Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible Virus (Generic Host Process Popups) Windows XP


  • This topic is locked This topic is locked
17 replies to this topic

#1 chakotay2

chakotay2

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:03:23 PM

Posted 21 January 2015 - 07:13 PM

 DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 6.0.2900.2180
Run by alan at 17:08:26 on 2015-01-21
Microsoft Windows XP Professional  5.1.2600.2.1252.1.1033.18.511.153 [GMT -7:00]
.
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb03.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\WINDOWS\Logi_MwX.Exe
C:\PROGRA~1\SPRINT~1.0OF\Sprint\CAgent.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\WINDOWS\mlrekprd.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\PROGRA~1\MUSICM~1\MUSICM~2\MMDiag.exe
C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mim.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Linksys\Wireless-B PCI Adapter\OdHost.exe
C:\Program Files\Linksys\Wireless-B PCI Adapter\WMP11Cfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Bar = res://c:\windows\system32\ypdrq.dll/sp.html#28129%resultposition.net
uSearch Page = res://c:\windows\system32\ypdrq.dll/sp.html#28129%resultposition.net
mStart Page = about:blank
mSearch Bar = res://c:\windows\mwqoi.dll/sp.html#28129%resultposition.net
mSearch Page = res://c:\windows\mwqoi.dll/sp.html#28129%resultposition.net
mDefault_Page_URL = about:blank
mDefault_Search_URL = res://c:\windows\mwqoi.dll/sp.html#28129%resultposition.net
mSearchAssistant = res://c:\windows\mwqoi.dll/sp.html#28129%resultposition.net
mURLSearchHooks: Class: {7352369D-E1F3-CA22-BCF3-2F9837B1EDCF} -
BHO: AcroIEHlprObj Class: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\adobe\acrobat 5.0\reader\activex\AcroIEHelper.ocx
BHO: Class: {24D73448-369F-53B7-BCD0-CABA729B5AF4} -
BHO: Class: {2E0DA8F3-D533-C35F-86F9-7941DD3B56CB} -
BHO: <No Name>: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Class: {7352369D-E1F3-CA22-BCF3-2F9837B1EDCF} -
BHO: Class: {7AA3263D-C6B3-2D60-F61D-6AA3C98512E0} -
BHO: AOL Toolbar Launcher: {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - c:\program files\aol\aol toolbar 2.0\aoltb.dll
BHO: jimmyhelp.CBrowserHelper: {B07F6318-D54F-4D87-8D73-9233883EBA2D} - c:\windows\epfpvl.dll
BHO: Class: {FF9C2285-7435-9341-80FE-A833F235D80D} -
TB: MSN Toolbar: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\program files\msn toolbar\01.01.1629.0\en-us\msntb.dll
TB: AIM Search: {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - c:\program files\aim toolbar\AIMBar.dll
TB: AOL Toolbar: {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 2.0\aoltb.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: YourSiteBar: {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - c:\program files\yoursitebar\ysb.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - <orphaned>
EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - <orphaned>
uRun: [SurfAccuracy] c:\documents and settings\alan\application data\surfaccuracy\SAcc.exe
uRun: [ReJf5vH] c:\documents and settings\alan\application data\microsoft\windows\imcnaxl.exe
mRun: [PestPatrol Control Center] c:\progra~1\pestpa~1\PPControl.exe
mRun: [PPMemCheck] c:\progra~1\pestpa~1\PPMemCheck.exe
mRun: [CookiePatrol] c:\progra~1\pestpa~1\CookiePatrol.exe
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb03.exe
mRun: [ihcwlxzmc] c:\windows\ovgxc.exe
mRun: [MMTray] "c:\program files\musicmatch\musicmatch jukebox\mm_tray.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe"  -osboot
mRun: [Logitech Utility] Logi_MwX.Exe
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [ABBYY Community Agent] c:\progra~1\sprint~1.0of\sprint\CAgent.exe
mRun: [MimBoot] c:\progra~1\musicm~1\musicm~2\mimboot.exe
mRun: [SunJavaUpdateSched] c:\program files\java\jre1.5.0_04\bin\jusched.exe
mRun: [wPfew] c:\windows\mlrekprd.exe
