifgope.exe
      c:\documents and settings\owner\application data\Yqnoahow
      c:\windows\system32\uxolsa.exe
      c:\documents and settings\owner\application data\Ifsityh
      c:\windows\system32\elomm.exe
      c:\documents and settings\owner\application data\Ukoxam
      c:\windows\system32\zeyteky.exe
      c:\documents and settings\owner\application data\Ydurluo
      c:\windows\system32\woevzoyg.exe
      c:\documents and settings\owner\application data\Kowaciw
      c:\documents and settings\owner\application data\Cyuzyfxa
      c:\documents and settings\owner\application data\Equnduw
      c:\documents and settings\owner\application data\Moizxe
      c:\documents and settings\owner\application data\Guezboto
      c:\documents and settings\owner\application data\Ecidiqq
      c:\documents and settings\owner\application data\Qyxaiqz
      c:\documents and settings\owner\application data\Ogirofxu
      c:\documents and settings\owner\application data\Afqoro
      c:\windows\system32\geehzusu.exe
      c:\windows\system32\ygekpiuc.exe
      c:\windows\system32\etucaroh.exe
      c:\windows\system32\lifialhyb.exe
      c:\windows\system32\icezy.exe
      c:\windows\system32\kewifame.exe
      c:\windows\system32\ydfaunum.exe
      c:\windows\system32\zofeatu.exe
      c:\windows\system32\uptyzaazqa.exe
      c:\windows\system32\ymoqt.exe
      c:\windows\system32\iwguezabh.exe
      c:\windows\system32\raegbuviz.exe
      c:\windows\system32\niefdasi.exe
      c:\documents and settings\owner\application data\Heylekxo
      c:\documents and settings\owner\application data\Soikizu
      c:\documents and settings\owner\application data\Houhwexa
      c:\documents and settings\owner\application data\Bewena
      c:\documents and settings\owner\application data\Soaqaru
      c:\documents and settings\owner\application data\Qyorqi
      c:\documents and settings\owner\application data\Liuhib
      c:\documents and settings\owner\application data\Vyduehta
      c:\documents and settings\owner\application data\Yrvaece
      c:\documents and settings\owner\application data\Ycdaozl
      c:\documents and settings\owner\application data\Kookcuom
      c:\documents and settings\owner\application data\Gaudhoqe
      c:\documents and settings\owner\application data\Powywo
      c:\documents and settings\owner\application data\Ogutovy
      c:\documents and settings\owner\application data\Uturmo
      c:\documents and settings\owner\application data\Fidoyr
      c:\documents and settings\owner\application data\Ygkiizem
      c:\documents and settings\owner\application data\Uqmaeka
      c:\documents and settings\owner\application data\Cauhawo
      c:\documents and settings\owner\application data\Ihzudu
      c:\documents and settings\owner\application data\Teunoqg
      c:\documents and settings\owner\application data\Kidixiy
      c:\documents and settings\owner\application data\Epxavub
      c:\documents and settings\owner\application data\Movoxiha
      c:\documents and settings\owner\local settings\application data\owgggoia.exe
      :Reg
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Wyfeu"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Kaelpuqouhgiwoe"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Fyemtahak"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Buuhyf"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Ipakernobeugedx"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Oznyz"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Ramemit"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Olawwiykm"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Daqoy"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Yxpid"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Adbiuw"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Muygifa"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Avqyidat"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Utxovuibbeorp"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Aroldya"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Okebiwix"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Memukaatinvuyda"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Yzxaguiqnelexav"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Yzuvifcyovwureu"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Xekuesnexye"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Weihavzeucest"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Ihonozucwiakka"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Madeowu"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Goawugastoxoka"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Xeepyxveatar"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Dedyugecyda"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Efolofviy"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Gyezsyk"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Irfecualfon"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Vuwyopuwzihyc"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Kacam"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Amgeqeeqwobym"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Uwyxaquzi"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Ofvuciemocugy"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Kuokhiniamig"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Ecogzaqaizruh"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Qaifmylyulygaf"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Icsuu"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Updeqylasaoc"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Womazidyepol"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Tayghaxaoqti"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Nuqyy"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Onuzfidynaforiy"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Odhowyyfriy"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Lytyyvxo"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Duebutilmoiv"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Cyalecdunup"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Ebmusycyo"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Sacoxoc"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Sianqyyg"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Ixsohoucovg"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Evutucpykoirvi"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Efpinoopmeitg"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Cifiizkaogu"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Ekagebb"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Syehidsouq"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Ymlyly"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Omyqkazeuz"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Qywouxonizhe"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Xeneumycfueq"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Uckaitynubziy"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Ogsiyfipakvuyde"=-
      [EmptyTemp]
    • Return to OTM, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
    • Click the red Moveit! button.
    • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
    • Close OTM and reboot your PC.

    Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

    Edited by RPMcMurphy, 29 December 2013 - 09:45 AM.

    Threads are closed after 5 days of inactivity.

    ASAP & UNITE Member


    The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


    #7 katzandmice

    katzandmice
    • Topic Starter

    • Members
    • 21 posts
    • OFFLINE
    •  
    • Local time:01:53 AM

    Posted 29 December 2013 - 11:14 AM

    All processes killed
    ========== FILES ==========
    c:\windows\system32\hemoivvoib.exe moved successfully.
    c:\documents and settings\owner\application data\Wuzucini folder moved successfully.
    c:\windows\system32\woowara.exe moved successfully.
    c:\documents and settings\owner\application data\Puxugofi folder moved successfully.
    c:\windows\system32\zoapus.exe moved successfully.
    c:\documents and settings\owner\application data\Kusiurit folder moved successfully.
    c:\windows\system32\isvulay.exe moved successfully.
    c:\documents and settings\owner\application data\Bokyqeom folder moved successfully.
    c:\windows\system32\urbek.exe moved successfully.
    c:\documents and settings\owner\application data\Uqmuuk folder moved successfully.
    c:\windows\system32\efpaerzueb.exe moved successfully.
    c:\documents and settings\owner\application data\Usnegefa folder moved successfully.
    c:\windows\system32\fyado.exe moved successfully.
    c:\documents and settings\owner\application data\Ezwiatpe folder moved successfully.
    c:\windows\system32\axehweewu.exe moved successfully.
    c:\documents and settings\owner\application data\Gehoozri folder moved successfully.
    c:\windows\system32\vefoosisex.exe moved successfully.
    c:\documents and settings\owner\application data\Goyxagol folder moved successfully.
    c:\windows\system32\otanhanu.exe moved successfully.
    c:\documents and settings\owner\application data\Oxxeunzy folder moved successfully.
    c:\windows\system32\alarxi.exe moved successfully.
    c:\documents and settings\owner\application data\Qawauso folder moved successfully.
    c:\windows\system32\ewoxynaxa.exe moved successfully.
    c:\documents and settings\owner\application data\Atyqqoe folder moved successfully.
    c:\windows\system32\otbiax.exe moved successfully.
    c:\documents and settings\owner\application data\Ynluwuak folder moved successfully.
    c:\windows\system32\okfiecce.exe moved successfully.
    c:\documents and settings\owner\application data\Ulezvium folder moved successfully.
    c:\windows\system32\ifgope.exe moved successfully.
    c:\documents and settings\owner\application data\Yqnoahow folder moved successfully.
    c:\windows\system32\uxolsa.exe moved successfully.
    c:\documents and settings\owner\application data\Ifsityh folder moved successfully.
    c:\windows\system32\elomm.exe moved successfully.
    c:\documents and settings\owner\application data\Ukoxam folder moved successfully.
    c:\windows\system32\zeyteky.exe moved successfully.
    c:\documents and settings\owner\application data\Ydurluo folder moved successfully.
    c:\windows\system32\woevzoyg.exe moved successfully.
    c:\documents and settings\owner\application data\Kowaciw folder moved successfully.
    c:\documents and settings\owner\application data\Cyuzyfxa folder moved successfully.
    c:\documents and settings\owner\application data\Equnduw folder moved successfully.
    c:\documents and settings\owner\application data\Moizxe folder moved successfully.
    c:\documents and settings\owner\application data\Guezboto folder moved successfully.
    c:\documents and settings\owner\application data\Ecidiqq folder moved successfully.
    c:\documents and settings\owner\application data\Qyxaiqz folder moved successfully.
    c:\documents and settings\owner\application data\Ogirofxu folder moved successfully.
    c:\documents and settings\owner\application data\Afqoro folder moved successfully.
    c:\windows\system32\geehzusu.exe moved successfully.
    c:\windows\system32\ygekpiuc.exe moved successfully.
    c:\windows\system32\etucaroh.exe moved successfully.
    c:\windows\system32\lifialhyb.exe moved successfully.
    c:\windows\system32\icezy.exe moved successfully.
    c:\windows\system32\kewifame.exe moved successfully.
    c:\windows\system32\ydfaunum.exe moved successfully.
    c:\windows\system32\zofeatu.exe moved successfully.
    c:\windows\system32\uptyzaazqa.exe moved successfully.
    c:\windows\system32\ymoqt.exe moved successfully.
    c:\windows\system32\iwguezabh.exe moved successfully.
    c:\windows\system32\raegbuviz.exe moved successfully.
    c:\windows\system32\niefdasi.exe moved successfully.
    c:\documents and settings\owner\application data\Heylekxo folder moved successfully.
    c:\documents and settings\owner\application data\Soikizu folder moved successfully.
    c:\documents and settings\owner\application data\Houhwexa folder moved successfully.
    c:\documents and settings\owner\application data\Bewena folder moved successfully.
    c:\documents and settings\owner\application data\Soaqaru folder moved successfully.
    c:\documents and settings\owner\application data\Qyorqi folder moved successfully.
    c:\documents and settings\owner\application data\Liuhib folder moved successfully.
    c:\documents and settings\owner\application data\Vyduehta folder moved successfully.
    c:\documents and settings\owner\application data\Yrvaece folder moved successfully.
    c:\documents and settings\owner\application data\Ycdaozl folder moved successfully.
    c:\documents and settings\owner\application data\Kookcuom folder moved successfully.
    c:\documents and settings\owner\application data\Gaudhoqe folder moved successfully.
    c:\documents and settings\owner\application data\Powywo folder moved successfully.
    c:\documents and settings\owner\application data\Ogutovy folder moved successfully.
    c:\documents and settings\owner\application data\Uturmo folder moved successfully.
    c:\documents and settings\owner\application data\Fidoyr folder moved successfully.
    c:\documents and settings\owner\application data\Ygkiizem folder moved successfully.
    c:\documents and settings\owner\application data\Uqmaeka folder moved successfully.
    c:\documents and settings\owner\application data\Cauhawo folder moved successfully.
    c:\documents and settings\owner\application data\Ihzudu folder moved successfully.
    c:\documents and settings\owner\application data\Teunoqg folder moved successfully.
    c:\documents and settings\owner\application data\Kidixiy folder moved successfully.
    c:\documents and settings\owner\application data\Epxavub folder moved successfully.
    c:\documents and settings\owner\application data\Movoxiha folder moved successfully.
    c:\documents and settings\owner\local settings\application data\owgggoia.exe moved successfully.
    ========== REGISTRY ==========
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Wyfeu deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Kaelpuqouhgiwoe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Fyemtahak deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Buuhyf deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Ipakernobeugedx deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Oznyz deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Ramemit deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Olawwiykm deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Daqoy deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Yxpid deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Adbiuw deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Muygifa deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Avqyidat deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Utxovuibbeorp deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Aroldya deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Okebiwix deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Memukaatinvuyda deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Yzxaguiqnelexav deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Yzuvifcyovwureu deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Xekuesnexye deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Weihavzeucest deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Ihonozucwiakka deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Madeowu deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Goawugastoxoka deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Xeepyxveatar deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Dedyugecyda deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Efolofviy deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Gyezsyk deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Irfecualfon deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Vuwyopuwzihyc deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Kacam deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Amgeqeeqwobym deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Uwyxaquzi deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Ofvuciemocugy deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Kuokhiniamig deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Ecogzaqaizruh deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Qaifmylyulygaf deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Icsuu deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Updeqylasaoc deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Womazidyepol deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Tayghaxaoqti deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Nuqyy deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Onuzfidynaforiy deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Odhowyyfriy deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Lytyyvxo deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Duebutilmoiv deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Cyalecdunup deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Ebmusycyo deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Sacoxoc deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Sianqyyg deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Ixsohoucovg deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Evutucpykoirvi deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Efpinoopmeitg deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Cifiizkaogu deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Ekagebb deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Syehidsouq deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Ymlyly deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Omyqkazeuz deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Qywouxonizhe deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Xeneumycfueq deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Uckaitynubziy deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Ogsiyfipakvuyde deleted successfully.
     
    OTM by OldTimer - Version 3.1.21.0 log created on 12292013_104547



    #8 RPMcMurphy

    RPMcMurphy

      Bleeping *^#@%~


    • Malware Response Team
    • 3,970 posts
    • OFFLINE
    •  
    • Gender:Male
    • Local time:01:53 AM

    Posted 29 December 2013 - 11:45 AM

    Good!  Now see if the FRST scan will run to completion.  If it does, please post the log - if not, please let me know.


    Threads are closed after 5 days of inactivity.

    ASAP & UNITE Member


    The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


    #9 katzandmice

    katzandmice
    • Topic Starter

    • Members
    • 21 posts
    • OFFLINE
    •  
    • Local time:01:53 AM

    Posted 29 December 2013 - 12:22 PM

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-12-2013
    Ran by Owner (administrator) on YOUR-4A83611303 on 29-12-2013 12:03:17
    Running from C:\Documents and Settings\Owner\Desktop
    Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
    Internet Explorer Version 7
    Boot Mode: Normal

    ==================== Processes (Whitelisted) ===================

    (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
    (Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
    (Intuit Inc.) C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
    (Intuit Inc.) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
    (Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
    (Motive Communications, Inc.) C:\Program Files\Common Files\Motive\McciCMService.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
    (Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
    (New Boundary Technologies, Inc.) C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
    (SupportSoft, Inc.) C:\Program Files\VERIZONDM\bin\sprtsvc.exe
    (Alcor Micro, Corp.) C:\Program Files\Digital Media Reader\shwiconEM.exe
    (SupportSoft, Inc.) C:\Program Files\VERIZONDM\bin\tgsrvc.exe
    (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIAFA.EXE
    (SupportSoft, Inc.) C:\Program Files\VERIZONDM\bin\sprtcmd.exe
    (Sapro Systems) C:\Program Files\Sapro Systems WinCalendarV3\WinCalendarV3_SysTray.exe
    (Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
    (Carbonite, Inc.) C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Canon Inc.) C:\Program Files\Canon\CAL\CALMAIN.exe
    (Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\Security Center\symwsc.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
    (Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
    (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
    (Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe

    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [SunKistEM] - C:\Program Files\Digital Media Reader\shwiconEM.exe [135168 2004-11-15] (Alcor Micro, Corp.)
    HKLM\...\Run: [] - [x]
    HKLM\...\Run: [EPSON Stylus CX7800 Series] - C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIAFA.EXE [98304 2005-04-06] (SEIKO EPSON CORPORATION)
    HKLM\...\Run: [VERIZONDM] - "C:\Program Files\VERIZONDM\bin\sprtcmd.exe" /P VERIZONDM
    HKLM\...\Run: [WinCalendarV3] - C:\Program Files\Sapro Systems WinCalendarV3\WinCalendarV3_SysTray.exe [79288 2011-01-24] (Sapro Systems)
    HKLM\...\Run: [PMBVolumeWatcher] - C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe [688184 2012-02-15] (Sony Corporation)
    HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
    HKLM\...\Run: [Carbonite Backup] - C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe [1056264 2013-10-10] (Carbonite, Inc.)
    Winlogon\Notify\AtiExtEvent: C:\Windows\system32\Ati2evxx.dll (ATI Technologies Inc.)
    HKLM\...\Policies\Explorer: [NoCDBurning] 0
    HKCU\...\Run: [WinCalendarV3] - C:\Program Files\Sapro Systems WinCalendarV3\WinCalendarV3_SysTray.exe [79288 2011-01-24] (Sapro Systems)
    HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5625624 2013-12-19] (SUPERAntiSpyware)
    HKCU\...\Run: [Olawwiykm] - "C:\Documents and Settings\Owner\Application Data\Ifugceon\ceunga.exe"
    HKCU\...\Run: [Ylutygugpenoco] - "C:\Documents and Settings\Owner\Application Data\Uqeftyel\irotuw.exe"
    HKCU\...\Run: [Ahdeypsixa] - "C:\Documents and Settings\Owner\Application Data\Ulbygu\lerae.exe"
    HKCU\...\Run: [Vuwyopuwzihyc] - "C:\Documents and Settings\Owner\Application Data\Umfeuni\efibi.exe"
    HKCU\...\Run: [Onuzfidynaforiy] - "C:\Documents and Settings\Owner\Application Data\Kowaciw\obpenu.exe"
    HKCU\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x95000000
    HKCU\...\Policies\Explorer: [NoSaveSettings] 0
    MountPoints2: {64436bfa-d927-11dd-84c5-0013d3657f25} - J:\LaunchU3.exe -a
    MountPoints2: {64436bfb-d927-11dd-84c5-0013d3657f25} - M:\setupSNK.exe
    MountPoints2: {70ce5195-086f-11da-a586-806d6172696f} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480
    MountPoints2: {afb1b422-07c4-11e1-855d-0013d3657f25} - J:\Start.exe
    HKU\Default User\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2008-04-13] (Microsoft Corporation)
    HKU\Guest\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2008-04-13] (Microsoft Corporation)
    HKU\Mom's Computer Files\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2008-04-13] (Microsoft Corporation)
    HKU\Mom's Computer Files\...\Run: [Ovyqnuucguav] - "C:\Documents and Settings\Owner\Application Data\Movoxiha\ygivoce.exe"
    HKU\Mom's Computer Files\...\Run: [Ymlyly] - "C:\Documents and Settings\Owner\Application Data\Fyvyupyt\kasasa.exe"
    AppInit_DLLs: c:\progra~1\sk-ena~1\psupport.dll [ ] ()
    Startup: C:\Documents and Settings\Mom's Computer Files\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
    ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

    ==================== Internet (Whitelisted) ====================

    HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://supertoolbar.ask.com/redirect?client=ie&tb=WBR&o=&src=crm&q={searchTerms}&locale={locale.underscore}
    SearchScopes: HKCU - {6035E87D-E17F-4521-9910-17BE842F97BE} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
    BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\18.5.0.125\ips\ipsbho.dll (Symantec Corporation)
    BHO: No Name - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -  No File
    BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
    BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
    BHO: DeLorme Send To GPS - {FBAAD182-3C7A-4BC4-A5E9-207B8E0F02FD} - C:\Program Files\DeLorme\SendToGPS\PNPluginForIE.dll (DeLorme)
    Toolbar: HKLM - &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
    Toolbar: HKLM - TurboTax ItsDeductible - {35CE0AE2-3411-4BB8-A16A-BEE30B282A26} - C:\Program Files\Intuit\IDO\IDOToolbar.dll ()
    Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
    Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
    Toolbar: HKCU - No Name - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} -  No File
    Toolbar: HKCU - &Google - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar2.dll (Google Inc.)
    Toolbar: HKCU - No Name - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -  No File
    Toolbar: HKCU - No Name - {4982D40A-C53B-4615-B15B-B5B5E98D167C} -  No File
    Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
    Toolbar: HKCU - No Name - {E1BACF55-35E1-4E47-9247-2D48660E5545} -  No File
    Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
    DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.3.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
    ShellExecuteHooks:  - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} -  No File [ ]
    ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
    Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

    FireFox:
    ========
    FF ProfilePath: C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ynca2p9k.default
    FF user.js: detected! => C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ynca2p9k.default\user.js
    FF DefaultSearchEngine: WebSearch
    FF SearchEngineOrder.1: WebSearch
    FF SearchEngineOrder.user_pref("browser.search.order.1,S", "WebSearch");: user_pref("browser.search.order.1,S", "WebSearch");
    FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
    FF Homepage: https://cw411.checkfreeweb.com/pcw411/wps?rq=home&sp=1299
    FF Keyword.URL: user_pref("keyword.URL", "");
    FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
    FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
    FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF Plugin: @soe.sony.com/installer,version=1.0.3 - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ynca2p9k.default\extensions\{38AB6A6C-CC4C-4f9e-A3DD-3C5681EF18A1}\plugins\npsoe.dll No File
    FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
    FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
    FF Plugin: @viewpoint.com/VMP - C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
    FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\Owner\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    FF Extension: SearchNewTab - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ynca2p9k.default\Extensions\koyiyie@y-yoi.org
    FF Extension: Ancestry.com Advanced Image Viewer - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ynca2p9k.default\Extensions\support@ancestry.com
    FF Extension: suurf and kaeep - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ynca2p9k.default\Extensions\wpmzh3j@aaeuauao.edu
    FF Extension: YoutubeAdblocker - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ynca2p9k.default\Extensions\ygdq.1knom@ue-eoe.co.uk
    FF Extension: NoScript - C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ynca2p9k.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
    FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
    FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
    FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
    FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
    FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\IPSFFPlgn\
    FF Extension: Norton IPS - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\IPSFFPlgn\

    Chrome:
    =======
    CHR Extension: (AT_RatchetClank_v2) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejhfomhehcinmhgnlhdpghklkjgppdmn\3_0
    CHR Extension: (SearchNewTab) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eoebpiklimiodbgpjcpabeajcihbacef\1.0
    CHR Extension: (suurf and kaeep) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hhkpgnohpdfepfoihgaclahaooceabmn\2.3
    CHR Extension: (YoutubeAdblocker) - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lnkbcjonjkomllbnpianklhhljkeddbj\1.0
    CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

    ========================== Services (Whitelisted) =================

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [120088 2013-10-10] (SUPERAntiSpyware.com)
    S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [520192 2006-01-26] ()
    R2 Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [100032 2006-02-23] (Symantec Corporation)
    S3 becldr3Service; C:\Program Files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [225280 2013-07-03] ()
    R2 CarboniteService; C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe [5049352 2013-10-10] (Carbonite, Inc. (www.carbonite.com))
    R2 CCALib8; C:\Program Files\Canon\CAL\CALMAIN.exe [96370 2007-01-31] (Canon Inc.)
    S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_0.EXE [2045632 2006-02-23] (Symantec Corporation)
    R2 MSSQL$MICROSOFTSMLBIZ; C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe [9158656 2008-12-18] (Microsoft Corporation)
    S3 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [73728 2005-05-03] (Microsoft Corporation)
    S2 NAV; C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\18.6.0.29\diMaster.dll [262584 2011-03-31] (Symantec Corporation)
    R2 PMBDeviceInfoProvider; C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [459832 2012-02-15] (Sony Corporation)
    R2 PrismXL; C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS [172032 2005-08-06] (New Boundary Technologies, Inc.)
    S2 QuickPDFTCPService0721; C:\Program Files\Quick PDF Tools\QuickPDFTCP0721.exe [1918464 2010-08-13] (Debenu Pty Ltd)
    R2 sprtsvc_verizondm; C:\Program Files\VERIZONDM\bin\sprtsvc.exe [206120 2010-09-29] (SupportSoft, Inc.)
    S3 SQLAgent$MICROSOFTSMLBIZ; C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE [323584 2005-05-03] (Microsoft Corporation)
    R2 SymWSC; C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe [316544 2004-11-02] (Symantec Corporation)
    R2 tgsrvc_verizondm; C:\Program Files\VERIZONDM\bin\tgsrvc.exe [185640 2010-09-29] (SupportSoft, Inc.)
    S3 WmcCds; c:\program files\windows media connect\mswmccds.exe [483328 2004-08-11] (Microsoft Corporation)
    S3 WmcCdsLs; C:\Program Files\Windows Media Connect\mswmcls.exe [28160 2004-08-10] (Microsoft Corporation)
    R2 JavaQuickStarterService; "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"
    S2 SecurityCenterServer111686145; "C:\WINDOWS\system32\hemoivvoib.exe" -service "C:\Documents and Settings\Owner\Application Data\Wuzucini\yfloy.exe"
    S2 SecurityCenterServer1432586974; "C:\WINDOWS\system32\vefoosisex.exe" -service "C:\Documents and Settings\Owner\Application Data\Goyxagol\ylzae.exe"
    S2 SecurityCenterServer1626596997; "C:\WINDOWS\system32\woevzoyg.exe" -service "C:\Documents and Settings\Owner\Application Data\Kowaciw\obpenu.exe"
    S2 SecurityCenterServer1950185314; "C:\WINDOWS\system32\axehweewu.exe" -service "C:\Documents and Settings\Owner\Application Data\Gehoozri\ibryoca.exe"
    S2 SecurityCenterServer2105786894; "C:\WINDOWS\system32\okfiecce.exe" -service "C:\Documents and Settings\Owner\Application Data\Ulezvium\tabeyz.exe"
    S2 SecurityCenterServer2263627583; "C:\WINDOWS\system32\zoapus.exe" -service "C:\Documents and Settings\Owner\Application Data\Kusiurit\ycxao.exe"
    S2 SecurityCenterServer2319181828; "C:\WINDOWS\system32\urbek.exe" -service "C:\Documents and Settings\Owner\Application Data\Uqmuuk\tohuy.exe"
    S2 SecurityCenterServer266111037; "C:\WINDOWS\system32\woowara.exe" -service "C:\Documents and Settings\Owner\Application Data\Puxugofi\nipiix.exe"
    S2 SecurityCenterServer2826509393; "C:\WINDOWS\system32\otbiax.exe" -service "C:\Documents and Settings\Owner\Application Data\Ynluwuak\olkequk.exe"
    S2 SecurityCenterServer3116967883; "C:\WINDOWS\system32\fyado.exe" -service "C:\Documents and Settings\Owner\Application Data\Ezwiatpe\reabokn.exe"
    S2 SecurityCenterServer3151588881; "C:\WINDOWS\system32\elomm.exe" -service "C:\Documents and Settings\Owner\Application Data\Ukoxam\gaahcao.exe"
    S2 SecurityCenterServer360656239; "C:\WINDOWS\system32\alarxi.exe" -service "C:\Documents and Settings\Owner\Application Data\Qawauso\axize.exe"
    S2 SecurityCenterServer4096806107; "C:\WINDOWS\system32\otanhanu.exe" -service "C:\Documents and Settings\Owner\Application Data\Oxxeunzy\ifypir.exe"
    S2 SecurityCenterServer468330616; "C:\WINDOWS\system32\uxolsa.exe" -service "C:\Documents and Settings\Owner\Application Data\Ifsityh\foulo.exe"
    S2 SecurityCenterServer724905180; "C:\WINDOWS\system32\isvulay.exe" -service "C:\Documents and Settings\Owner\Application Data\Bokyqeom\updov.exe"
    S2 SecurityCenterServer890778193; "C:\WINDOWS\system32\zeyteky.exe" -service "C:\Documents and Settings\Owner\Application Data\Ydurluo\omfege.exe"
    S2 SecurityCenterServer932040931; "C:\WINDOWS\system32\ewoxynaxa.exe" -service "C:\Documents and Settings\Owner\Application Data\Atyqqoe\azoker.exe"
    S2 SecurityCenterServer948595071; "C:\WINDOWS\system32\ifgope.exe" -service "C:\Documents and Settings\Owner\Application Data\Yqnoahow\piysg.exe"
    S2 SecurityCenterServer964514311; "C:\WINDOWS\system32\efpaerzueb.exe" -service "C:\Documents and Settings\Owner\Application Data\Usnegefa\voafve.exe"

    ==================== Drivers (Whitelisted) ====================

    R0 abp480n5; C:\Windows\System32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
    R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.)
    R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [2317504 2005-04-19] (Realtek Semiconductor Corp.)
    R2 ASCTRM; C:\Windows\System32\Drivers\ASCTRM.sys [8552 2005-08-06] (Windows ® 2000 DDK provider)
    R1 BHDrvx86; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20110419.001\BHDrvx86.sys [802936 2011-04-15] (Symantec Corporation)
    R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [371248 2011-01-23] (Symantec Corporation)
    S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [8320 2007-03-08] (GARMIN Corp.)
    R3 HSF_DPV; C:\Windows\System32\DRIVERS\HSF_DPV.sys [1033600 2005-03-17] (Conexant Systems, Inc.)
    S3 IDSxpx86; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20110429.002\IDSxpx86.sys [341944 2011-03-14] (Symantec Corporation)
    S3 MUD; C:\Windows\System32\DRIVERS\MUD.sys [51200 2008-02-05] (Magellan)
    S3 mxnic; C:\Windows\System32\DRIVERS\mxnic.sys [19968 2001-08-17] (Macronix International Co., Ltd.                                               )
    S3 NAVENG; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20110502.002\NAVENG.SYS [86136 2011-04-18] (Symantec Corporation)
    S3 NAVEX15; C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20110502.002\NAVEX15.SYS [1393144 2011-04-18] (Symantec Corporation)
    S1 P3; C:\Windows\System32\DRIVERS\p3.sys [42752 2008-04-13] (Microsoft Corporation)
    S3 PacketNTx; C:\WINDOWS\system32\drivers\PacketNTx.sys [24544 2002-01-23] (Sumix Co.)
    R3 RTL8023xp; C:\Windows\System32\DRIVERS\Rtlnicxp.sys [70144 2004-04-14] (Realtek Semiconductor Corporation                           )
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 SRTSP; C:\Windows\System32\Drivers\NAV\1205000.07D\SRTSP.SYS [509560 2010-11-22] (Symantec Corporation)
    R1 SRTSPX; C:\Windows\system32\drivers\NAV\1206000.01D\SRTSPX.SYS [50168 2011-03-30] (Symantec Corporation)
    S3 SSKBFD; C:\Windows\System32\Drivers\sskbfd.sys [23920 2008-01-04] (Webroot Software Inc (www.webroot.com))
    R3 SunkFilt; C:\WINDOWS\System32\Drivers\sunkfilt.sys [36804 2004-11-15] (Alcor Micro Corp.)
    R0 SymDS; C:\Windows\System32\drivers\NAV\1206000.01D\SYMDS.SYS [340088 2011-01-27] (Symantec Corporation)
    R0 SymEFA; C:\Windows\System32\drivers\NAV\1206000.01D\SYMEFA.SYS [744568 2011-03-14] (Symantec Corporation)
    R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [126584 2011-05-02] (Symantec Corporation)
    R1 SymIRON; C:\Windows\system32\drivers\NAV\1206000.01D\Ironx86.SYS [136312 2011-01-27] (Symantec Corporation)
    S3 SYMTDI; C:\Windows\System32\Drivers\NAV\1205000.07D\SYMTDI.SYS [368248 2010-12-01] (Symantec Corporation)
    S3 USB_RNDIS; C:\Windows\System32\DRIVERS\usb8023.sys [12800 2008-04-13] (Microsoft Corporation)
    S3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)
    S3 cpuz135; \??\C:\DOCUME~1\Owner\LOCALS~1\Temp\cpuz135\cpuz135_x32.sys [x]
    U4 intelppm;
    S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [x]
    S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [x]
    U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
    S3 SYMDNS; \SystemRoot\System32\Drivers\NAV\1002000.007\SYMDNS.SYS [x]
    S3 SYMFW; \SystemRoot\System32\Drivers\NAV\1008000.029\SYMFW.SYS [x]
    S3 SYMIDS; \SystemRoot\System32\Drivers\NAV\1008000.029\SYMIDS.SYS [x]
    S3 SYMNDIS; \SystemRoot\System32\Drivers\NAV\1008000.029\SYMNDIS.SYS [x]
    S3 SYMREDRV; \SystemRoot\System32\Drivers\NAV\1002000.007\SYMREDRV.SYS [x]
    U1 WS2IFSL;

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2013-12-29 10:45 - 2013-12-29 10:45 - 00000000 ____D C:\_OTM
    2013-12-29 10:44 - 2013-12-29 10:44 - 00522240 _____ (OldTimer Tools) C:\Documents and Settings\Owner\Desktop\OTM.exe
    2013-12-28 19:33 - 2013-12-29 12:04 - 00024636 _____ C:\Documents and Settings\Owner\Desktop\FRST.txt
    2013-12-28 19:29 - 2013-12-28 19:29 - 00000000 ____D C:\FRST
    2013-12-28 19:28 - 2013-12-28 19:28 - 01064131 _____ (Farbar) C:\Documents and Settings\Owner\Desktop\FRST.exe
    2013-12-28 11:48 - 2013-12-28 11:52 - 00015142 _____ C:\Documents and Settings\Owner\Desktop\attach.txt
    2013-12-28 11:48 - 2013-12-28 11:51 - 00024898 _____ C:\Documents and Settings\Owner\Desktop\dds.txt
    2013-12-28 11:32 - 2013-12-28 11:32 - 00688992 ____R (Swearware) C:\Documents and Settings\Owner\Desktop\dds.com
    2013-12-28 10:27 - 2013-12-28 10:27 - 00891200 _____ C:\Documents and Settings\Owner\Desktop\SecurityCheck.exe
    2013-12-28 10:24 - 2013-12-28 10:24 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\tasklist.exe
    2013-12-28 09:43 - 2013-12-28 09:43 - 04101441 _____ C:\Documents and Settings\Owner\Desktop\tdsskiller.zip
    2013-12-27 23:23 - 2013-12-27 23:23 - 00008760 _____ C:\Documents and Settings\Owner\Desktop\Rkill 1227111925 PM.txt
    2013-12-27 22:51 - 2013-12-27 22:51 - 00000000 _____ C:\Documents and Settings\Owner\tasklist
    2013-12-27 20:24 - 2013-12-27 20:24 - 00000000 ____D C:\TDSSKiller_Quarantine
    2013-12-27 17:47 - 2013-12-29 12:00 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 266111037.job
    2013-12-27 17:47 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 111686145.job
    2013-12-27 17:46 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 2263627583.job
    2013-12-27 17:45 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 724905180.job
    2013-12-27 17:45 - 2013-12-29 12:00 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 2319181828.job
    2013-12-27 13:52 - 2013-12-29 12:00 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 964514311.job
    2013-12-27 13:51 - 2013-12-29 12:00 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 3116967883.job
    2013-12-27 13:50 - 2013-12-29 12:00 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 1950185314.job
    2013-12-27 13:49 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1432586974.job
    2013-12-27 13:48 - 2013-12-29 12:00 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 4096806107.job
    2013-12-27 13:47 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 360656239.job
    2013-12-27 13:46 - 2013-12-29 12:00 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 2826509393.job
    2013-12-27 13:46 - 2013-12-29 12:00 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 932040931.job
    2013-12-27 12:08 - 2013-12-27 12:08 - 00006264 _____ C:\Documents and Settings\Owner\Desktop\bugkiller.txt
    2013-12-27 11:54 - 2013-12-27 11:54 - 00002855 _____ C:\Documents and Settings\Owner\Desktop\Bugkiller.PIF
    2013-12-27 11:52 - 2013-12-27 11:52 - 00008196 _____ C:\Documents and Settings\Owner\Desktop\Rkill alt.txt
    2013-12-27 11:34 - 2013-12-27 11:34 - 01937144 _____ (Bleeping Computer, LLC) C:\Documents and Settings\Owner\Desktop\Bugkiller.com
    2013-12-27 11:29 - 2013-12-29 12:00 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 2105786894.job
    2013-12-27 11:28 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 948595071.job
    2013-12-27 11:27 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 468330616.job
    2013-12-27 11:26 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 3151588881.job
    2013-12-27 11:25 - 2013-12-29 12:00 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 890778193.job
    2013-12-27 11:24 - 2013-12-29 12:00 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 1626596997.job
    2013-12-27 10:30 - 2013-12-28 13:00 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Irapfuty
    2013-12-27 10:30 - 2013-12-28 11:06 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Etvexi
    2013-12-27 10:30 - 2013-12-28 11:05 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ygbiecbi
    2013-12-27 10:30 - 2013-12-28 11:02 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Izoselyw
    2013-12-27 10:30 - 2013-12-28 11:01 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Nyehoka
    2013-12-27 10:30 - 2013-12-28 11:01 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ewupnyik
    2013-12-27 10:30 - 2013-12-28 10:02 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Uxqeuh
    2013-12-27 10:30 - 2013-12-28 10:02 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Umfeuni
    2013-12-27 10:30 - 2013-12-28 10:02 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Isxiow
    2013-12-27 10:30 - 2013-12-28 10:01 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Zoemgik
    2013-12-27 10:30 - 2013-12-28 10:01 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Yklaix
    2013-12-27 10:30 - 2013-12-28 10:00 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Oquztaz
    2013-12-27 10:30 - 2013-12-28 10:00 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Memyunnu
    2013-12-27 10:30 - 2013-12-27 15:01 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Yxlohi
    2013-12-27 10:29 - 2013-12-27 19:42 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ifemig
    2013-12-27 10:29 - 2013-12-27 18:01 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Opaqaxo
    2013-12-27 10:29 - 2013-12-27 17:49 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ygogopqa
    2013-12-27 10:29 - 2013-12-27 17:49 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Uqeftyel
    2013-12-27 10:29 - 2013-12-27 17:49 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ceodnauc
    2013-12-27 10:29 - 2013-12-27 17:48 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Yzunxy
    2013-12-27 10:29 - 2013-12-27 17:48 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Xoacac
    2013-12-27 10:29 - 2013-12-27 17:48 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Seeczy
    2013-12-27 10:29 - 2013-12-27 17:48 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Muodelxe
    2013-12-27 10:29 - 2013-12-27 17:48 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Kyumsawy
    2013-12-27 10:29 - 2013-12-27 17:48 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Guuxfy
    2013-12-27 10:29 - 2013-12-27 17:48 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Foumna
    2013-12-27 10:29 - 2013-12-27 17:48 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ermoyhes
    2013-12-27 10:29 - 2013-12-27 17:48 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Biiqlo
    2013-12-27 10:29 - 2013-12-27 17:47 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ywpues
    2013-12-27 10:29 - 2013-12-27 17:47 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ulbygu
    2013-12-27 10:29 - 2013-12-27 17:47 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Teyquqku
    2013-12-27 10:29 - 2013-12-27 17:47 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Rezeso
    2013-12-27 10:29 - 2013-12-27 17:47 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Naohyxti
    2013-12-27 10:29 - 2013-12-27 17:47 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Enliyku
    2013-12-27 10:29 - 2013-12-27 17:47 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Emrure
    2013-12-27 10:29 - 2013-12-27 17:47 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Arqoem
    2013-12-27 10:29 - 2013-12-27 17:02 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Nypeluh
    2013-12-27 10:29 - 2013-12-27 17:02 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Fenyuw
    2013-12-27 10:29 - 2013-12-27 17:01 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Zoecvey
    2013-12-27 10:29 - 2013-12-27 17:01 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Weogynte
    2013-12-27 10:29 - 2013-12-27 17:01 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Loovig
    2013-12-27 10:29 - 2013-12-27 16:04 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Waonmo
    2013-12-27 10:29 - 2013-12-27 16:03 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ifugceon
    2013-12-27 10:29 - 2013-12-27 16:03 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Gaewino
    2013-12-27 10:29 - 2013-12-27 16:01 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Uhylyqi
    2013-12-27 10:29 - 2013-12-27 16:00 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ywykobaw
    2013-12-27 10:29 - 2013-12-27 16:00 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Qilavy
    2013-12-27 10:29 - 2013-12-27 16:00 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Okivuh
    2013-12-27 10:29 - 2013-12-27 15:05 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Byuvfica
    2013-12-27 10:29 - 2013-12-27 15:03 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Quovhi
    2013-12-27 10:29 - 2013-12-27 15:03 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Nuheek
    2013-12-27 10:29 - 2013-12-27 15:03 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Attyfu
    2013-12-27 10:29 - 2013-12-27 15:02 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Waypez
    2013-12-27 10:29 - 2013-12-27 15:02 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Vebaedxi
    2013-12-27 10:29 - 2013-12-27 15:02 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Lizywa
    2013-12-27 10:29 - 2013-12-27 15:02 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Cyniel
    2013-12-27 10:29 - 2013-12-27 15:00 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Niosycik
    2013-12-27 10:29 - 2013-12-27 10:29 - 00000000 ____D C:\SUPERDelete
    2013-12-27 10:29 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
    2013-12-27 10:27 - 2013-12-28 00:00 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Yquceldo
    2013-12-27 10:27 - 2013-12-27 23:01 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Lyuzums
    2013-12-27 10:27 - 2013-12-27 22:00 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Lecirax
    2013-12-27 10:27 - 2013-12-27 21:00 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Wyutufob
    2013-12-27 10:27 - 2013-12-27 20:13 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ydvialxo
    2013-12-27 10:27 - 2013-12-27 20:13 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Wuqeope
    2013-12-27 10:27 - 2013-12-27 20:13 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Uzpakeb
    2013-12-27 10:27 - 2013-12-27 20:13 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Uqdauw
    2013-12-27 10:27 - 2013-12-27 20:13 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Uctuluy
    2013-12-27 10:27 - 2013-12-27 20:13 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Rigeogxe
    2013-12-27 10:27 - 2013-12-27 20:13 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Olurecro
    2013-12-27 10:27 - 2013-12-27 20:13 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Loqyukfa
    2013-12-27 10:27 - 2013-12-27 20:13 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Imyzulo
    2013-12-27 10:27 - 2013-12-27 20:13 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Icinmeyp
    2013-12-27 10:27 - 2013-12-27 20:13 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Efniys
    2013-12-27 10:27 - 2013-12-27 20:12 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Wyosifdu
    2013-12-27 10:27 - 2013-12-27 20:12 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Wakyufqu
    2013-12-27 10:27 - 2013-12-27 20:12 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Urecfo
    2013-12-27 10:27 - 2013-12-27 20:12 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Uhnyun
    2013-12-27 10:27 - 2013-12-27 20:12 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Udqeokvi
    2013-12-27 10:27 - 2013-12-27 20:12 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Sucaexac
    2013-12-27 10:27 - 2013-12-27 20:12 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Quryod
    2013-12-27 10:27 - 2013-12-27 20:12 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Osipvy
    2013-12-27 10:27 - 2013-12-27 20:12 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Loykeza
    2013-12-27 10:27 - 2013-12-27 20:12 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Katiryge
    2013-12-27 10:27 - 2013-12-27 20:12 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ivzuelp
    2013-12-27 10:27 - 2013-12-27 20:12 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ilurru
    2013-12-27 10:27 - 2013-12-27 20:12 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Fyempe
    2013-12-27 10:27 - 2013-12-27 20:12 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Cynymouq
    2013-12-27 10:27 - 2013-12-27 20:12 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Cealaf
    2013-12-27 10:27 - 2013-12-27 20:12 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Atalta
    2013-12-27 10:27 - 2013-12-27 20:12 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ankyhi
    2013-12-27 10:27 - 2013-12-27 20:11 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Xoepad
    2013-12-27 10:27 - 2013-12-27 20:11 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Xaguec
    2013-12-27 10:27 - 2013-12-27 20:11 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ulsazii
    2013-12-27 10:27 - 2013-12-27 20:11 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Toexumek
    2013-12-27 10:27 - 2013-12-27 20:11 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Sihuydb
    2013-12-27 10:27 - 2013-12-27 20:11 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Pyqiel
    2013-12-27 10:27 - 2013-12-27 20:11 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ovicba
    2013-12-27 10:27 - 2013-12-27 20:11 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Goovihza
    2013-12-27 10:27 - 2013-12-27 20:11 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Fyvyupyt
    2013-12-27 10:27 - 2013-12-27 20:11 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Feekyrx
    2013-12-27 10:27 - 2013-12-27 20:11 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Exocehc
    2013-12-27 10:27 - 2013-12-27 20:11 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ebhuyxx
    2013-12-27 10:27 - 2013-12-27 19:03 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Muodpahe
    2013-12-27 10:27 - 2013-12-27 19:03 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Abkubi
    2013-12-27 10:27 - 2013-12-27 19:02 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ydxoydys
    2013-12-27 10:27 - 2013-12-27 19:02 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Geyrazd
    2013-12-27 10:27 - 2013-12-27 19:01 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Bohinaaq
    2013-12-27 10:27 - 2013-12-27 18:03 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Yltoef
    2013-12-27 10:27 - 2013-12-27 18:03 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Xyyxwa
    2013-12-27 10:27 - 2013-12-27 18:02 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Yxotpy
    2013-12-27 10:27 - 2013-12-27 18:02 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Uwziby
    2013-12-27 10:27 - 2013-12-27 18:02 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Pyduexp
    2013-12-27 10:27 - 2013-12-27 18:02 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Moofwahe
    2013-12-27 10:27 - 2013-12-27 18:01 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Idyrqier
    2013-12-27 10:27 - 2013-12-27 17:46 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Wioxvope
    2013-12-27 10:27 - 2013-12-27 17:46 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ucfycye
    2013-12-27 10:27 - 2013-12-27 17:46 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Kokaifo
    2013-12-27 10:27 - 2013-12-27 17:03 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Lyqaaq
    2013-12-27 10:27 - 2013-12-27 17:03 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Botafi
    2013-12-27 10:27 - 2013-12-27 16:04 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Pierazc
    2013-12-27 10:27 - 2013-12-27 16:04 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Opnoxeoz
    2013-12-27 10:27 - 2013-12-27 16:04 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Afdesuoz
    2013-12-27 10:27 - 2013-12-27 16:03 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Yvkiag
    2013-12-27 10:27 - 2013-12-27 16:03 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ibupow
    2013-12-27 10:27 - 2013-12-27 16:03 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Fimaagux
    2013-12-27 10:27 - 2013-12-27 16:02 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Itynicz
    2013-12-27 10:27 - 2013-12-27 16:02 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Avymvyu
    2013-12-27 10:27 - 2013-12-27 15:05 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ylyzsii
    2013-12-27 10:27 - 2013-12-27 15:05 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Uhqezuco
    2013-12-27 10:27 - 2013-12-27 15:04 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ygcetaol
    2013-12-27 10:27 - 2013-12-27 15:04 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Xoniul
    2013-12-27 10:27 - 2013-12-27 15:04 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Wymatoy
    2013-12-27 10:27 - 2013-12-27 15:04 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Wauddyy
    2013-12-27 10:27 - 2013-12-27 15:04 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Lyuwwo
    2013-12-27 10:27 - 2013-12-27 15:04 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Coexrui
    2013-12-27 10:27 - 2013-12-27 15:03 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Rycoceb
    2013-12-27 10:27 - 2013-12-27 15:03 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Oloktuir
    2013-12-27 10:03 - 2013-12-27 10:02 - 00090112 _____ C:\WINDOWS\Minidump\Mini122713-01.dmp
    2013-12-27 05:52 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 3287836628.job
    2013-12-27 05:51 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 2408677117.job
    2013-12-27 05:50 - 2013-12-29 12:00 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 1211351929.job
    2013-12-27 05:49 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 2540194174.job
    2013-12-27 05:49 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 1873504007.job
    2013-12-27 05:48 - 2013-12-29 12:00 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 4154311137.job
    2013-12-27 05:47 - 2013-12-29 12:00 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 3629729729.job
    2013-12-27 05:46 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 371238779.job
    2013-12-27 05:46 - 2013-12-29 12:00 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 1863946225.job
    2013-12-27 05:45 - 2013-12-29 12:00 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 2387119726.job
    2013-12-27 05:44 - 2013-12-29 12:00 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 87695519.job
    2013-12-27 05:43 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1956468192.job
    2013-12-27 05:42 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 701112635.job
    2013-12-27 01:57 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 4277836672.job
    2013-12-27 01:57 - 2013-12-29 12:00 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 2308782259.job
    2013-12-27 01:56 - 2013-12-29 12:00 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 3209652642.job
    2013-12-27 01:56 - 2013-12-29 12:00 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 3209091799.job
    2013-12-27 01:54 - 2013-12-29 12:00 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 3800633129.job
    2013-12-27 01:53 - 2013-12-29 12:00 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 1347168173.job
    2013-12-27 01:52 - 2013-12-29 12:00 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 3600965468.job
    2013-12-27 01:51 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 709506353.job
    2013-12-27 01:51 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 2792190733.job
    2013-12-27 01:50 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 2039683573.job
    2013-12-27 01:48 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 712637240.job
    2013-12-27 01:48 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 4009333939.job
    2013-12-27 01:47 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 221019929.job
    2013-12-27 01:46 - 2013-12-29 12:00 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 619396990.job
    2013-12-27 01:45 - 2013-12-29 12:00 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 3372144040.job
    2013-12-27 01:44 - 2013-12-29 12:00 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 1420784476.job
    2013-12-27 01:44 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 3476042256.job
    2013-12-26 22:05 - 2013-12-29 12:00 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 1081850053.job
    2013-12-26 22:03 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 3990718765.job
    2013-12-26 22:01 - 2013-12-29 12:00 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 1655519068.job
    2013-12-26 22:01 - 2013-12-29 12:00 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 1320627931.job
    2013-12-26 22:00 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 2546145253.job
    2013-12-26 21:59 - 2013-12-29 12:00 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 2519717066.job
    2013-12-26 21:58 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1261306176.job
    2013-12-26 21:58 - 2013-12-29 12:00 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 3803616210.job
    2013-12-26 21:57 - 2013-12-29 12:00 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 3679413506.job
    2013-12-26 21:56 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 1741814216.job
    2013-12-26 21:56 - 2013-12-29 12:00 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 1061782202.job
    2013-12-26 21:55 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 2791378573.job
    2013-12-26 21:54 - 2013-12-29 12:00 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 911451674.job
    2013-12-26 21:54 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 970038231.job
    2013-12-26 21:53 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 2741615029.job
    2013-12-26 21:52 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 320279411.job
    2013-12-26 21:52 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1621176371.job
    2013-12-26 21:51 - 2013-12-29 12:00 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 1377561740.job
    2013-12-26 21:50 - 2013-12-29 12:00 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 3748884969.job
    2013-12-26 21:50 - 2013-12-29 12:00 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 1844186889.job
    2013-12-26 21:49 - 2013-12-29 12:00 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 656385206.job
    2013-12-26 21:48 - 2013-12-29 12:00 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 3295481433.job
    2013-12-26 21:48 - 2013-12-29 12:00 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 3069888336.job
    2013-12-26 21:47 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 72642966.job
    2013-12-26 21:46 - 2013-12-29 12:00 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 3784247043.job
    2013-12-26 21:43 - 2013-12-27 23:22 - 00008760 _____ C:\Documents and Settings\Owner\Desktop\Rkill.txt
    2013-12-26 21:38 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 1232635450.job
    2013-12-26 21:34 - 2013-12-29 12:00 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 452439642.job
    2013-12-26 21:33 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 3416630175.job
    2013-12-25 13:58 - 2013-12-28 21:58 - 00000510 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 10c22778-5d9c-42ff-a33c-a77e2b92005d.job
    2013-12-25 13:57 - 2013-12-25 13:57 - 00001678 _____ C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Professional.lnk
    2013-12-25 13:57 - 2013-12-25 13:57 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
    2013-12-25 13:56 - 2013-12-27 10:29 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
    2013-12-25 13:56 - 2013-12-25 13:56 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
    2013-12-25 13:54 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 1168307180.job
    2013-12-25 13:51 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 1083538640.job
    2013-12-25 13:50 - 2013-12-29 12:00 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 2969264379.job
    2013-12-25 13:50 - 2013-12-29 12:00 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 46647081.job
    2013-12-25 13:49 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1413792720.job
    2013-12-25 13:48 - 2013-12-29 12:00 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 2791061455.job
    2013-12-25 13:48 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 3701309023.job
    2013-12-25 13:47 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1167285849.job
    2013-12-25 12:55 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 3331785368.job
    2013-12-25 12:55 - 2013-12-29 12:00 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 3387647659.job
    2013-12-25 12:54 - 2013-12-29 12:00 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 2414928987.job
    2013-12-25 12:53 - 2013-12-29 12:00 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 2220986840.job
    2013-12-25 12:53 - 2013-12-29 12:00 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 474777665.job
    2013-12-25 12:52 - 2013-12-29 12:00 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 3476170545.job
    2013-12-25 12:51 - 2013-12-29 12:00 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 3277244330.job
    2013-12-25 12:51 - 2013-12-29 12:00 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 2178439679.job
    2013-12-25 12:50 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 1256328150.job
    2013-12-25 12:49 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 3023669432.job
    2013-12-25 12:49 - 2013-12-29 12:00 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 1020559165.job
    2013-12-25 12:48 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 3506292513.job
    2013-12-25 12:47 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 3783525716.job
    2013-12-25 12:47 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 319430655.job
    2013-12-25 12:46 - 2013-12-29 12:00 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 1988746925.job
    2013-12-25 12:45 - 2013-12-29 12:00 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 428592404.job
    2013-12-25 12:45 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 400730063.job
    2013-12-25 12:44 - 2013-12-29 12:00 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 1675829083.job
    2013-12-25 12:43 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 4092173135.job
    2013-12-25 12:43 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 2729293372.job
    2013-12-25 12:42 - 2013-12-29 12:00 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 3679906737.job
    2013-12-25 12:41 - 2013-12-29 12:00 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 3520270487.job
    2013-12-25 12:41 - 2013-12-29 12:00 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 315257620.job
    2013-12-25 12:40 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1440553547.job
    2013-12-25 12:39 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 2813089270.job
    2013-12-25 12:39 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 3025139946.job
    2013-12-25 12:38 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 3985167262.job
    2013-12-25 12:37 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 3679284912.job
    2013-12-25 12:36 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 673050838.job
    2013-12-25 12:36 - 2013-12-29 12:00 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 4235871987.job
    2013-12-25 12:35 - 2013-12-29 12:00 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 1751565923.job
    2013-12-25 12:34 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 258221702.job
    2013-12-25 12:34 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1361664755.job
    2013-12-25 12:33 - 2013-12-29 12:00 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 798706992.job
    2013-12-25 12:32 - 2013-12-29 12:00 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 2489887677.job
    2013-12-25 12:32 - 2013-12-29 12:00 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 1497563506.job
    2013-12-25 12:31 - 2013-12-29 12:00 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 2592968499.job
    2013-12-25 12:30 - 2013-12-29 12:00 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 2416183415.job
    2013-12-25 12:30 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 2626427140.job
    2013-12-25 12:29 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 590357516.job
    2013-12-25 12:28 - 2013-12-29 12:00 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 2477489666.job
    2013-12-25 12:28 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 979382889.job
    2013-12-25 12:27 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1975544905.job
    2013-12-25 12:27 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 4098270553.job
    2013-12-25 12:26 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 4025104484.job
    2013-12-25 12:25 - 2013-12-29 12:00 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 2935704943.job
    2013-12-25 12:24 - 2013-12-29 12:00 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 2405006451.job
    2013-12-25 12:24 - 2013-12-29 12:00 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 2155236161.job
    2013-12-25 12:23 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 875387701.job
    2013-12-25 12:23 - 2013-12-29 12:00 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 718252762.job
    2013-12-25 12:22 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 4169285839.job
    2013-12-25 12:21 - 2013-12-29 12:00 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 1211432604.job
    2013-12-25 12:20 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 2745853030.job
    2013-12-25 12:20 - 2013-12-29 12:00 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 2634531564.job
    2013-12-25 12:19 - 2013-12-29 12:00 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 713225586.job
    2013-12-25 12:18 - 2013-12-29 12:00 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 560938592.job
    2013-12-25 12:18 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 1547382270.job
    2013-12-25 12:17 - 2013-12-29 12:00 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 1216927709.job
    2013-12-25 12:16 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 1564345409.job
    2013-12-25 12:16 - 2013-12-29 12:00 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 3883503566.job
    2013-12-25 12:15 - 2013-12-29 12:00 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 4022492624.job
    2013-12-25 12:14 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 3838392391.job
    2013-12-25 12:14 - 2013-12-29 12:00 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 3850949386.job
    2013-12-25 12:13 - 2013-12-29 12:00 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 4217168398.job
    2013-12-25 12:12 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 1461547677.job
    2013-12-25 12:11 - 2013-12-29 12:00 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 3351252341.job
    2013-12-25 12:11 - 2013-12-29 12:00 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 1137787085.job
    2013-12-25 12:10 - 2013-12-29 12:00 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 1132824244.job
    2013-12-25 12:09 - 2013-12-29 12:00 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 808486472.job
    2013-12-25 12:09 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 375140654.job
    2013-12-25 12:08 - 2013-12-29 12:00 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 2923253680.job
    2013-12-25 12:08 - 2013-12-29 12:00 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 402289323.job
    2013-12-25 12:07 - 2013-12-29 12:00 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 3277470999.job
    2013-12-25 12:06 - 2013-12-29 12:00 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 3109357307.job
    2013-12-25 12:05 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1878508268.job
    2013-12-25 12:05 - 2013-12-29 12:00 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 1577089289.job
    2013-12-25 12:04 - 2013-12-29 12:00 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 2082603011.job
    2013-12-25 12:03 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 4287804461.job
    2013-12-25 12:02 - 2013-12-29 12:00 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 1013644702.job
    2013-12-25 12:02 - 2013-12-29 12:00 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 4047984375.job
    2013-12-24 15:02 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 4043466116.job
    2013-12-24 14:58 - 2013-12-29 12:00 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 1400387617.job
    2013-12-24 14:57 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 4236224367.job
    2013-12-24 14:56 - 2013-12-29 12:00 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 1886463784.job
    2013-12-24 14:53 - 2013-12-29 12:00 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 2820184469.job
    2013-12-24 14:51 - 2013-12-29 12:00 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 2483852177.job
    2013-12-24 14:47 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 2591458659.job
    2013-12-24 14:37 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 171117078.job
    2013-12-24 14:34 - 2013-12-29 12:00 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 4232512821.job
    2013-12-24 14:28 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 2720046740.job
    2013-12-24 14:26 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1281875270.job
    2013-12-24 14:23 - 2013-12-29 12:00 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 3213022074.job
    2013-12-24 14:21 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 2259588774.job
    2013-12-24 14:21 - 2013-12-29 12:00 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 4218765206.job
    2013-12-24 14:14 - 2013-12-29 12:00 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 49497787.job
    2013-12-24 14:13 - 2013-12-29 12:00 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 615138577.job
    2013-12-24 14:08 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 2901426990.job
    2013-12-24 14:07 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 3673618064.job
    2013-12-24 14:06 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 565077913.job
    2013-12-24 13:57 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 3282089973.job
    2013-12-24 13:56 - 2013-12-29 12:00 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 3912847873.job
    2013-12-24 13:53 - 2013-12-29 12:00 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1650939616.job
    2013-12-24 13:53 - 2013-12-28 23:13 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
    2013-12-24 13:52 - 2013-12-29 12:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 2865934546.job
    2013-12-24 13:50 - 2013-12-29 12:00 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 1720851841.job
    2013-12-24 11:23 - 2013-12-24 11:23 - 00012326 _____ C:\Documents and Settings\Owner\Local Settings\Application Data\cbrumbeb
    2013-12-24 10:24 - 2013-12-24 10:24 - 00067992 _____ C:\Documents and Settings\Owner\Local Settings\Application Data\iccksluk
    2013-12-24 10:23 - 2013-12-24 10:23 - 00000000 _____ C:\Documents and Settings\Owner\Application Data\SharedSettings.ccs
    2013-12-18 12:23 - 2013-12-18 12:23 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\QuickSet
    2013-12-18 12:22 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\suurff aNdd keeep
    2013-12-18 12:22 - 2013-12-24 11:20 - 00000000 ____D C:\Program Files\Sk-Enabler
    2013-12-18 12:22 - 2013-12-24 11:17 - 00000000 ____D C:\Program Files\suurff aNdd keeep
    2013-12-18 12:22 - 2013-12-18 12:23 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\InstallMate
    2013-12-18 12:22 - 2013-12-18 12:23 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\5cbe860b382c8b34
    2013-12-18 12:17 - 2013-12-18 12:27 - 00000000 ____D C:\Program Files\TornTV.com
    2013-12-18 12:17 - 2013-12-18 12:17 - 00000000 ____D C:\Documents and Settings\Owner\Start Menu\Programs\TornTV.com
    2013-12-16 08:49 - 2013-12-16 08:49 - 27361280 _____ C:\Documents and Settings\Mom's Computer Files\Desktop\Rickman Financial Account Data-2013-12-16.QDF-backup
    2013-12-15 13:34 - 2013-12-25 12:00 - 00000000 ____D C:\Documents and Settings\Owner\Desktop\2013 News letter
    2013-12-11 21:12 - 2013-12-11 21:22 - 00000000 ____D C:\Documents and Settings\Owner\My Documents\Welding Information
    2013-12-10 16:56 - 2013-12-10 16:56 - 00000000 ____D C:\Program Files\Mozilla Firefox
    2013-12-07 17:08 - 2013-12-07 17:08 - 00000000 ____D C:\Program Files\Construction Master Pro for Windows
    2013-12-07 17:08 - 2013-12-07 17:08 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Construction Master Pro for Windows

    ==================== One Month Modified Files and Folders =======

    2013-12-29 12:04 - 2013-12-28 19:33 - 00024636 _____ C:\Documents and Settings\Owner\Desktop\FRST.txt
    2013-12-29 12:00 - 2013-12-27 17:47 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 266111037.job
    2013-12-29 12:00 - 2013-12-27 17:47 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 111686145.job
    2013-12-29 12:00 - 2013-12-27 17:46 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 2263627583.job
    2013-12-29 12:00 - 2013-12-27 17:45 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 724905180.job
    2013-12-29 12:00 - 2013-12-27 17:45 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 2319181828.job
    2013-12-29 12:00 - 2013-12-27 13:52 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 964514311.job
    2013-12-29 12:00 - 2013-12-27 13:51 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 3116967883.job
    2013-12-29 12:00 - 2013-12-27 13:50 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 1950185314.job
    2013-12-29 12:00 - 2013-12-27 13:49 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1432586974.job
    2013-12-29 12:00 - 2013-12-27 13:48 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 4096806107.job
    2013-12-29 12:00 - 2013-12-27 13:47 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 360656239.job
    2013-12-29 12:00 - 2013-12-27 13:46 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 2826509393.job
    2013-12-29 12:00 - 2013-12-27 13:46 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 932040931.job
    2013-12-29 12:00 - 2013-12-27 11:29 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 2105786894.job
    2013-12-29 12:00 - 2013-12-27 11:28 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 948595071.job
    2013-12-29 12:00 - 2013-12-27 11:27 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 468330616.job
    2013-12-29 12:00 - 2013-12-27 11:26 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 3151588881.job
    2013-12-29 12:00 - 2013-12-27 11:25 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 890778193.job
    2013-12-29 12:00 - 2013-12-27 11:24 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 1626596997.job
    2013-12-29 12:00 - 2013-12-27 05:52 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 3287836628.job
    2013-12-29 12:00 - 2013-12-27 05:51 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 2408677117.job
    2013-12-29 12:00 - 2013-12-27 05:50 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 1211351929.job
    2013-12-29 12:00 - 2013-12-27 05:49 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 2540194174.job
    2013-12-29 12:00 - 2013-12-27 05:49 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 1873504007.job
    2013-12-29 12:00 - 2013-12-27 05:48 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 4154311137.job
    2013-12-29 12:00 - 2013-12-27 05:47 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 3629729729.job
    2013-12-29 12:00 - 2013-12-27 05:46 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 371238779.job
    2013-12-29 12:00 - 2013-12-27 05:46 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 1863946225.job
    2013-12-29 12:00 - 2013-12-27 05:45 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 2387119726.job
    2013-12-29 12:00 - 2013-12-27 05:44 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 87695519.job
    2013-12-29 12:00 - 2013-12-27 05:43 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1956468192.job
    2013-12-29 12:00 - 2013-12-27 05:42 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 701112635.job
    2013-12-29 12:00 - 2013-12-27 01:57 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 4277836672.job
    2013-12-29 12:00 - 2013-12-27 01:57 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 2308782259.job
    2013-12-29 12:00 - 2013-12-27 01:56 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 3209652642.job
    2013-12-29 12:00 - 2013-12-27 01:56 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 3209091799.job
    2013-12-29 12:00 - 2013-12-27 01:54 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 3800633129.job
    2013-12-29 12:00 - 2013-12-27 01:53 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 1347168173.job
    2013-12-29 12:00 - 2013-12-27 01:52 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 3600965468.job
    2013-12-29 12:00 - 2013-12-27 01:51 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 709506353.job
    2013-12-29 12:00 - 2013-12-27 01:51 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 2792190733.job
    2013-12-29 12:00 - 2013-12-27 01:50 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 2039683573.job
    2013-12-29 12:00 - 2013-12-27 01:48 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 712637240.job
    2013-12-29 12:00 - 2013-12-27 01:48 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 4009333939.job
    2013-12-29 12:00 - 2013-12-27 01:47 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 221019929.job
    2013-12-29 12:00 - 2013-12-27 01:46 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 619396990.job
    2013-12-29 12:00 - 2013-12-27 01:45 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 3372144040.job
    2013-12-29 12:00 - 2013-12-27 01:44 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 1420784476.job
    2013-12-29 12:00 - 2013-12-27 01:44 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 3476042256.job
    2013-12-29 12:00 - 2013-12-26 22:05 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 1081850053.job
    2013-12-29 12:00 - 2013-12-26 22:03 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 3990718765.job
    2013-12-29 12:00 - 2013-12-26 22:01 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 1655519068.job
    2013-12-29 12:00 - 2013-12-26 22:01 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 1320627931.job
    2013-12-29 12:00 - 2013-12-26 22:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 2546145253.job
    2013-12-29 12:00 - 2013-12-26 21:59 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 2519717066.job
    2013-12-29 12:00 - 2013-12-26 21:58 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1261306176.job
    2013-12-29 12:00 - 2013-12-26 21:58 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 3803616210.job
    2013-12-29 12:00 - 2013-12-26 21:57 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 3679413506.job
    2013-12-29 12:00 - 2013-12-26 21:56 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 1741814216.job
    2013-12-29 12:00 - 2013-12-26 21:56 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 1061782202.job
    2013-12-29 12:00 - 2013-12-26 21:55 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 2791378573.job
    2013-12-29 12:00 - 2013-12-26 21:54 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 911451674.job
    2013-12-29 12:00 - 2013-12-26 21:54 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 970038231.job
    2013-12-29 12:00 - 2013-12-26 21:53 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 2741615029.job
    2013-12-29 12:00 - 2013-12-26 21:52 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 320279411.job
    2013-12-29 12:00 - 2013-12-26 21:52 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1621176371.job
    2013-12-29 12:00 - 2013-12-26 21:51 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 1377561740.job
    2013-12-29 12:00 - 2013-12-26 21:50 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 3748884969.job
    2013-12-29 12:00 - 2013-12-26 21:50 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 1844186889.job
    2013-12-29 12:00 - 2013-12-26 21:49 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 656385206.job
    2013-12-29 12:00 - 2013-12-26 21:48 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 3295481433.job
    2013-12-29 12:00 - 2013-12-26 21:48 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 3069888336.job
    2013-12-29 12:00 - 2013-12-26 21:47 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 72642966.job
    2013-12-29 12:00 - 2013-12-26 21:46 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 3784247043.job
    2013-12-29 12:00 - 2013-12-26 21:38 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 1232635450.job
    2013-12-29 12:00 - 2013-12-26 21:34 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 452439642.job
    2013-12-29 12:00 - 2013-12-26 21:33 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 3416630175.job
    2013-12-29 12:00 - 2013-12-25 13:54 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 1168307180.job
    2013-12-29 12:00 - 2013-12-25 13:51 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 1083538640.job
    2013-12-29 12:00 - 2013-12-25 13:50 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 2969264379.job
    2013-12-29 12:00 - 2013-12-25 13:50 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 46647081.job
    2013-12-29 12:00 - 2013-12-25 13:49 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1413792720.job
    2013-12-29 12:00 - 2013-12-25 13:48 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 2791061455.job
    2013-12-29 12:00 - 2013-12-25 13:48 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 3701309023.job
    2013-12-29 12:00 - 2013-12-25 13:47 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1167285849.job
    2013-12-29 12:00 - 2013-12-25 12:55 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 3331785368.job
    2013-12-29 12:00 - 2013-12-25 12:55 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 3387647659.job
    2013-12-29 12:00 - 2013-12-25 12:54 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 2414928987.job
    2013-12-29 12:00 - 2013-12-25 12:53 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 2220986840.job
    2013-12-29 12:00 - 2013-12-25 12:53 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 474777665.job
    2013-12-29 12:00 - 2013-12-25 12:52 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 3476170545.job
    2013-12-29 12:00 - 2013-12-25 12:51 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 3277244330.job
    2013-12-29 12:00 - 2013-12-25 12:51 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 2178439679.job
    2013-12-29 12:00 - 2013-12-25 12:50 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 1256328150.job
    2013-12-29 12:00 - 2013-12-25 12:49 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 3023669432.job
    2013-12-29 12:00 - 2013-12-25 12:49 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 1020559165.job
    2013-12-29 12:00 - 2013-12-25 12:48 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 3506292513.job
    2013-12-29 12:00 - 2013-12-25 12:47 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 3783525716.job
    2013-12-29 12:00 - 2013-12-25 12:47 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 319430655.job
    2013-12-29 12:00 - 2013-12-25 12:46 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 1988746925.job
    2013-12-29 12:00 - 2013-12-25 12:45 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 428592404.job
    2013-12-29 12:00 - 2013-12-25 12:45 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 400730063.job
    2013-12-29 12:00 - 2013-12-25 12:44 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 1675829083.job
    2013-12-29 12:00 - 2013-12-25 12:43 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 4092173135.job
    2013-12-29 12:00 - 2013-12-25 12:43 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 2729293372.job
    2013-12-29 12:00 - 2013-12-25 12:42 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 3679906737.job
    2013-12-29 12:00 - 2013-12-25 12:41 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 3520270487.job
    2013-12-29 12:00 - 2013-12-25 12:41 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 315257620.job
    2013-12-29 12:00 - 2013-12-25 12:40 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1440553547.job
    2013-12-29 12:00 - 2013-12-25 12:39 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 2813089270.job
    2013-12-29 12:00 - 2013-12-25 12:39 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 3025139946.job
    2013-12-29 12:00 - 2013-12-25 12:38 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 3985167262.job
    2013-12-29 12:00 - 2013-12-25 12:37 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 3679284912.job
    2013-12-29 12:00 - 2013-12-25 12:36 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 673050838.job
    2013-12-29 12:00 - 2013-12-25 12:36 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 4235871987.job
    2013-12-29 12:00 - 2013-12-25 12:35 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 1751565923.job
    2013-12-29 12:00 - 2013-12-25 12:34 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 258221702.job
    2013-12-29 12:00 - 2013-12-25 12:34 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1361664755.job
    2013-12-29 12:00 - 2013-12-25 12:33 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 798706992.job
    2013-12-29 12:00 - 2013-12-25 12:32 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 2489887677.job
    2013-12-29 12:00 - 2013-12-25 12:32 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 1497563506.job
    2013-12-29 12:00 - 2013-12-25 12:31 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 2592968499.job
    2013-12-29 12:00 - 2013-12-25 12:30 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 2416183415.job
    2013-12-29 12:00 - 2013-12-25 12:30 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 2626427140.job
    2013-12-29 12:00 - 2013-12-25 12:29 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 590357516.job
    2013-12-29 12:00 - 2013-12-25 12:28 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 2477489666.job
    2013-12-29 12:00 - 2013-12-25 12:28 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 979382889.job
    2013-12-29 12:00 - 2013-12-25 12:27 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1975544905.job
    2013-12-29 12:00 - 2013-12-25 12:27 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 4098270553.job
    2013-12-29 12:00 - 2013-12-25 12:26 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 4025104484.job
    2013-12-29 12:00 - 2013-12-25 12:25 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 2935704943.job
    2013-12-29 12:00 - 2013-12-25 12:24 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 2405006451.job
    2013-12-29 12:00 - 2013-12-25 12:24 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 2155236161.job
    2013-12-29 12:00 - 2013-12-25 12:23 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 875387701.job
    2013-12-29 12:00 - 2013-12-25 12:23 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 718252762.job
    2013-12-29 12:00 - 2013-12-25 12:22 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 4169285839.job
    2013-12-29 12:00 - 2013-12-25 12:21 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 1211432604.job
    2013-12-29 12:00 - 2013-12-25 12:20 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 2745853030.job
    2013-12-29 12:00 - 2013-12-25 12:20 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 2634531564.job
    2013-12-29 12:00 - 2013-12-25 12:19 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 713225586.job
    2013-12-29 12:00 - 2013-12-25 12:18 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 560938592.job
    2013-12-29 12:00 - 2013-12-25 12:18 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 1547382270.job
    2013-12-29 12:00 - 2013-12-25 12:17 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 1216927709.job
    2013-12-29 12:00 - 2013-12-25 12:16 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 1564345409.job
    2013-12-29 12:00 - 2013-12-25 12:16 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 3883503566.job
    2013-12-29 12:00 - 2013-12-25 12:15 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 4022492624.job
    2013-12-29 12:00 - 2013-12-25 12:14 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 3838392391.job
    2013-12-29 12:00 - 2013-12-25 12:14 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 3850949386.job
    2013-12-29 12:00 - 2013-12-25 12:13 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 4217168398.job
    2013-12-29 12:00 - 2013-12-25 12:12 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 1461547677.job
    2013-12-29 12:00 - 2013-12-25 12:11 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 3351252341.job
    2013-12-29 12:00 - 2013-12-25 12:11 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 1137787085.job
    2013-12-29 12:00 - 2013-12-25 12:10 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 1132824244.job
    2013-12-29 12:00 - 2013-12-25 12:09 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 808486472.job
    2013-12-29 12:00 - 2013-12-25 12:09 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 375140654.job
    2013-12-29 12:00 - 2013-12-25 12:08 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 2923253680.job
    2013-12-29 12:00 - 2013-12-25 12:08 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 402289323.job
    2013-12-29 12:00 - 2013-12-25 12:07 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 3277470999.job
    2013-12-29 12:00 - 2013-12-25 12:06 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 3109357307.job
    2013-12-29 12:00 - 2013-12-25 12:05 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1878508268.job
    2013-12-29 12:00 - 2013-12-25 12:05 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 1577089289.job
    2013-12-29 12:00 - 2013-12-25 12:04 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 2082603011.job
    2013-12-29 12:00 - 2013-12-25 12:03 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 4287804461.job
    2013-12-29 12:00 - 2013-12-25 12:02 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 1013644702.job
    2013-12-29 12:00 - 2013-12-25 12:02 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 4047984375.job
    2013-12-29 12:00 - 2013-12-24 15:02 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 4043466116.job
    2013-12-29 12:00 - 2013-12-24 14:58 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 1400387617.job
    2013-12-29 12:00 - 2013-12-24 14:57 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 4236224367.job
    2013-12-29 12:00 - 2013-12-24 14:56 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 1886463784.job
    2013-12-29 12:00 - 2013-12-24 14:53 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 2820184469.job
    2013-12-29 12:00 - 2013-12-24 14:51 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 2483852177.job
    2013-12-29 12:00 - 2013-12-24 14:47 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 2591458659.job
    2013-12-29 12:00 - 2013-12-24 14:37 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 171117078.job
    2013-12-29 12:00 - 2013-12-24 14:34 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 4232512821.job
    2013-12-29 12:00 - 2013-12-24 14:28 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 2720046740.job
    2013-12-29 12:00 - 2013-12-24 14:26 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1281875270.job
    2013-12-29 12:00 - 2013-12-24 14:23 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 3213022074.job
    2013-12-29 12:00 - 2013-12-24 14:21 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 2259588774.job
    2013-12-29 12:00 - 2013-12-24 14:21 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 4218765206.job
    2013-12-29 12:00 - 2013-12-24 14:14 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 49497787.job
    2013-12-29 12:00 - 2013-12-24 14:13 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 615138577.job
    2013-12-29 12:00 - 2013-12-24 14:08 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 2901426990.job
    2013-12-29 12:00 - 2013-12-24 14:07 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 3673618064.job
    2013-12-29 12:00 - 2013-12-24 14:06 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 565077913.job
    2013-12-29 12:00 - 2013-12-24 13:57 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 3282089973.job
    2013-12-29 12:00 - 2013-12-24 13:56 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 3912847873.job
    2013-12-29 12:00 - 2013-12-24 13:53 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1650939616.job
    2013-12-29 12:00 - 2013-12-24 13:52 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 2865934546.job
    2013-12-29 12:00 - 2013-12-24 13:50 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 1720851841.job
    2013-12-29 12:00 - 2004-08-26 13:08 - 00032412 _____ C:\WINDOWS\SchedLgU.Txt
    2013-12-29 11:49 - 2010-12-23 10:39 - 00000978 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1117639363-358789429-3253389173-1003UA.job
    2013-12-29 11:41 - 2012-08-21 18:58 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2013-12-29 11:38 - 2010-11-25 10:39 - 00000884 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2013-12-29 11:01 - 2011-02-06 11:30 - 00000440 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
    2013-12-29 11:01 - 2004-08-26 13:01 - 00000000 ____D C:\WINDOWS\Registration
    2013-12-29 11:00 - 2011-04-28 15:42 - 00000472 _____ C:\WINDOWS\Tasks\SDMsgUpdate (TE).job
    2013-12-29 10:58 - 2004-08-26 13:02 - 01221047 _____ C:\WINDOWS\WindowsUpdate.log
    2013-12-29 10:58 - 2004-08-26 05:58 - 00000159 _____ C:\WINDOWS\wiadebug.log
    2013-12-29 10:58 - 2004-08-26 05:58 - 00000050 _____ C:\WINDOWS\wiaservc.log
    2013-12-29 10:55 - 2010-11-25 10:39 - 00000880 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2013-12-29 10:54 - 2004-08-26 13:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2013-12-29 10:47 - 2004-08-26 13:09 - 00000278 ___SH C:\Documents and Settings\Owner\ntuser.ini
    2013-12-29 10:45 - 2013-12-29 10:45 - 00000000 ____D C:\_OTM
    2013-12-29 10:44 - 2013-12-29 10:44 - 00522240 _____ (OldTimer Tools) C:\Documents and Settings\Owner\Desktop\OTM.exe
    2013-12-29 10:30 - 2004-08-26 11:12 - 00001170 _____ C:\WINDOWS\system32\wpa.dbl
    2013-12-28 23:13 - 2013-12-24 13:53 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
    2013-12-28 21:58 - 2013-12-25 13:58 - 00000510 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 10c22778-5d9c-42ff-a33c-a77e2b92005d.job
    2013-12-28 19:29 - 2013-12-28 19:29 - 00000000 ____D C:\FRST
    2013-12-28 19:28 - 2013-12-28 19:28 - 01064131 _____ (Farbar) C:\Documents and Settings\Owner\Desktop\FRST.exe
    2013-12-28 19:00 - 2010-10-27 17:58 - 00000254 _____ C:\WINDOWS\Tasks\RMSchedule.job
    2013-12-28 13:00 - 2013-12-27 10:30 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Irapfuty
    2013-12-28 11:52 - 2013-12-28 11:48 - 00015142 _____ C:\Documents and Settings\Owner\Desktop\attach.txt
    2013-12-28 11:51 - 2013-12-28 11:48 - 00024898 _____ C:\Documents and Settings\Owner\Desktop\dds.txt
    2013-12-28 11:32 - 2013-12-28 11:32 - 00688992 ____R (Swearware) C:\Documents and Settings\Owner\Desktop\dds.com
    2013-12-28 11:06 - 2013-12-27 10:30 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Etvexi
    2013-12-28 11:05 - 2013-12-27 10:30 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ygbiecbi
    2013-12-28 11:02 - 2013-12-27 10:30 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Izoselyw
    2013-12-28 11:01 - 2013-12-27 10:30 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Nyehoka
    2013-12-28 11:01 - 2013-12-27 10:30 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ewupnyik
    2013-12-28 10:27 - 2013-12-28 10:27 - 00891200 _____ C:\Documents and Settings\Owner\Desktop\SecurityCheck.exe
    2013-12-28 10:24 - 2013-12-28 10:24 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\tasklist.exe
    2013-12-28 10:02 - 2013-12-27 10:30 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Uxqeuh
    2013-12-28 10:02 - 2013-12-27 10:30 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Umfeuni
    2013-12-28 10:02 - 2013-12-27 10:30 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Isxiow
    2013-12-28 10:01 - 2013-12-27 10:30 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Zoemgik
    2013-12-28 10:01 - 2013-12-27 10:30 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Yklaix
    2013-12-28 10:00 - 2013-12-27 10:30 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Oquztaz
    2013-12-28 10:00 - 2013-12-27 10:30 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Memyunnu
    2013-12-28 09:49 - 2010-12-23 10:39 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1117639363-358789429-3253389173-1003Core.job
    2013-12-28 09:43 - 2013-12-28 09:43 - 04101441 _____ C:\Documents and Settings\Owner\Desktop\tdsskiller.zip
    2013-12-28 03:36 - 2005-10-07 14:19 - 00000000 __SHD C:\Documents and Settings\Owner\UserData
    2013-12-28 00:00 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Yquceldo
    2013-12-27 23:23 - 2013-12-27 23:23 - 00008760 _____ C:\Documents and Settings\Owner\Desktop\Rkill 1227111925 PM.txt
    2013-12-27 23:22 - 2013-12-26 21:43 - 00008760 _____ C:\Documents and Settings\Owner\Desktop\Rkill.txt
    2013-12-27 23:01 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Lyuzums
    2013-12-27 22:51 - 2013-12-27 22:51 - 00000000 _____ C:\Documents and Settings\Owner\tasklist
    2013-12-27 22:51 - 2004-08-26 13:09 - 00000000 ____D C:\Documents and Settings\Owner
    2013-12-27 22:00 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Lecirax
    2013-12-27 21:00 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Wyutufob
    2013-12-27 20:24 - 2013-12-27 20:24 - 00000000 ____D C:\TDSSKiller_Quarantine
    2013-12-27 20:13 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ydvialxo
    2013-12-27 20:13 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Wuqeope
    2013-12-27 20:13 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Uzpakeb
    2013-12-27 20:13 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Uqdauw
    2013-12-27 20:13 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Uctuluy
    2013-12-27 20:13 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Rigeogxe
    2013-12-27 20:13 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Olurecro
    2013-12-27 20:13 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Loqyukfa
    2013-12-27 20:13 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Imyzulo
    2013-12-27 20:13 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Icinmeyp
    2013-12-27 20:13 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Efniys
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Wyosifdu
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Wakyufqu
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Urecfo
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Uhnyun
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Udqeokvi
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Sucaexac
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Quryod
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Osipvy
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Loykeza
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Katiryge
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ivzuelp
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ilurru
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Fyempe
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Cynymouq
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Cealaf
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Atalta
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ankyhi
    2013-12-27 20:11 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Xoepad
    2013-12-27 20:11 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Xaguec
    2013-12-27 20:11 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ulsazii
    2013-12-27 20:11 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Toexumek
    2013-12-27 20:11 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Sihuydb
    2013-12-27 20:11 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Pyqiel
    2013-12-27 20:11 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ovicba
    2013-12-27 20:11 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Goovihza
    2013-12-27 20:11 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Fyvyupyt
    2013-12-27 20:11 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Feekyrx
    2013-12-27 20:11 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Exocehc
    2013-12-27 20:11 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ebhuyxx
    2013-12-27 19:51 - 2009-01-16 23:00 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB952954$
    2013-12-27 19:42 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ifemig
    2013-12-27 19:03 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Muodpahe
    2013-12-27 19:03 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Abkubi
    2013-12-27 19:02 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ydxoydys
    2013-12-27 19:02 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Geyrazd
    2013-12-27 19:01 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Bohinaaq
    2013-12-27 18:03 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Yltoef
    2013-12-27 18:03 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Xyyxwa
    2013-12-27 18:02 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Yxotpy
    2013-12-27 18:02 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Uwziby
    2013-12-27 18:02 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Pyduexp
    2013-12-27 18:02 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Moofwahe
    2013-12-27 18:01 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Opaqaxo
    2013-12-27 18:01 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Idyrqier
    2013-12-27 17:49 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ygogopqa
    2013-12-27 17:49 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Uqeftyel
    2013-12-27 17:49 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ceodnauc
    2013-12-27 17:48 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Yzunxy
    2013-12-27 17:48 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Xoacac
    2013-12-27 17:48 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Seeczy
    2013-12-27 17:48 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Muodelxe
    2013-12-27 17:48 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Kyumsawy
    2013-12-27 17:48 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Guuxfy
    2013-12-27 17:48 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Foumna
    2013-12-27 17:48 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ermoyhes
    2013-12-27 17:48 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Biiqlo
    2013-12-27 17:47 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ywpues
    2013-12-27 17:47 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ulbygu
    2013-12-27 17:47 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Teyquqku
    2013-12-27 17:47 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Rezeso
    2013-12-27 17:47 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Naohyxti
    2013-12-27 17:47 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Enliyku
    2013-12-27 17:47 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Emrure
    2013-12-27 17:47 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Arqoem
    2013-12-27 17:46 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Wioxvope
    2013-12-27 17:46 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ucfycye
    2013-12-27 17:46 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Kokaifo
    2013-12-27 17:03 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Lyqaaq
    2013-12-27 17:03 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Botafi
    2013-12-27 17:02 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Nypeluh
    2013-12-27 17:02 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Fenyuw
    2013-12-27 17:01 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Zoecvey
    2013-12-27 17:01 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Weogynte
    2013-12-27 17:01 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Loovig
    2013-12-27 16:04 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Waonmo
    2013-12-27 16:04 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Pierazc
    2013-12-27 16:04 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Opnoxeoz
    2013-12-27 16:04 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Afdesuoz
    2013-12-27 16:03 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ifugceon
    2013-12-27 16:03 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Gaewino
    2013-12-27 16:03 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Yvkiag
    2013-12-27 16:03 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ibupow
    2013-12-27 16:03 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Fimaagux
    2013-12-27 16:02 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Itynicz
    2013-12-27 16:02 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Avymvyu
    2013-12-27 16:01 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Uhylyqi
    2013-12-27 16:00 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ywykobaw
    2013-12-27 16:00 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Qilavy
    2013-12-27 16:00 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Okivuh
    2013-12-27 15:05 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Byuvfica
    2013-12-27 15:05 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ylyzsii
    2013-12-27 15:05 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Uhqezuco
    2013-12-27 15:04 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ygcetaol
    2013-12-27 15:04 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Xoniul
    2013-12-27 15:04 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Wymatoy
    2013-12-27 15:04 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Wauddyy
    2013-12-27 15:04 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Lyuwwo
    2013-12-27 15:04 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Coexrui
    2013-12-27 15:03 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Quovhi
    2013-12-27 15:03 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Nuheek
    2013-12-27 15:03 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Attyfu
    2013-12-27 15:03 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Rycoceb
    2013-12-27 15:03 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Oloktuir
    2013-12-27 15:02 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Waypez
    2013-12-27 15:02 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Vebaedxi
    2013-12-27 15:02 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Lizywa
    2013-12-27 15:02 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Cyniel
    2013-12-27 15:01 - 2013-12-27 10:30 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Yxlohi
    2013-12-27 15:00 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Niosycik
    2013-12-27 12:08 - 2013-12-27 12:08 - 00006264 _____ C:\Documents and Settings\Owner\Desktop\bugkiller.txt
    2013-12-27 11:54 - 2013-12-27 11:54 - 00002855 _____ C:\Documents and Settings\Owner\Desktop\Bugkiller.PIF
    2013-12-27 11:54 - 2004-08-26 11:12 - 00000451 _____ C:\WINDOWS\system.ini
    2013-12-27 11:52 - 2013-12-27 11:52 - 00008196 _____ C:\Documents and Settings\Owner\Desktop\Rkill alt.txt
    2013-12-27 11:34 - 2013-12-27 11:34 - 01937144 _____ (Bleeping Computer, LLC) C:\Documents and Settings\Owner\Desktop\Bugkiller.com
    2013-12-27 11:11 - 2011-02-06 11:02 - 00000178 ___SH C:\Documents and Settings\Mom's Computer Files\ntuser.ini
    2013-12-27 11:11 - 2011-02-06 11:02 - 00000000 ____D C:\Documents and Settings\Mom's Computer Files
    2013-12-27 10:29 - 2013-12-27 10:29 - 00000000 ____D C:\SUPERDelete
    2013-12-27 10:29 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
    2013-12-27 10:29 - 2013-12-25 13:56 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
    2013-12-27 10:28 - 2011-12-16 18:41 - 00000000 ____D C:\Documents and Settings\Owner\Desktop\Rescue Disk
    2013-12-27 10:27 - 2013-12-18 12:22 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\suurff aNdd keeep
    2013-12-27 10:02 - 2013-12-27 10:03 - 00090112 _____ C:\WINDOWS\Minidump\Mini122713-01.dmp
    2013-12-25 13:57 - 2013-12-25 13:57 - 00001678 _____ C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Professional.lnk
    2013-12-25 13:57 - 2013-12-25 13:57 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
    2013-12-25 13:56 - 2013-12-25 13:56 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
    2013-12-25 12:00 - 2013-12-15 13:34 - 00000000 ____D C:\Documents and Settings\Owner\Desktop\2013 News letter
    2013-12-25 11:59 - 2009-01-16 15:36 - 00000000 ____D C:\WINDOWS\system32\NtmsData
    2013-12-25 11:58 - 2012-05-19 09:11 - 00109726 _____ C:\WINDOWS\setupapi.log
    2013-12-24 15:08 - 2009-04-19 02:04 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB956572$
    2013-12-24 11:23 - 2013-12-24 11:23 - 00012326 _____ C:\Documents and Settings\Owner\Local Settings\Application Data\cbrumbeb
    2013-12-24 11:20 - 2013-12-18 12:22 - 00000000 ____D C:\Program Files\Sk-Enabler
    2013-12-24 11:20 - 2009-10-16 15:26 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB971486$
    2013-12-24 11:17 - 2013-12-18 12:22 - 00000000 ____D C:\Program Files\suurff aNdd keeep
    2013-12-24 10:27 - 2012-06-05 09:47 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
    2013-12-24 10:27 - 2004-08-26 05:54 - 00384816 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2013-12-24 10:26 - 2013-11-24 10:27 - 00817218 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1117639363-358789429-3253389173-1008-0.dat
    2013-12-24 10:26 - 2012-04-15 17:15 - 02474162 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1117639363-358789429-3253389173-1003-0.dat
    2013-12-24 10:25 - 2012-04-19 09:14 - 00366234 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
    2013-12-24 10:25 - 2011-08-08 14:04 - 00131072 _____ C:\WINDOWS\system32\config\OAlerts.evt
    2013-12-24 10:24 - 2013-12-24 10:24 - 00067992 _____ C:\Documents and Settings\Owner\Local Settings\Application Data\iccksluk
    2013-12-24 10:23 - 2013-12-24 10:23 - 00000000 _____ C:\Documents and Settings\Owner\Application Data\SharedSettings.ccs
    2013-12-18 12:27 - 2013-12-18 12:17 - 00000000 ____D C:\Program Files\TornTV.com
    2013-12-18 12:23 - 2013-12-18 12:23 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\QuickSet
    2013-12-18 12:23 - 2013-12-18 12:22 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\InstallMate
    2013-12-18 12:23 - 2013-12-18 12:22 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\5cbe860b382c8b34
    2013-12-18 12:17 - 2013-12-18 12:17 - 00000000 ____D C:\Documents and Settings\Owner\Start Menu\Programs\TornTV.com
    2013-12-16 23:11 - 2008-03-18 16:44 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\ZoomBrowser EX
    2013-12-16 23:09 - 2008-03-18 16:42 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\CameraWindowDC
    2013-12-16 08:49 - 2013-12-16 08:49 - 27361280 _____ C:\Documents and Settings\Mom's Computer Files\Desktop\Rickman Financial Account Data-2013-12-16.QDF-backup
    2013-12-15 13:32 - 2007-01-20 13:06 - 00653950 ___SH C:\Documents and Settings\Owner\Desktop\Thumbs.db
    2013-12-11 21:22 - 2013-12-11 21:12 - 00000000 ____D C:\Documents and Settings\Owner\My Documents\Welding Information
    2013-12-10 16:56 - 2013-12-10 16:56 - 00000000 ____D C:\Program Files\Mozilla Firefox
    2013-12-09 22:54 - 2005-10-08 00:15 - 00114272 _____ C:\Documents and Settings\Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2013-12-08 20:42 - 2011-02-13 13:29 - 00114272 _____ C:\Documents and Settings\Mom's Computer Files\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2013-12-07 17:08 - 2013-12-07 17:08 - 00000000 ____D C:\Program Files\Construction Master Pro for Windows
    2013-12-07 17:08 - 2013-12-07 17:08 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Construction Master Pro for Windows
    2013-12-01 21:22 - 2006-03-27 21:17 - 00000366 _____ C:\WINDOWS\Tasks\Symantec NetDetect.job
    2013-12-01 15:46 - 2005-11-18 11:00 - 00000116 _____ C:\WINDOWS\NeroDigital.ini

    Some content of TEMP:
    ====================
    C:\Documents and Settings\Owner\Local Settings\Temp\install_flashplayer11x32_mssd_aaa_aih.exe
    C:\Documents and Settings\Owner\Local Settings\Temp\MSN595.exe


    ==================== Bamital & volsnap Check =================

    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

    ==================== End Of Log ============================

     

    Here is the attached "Addition.txt" file Attached File  Addition.txt   51.61KB   3 downloads



    #10 RPMcMurphy

    RPMcMurphy

      Bleeping *^#@%~


    • Malware Response Team
    • 3,970 posts
    • OFFLINE
    •  
    • Gender:Male
    • Local time:01:53 AM

    Posted 29 December 2013 - 01:02 PM

    Please do this next:

    icon11.gif   Save the attached fixlist.txt file to the same location FRST is located

    Now run FRST again.

    • When the tool opens click Yes to disclaimer.
    • Press the Fix button just once and wait.
    • The tool will make a log (Fixlog.txt) please post it to your reply.

     


    Edited by RPMcMurphy, 29 December 2013 - 08:41 PM.

    Threads are closed after 5 days of inactivity.

    ASAP & UNITE Member


    The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


    #11 katzandmice

    katzandmice
    • Topic Starter

    • Members
    • 21 posts
    • OFFLINE
    •  
    • Local time:01:53 AM

    Posted 29 December 2013 - 07:51 PM

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 29-12-2013 01
    Ran by Owner at 2013-12-29 19:49:53 Run:1
    Running from C:\Documents and Settings\Owner\Desktop
    Boot Mode: Normal

    ==============================================

    Content of fixlist:
    *****************
    HKLM\...\Run: [] - [x]
    HKCU\...\Run: [Olawwiykm] - "C:\Documents and Settings\Owner\Application Data\Ifugceon\ceunga.exe"
    HKCU\...\Run: [Ylutygugpenoco] - "C:\Documents and Settings\Owner\Application Data\Uqeftyel\irotuw.exe"
    HKCU\...\Run: [Ahdeypsixa] - "C:\Documents and Settings\Owner\Application Data\Ulbygu\lerae.exe"
    HKCU\...\Run: [Vuwyopuwzihyc] - "C:\Documents and Settings\Owner\Application Data\Umfeuni\efibi.exe"
    HKCU\...\Run: [Onuzfidynaforiy] - "C:\Documents and Settings\Owner\Application Data\Kowaciw\obpenu.exe"
    HKU\Mom's Computer Files\...\Run: [Ovyqnuucguav] - "C:\Documents and Settings\Owner\Application Data\Movoxiha\ygivoce.exe"
    HKU\Mom's Computer Files\...\Run: [Ymlyly] - "C:\Documents and Settings\Owner\Application Data\Fyvyupyt\kasasa.exe"
    C:\Documents and Settings\Owner\Application Data\Ifugceon
    C:\Documents and Settings\Owner\Application Data\Uqeftyel
    C:\Documents and Settings\Owner\Application Data\Ulbygu
    C:\Documents and Settings\Owner\Application Data\Umfeuni
    C:\Documents and Settings\Owner\Application Data\Kowaciw
    C:\Documents and Settings\Owner\Application Data\Movoxiha
    C:\Documents and Settings\Owner\Application Data\Fyvyupyt
    S2 SecurityCenterServer111686145; "C:\WINDOWS\system32\hemoivvoib.exe" -service "C:\Documents and Settings\Owner\Application Data\Wuzucini\yfloy.exe"
    S2 SecurityCenterServer1432586974; "C:\WINDOWS\system32\vefoosisex.exe" -service "C:\Documents and Settings\Owner\Application Data\Goyxagol\ylzae.exe"
    S2 SecurityCenterServer1626596997; "C:\WINDOWS\system32\woevzoyg.exe" -service "C:\Documents and Settings\Owner\Application Data\Kowaciw\obpenu.exe"
    S2 SecurityCenterServer1950185314; "C:\WINDOWS\system32\axehweewu.exe" -service "C:\Documents and Settings\Owner\Application Data\Gehoozri\ibryoca.exe"
    S2 SecurityCenterServer2105786894; "C:\WINDOWS\system32\okfiecce.exe" -service "C:\Documents and Settings\Owner\Application Data\Ulezvium\tabeyz.exe"
    S2 SecurityCenterServer2263627583; "C:\WINDOWS\system32\zoapus.exe" -service "C:\Documents and Settings\Owner\Application Data\Kusiurit\ycxao.exe"
    S2 SecurityCenterServer2319181828; "C:\WINDOWS\system32\urbek.exe" -service "C:\Documents and Settings\Owner\Application Data\Uqmuuk\tohuy.exe"
    S2 SecurityCenterServer266111037; "C:\WINDOWS\system32\woowara.exe" -service "C:\Documents and Settings\Owner\Application Data\Puxugofi\nipiix.exe"
    S2 SecurityCenterServer2826509393; "C:\WINDOWS\system32\otbiax.exe" -service "C:\Documents and Settings\Owner\Application Data\Ynluwuak\olkequk.exe"
    S2 SecurityCenterServer3116967883; "C:\WINDOWS\system32\fyado.exe" -service "C:\Documents and Settings\Owner\Application Data\Ezwiatpe\reabokn.exe"
    S2 SecurityCenterServer3151588881; "C:\WINDOWS\system32\elomm.exe" -service "C:\Documents and Settings\Owner\Application Data\Ukoxam\gaahcao.exe"
    S2 SecurityCenterServer360656239; "C:\WINDOWS\system32\alarxi.exe" -service "C:\Documents and Settings\Owner\Application Data\Qawauso\axize.exe"
    S2 SecurityCenterServer4096806107; "C:\WINDOWS\system32\otanhanu.exe" -service "C:\Documents and Settings\Owner\Application Data\Oxxeunzy\ifypir.exe"
    S2 SecurityCenterServer468330616; "C:\WINDOWS\system32\uxolsa.exe" -service "C:\Documents and Settings\Owner\Application Data\Ifsityh\foulo.exe"
    S2 SecurityCenterServer724905180; "C:\WINDOWS\system32\isvulay.exe" -service "C:\Documents and Settings\Owner\Application Data\Bokyqeom\updov.exe"
    S2 SecurityCenterServer890778193; "C:\WINDOWS\system32\zeyteky.exe" -service "C:\Documents and Settings\Owner\Application Data\Ydurluo\omfege.exe"
    S2 SecurityCenterServer932040931; "C:\WINDOWS\system32\ewoxynaxa.exe" -service "C:\Documents and Settings\Owner\Application Data\Atyqqoe\azoker.exe"
    S2 SecurityCenterServer948595071; "C:\WINDOWS\system32\ifgope.exe" -service "C:\Documents and Settings\Owner\Application Data\Yqnoahow\piysg.exe"
    S2 SecurityCenterServer964514311; "C:\WINDOWS\system32\efpaerzueb.exe" -service "C:\Documents and Settings\Owner\Application Data\Usnegefa\voafve.exe"
    2013-12-29 12:04 - 2013-12-28 19:33 - 00024636 _____ C:\Documents and Settings\Owner\Desktop\FRST.txt
    2013-12-29 12:00 - 2013-12-27 17:47 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 266111037.job
    2013-12-29 12:00 - 2013-12-27 17:47 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 111686145.job
    2013-12-29 12:00 - 2013-12-27 17:46 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 2263627583.job
    2013-12-29 12:00 - 2013-12-27 17:45 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 724905180.job
    2013-12-29 12:00 - 2013-12-27 17:45 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 2319181828.job
    2013-12-29 12:00 - 2013-12-27 13:52 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 964514311.job
    2013-12-29 12:00 - 2013-12-27 13:51 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 3116967883.job
    2013-12-29 12:00 - 2013-12-27 13:50 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 1950185314.job
    2013-12-29 12:00 - 2013-12-27 13:49 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1432586974.job
    2013-12-29 12:00 - 2013-12-27 13:48 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 4096806107.job
    2013-12-29 12:00 - 2013-12-27 13:47 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 360656239.job
    2013-12-29 12:00 - 2013-12-27 13:46 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 2826509393.job
    2013-12-29 12:00 - 2013-12-27 13:46 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 932040931.job
    2013-12-29 12:00 - 2013-12-27 11:29 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 2105786894.job
    2013-12-29 12:00 - 2013-12-27 11:28 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 948595071.job
    2013-12-29 12:00 - 2013-12-27 11:27 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 468330616.job
    2013-12-29 12:00 - 2013-12-27 11:26 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 3151588881.job
    2013-12-29 12:00 - 2013-12-27 11:25 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 890778193.job
    2013-12-29 12:00 - 2013-12-27 11:24 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 1626596997.job
    2013-12-29 12:00 - 2013-12-27 05:52 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 3287836628.job
    2013-12-29 12:00 - 2013-12-27 05:51 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 2408677117.job
    2013-12-29 12:00 - 2013-12-27 05:50 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 1211351929.job
    2013-12-29 12:00 - 2013-12-27 05:49 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 2540194174.job
    2013-12-29 12:00 - 2013-12-27 05:49 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 1873504007.job
    2013-12-29 12:00 - 2013-12-27 05:48 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 4154311137.job
    2013-12-29 12:00 - 2013-12-27 05:47 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 3629729729.job
    2013-12-29 12:00 - 2013-12-27 05:46 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 371238779.job
    2013-12-29 12:00 - 2013-12-27 05:46 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 1863946225.job
    2013-12-29 12:00 - 2013-12-27 05:45 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 2387119726.job
    2013-12-29 12:00 - 2013-12-27 05:44 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 87695519.job
    2013-12-29 12:00 - 2013-12-27 05:43 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1956468192.job
    2013-12-29 12:00 - 2013-12-27 05:42 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 701112635.job
    2013-12-29 12:00 - 2013-12-27 01:57 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 4277836672.job
    2013-12-29 12:00 - 2013-12-27 01:57 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 2308782259.job
    2013-12-29 12:00 - 2013-12-27 01:56 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 3209652642.job
    2013-12-29 12:00 - 2013-12-27 01:56 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 3209091799.job
    2013-12-29 12:00 - 2013-12-27 01:54 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 3800633129.job
    2013-12-29 12:00 - 2013-12-27 01:53 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 1347168173.job
    2013-12-29 12:00 - 2013-12-27 01:52 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 3600965468.job
    2013-12-29 12:00 - 2013-12-27 01:51 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 709506353.job
    2013-12-29 12:00 - 2013-12-27 01:51 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 2792190733.job
    2013-12-29 12:00 - 2013-12-27 01:50 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 2039683573.job
    2013-12-29 12:00 - 2013-12-27 01:48 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 712637240.job
    2013-12-29 12:00 - 2013-12-27 01:48 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 4009333939.job
    2013-12-29 12:00 - 2013-12-27 01:47 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 221019929.job
    2013-12-29 12:00 - 2013-12-27 01:46 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 619396990.job
    2013-12-29 12:00 - 2013-12-27 01:45 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 3372144040.job
    2013-12-29 12:00 - 2013-12-27 01:44 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 1420784476.job
    2013-12-29 12:00 - 2013-12-27 01:44 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 3476042256.job
    2013-12-29 12:00 - 2013-12-26 22:05 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 1081850053.job
    2013-12-29 12:00 - 2013-12-26 22:03 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 3990718765.job
    2013-12-29 12:00 - 2013-12-26 22:01 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 1655519068.job
    2013-12-29 12:00 - 2013-12-26 22:01 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 1320627931.job
    2013-12-29 12:00 - 2013-12-26 22:00 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 2546145253.job
    2013-12-29 12:00 - 2013-12-26 21:59 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 2519717066.job
    2013-12-29 12:00 - 2013-12-26 21:58 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1261306176.job
    2013-12-29 12:00 - 2013-12-26 21:58 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 3803616210.job
    2013-12-29 12:00 - 2013-12-26 21:57 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 3679413506.job
    2013-12-29 12:00 - 2013-12-26 21:56 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 1741814216.job
    2013-12-29 12:00 - 2013-12-26 21:56 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 1061782202.job
    2013-12-29 12:00 - 2013-12-26 21:55 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 2791378573.job
    2013-12-29 12:00 - 2013-12-26 21:54 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 911451674.job
    2013-12-29 12:00 - 2013-12-26 21:54 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 970038231.job
    2013-12-29 12:00 - 2013-12-26 21:53 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 2741615029.job
    2013-12-29 12:00 - 2013-12-26 21:52 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 320279411.job
    2013-12-29 12:00 - 2013-12-26 21:52 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1621176371.job
    2013-12-29 12:00 - 2013-12-26 21:51 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 1377561740.job
    2013-12-29 12:00 - 2013-12-26 21:50 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 3748884969.job
    2013-12-29 12:00 - 2013-12-26 21:50 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 1844186889.job
    2013-12-29 12:00 - 2013-12-26 21:49 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 656385206.job
    2013-12-29 12:00 - 2013-12-26 21:48 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 3295481433.job
    2013-12-29 12:00 - 2013-12-26 21:48 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 3069888336.job
    2013-12-29 12:00 - 2013-12-26 21:47 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 72642966.job
    2013-12-29 12:00 - 2013-12-26 21:46 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 3784247043.job
    2013-12-29 12:00 - 2013-12-26 21:38 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 1232635450.job
    2013-12-29 12:00 - 2013-12-26 21:34 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 452439642.job
    2013-12-29 12:00 - 2013-12-26 21:33 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 3416630175.job
    2013-12-29 12:00 - 2013-12-25 13:54 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 1168307180.job
    2013-12-29 12:00 - 2013-12-25 13:51 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 1083538640.job
    2013-12-29 12:00 - 2013-12-25 13:50 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 2969264379.job
    2013-12-29 12:00 - 2013-12-25 13:50 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 46647081.job
    2013-12-29 12:00 - 2013-12-25 13:49 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1413792720.job
    2013-12-29 12:00 - 2013-12-25 13:48 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 2791061455.job
    2013-12-29 12:00 - 2013-12-25 13:48 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 3701309023.job
    2013-12-29 12:00 - 2013-12-25 13:47 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1167285849.job
    2013-12-29 12:00 - 2013-12-25 12:55 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 3331785368.job
    2013-12-29 12:00 - 2013-12-25 12:55 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 3387647659.job
    2013-12-29 12:00 - 2013-12-25 12:54 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 2414928987.job
    2013-12-29 12:00 - 2013-12-25 12:53 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 2220986840.job
    2013-12-29 12:00 - 2013-12-25 12:53 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 474777665.job
    2013-12-29 12:00 - 2013-12-25 12:52 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 3476170545.job
    2013-12-29 12:00 - 2013-12-25 12:51 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 3277244330.job
    2013-12-29 12:00 - 2013-12-25 12:51 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 2178439679.job
    2013-12-29 12:00 - 2013-12-25 12:50 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 1256328150.job
    2013-12-29 12:00 - 2013-12-25 12:49 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 3023669432.job
    2013-12-29 12:00 - 2013-12-25 12:49 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 1020559165.job
    2013-12-29 12:00 - 2013-12-25 12:48 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 3506292513.job
    2013-12-29 12:00 - 2013-12-25 12:47 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 3783525716.job
    2013-12-29 12:00 - 2013-12-25 12:47 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 319430655.job
    2013-12-29 12:00 - 2013-12-25 12:46 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 1988746925.job
    2013-12-29 12:00 - 2013-12-25 12:45 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 428592404.job
    2013-12-29 12:00 - 2013-12-25 12:45 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 400730063.job
    2013-12-29 12:00 - 2013-12-25 12:44 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 1675829083.job
    2013-12-29 12:00 - 2013-12-25 12:43 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 4092173135.job
    2013-12-29 12:00 - 2013-12-25 12:43 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 2729293372.job
    2013-12-29 12:00 - 2013-12-25 12:42 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 3679906737.job
    2013-12-29 12:00 - 2013-12-25 12:41 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 3520270487.job
    2013-12-29 12:00 - 2013-12-25 12:41 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 315257620.job
    2013-12-29 12:00 - 2013-12-25 12:40 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1440553547.job
    2013-12-29 12:00 - 2013-12-25 12:39 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 2813089270.job
    2013-12-29 12:00 - 2013-12-25 12:39 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 3025139946.job
    2013-12-29 12:00 - 2013-12-25 12:38 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 3985167262.job
    2013-12-29 12:00 - 2013-12-25 12:37 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 3679284912.job
    2013-12-29 12:00 - 2013-12-25 12:36 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 673050838.job
    2013-12-29 12:00 - 2013-12-25 12:36 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 4235871987.job
    2013-12-29 12:00 - 2013-12-25 12:35 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 1751565923.job
    2013-12-29 12:00 - 2013-12-25 12:34 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 258221702.job
    2013-12-29 12:00 - 2013-12-25 12:34 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1361664755.job
    2013-12-29 12:00 - 2013-12-25 12:33 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 798706992.job
    2013-12-29 12:00 - 2013-12-25 12:32 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 2489887677.job
    2013-12-29 12:00 - 2013-12-25 12:32 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 1497563506.job
    2013-12-29 12:00 - 2013-12-25 12:31 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 2592968499.job
    2013-12-29 12:00 - 2013-12-25 12:30 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 2416183415.job
    2013-12-29 12:00 - 2013-12-25 12:30 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 2626427140.job
    2013-12-29 12:00 - 2013-12-25 12:29 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 590357516.job
    2013-12-29 12:00 - 2013-12-25 12:28 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 2477489666.job
    2013-12-29 12:00 - 2013-12-25 12:28 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 979382889.job
    2013-12-29 12:00 - 2013-12-25 12:27 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1975544905.job
    2013-12-29 12:00 - 2013-12-25 12:27 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 4098270553.job
    2013-12-29 12:00 - 2013-12-25 12:26 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 4025104484.job
    2013-12-29 12:00 - 2013-12-25 12:25 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 2935704943.job
    2013-12-29 12:00 - 2013-12-25 12:24 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 2405006451.job
    2013-12-29 12:00 - 2013-12-25 12:24 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 2155236161.job
    2013-12-29 12:00 - 2013-12-25 12:23 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 875387701.job
    2013-12-29 12:00 - 2013-12-25 12:23 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 718252762.job
    2013-12-29 12:00 - 2013-12-25 12:22 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 4169285839.job
    2013-12-29 12:00 - 2013-12-25 12:21 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 1211432604.job
    2013-12-29 12:00 - 2013-12-25 12:20 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 2745853030.job
    2013-12-29 12:00 - 2013-12-25 12:20 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 2634531564.job
    2013-12-29 12:00 - 2013-12-25 12:19 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 713225586.job
    2013-12-29 12:00 - 2013-12-25 12:18 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 560938592.job
    2013-12-29 12:00 - 2013-12-25 12:18 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 1547382270.job
    2013-12-29 12:00 - 2013-12-25 12:17 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 1216927709.job
    2013-12-29 12:00 - 2013-12-25 12:16 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 1564345409.job
    2013-12-29 12:00 - 2013-12-25 12:16 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 3883503566.job
    2013-12-29 12:00 - 2013-12-25 12:15 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 4022492624.job
    2013-12-29 12:00 - 2013-12-25 12:14 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 3838392391.job
    2013-12-29 12:00 - 2013-12-25 12:14 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 3850949386.job
    2013-12-29 12:00 - 2013-12-25 12:13 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 4217168398.job
    2013-12-29 12:00 - 2013-12-25 12:12 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 1461547677.job
    2013-12-29 12:00 - 2013-12-25 12:11 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 3351252341.job
    2013-12-29 12:00 - 2013-12-25 12:11 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 1137787085.job
    2013-12-29 12:00 - 2013-12-25 12:10 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 1132824244.job
    2013-12-29 12:00 - 2013-12-25 12:09 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 808486472.job
    2013-12-29 12:00 - 2013-12-25 12:09 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 375140654.job
    2013-12-29 12:00 - 2013-12-25 12:08 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 2923253680.job
    2013-12-29 12:00 - 2013-12-25 12:08 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 402289323.job
    2013-12-29 12:00 - 2013-12-25 12:07 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 3277470999.job
    2013-12-29 12:00 - 2013-12-25 12:06 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 3109357307.job
    2013-12-29 12:00 - 2013-12-25 12:05 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1878508268.job
    2013-12-29 12:00 - 2013-12-25 12:05 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 1577089289.job
    2013-12-29 12:00 - 2013-12-25 12:04 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 2082603011.job
    2013-12-29 12:00 - 2013-12-25 12:03 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 4287804461.job
    2013-12-29 12:00 - 2013-12-25 12:02 - 00000878 _____ C:\WINDOWS\Tasks\Security Center Update - 1013644702.job
    2013-12-29 12:00 - 2013-12-25 12:02 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 4047984375.job
    2013-12-29 12:00 - 2013-12-24 15:02 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 4043466116.job
    2013-12-29 12:00 - 2013-12-24 14:58 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 1400387617.job
    2013-12-29 12:00 - 2013-12-24 14:57 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 4236224367.job
    2013-12-29 12:00 - 2013-12-24 14:56 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 1886463784.job
    2013-12-29 12:00 - 2013-12-24 14:53 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 2820184469.job
    2013-12-29 12:00 - 2013-12-24 14:51 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 2483852177.job
    2013-12-29 12:00 - 2013-12-24 14:47 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 2591458659.job
    2013-12-29 12:00 - 2013-12-24 14:37 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 171117078.job
    2013-12-29 12:00 - 2013-12-24 14:34 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 4232512821.job
    2013-12-29 12:00 - 2013-12-24 14:28 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 2720046740.job
    2013-12-29 12:00 - 2013-12-24 14:26 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1281875270.job
    2013-12-29 12:00 - 2013-12-24 14:23 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 3213022074.job
    2013-12-29 12:00 - 2013-12-24 14:21 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 2259588774.job
    2013-12-29 12:00 - 2013-12-24 14:21 - 00000868 _____ C:\WINDOWS\Tasks\Security Center Update - 4218765206.job
    2013-12-29 12:00 - 2013-12-24 14:14 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 49497787.job
    2013-12-29 12:00 - 2013-12-24 14:13 - 00000870 _____ C:\WINDOWS\Tasks\Security Center Update - 615138577.job
    2013-12-29 12:00 - 2013-12-24 14:08 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 2901426990.job
    2013-12-29 12:00 - 2013-12-24 14:07 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 3673618064.job
    2013-12-29 12:00 - 2013-12-24 14:06 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 565077913.job
    2013-12-29 12:00 - 2013-12-24 13:57 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 3282089973.job
    2013-12-29 12:00 - 2013-12-24 13:56 - 00000874 _____ C:\WINDOWS\Tasks\Security Center Update - 3912847873.job
    2013-12-29 12:00 - 2013-12-24 13:53 - 00000876 _____ C:\WINDOWS\Tasks\Security Center Update - 1650939616.job
    2013-12-29 12:00 - 2013-12-24 13:52 - 00000872 _____ C:\WINDOWS\Tasks\Security Center Update - 2865934546.job
    2013-12-29 12:00 - 2013-12-24 13:50 - 00000880 _____ C:\WINDOWS\Tasks\Security Center Update - 1720851841.job
    2013-12-28 13:00 - 2013-12-27 10:30 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Irapfuty
    2013-12-28 11:06 - 2013-12-27 10:30 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Etvexi
    2013-12-28 11:05 - 2013-12-27 10:30 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ygbiecbi
    2013-12-28 11:02 - 2013-12-27 10:30 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Izoselyw
    2013-12-28 11:01 - 2013-12-27 10:30 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Nyehoka
    2013-12-28 11:01 - 2013-12-27 10:30 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ewupnyik
    2013-12-28 10:27 - 2013-12-28 10:27 - 00891200 _____ C:\Documents and Settings\Owner\Desktop\SecurityCheck.ex
    2013-12-28 10:02 - 2013-12-27 10:30 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Uxqeuh
    2013-12-28 10:02 - 2013-12-27 10:30 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Umfeuni
    2013-12-28 10:02 - 2013-12-27 10:30 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Isxiow
    2013-12-28 10:01 - 2013-12-27 10:30 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Zoemgik
    2013-12-28 10:01 - 2013-12-27 10:30 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Yklaix
    2013-12-28 10:00 - 2013-12-27 10:30 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Oquztaz
    2013-12-28 10:00 - 2013-12-27 10:30 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Memyunnu
    2013-12-28 00:00 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Yquceldo
    2013-12-27 23:01 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Lyuzums
    2013-12-27 22:00 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Lecirax
    2013-12-27 21:00 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Wyutufob
    2013-12-27 20:13 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ydvialxo
    2013-12-27 20:13 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Wuqeope
    2013-12-27 20:13 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Uzpakeb
    2013-12-27 20:13 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Uqdauw
    2013-12-27 20:13 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Uctuluy
    2013-12-27 20:13 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Rigeogxe
    2013-12-27 20:13 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Olurecro
    2013-12-27 20:13 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Loqyukfa
    2013-12-27 20:13 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Imyzulo
    2013-12-27 20:13 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Icinmeyp
    2013-12-27 20:13 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Efniys
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Wyosifdu
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Wakyufqu
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Urecfo
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Uhnyun
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Udqeokvi
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Sucaexac
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Quryod
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Osipvy
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Loykeza
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Katiryge
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ivzuelp
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ilurru
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Fyempe
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Cynymouq
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Cealaf
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Atalta
    2013-12-27 20:12 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ankyhi
    2013-12-27 20:11 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Xoepad
    2013-12-27 20:11 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Xaguec
    2013-12-27 20:11 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ulsazii
    2013-12-27 20:11 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Toexumek
    2013-12-27 20:11 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Sihuydb
    2013-12-27 20:11 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Pyqiel
    2013-12-27 20:11 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ovicba
    2013-12-27 20:11 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Goovihza
    2013-12-27 20:11 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Fyvyupyt
    2013-12-27 20:11 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Feekyrx
    2013-12-27 20:11 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Exocehc
    2013-12-27 20:11 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ebhuyxx
    2013-12-27 19:42 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ifemig
    2013-12-27 19:03 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Muodpahe
    2013-12-27 19:03 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Abkubi
    2013-12-27 19:02 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ydxoydys
    2013-12-27 19:02 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Geyrazd
    2013-12-27 19:01 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Bohinaaq
    2013-12-27 18:03 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Yltoef
    2013-12-27 18:03 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Xyyxwa
    2013-12-27 18:02 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Yxotpy
    2013-12-27 18:02 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Uwziby
    2013-12-27 18:02 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Pyduexp
    2013-12-27 18:02 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Moofwahe
    2013-12-27 18:01 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Opaqaxo
    2013-12-27 18:01 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Idyrqier
    2013-12-27 17:49 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ygogopqa
    2013-12-27 17:49 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Uqeftyel
    2013-12-27 17:49 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ceodnauc
    2013-12-27 17:48 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Yzunxy
    2013-12-27 17:48 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Xoacac
    2013-12-27 17:48 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Seeczy
    2013-12-27 17:48 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Muodelxe
    2013-12-27 17:48 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Kyumsawy
    2013-12-27 17:48 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Guuxfy
    2013-12-27 17:48 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Foumna
    2013-12-27 17:48 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ermoyhes
    2013-12-27 17:48 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Biiqlo
    2013-12-27 17:47 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ywpues
    2013-12-27 17:47 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ulbygu
    2013-12-27 17:47 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Teyquqku
    2013-12-27 17:47 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Rezeso
    2013-12-27 17:47 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Naohyxti
    2013-12-27 17:47 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Enliyku
    2013-12-27 17:47 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Emrure
    2013-12-27 17:47 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Arqoem
    2013-12-27 17:46 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Wioxvope
    2013-12-27 17:46 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ucfycye
    2013-12-27 17:46 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Kokaifo
    2013-12-27 17:03 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Lyqaaq
    2013-12-27 17:03 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Botafi
    2013-12-27 17:02 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Nypeluh
    2013-12-27 17:02 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Fenyuw
    2013-12-27 17:01 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Zoecvey
    2013-12-27 17:01 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Weogynte
    2013-12-27 17:01 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Loovig
    2013-12-27 16:04 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Waonmo
    2013-12-27 16:04 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Pierazc
    2013-12-27 16:04 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Opnoxeoz
    2013-12-27 16:04 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Afdesuoz
    2013-12-27 16:03 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ifugceon
    2013-12-27 16:03 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Gaewino
    2013-12-27 16:03 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Yvkiag
    2013-12-27 16:03 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ibupow
    2013-12-27 16:03 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Fimaagux
    2013-12-27 16:02 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Itynicz
    2013-12-27 16:02 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Avymvyu
    2013-12-27 16:01 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Uhylyqi
    2013-12-27 16:00 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ywykobaw
    2013-12-27 16:00 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Qilavy
    2013-12-27 16:00 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Okivuh
    2013-12-27 15:05 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Byuvfica
    2013-12-27 15:05 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ylyzsii
    2013-12-27 15:05 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Uhqezuco
    2013-12-27 15:04 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Ygcetaol
    2013-12-27 15:04 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Xoniul
    2013-12-27 15:04 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Wymatoy
    2013-12-27 15:04 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Wauddyy
    2013-12-27 15:04 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Lyuwwo
    2013-12-27 15:04 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Coexrui
    2013-12-27 15:03 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Quovhi
    2013-12-27 15:03 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Nuheek
    2013-12-27 15:03 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Attyfu
    2013-12-27 15:03 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Rycoceb
    2013-12-27 15:03 - 2013-12-27 10:27 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Oloktuir
    2013-12-27 15:02 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Waypez
    2013-12-27 15:02 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Vebaedxi
    2013-12-27 15:02 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Lizywa
    2013-12-27 15:02 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Cyniel
    2013-12-27 15:01 - 2013-12-27 10:30 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Yxlohi
    2013-12-27 15:00 - 2013-12-27 10:29 - 00000000 ____D C:\Documents and Settings\Owner\Application Data\Niosycik
    Task: C:\WINDOWS\Tasks\Security Center Update - 1013644702.job => C:\Documents and Settings\Owner\Application Data\Fyvyupyt\kasasa.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1020559165.job => C:\Documents and Settings\Owner\Application Data\Efniys\ibulok.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1061782202.job => C:\Documents and Settings\Owner\Application Data\Ywpues\heyvc.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1081850053.job => C:\Documents and Settings\Owner\Application Data\Ywykobaw\egovpo.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1083538640.job => C:\Documents and Settings\Owner\Application Data\Equnduw\ruoce.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 111686145.job => C:\Documents and Settings\Owner\Application Data\Wuzucini\yfloy.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1132824244.job => C:\Documents and Settings\Owner\Application Data\Toexumek\faolfur.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1137787085.job => C:\Documents and Settings\Owner\Application Data\Ebhuyxx\vilyiw.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1167285849.job => C:\Documents and Settings\Owner\Application Data\Ogirofxu\riviy.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1168307180.job => C:\Documents and Settings\Owner\Application Data\Ifemig\kyniihx.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1211351929.job => C:\Documents and Settings\Owner\Application Data\Irapfuty\xokokil.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1211432604.job => C:\Documents and Settings\Owner\Application Data\Goovihza\ugufaz.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1216927709.job => C:\Documents and Settings\Owner\Application Data\Xaguec\bogude.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1232635450.job => C:\Documents and Settings\Owner\Application Data\Qilavy\dyemluq.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1256328150.job => C:\Documents and Settings\Owner\Application Data\Pyqiel\vibazeu.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1261306176.job => C:\Documents and Settings\Owner\Application Data\Ygogopqa\ywgub.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1281875270.job => C:\Documents and Settings\Owner\Application Data\Kookcuom\yhloh.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1320627931.job => C:\Documents and Settings\Owner\Application Data\Seeczy\heakf.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1347168173.job => C:\Documents and Settings\Owner\Application Data\Okivuh\ypator.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1361664755.job => C:\Documents and Settings\Owner\Application Data\Feekyrx\vomaadg.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1377561740.job => C:\Documents and Settings\Owner\Application Data\Ulbygu\lerae.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1400387617.job => C:\Documents and Settings\Owner\Application Data\Soikizu\orufan.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1413792720.job => C:\Documents and Settings\Owner\Application Data\Guezboto\cyiho.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1420784476.job => C:\Documents and Settings\Owner\Application Data\Niosycik\awevysp.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1432586974.job => C:\Documents and Settings\Owner\Application Data\Goyxagol\ylzae.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1440553547.job => C:\Documents and Settings\Owner\Application Data\Exocehc\tiovsuo.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1461547677.job => C:\Documents and Settings\Owner\Application Data\Xoepad\qemakyc.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1497563506.job => C:\Documents and Settings\Owner\Application Data\Atalta\anely.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1547382270.job => C:\Documents and Settings\Owner\Application Data\Cealaf\awquhue.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1564345409.job => C:\Documents and Settings\Owner\Application Data\Uhnyun\cieqrui.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1577089289.job => C:\Documents and Settings\Owner\Application Data\Uqdauw\aprefo.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1621176371.job => C:\Documents and Settings\Owner\Application Data\Zoecvey\osbanyq.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1626596997.job => C:\Documents and Settings\Owner\Application Data\Kowaciw\obpenu.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1650939616.job => C:\Documents and Settings\Owner\Application Data\Kidixiy\eswaqao.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1655519068.job => C:\Documents and Settings\Owner\Application Data\Weogynte\seotqee.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1675829083.job => C:\Documents and Settings\Owner\Application Data\Osipvy\aderic.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 171117078.job => C:\Documents and Settings\Owner\Application Data\Vyduehta\asaso.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1720851841.job => C:\Documents and Settings\Owner\Application Data\Movoxiha\ygivoce.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1741814216.job => C:\Documents and Settings\Owner\Application Data\Loovig\izzoezk.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1751565923.job => C:\Documents and Settings\Owner\Application Data\Ydvialxo\ilizuqh.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1844186889.job => C:\Documents and Settings\Owner\Application Data\Rezeso\edigec.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1863946225.job => C:\Documents and Settings\Owner\Application Data\Oquztaz\ciutsi.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1873504007.job => C:\Documents and Settings\Owner\Application Data\Nyehoka\umdae.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1878508268.job => C:\Documents and Settings\Owner\Application Data\Ulsazii\edewegi.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1886463784.job => C:\Documents and Settings\Owner\Application Data\Bewena\tunyp.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1950185314.job => C:\Documents and Settings\Owner\Application Data\Gehoozri\ibryoca.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1956468192.job => C:\Documents and Settings\Owner\Application Data\Ewupnyik\apfoa.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1975544905.job => C:\Documents and Settings\Owner\Application Data\Sucaexac\giedo.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 1988746925.job => C:\Documents and Settings\Owner\Application Data\Udqeokvi\exyxfui.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2039683573.job => C:\Documents and Settings\Owner\Application Data\Uhylyqi\iwyzi.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2082603011.job => C:\Documents and Settings\Owner\Application Data\Sihuydb\toepoz.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2105786894.job => C:\Documents and Settings\Owner\Application Data\Ulezvium\tabeyz.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2155236161.job => C:\Documents and Settings\Owner\Application Data\Ankyhi\kivaot.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2178439679.job => C:\Documents and Settings\Owner\Application Data\Wyosifdu\quyrory.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 221019929.job => C:\Documents and Settings\Owner\Application Data\Ermoyhes\bupob.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2220986840.job => C:\Documents and Settings\Owner\Application Data\Olurecro\expomy.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2259588774.job => C:\Documents and Settings\Owner\Application Data\Ogutovy\eptio.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2263627583.job => C:\Documents and Settings\Owner\Application Data\Kusiurit\ycxao.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2308782259.job => C:\Documents and Settings\Owner\Application Data\Yxlohi\himel.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2319181828.job => C:\Documents and Settings\Owner\Application Data\Uqmuuk\tohuy.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2387119726.job => C:\Documents and Settings\Owner\Application Data\Memyunnu\cocuyw.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2405006451.job => C:\Documents and Settings\Owner\Application Data\Uctuluy\puasok.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2408677117.job => C:\Documents and Settings\Owner\Application Data\Izoselyw\eswux.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2414928987.job => C:\Documents and Settings\Owner\Application Data\Urecfo\ykoxu.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2416183415.job => C:\Documents and Settings\Owner\Application Data\Katiryge\odoxwal.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2477489666.job => C:\Documents and Settings\Owner\Application Data\Cynymouq\itgehob.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2483852177.job => C:\Documents and Settings\Owner\Application Data\Qyorqi\lugiop.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2489887677.job => C:\Documents and Settings\Owner\Application Data\Fyempe\afxiu.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2519717066.job => C:\Documents and Settings\Owner\Application Data\Xoacac\eqivid.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2540194174.job => C:\Documents and Settings\Owner\Application Data\Zoemgik\egahwyc.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2546145253.job => C:\Documents and Settings\Owner\Application Data\Lizywa\yvkaodm.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 258221702.job => C:\Documents and Settings\Owner\Application Data\Wakyufqu\asdeo.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2591458659.job => C:\Documents and Settings\Owner\Application Data\Liuhib\fiekipi.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2592968499.job => C:\Documents and Settings\Owner\Application Data\Uzpakeb\uvkoze.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2626427140.job => C:\Documents and Settings\Owner\Application Data\Icinmeyp\fyliv.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2634531564.job => C:\Documents and Settings\Owner\Application Data\Ilurru\dyfaad.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 266111037.job => C:\Documents and Settings\Owner\Application Data\Puxugofi\nipiix.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2720046740.job => C:\Documents and Settings\Owner\Application Data\Ycdaozl\unodamm.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2729293372.job => C:\Documents and Settings\Owner\Application Data\Quryod\woolxyc.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2741615029.job => C:\Documents and Settings\Owner\Application Data\Fenyuw\abquuwl.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2745853030.job => C:\Documents and Settings\Owner\Application Data\Ivzuelp\ofmew.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2791061455.job => C:\Documents and Settings\Owner\Application Data\Qyxaiqz\dateup.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2791378573.job => C:\Documents and Settings\Owner\Application Data\Nypeluh\ykuxyme.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2792190733.job => C:\Documents and Settings\Owner\Application Data\Vebaedxi\byexh.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2813089270.job => C:\Documents and Settings\Owner\Application Data\Loykeza\yzynpeo.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2820184469.job => C:\Documents and Settings\Owner\Application Data\Soaqaru\iwuzci.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2826509393.job => C:\Documents and Settings\Owner\Application Data\Ynluwuak\olkequk.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2865934546.job => C:\Documents and Settings\Owner\Application Data\Epxavub\yzgyh.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2901426990.job => C:\Documents and Settings\Owner\Application Data\Ygkiizem\gizou.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2923253680.job => C:\Documents and Settings\Owner\Application Data\Ovicba\gicyoh.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2935704943.job => C:\Documents and Settings\Owner\Application Data\Wuqeope\ekneyv.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 2969264379.job => C:\Documents and Settings\Owner\Application Data\Ecidiqq\olkaru.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3023669432.job => C:\Documents and Settings\Owner\Application Data\Rigeogxe\wirei.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3025139946.job => C:\Documents and Settings\Owner\Application Data\Imyzulo\ivvye.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3069888336.job => C:\Documents and Settings\Owner\Application Data\Waypez\qowyyn.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3109357307.job => C:\Documents and Settings\Owner\Application Data\Loqyukfa\nuiwoli.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3116967883.job => C:\Documents and Settings\Owner\Application Data\Ezwiatpe\reabokn.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3151588881.job => C:\Documents and Settings\Owner\Application Data\Ukoxam\gaahcao.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 315257620.job => C:\Documents and Settings\Owner\Application Data\Botafi\xizuyl.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 319430655.job => C:\Documents and Settings\Owner\Application Data\Idyrqier\rieqe.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 320279411.job => C:\Documents and Settings\Owner\Application Data\Ceodnauc\idocd.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3209091799.job => C:\Documents and Settings\Owner\Application Data\Cyniel\gaoqiz.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3209652642.job => C:\Documents and Settings\Owner\Application Data\Yzunxy\geygix.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3213022074.job => C:\Documents and Settings\Owner\Application Data\Gaudhoqe\kuovrif.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3277244330.job => C:\Documents and Settings\Owner\Application Data\Wyutufob\pyoryvo.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3277470999.job => C:\Documents and Settings\Owner\Application Data\Kokaifo\opvead.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3282089973.job => C:\Documents and Settings\Owner\Application Data\Ihzudu\ypkiifq.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3287836628.job => C:\Documents and Settings\Owner\Application Data\Yklaix\zyehgeu.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3295481433.job => C:\Documents and Settings\Owner\Application Data\Nuheek\erwuzy.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3331785368.job => C:\Documents and Settings\Owner\Application Data\Yquceldo\ifify.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3351252341.job => C:\Documents and Settings\Owner\Application Data\Oloktuir\olykxuy.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3372144040.job => C:\Documents and Settings\Owner\Application Data\Quovhi\asahe.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3387647659.job => C:\Documents and Settings\Owner\Application Data\Itynicz\boifba.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3416630175.job => C:\Documents and Settings\Owner\Application Data\Opaqaxo\saceufp.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3476042256.job => C:\Documents and Settings\Owner\Application Data\Biiqlo\meibnux.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3476170545.job => C:\Documents and Settings\Owner\Application Data\Avymvyu\egzaby.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3506292513.job => C:\Documents and Settings\Owner\Application Data\Bohinaaq\qoask.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3520270487.job => C:\Documents and Settings\Owner\Application Data\Rycoceb\cifaom.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3600965468.job => C:\Documents and Settings\Owner\Application Data\Foumna\fidys.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 360656239.job => C:\Documents and Settings\Owner\Application Data\Qawauso\axize.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3629729729.job => C:\Documents and Settings\Owner\Application Data\Uxqeuh\kyqaz.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3673618064.job => C:\Documents and Settings\Owner\Application Data\Uqmaeka\loywb.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3679284912.job => C:\Documents and Settings\Owner\Application Data\Yxotpy\ruoroze.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3679413506.job => C:\Documents and Settings\Owner\Application Data\Attyfu\izqyli.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3679906737.job => C:\Documents and Settings\Owner\Application Data\Moofwahe\irhyop.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3701309023.job => C:\Documents and Settings\Owner\Application Data\Afqoro\zynyeps.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 371238779.job => C:\Documents and Settings\Owner\Application Data\Ygbiecbi\ozoxa.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3748884969.job => C:\Documents and Settings\Owner\Application Data\Emrure\fatogu.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 375140654.job => C:\Documents and Settings\Owner\Application Data\Ucfycye\ehyfoxu.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3783525716.job => C:\Documents and Settings\Owner\Application Data\Ygcetaol\pygip.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3784247043.job => C:\Documents and Settings\Owner\Application Data\Ifugceon\ceunga.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3800633129.job => C:\Documents and Settings\Owner\Application Data\Muodelxe\wabeot.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3803616210.job => C:\Documents and Settings\Owner\Application Data\Arqoem\ufesot.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3838392391.job => C:\Documents and Settings\Owner\Application Data\Lecirax\yregyvx.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3850949386.job => C:\Documents and Settings\Owner\Application Data\Xoniul\sityiv.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3883503566.job => C:\Documents and Settings\Owner\Application Data\Ibupow\uzesed.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3912847873.job => C:\Documents and Settings\Owner\Application Data\Teunoqg\abkyni.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3985167262.job => C:\Documents and Settings\Owner\Application Data\Lyuzums\taiwoxy.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 3990718765.job => C:\Documents and Settings\Owner\Application Data\Guuxfy\ispapao.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 400730063.job => C:\Documents and Settings\Owner\Application Data\Coexrui\oganryz.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 4009333939.job => C:\Documents and Settings\Owner\Application Data\Gaewino\yfyha.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 4022492624.job => C:\Documents and Settings\Owner\Application Data\Lyuwwo\ugelo.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 402289323.job => C:\Documents and Settings\Owner\Application Data\Yvkiag\ryuhk.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 4025104484.job => C:\Documents and Settings\Owner\Application Data\Fimaagux\awveu.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 4043466116.job => C:\Documents and Settings\Owner\Application Data\Heylekxo\onyri.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 4047984375.job => C:\Documents and Settings\Owner\Application Data\Ytmuen\afoqyn.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 4092173135.job => C:\Documents and Settings\Owner\Application Data\Uwziby\keetana.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 4096806107.job => C:\Documents and Settings\Owner\Application Data\Oxxeunzy\ifypir.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 4098270553.job => C:\Documents and Settings\Owner\Application Data\Pyduexp\cyadc.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 4154311137.job => C:\Documents and Settings\Owner\Application Data\Etvexi\gievok.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 4169285839.job => C:\Documents and Settings\Owner\Application Data\Wymatoy\pyechog.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 4217168398.job => C:\Documents and Settings\Owner\Application Data\Wauddyy\amfour.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 4218765206.job => C:\Documents and Settings\Owner\Application Data\Powywo\ipmuu.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 4232512821.job => C:\Documents and Settings\Owner\Application Data\Yrvaece\edahiq.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 4235871987.job => C:\Documents and Settings\Owner\Application Data\Lyqaaq\ohlyyn.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 4236224367.job => C:\Documents and Settings\Owner\Application Data\Houhwexa\mugan.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 4277836672.job => C:\Documents and Settings\Owner\Application Data\Cyuzyfxa\ahyns.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 428592404.job => C:\Documents and Settings\Owner\Application Data\Ydxoydys\ubukuv.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 4287804461.job => C:\Documents and Settings\Owner\Application Data\Afdesuoz\medei.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 452439642.job => C:\Documents and Settings\Owner\Application Data\Yffyen\urypmu.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 46647081.job => C:\Documents and Settings\Owner\Application Data\Moizxe\iqmuwu.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 468330616.job => C:\Documents and Settings\Owner\Application Data\Ifsityh\foulo.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 474777665.job => C:\Documents and Settings\Owner\Application Data\Ylyzsii\dadout.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 49497787.job => C:\Documents and Settings\Owner\Application Data\Uturmo\afbaex.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 560938592.job => C:\Documents and Settings\Owner\Application Data\Opnoxeoz\noraozt.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 565077913.job => C:\Documents and Settings\Owner\Application Data\Cauhawo\cacia.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 590357516.job => C:\Documents and Settings\Owner\Application Data\Uhqezuco\cahei.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 615138577.job => C:\Documents and Settings\Owner\Application Data\Fidoyr\toxayg.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 619396990.job => C:\Documents and Settings\Owner\Application Data\Byuvfica\pesuun.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 656385206.job => C:\Documents and Settings\Owner\Application Data\Naohyxti\owpamue.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 673050838.job => C:\Documents and Settings\Owner\Application Data\Geyrazd\afkoxyw.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 701112635.job => C:\Documents and Settings\Owner\Application Data\Umfeuni\efibi.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 709506353.job => C:\Documents and Settings\Owner\Application Data\Kyumsawy\ixycw.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 712637240.job => C:\Documents and Settings\Owner\Application Data\Waonmo\qytyfux.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 713225586.job => C:\Documents and Settings\Owner\Application Data\Muodpahe\afifxe.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 718252762.job => C:\Documents and Settings\Owner\Application Data\Xyyxwa\ciwyy.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 724905180.job => C:\Documents and Settings\Owner\Application Data\Bokyqeom\updov.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 72642966.job => C:\Documents and Settings\Owner\Application Data\Teyquqku\gyweq.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 798706992.job => C:\Documents and Settings\Owner\Application Data\Yltoef\eqguw.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 808486472.job => C:\Documents and Settings\Owner\Application Data\Wioxvope\ovxoqe.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 875387701.job => C:\Documents and Settings\Owner\Application Data\Pierazc\ogugu.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 87695519.job => C:\Documents and Settings\Owner\Application Data\Isxiow\acnuoq.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 890778193.job => C:\Documents and Settings\Owner\Application Data\Ydurluo\omfege.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 911451674.job => C:\Documents and Settings\Owner\Application Data\Uqeftyel\irotuw.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 932040931.job => C:\Documents and Settings\Owner\Application Data\Atyqqoe\azoker.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 948595071.job => C:\Documents and Settings\Owner\Application Data\Yqnoahow\piysg.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 964514311.job => C:\Documents and Settings\Owner\Application Data\Usnegefa\voafve.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 970038231.job => C:\Documents and Settings\Owner\Application Data\Enliyku\iwzeqaf.exe
    Task: C:\WINDOWS\Tasks\Security Center Update - 979382889.job => C:\Documents and Settings\Owner\Application Data\Abkubi\ahukzug.exe
    AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:235D5402
    AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:52562F72
    AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:6FE816BE
    AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:89D63297
    AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:A45915CD
    AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:A93060EC
    AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:A975C3E8
    AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:AC4C6FB4
    AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:B1FBBD09
    AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1
    AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:E0AF4473
    AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:F3F95A98
    AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:F591490A
    *****************

    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Olawwiykm => Value deleted successfully.
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Ylutygugpenoco => Value deleted successfully.
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Ahdeypsixa => Value deleted successfully.
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Vuwyopuwzihyc => Value deleted successfully.
    HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Onuzfidynaforiy => Value deleted successfully.
    HKU\Mom's Computer Files\Software\Microsoft\Windows\CurrentVersion\Run\\Ovyqnuucguav => Value deleted successfully.
    HKU\Mom's Computer Files\Software\Microsoft\Windows\CurrentVersion\Run\\Ymlyly => Value deleted successfully.
    C:\Documents and Settings\Owner\Application Data\Ifugceon => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Uqeftyel => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Ulbygu => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Umfeuni => Moved successfully.
    "C:\Documents and Settings\Owner\Application Data\Kowaciw" => File/Directory not found.
    "C:\Documents and Settings\Owner\Application Data\Movoxiha" => File/Directory not found.
    C:\Documents and Settings\Owner\Application Data\Fyvyupyt => Moved successfully.
    SecurityCenterServer111686145 => Service deleted successfully.
    SecurityCenterServer1432586974 => Service deleted successfully.
    SecurityCenterServer1626596997 => Service deleted successfully.
    SecurityCenterServer1950185314 => Service deleted successfully.
    SecurityCenterServer2105786894 => Service deleted successfully.
    SecurityCenterServer2263627583 => Service deleted successfully.
    SecurityCenterServer2319181828 => Service deleted successfully.
    SecurityCenterServer266111037 => Service deleted successfully.
    SecurityCenterServer2826509393 => Service deleted successfully.
    SecurityCenterServer3116967883 => Service deleted successfully.
    SecurityCenterServer3151588881 => Service deleted successfully.
    SecurityCenterServer360656239 => Service deleted successfully.
    SecurityCenterServer4096806107 => Service deleted successfully.
    SecurityCenterServer468330616 => Service deleted successfully.
    SecurityCenterServer724905180 => Service deleted successfully.
    SecurityCenterServer890778193 => Service deleted successfully.
    SecurityCenterServer932040931 => Service deleted successfully.
    SecurityCenterServer948595071 => Service deleted successfully.
    SecurityCenterServer964514311 => Service deleted successfully.
    C:\Documents and Settings\Owner\Desktop\FRST.txt => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 266111037.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 111686145.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2263627583.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 724905180.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2319181828.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 964514311.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3116967883.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1950185314.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1432586974.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 4096806107.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 360656239.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2826509393.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 932040931.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2105786894.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 948595071.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 468330616.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3151588881.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 890778193.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1626596997.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3287836628.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2408677117.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1211351929.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2540194174.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1873504007.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 4154311137.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3629729729.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 371238779.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1863946225.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2387119726.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 87695519.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1956468192.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 701112635.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 4277836672.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2308782259.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3209652642.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3209091799.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3800633129.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1347168173.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3600965468.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 709506353.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2792190733.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2039683573.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 712637240.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 4009333939.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 221019929.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 619396990.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3372144040.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1420784476.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3476042256.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1081850053.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3990718765.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1655519068.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1320627931.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2546145253.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2519717066.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1261306176.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3803616210.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3679413506.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1741814216.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1061782202.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2791378573.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 911451674.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 970038231.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2741615029.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 320279411.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1621176371.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1377561740.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3748884969.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1844186889.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 656385206.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3295481433.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3069888336.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 72642966.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3784247043.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1232635450.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 452439642.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3416630175.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1168307180.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1083538640.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2969264379.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 46647081.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1413792720.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2791061455.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3701309023.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1167285849.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3331785368.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3387647659.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2414928987.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2220986840.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 474777665.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3476170545.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3277244330.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2178439679.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1256328150.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3023669432.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1020559165.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3506292513.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3783525716.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 319430655.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1988746925.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 428592404.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 400730063.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1675829083.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 4092173135.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2729293372.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3679906737.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3520270487.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 315257620.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1440553547.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2813089270.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3025139946.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3985167262.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3679284912.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 673050838.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 4235871987.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1751565923.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 258221702.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1361664755.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 798706992.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2489887677.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1497563506.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2592968499.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2416183415.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2626427140.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 590357516.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2477489666.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 979382889.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1975544905.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 4098270553.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 4025104484.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2935704943.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2405006451.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2155236161.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 875387701.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 718252762.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 4169285839.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1211432604.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2745853030.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2634531564.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 713225586.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 560938592.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1547382270.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1216927709.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1564345409.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3883503566.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 4022492624.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3838392391.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3850949386.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 4217168398.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1461547677.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3351252341.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1137787085.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1132824244.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 808486472.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 375140654.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2923253680.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 402289323.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3277470999.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3109357307.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1878508268.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1577089289.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2082603011.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 4287804461.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1013644702.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 4047984375.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 4043466116.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1400387617.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 4236224367.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1886463784.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2820184469.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2483852177.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2591458659.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 171117078.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 4232512821.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2720046740.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1281875270.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3213022074.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2259588774.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 4218765206.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 49497787.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 615138577.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2901426990.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3673618064.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 565077913.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3282089973.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 3912847873.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1650939616.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 2865934546.job => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1720851841.job => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Irapfuty => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Etvexi => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Ygbiecbi => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Izoselyw => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Nyehoka => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Ewupnyik => Moved successfully.
    "C:\Documents and Settings\Owner\Desktop\SecurityCheck.ex" => File/Directory not found.
    C:\Documents and Settings\Owner\Application Data\Uxqeuh => Moved successfully.
    "C:\Documents and Settings\Owner\Application Data\Umfeuni" => File/Directory not found.
    C:\Documents and Settings\Owner\Application Data\Isxiow => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Zoemgik => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Yklaix => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Oquztaz => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Memyunnu => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Yquceldo => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Lyuzums => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Lecirax => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Wyutufob => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Ydvialxo => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Wuqeope => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Uzpakeb => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Uqdauw => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Uctuluy => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Rigeogxe => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Olurecro => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Loqyukfa => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Imyzulo => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Icinmeyp => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Efniys => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Wyosifdu => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Wakyufqu => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Urecfo => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Uhnyun => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Udqeokvi => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Sucaexac => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Quryod => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Osipvy => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Loykeza => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Katiryge => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Ivzuelp => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Ilurru => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Fyempe => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Cynymouq => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Cealaf => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Atalta => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Ankyhi => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Xoepad => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Xaguec => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Ulsazii => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Toexumek => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Sihuydb => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Pyqiel => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Ovicba => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Goovihza => Moved successfully.
    "C:\Documents and Settings\Owner\Application Data\Fyvyupyt" => File/Directory not found.
    C:\Documents and Settings\Owner\Application Data\Feekyrx => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Exocehc => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Ebhuyxx => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Ifemig => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Muodpahe => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Abkubi => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Ydxoydys => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Geyrazd => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Bohinaaq => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Yltoef => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Xyyxwa => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Yxotpy => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Uwziby => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Pyduexp => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Moofwahe => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Opaqaxo => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Idyrqier => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Ygogopqa => Moved successfully.
    "C:\Documents and Settings\Owner\Application Data\Uqeftyel" => File/Directory not found.
    C:\Documents and Settings\Owner\Application Data\Ceodnauc => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Yzunxy => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Xoacac => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Seeczy => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Muodelxe => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Kyumsawy => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Guuxfy => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Foumna => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Ermoyhes => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Biiqlo => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Ywpues => Moved successfully.
    "C:\Documents and Settings\Owner\Application Data\Ulbygu" => File/Directory not found.
    C:\Documents and Settings\Owner\Application Data\Teyquqku => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Rezeso => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Naohyxti => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Enliyku => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Emrure => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Arqoem => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Wioxvope => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Ucfycye => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Kokaifo => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Lyqaaq => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Botafi => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Nypeluh => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Fenyuw => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Zoecvey => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Weogynte => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Loovig => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Waonmo => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Pierazc => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Opnoxeoz => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Afdesuoz => Moved successfully.
    "C:\Documents and Settings\Owner\Application Data\Ifugceon" => File/Directory not found.
    C:\Documents and Settings\Owner\Application Data\Gaewino => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Yvkiag => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Ibupow => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Fimaagux => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Itynicz => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Avymvyu => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Uhylyqi => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Ywykobaw => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Qilavy => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Okivuh => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Byuvfica => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Ylyzsii => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Uhqezuco => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Ygcetaol => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Xoniul => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Wymatoy => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Wauddyy => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Lyuwwo => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Coexrui => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Quovhi => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Nuheek => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Attyfu => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Rycoceb => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Oloktuir => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Waypez => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Vebaedxi => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Lizywa => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Cyniel => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Yxlohi => Moved successfully.
    C:\Documents and Settings\Owner\Application Data\Niosycik => Moved successfully.
    C:\WINDOWS\Tasks\Security Center Update - 1013644702.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1020559165.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1061782202.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1081850053.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1083538640.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 111686145.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1132824244.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1137787085.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1167285849.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1168307180.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1211351929.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1211432604.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1216927709.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1232635450.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1256328150.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1261306176.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1281875270.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1320627931.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1347168173.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1361664755.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1377561740.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1400387617.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1413792720.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1420784476.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1432586974.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1440553547.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1461547677.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1497563506.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1547382270.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1564345409.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1577089289.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1621176371.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1626596997.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1650939616.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1655519068.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1675829083.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 171117078.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1720851841.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1741814216.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1751565923.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1844186889.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1863946225.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1873504007.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1878508268.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1886463784.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1950185314.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1956468192.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1975544905.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 1988746925.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2039683573.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2082603011.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2105786894.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2155236161.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2178439679.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 221019929.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2220986840.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2259588774.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2263627583.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2308782259.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2319181828.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2387119726.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2405006451.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2408677117.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2414928987.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2416183415.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2477489666.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2483852177.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2489887677.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2519717066.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2540194174.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2546145253.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 258221702.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2591458659.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2592968499.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2626427140.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2634531564.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 266111037.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2720046740.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2729293372.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2741615029.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2745853030.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2791061455.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2791378573.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2792190733.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2813089270.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2820184469.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2826509393.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2865934546.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2901426990.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2923253680.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2935704943.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 2969264379.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3023669432.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3025139946.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3069888336.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3109357307.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3116967883.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3151588881.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 315257620.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 319430655.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 320279411.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3209091799.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3209652642.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3213022074.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3277244330.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3277470999.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3282089973.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3287836628.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3295481433.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3331785368.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3351252341.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3372144040.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3387647659.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3416630175.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3476042256.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3476170545.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3506292513.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3520270487.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3600965468.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 360656239.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3629729729.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3673618064.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3679284912.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3679413506.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3679906737.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3701309023.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 371238779.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3748884969.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 375140654.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3783525716.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3784247043.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3800633129.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3803616210.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3838392391.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3850949386.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3883503566.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3912847873.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3985167262.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 3990718765.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 400730063.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 4009333939.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 4022492624.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 402289323.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 4025104484.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 4043466116.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 4047984375.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 4092173135.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 4096806107.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 4098270553.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 4154311137.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 4169285839.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 4217168398.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 4218765206.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 4232512821.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 4235871987.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 4236224367.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 4277836672.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 428592404.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 4287804461.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 452439642.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 46647081.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 468330616.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 474777665.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 49497787.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 560938592.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 565077913.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 590357516.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 615138577.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 619396990.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 656385206.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 673050838.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 701112635.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 709506353.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 712637240.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 713225586.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 718252762.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 724905180.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 72642966.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 798706992.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 808486472.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 875387701.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 87695519.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 890778193.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 911451674.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 932040931.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 948595071.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 964514311.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 970038231.job not found.
    C:\WINDOWS\Tasks\Security Center Update - 979382889.job not found.
    C:\Documents and Settings\All Users\Application Data\TEMP => ":235D5402" ADS removed successfully.
    C:\Documents and Settings\All Users\Application Data\TEMP => ":52562F72" ADS removed successfully.
    C:\Documents and Settings\All Users\Application Data\TEMP => ":6FE816BE" ADS removed successfully.
    C:\Documents and Settings\All Users\Application Data\TEMP => ":89D63297" ADS removed successfully.
    C:\Documents and Settings\All Users\Application Data\TEMP => ":A45915CD" ADS removed successfully.
    C:\Documents and Settings\All Users\Application Data\TEMP => ":A93060EC" ADS removed successfully.
    C:\Documents and Settings\All Users\Application Data\TEMP => ":A975C3E8" ADS removed successfully.
    C:\Documents and Settings\All Users\Application Data\TEMP => ":AC4C6FB4" ADS removed successfully.
    C:\Documents and Settings\All Users\Application Data\TEMP => ":B1FBBD09" ADS removed successfully.
    C:\Documents and Settings\All Users\Application Data\TEMP => ":D1B5B4F1" ADS removed successfully.
    C:\Documents and Settings\All Users\Application Data\TEMP => ":E0AF4473" ADS removed successfully.
    C:\Documents and Settings\All Users\Application Data\TEMP => ":F3F95A98" ADS removed successfully.
    C:\Documents and Settings\All Users\Application Data\TEMP => ":F591490A" ADS removed successfully.

    ==== End of Fixlog ====



    #12 RPMcMurphy

    RPMcMurphy

      Bleeping *^#@%~


    • Malware Response Team
    • 3,970 posts
    • OFFLINE
    •  
    • Gender:Male
    • Local time:01:53 AM

    Posted 29 December 2013 - 08:41 PM

    Please do this next:

    icon11.gif  Download ComboFix from the link below:
    Link 1

    VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

    * IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link

    • Double click on ComboFix.exe & follow the prompts.

    As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

    • Once the Microsoft Windows Recovery Console is installed click on Yes[/b], to continue scanning for malware.

    When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

    Notes:
    1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
    2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.


    Threads are closed after 5 days of inactivity.

    ASAP & UNITE Member


    The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


    #13 katzandmice

    katzandmice
    • Topic Starter

    • Members
    • 21 posts
    • OFFLINE
    •  
    • Local time:01:53 AM

    Posted 29 December 2013 - 10:42 PM

    Having a little problem. Disabled all anti-virus software (MBAM, SAS, Norton, Firewall) downloaded Combo-fix, ran it as directed. It ran and did it's thing for the most part, the window then closed and a Warning window opened stating:

    "antivirus: Norton Antivirus The above real time scanner(s) are still active but ComboFix shall continue to run, Kindly note that his is at your own risk"

    When I open the tray icon for the Norton Security Center it shows "No virus protection detected" under Virus Protection; however, when I open the Windows Security Center it states "Virus protection is ON". I cannot find any method by which to disable Norton Anti Virus. I tried the Norton Support site; as expected it was pretty much useless with the exception of selling more software! I am running Norton AntiVirus 2011.

     

    Any suggestions?

     

    At the moment, I'm just holding on continuing the Combo-Fix process and will not do anything until directed.



    #14 RPMcMurphy

    RPMcMurphy

      Bleeping *^#@%~


    • Malware Response Team
    • 3,970 posts
    • OFFLINE
    •  
    • Gender:Male
    • Local time:01:53 AM

    Posted 30 December 2013 - 12:12 AM

    It sounds like you have Norton sufficiently disabled.  You may go ahead and click through that warning, or if you are able to boot into the safe mode now you could run it from there to be certain Norton is out of play.


    Threads are closed after 5 days of inactivity.

    ASAP & UNITE Member


    The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


    #15 katzandmice

    katzandmice
    • Topic Starter

    • Members
    • 21 posts
    • OFFLINE
    •  
    • Local time:01:53 AM

    Posted 30 December 2013 - 11:08 AM

    ComboFix 13-12-29.01 - Owner 12/30/2013   9:51.1.1 - x86
    Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.3198.2340 [GMT -5:00]
    Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
    AV: Norton AntiVirus *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
    .
    .
    (((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\documents and settings\All Users\Application Data\TEMP
    c:\documents and settings\Default User\WINDOWS
    c:\documents and settings\Guest\WINDOWS
    c:\documents and settings\Mom's Computer Files\WINDOWS
    c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\ynca2p9k.default\extensions\koyiyie@y-yoi.org
    c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\ynca2p9k.default\extensions\koyiyie@y-yoi.org\bootstrap.js
    c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\ynca2p9k.default\extensions\koyiyie@y-yoi.org\chrome.manifest
    c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\ynca2p9k.default\extensions\koyiyie@y-yoi.org\content\bg.js
    c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\ynca2p9k.default\extensions\koyiyie@y-yoi.org\install.rdf
    c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\ynca2p9k.default\extensions\wpmzh3j@aaeuauao.edu
    c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\ynca2p9k.default\extensions\wpmzh3j@aaeuauao.edu\bootstrap.js
    c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\ynca2p9k.default\extensions\wpmzh3j@aaeuauao.edu\chrome.manifest
    c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\ynca2p9k.default\extensions\wpmzh3j@aaeuauao.edu\content\bg.js
    c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\ynca2p9k.default\extensions\wpmzh3j@aaeuauao.edu\install.rdf
    c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\ynca2p9k.default\extensions\ygdq.1knom@ue-eoe.co.uk
    c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\ynca2p9k.default\extensions\ygdq.1knom@ue-eoe.co.uk\bootstrap.js
    c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\ynca2p9k.default\extensions\ygdq.1knom@ue-eoe.co.uk\chrome.manifest
    c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\ynca2p9k.default\extensions\ygdq.1knom@ue-eoe.co.uk\content\bg.js
    c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\ynca2p9k.default\extensions\ygdq.1knom@ue-eoe.co.uk\install.rdf
    c:\documents and settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eoebpiklimiodbgpjcpabeajcihbacef
    c:\documents and settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eoebpiklimiodbgpjcpabeajcihbacef\1.0\background.html
    c:\documents and settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eoebpiklimiodbgpjcpabeajcihbacef\1.0\content.js
    c:\documents and settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eoebpiklimiodbgpjcpabeajcihbacef\1.0\lsdb.js
    c:\documents and settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eoebpiklimiodbgpjcpabeajcihbacef\1.0\manifest.json
    c:\documents and settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eoebpiklimiodbgpjcpabeajcihbacef\1.0\newtab.html
    c:\documents and settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eoebpiklimiodbgpjcpabeajcihbacef\1.0\R0eU.js
    c:\documents and settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hhkpgnohpdfepfoihgaclahaooceabmn
    c:\documents and settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hhkpgnohpdfepfoihgaclahaooceabmn\2.3\background.html
    c:\documents and settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hhkpgnohpdfepfoihgaclahaooceabmn\2.3\content.js
    c:\documents and settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hhkpgnohpdfepfoihgaclahaooceabmn\2.3\lsdb.js
    c:\documents and settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hhkpgnohpdfepfoihgaclahaooceabmn\2.3\manifest.json
    c:\documents and settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hhkpgnohpdfepfoihgaclahaooceabmn\2.3\YelQqTK.js
    c:\documents and settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lnkbcjonjkomllbnpianklhhljkeddbj
    c:\documents and settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lnkbcjonjkomllbnpianklhhljkeddbj\1.0\background.html
    c:\documents and settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lnkbcjonjkomllbnpianklhhljkeddbj\1.0\content.js
    c:\documents and settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lnkbcjonjkomllbnpianklhhljkeddbj\1.0\d9X6Vml8W4Ud.js
    c:\documents and settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lnkbcjonjkomllbnpianklhhljkeddbj\1.0\lsdb.js
    c:\documents and settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lnkbcjonjkomllbnpianklhhljkeddbj\1.0\manifest.json
    c:\documents and settings\Owner\System
    c:\documents and settings\Owner\System\win_qs8.jqx
    c:\documents and settings\Owner\WINDOWS
    c:\program files\winvi
    c:\program files\winvi\temp\version.ini
    c:\program files\winvi\version.ini
    c:\windows\COUPon~1.ocx
    c:\windows\Downloaded Program Files\Temp
    c:\windows\EventSystem.log
    c:\windows\system32\config\systemprofile\WINDOWS
    c:\windows\system32\drivers\etc\hosts.ics
    c:\windows\system32\SET1D9.tmp
    c:\windows\system32\SET1E5.tmp
    c:\windows\wininit.ini
    D:\Autorun.inf
    .
    .
    (((((((((((((((((((((((((   Files Created from 2013-11-28 to 2013-12-30  )))))))))))))))))))))))))))))))
    .
    .
    2013-12-30 03:09 . 2013-12-30 03:09    --------    d-----w-    c:\documents and settings\Owner\Application Data\Tific
    2013-12-29 15:59 . 2013-12-29 15:59    63115    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
    2013-12-29 15:59 . 2013-12-29 15:59    4599    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
    2013-12-29 15:59 . 2013-12-29 15:59    9310    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
    2013-12-29 15:59 . 2013-12-29 15:59    8646    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS
    2013-12-29 15:59 . 2013-12-29 15:59    6429    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
    2013-12-29 15:59 . 2013-12-29 15:59    5927    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXT.JS
    2013-12-29 15:58 . 2013-12-29 15:58    8613    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\SAVEDUSER.JS
    2013-12-29 15:58 . 2013-12-29 15:58    1651    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\QUERYSTRING.JS
    2013-12-29 15:58 . 2013-12-29 15:58    6910    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\NEWUSERCOMM.JS
    2013-12-29 15:58 . 2013-12-29 15:58    18541    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LOCALIZATION.JS
    2013-12-29 15:58 . 2013-12-29 15:58    8288    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\IMAGE.JS
    2013-12-29 15:58 . 2013-12-29 15:58    6208    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LINK.JS
    2013-12-29 15:58 . 2013-12-29 15:58    51852    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\EXTERNALWRAPPER.JS
    2013-12-29 15:58 . 2013-12-29 15:58    20719    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\DIVWRAPPER.JS
    2013-12-29 15:58 . 2013-12-29 15:58    23327    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS
    2013-12-29 15:58 . 2013-12-29 15:58    7271    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS
    2013-12-29 15:58 . 2013-12-29 15:58    8782    ----a-w-    c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
    2013-12-29 15:45 . 2013-12-29 15:45    --------    d-----w-    C:\_OTM
    2013-12-29 00:29 . 2013-12-30 00:48    --------    d-----w-    C:\FRST
    2013-12-28 15:24 . 2013-12-28 15:24    72192    ----a-w-    c:\windows\system32\tasklist.exe
    2013-12-28 01:24 . 2013-12-28 01:24    --------    d-----w-    C:\TDSSKiller_Quarantine
    2013-12-27 15:29 . 2013-12-27 22:49    --------    d-----w-    c:\documents and settings\Owner\Application Data\Yffyen
    2013-12-27 15:29 . 2013-12-27 15:29    --------    d-----w-    C:\SUPERDelete
    2013-12-27 15:27 . 2013-12-27 21:03    --------    d-----w-    c:\documents and settings\Owner\Application Data\Ytmuen
    2013-12-25 18:57 . 2013-12-25 18:57    --------    d-----w-    c:\documents and settings\Owner\Application Data\SUPERAntiSpyware.com
    2013-12-25 18:56 . 2013-12-27 15:29    --------    d-----w-    c:\program files\SUPERAntiSpyware
    2013-12-25 18:56 . 2013-12-25 18:56    --------    d-----w-    c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
    2013-12-18 17:23 . 2013-12-18 17:23    --------    d-----w-    c:\documents and settings\All Users\Application Data\QuickSet
    2013-12-18 17:22 . 2013-12-24 16:20    --------    d-----w-    c:\program files\Sk-Enabler
    2013-12-18 17:22 . 2013-12-27 15:27    --------    d-----w-    c:\documents and settings\All Users\Application Data\suurff aNdd keeep
    2013-12-18 17:22 . 2013-12-18 17:22    --------    d-----w-    c:\documents and settings\Owner\AppData
    2013-12-18 17:22 . 2013-12-24 16:17    --------    d-----w-    c:\program files\suurff aNdd keeep
    2013-12-18 17:22 . 2013-12-18 17:23    --------    d-----w-    c:\documents and settings\All Users\Application Data\5cbe860b382c8b34
    2013-12-18 17:22 . 2013-12-18 17:23    --------    d-----w-    c:\documents and settings\All Users\Application Data\InstallMate
    2013-12-18 17:17 . 2013-12-18 17:27    --------    d-----w-    c:\program files\TornTV.com
    2013-12-07 22:08 . 2013-12-07 22:08    --------    d-----w-    c:\program files\Construction Master Pro for Windows
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2013-10-09 13:42 . 2012-08-21 23:58    692616    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
    2013-10-09 13:42 . 2011-06-07 15:06    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
    .
    .
    (((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Green]
    @="{95A27763-F62A-4114-9072-E81D87DE3B68}"
    [HKEY_CLASSES_ROOT\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68}]
    2013-10-10 20:26    1021448    ----a-r-    c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Partial]
    @="{E300CD91-100F-4E67-9AF3-1384A6124015}"
    [HKEY_CLASSES_ROOT\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015}]
    2013-10-10 20:26    1021448    ----a-r-    c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Yellow]
    @="{5E529433-B50E-4bef-A63B-16A6B71B071A}"
    [HKEY_CLASSES_ROOT\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A}]
    2013-10-10 20:26    1021448    ----a-r-    c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "WinCalendarV3"="c:\program files\Sapro Systems WinCalendarV3\WinCalendarV3_SysTray.exe" [2011-01-25 79288]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunKistEM"="c:\program files\Digital Media Reader\shwiconem.exe" [2004-11-15 135168]
    "EPSON Stylus CX7800 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIAFA.EXE" [2005-04-06 98304]
    "VERIZONDM"="c:\program files\VERIZONDM\bin\sprtcmd.exe" [2010-09-29 206120]
    "WinCalendarV3"="c:\program files\Sapro Systems WinCalendarV3\WinCalendarV3_SysTray.exe" [2011-01-25 79288]
    "PMBVolumeWatcher"="c:\program files\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2012-02-16 688184]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
    "Carbonite Backup"="c:\program files\Carbonite\Carbonite Backup\CarboniteUI.exe" [2013-10-10 1056264]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "WinCalendarV3"="c:\program files\Sapro Systems WinCalendarV3\WinCalendarV3_SysTray.exe" [2011-01-25 79288]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "RunNarrator"="Narrator.exe" [2008-04-14 53760]
    .
    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2013-05-07 115440]
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck
    HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\LimeWire\\LimeWire.exe"=
    "c:\\WINDOWS\\system32\\sessmgr.exe"=
    "c:\\Program Files\\Messenger\\msmsgs.exe"=
    "c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
    "c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
    "c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
    "c:\\WINDOWS\\system32\\dpvsetup.exe"=
    "c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
    "c:\\Program Files\\Microsoft Digital Image 10\\DIPS10Photostory.exe"=
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
    "AllowInboundTimestampRequest"= 1 (0x1)
    "AllowInboundMaskRequest"= 1 (0x1)
    "AllowInboundRouterRequest"= 1 (0x1)
    "AllowOutboundDestinationUnreachable"= 1 (0x1)
    "AllowOutboundSourceQuench"= 1 (0x1)
    "AllowOutboundParameterProblem"= 1 (0x1)
    "AllowOutboundTimeExceeded"= 1 (0x1)
    "AllowRedirect"= 1 (0x1)
    "AllowOutboundPacketTooBig"= 1 (0x1)
    .
    R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAV\1206000.01D\symds.sys [5/2/2011 6:11 PM 340088]
    R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1206000.01D\symefa.sys [5/2/2011 6:11 PM 744568]
    R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20110419.001\BHDrvx86.sys [4/19/2011 6:15 PM 802936]
    R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 11:27 AM 12880]
    R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 4:55 PM 67664]
    R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAV\1206000.01D\ironx86.sys [5/2/2011 6:11 PM 136312]
    R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [10/10/2013 5:54 PM 120088]
    R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [8/23/2012 11:37 AM 13672]
    R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2/15/2012 7:11 PM 459832]
    R2 sprtsvc_verizondm;SupportSoft Sprocket Service (verizondm);c:\program files\VERIZONDM\bin\sprtsvc.exe [9/29/2010 6:00 AM 206120]
    R2 tgsrvc_verizondm;SupportSoft Repair Service (verizondm);c:\program files\VERIZONDM\bin\tgsrvc.exe [9/29/2010 6:00 AM 185640]
    S2 NAV;Norton AntiVirus;c:\program files\Norton AntiVirus\Norton AntiVirus\Engine\18.6.0.29\ccsvchst.exe [5/2/2011 6:10 PM 130008]
    S2 QuickPDFTCPService0721;Quick PDF Tools Background Service;c:\program files\Quick PDF Tools\QuickPDFTCP0721.exe [8/13/2010 5:04 AM 1918464]
    S3 becldr3Service;BCL EasyConverter SDK 3 Loader;c:\program files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [7/3/2013 2:14 PM 225280]
    S3 cpuz135;cpuz135;\??\c:\docume~1\Owner\LOCALS~1\Temp\cpuz135\cpuz135_x32.sys --> c:\docume~1\Owner\LOCALS~1\Temp\cpuz135\cpuz135_x32.sys [?]
    S3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20110429.002\IDSXpx86.sys [4/29/2011 10:23 PM 341944]
    S3 MUD;Driver for Magellan USB Device;c:\windows\system32\drivers\MUD.sys [2/5/2008 7:51 PM 51200]
    S3 PacketNTx;Packet helper driver;c:\windows\system32\drivers\PacketNTx.sys [10/7/2005 9:56 PM 24544]
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2013-12-30 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-21 13:42]
    .
    2013-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-11-25 15:38]
    .
    2013-12-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2010-11-25 15:38]
    .
    2013-12-29 c:\windows\Tasks\SDMsgUpdate (TE).job
    - c:\progra~1\SMARTD~1\Messages\SDNotify.exe [2011-04-28 17:29]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.google.com
    mStart Page = hxxp://www.google.com
    uInternet Settings,ProxyOverride = *.local
    IE: &AOL Toolbar search
    IE: &Google Search - c:\program files\google\GoogleToolbar2.dll/cmsearch.html
    IE: &Translate English Word - c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
    IE: Backward Links - c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
    IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar2.dll/cmcache.html
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
    IE: Similar Pages - c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
    IE: Translate Page into English - c:\program files\google\GoogleToolbar2.dll/cmtrans.html
    Trusted Zone: clonewarsadventures.com
    Trusted Zone: freerealms.com
    Trusted Zone: phoenix.edu\mycampus
    Trusted Zone: soe.com
    Trusted Zone: sony.com
    Trusted Zone: turbotax.com
    TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
    FF - ProfilePath - c:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\ynca2p9k.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://websearch.searchguru.info/?pid=518&r=2013/12/18&hid=2474224359641992190&lg=EN&cc=US&unqvl=43&l=1&q=
    FF - prefs.js: browser.search.selectedEngine -
    FF - prefs.js: browser.startup.homepage - hxxps://cw411.checkfreeweb.com/pcw411/wps?rq=home&sp=1299
    FF - prefs.js: keyword.URL -
    .
    .
    ------- File Associations -------
    .
    .reg=Regedit.Document
    .
    - - - - ORPHANS REMOVED - - - -
    .
    SafeBoot-svcWRSSSDK
    MSConfigStartUp-CTFMON - (no file)
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2013-12-30 10:19
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scanning hidden processes ...  
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...  
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    [HKEY_LOCAL_MACHINE\System\ControlSet003\Services\NAV]
    "ImagePath"="\"c:\program files\Norton AntiVirus\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files\Norton AntiVirus\Norton AntiVirus\Engine\18.6.0.29\diMaster.dll\" /prefetch:1"
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\S-1-5-21-1117639363-358789429-3253389173-1003\Software\Microsoft\SystemCertificates\AddressBook*]
    @Allowed: (Read) (RestrictedCode)
    @Allowed: (Read) (RestrictedCode)
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------
    .
    - - - - - - - > 'winlogon.exe'(608)
    c:\windows\system32\Ati2evxx.dll
    .
    Completion time: 2013-12-30  11:04:06
    ComboFix-quarantined-files.txt  2013-12-30 16:03
    .
    Pre-Run: 101,170,421,760 bytes free
    Post-Run: 103,997,558,784 bytes free
    .
    WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    UnsupportedDebug="do not select this" /debug
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
    .
    - - End Of File - - 1437D8146B123456764AD6659B248869
    B20939CD98B7710036274839082AE757
     






    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users