mRun: [EPSON Stylus Photo 2200] c:\windows\system32\spool\drivers\w32x86\3\E_S10IC2.EXE /P23 "EPSON Stylus Photo 2200" /O6 "USB002" /M "Stylus Photo 2200"
mRun: [Á³# K"h'þ9Óœ÷3rÅWc:\program files\istsvc\istsvc.exe] c:\windows\mlrekprd.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [442.tmp] c:\docume~1\ghisla~1\locals~1\temp\442.tmp.exe
mRun: [445.tmp] c:\docume~1\ghisla~1\locals~1\temp\445.tmp.exe
mRun: [445.tmp.exe] c:\docume~1\ghisla~1\locals~1\temp\445.tmp.exe
mRun: [442.tmp.exe] c:\docume~1\ghisla~1\locals~1\temp\442.tmp.exe
mRun: [IST Service] c:\program files\istsvc\istsvc.exe
mRun: [Samsung Common SM] "c:\windows\samsung\comsmmgr\ssmmgr.exe" /autorun
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [Á³# F"h'þ9Óœú3rÅWc:\program files\istsvc\istsvc.exe] c:\windows\mlrekprd.exe
mRun: [appqq.exe] c:\windows\system32\appqq.exe
mRun: [UserFaultCheck] c:\windows\system32\dumprep 0 -u
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpimag~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logoca~1.lnk - c:\program files\gretagmacbeth\profilemaker professional 5.0.3\CalibrationLoader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\nkbmon~1.lnk - c:\program files\nikon\pictureproject\NkbMonitor.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\wirele~1.lnk - c:\program files\linksys\wireless-b pci adapter\Startup.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_04\bin\npjpi150_04.dll
IE: {3369AF0D-62E9-4bda-8103-B4C75499B578} - {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 2.0\aoltb.dll
IE: {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - c:\program files\hello\PicasaCapture.dll
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://active.macromedia.com/director/cabs/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - hxxp://www.tbcode.com/ist/softwares/v4.0/ysb_regular.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38031.6930555556
DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 10.0.0.10 10.0.0.12
TCP: Interfaces\{22BB399C-058F-4D78-BF0A-9A858ED1F15D} : DHCPNameServer = 10.0.0.10 10.0.0.12
TCP: Interfaces\{60B8CB57-2C85-4DF2-BA46-F23ECC8FE97B} : DHCPNameServer = 68.87.85.98 68.87.69.146 68.87.78.130
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\alan\application data\mozilla\firefox\profiles\6ng5nw4z.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPJava11.dll
FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPJava12.dll
FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPJava13.dll
FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPJava14.dll
FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPJava32.dll
FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPJPI150_04.dll
FF - plugin: c:\program files\java\jre1.5.0_04\bin\NPOJI610.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
.
============= SERVICES / DRIVERS ===============
.
R1 Asapi;Asapi;c:\windows\system32\drivers\asapi.sys [2004-5-14 11264]
R2 cdenable;cdenable;c:\windows\system32\drivers\cdenable.sys [2005-4-16 6112]
R3 VIASens;Vinyl Sensaura WDM 3D Audio Driver;c:\windows\system32\drivers\viasens.sys [2003-11-7 391680]
S3 IPN2120;Wireless-B PCI Adapter Driver;c:\windows\system32\drivers\LSIPNDS.sys [2008-2-23 96256]
.
=============== File Associations ===============
.
ShellExec: EasyShare.exe: Preview="c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe"
ShellExec: FRONTPG.EXE: edit=c:\progra~1\micros~2\office10\FRONTPG.EXE
.
=============== Created Last 30 ================
.
2015-01-21 17:12:27    --------    d-----w-    c:\windows\system32\wbem\repository\FS
2015-01-21 17:12:27    --------    d-----w-    c:\windows\system32\wbem\Repository
2015-01-21 17:11:45    --------    d-----w-    c:\documents and settings\all users\application data\Viewpoint
2015-01-21 17:11:44    --------    d-----w-    c:\program files\Uniblue
2015-01-21 17:11:41    --------    d-----w-    c:\program files\Viewpoint
2015-01-21 17:11:31    --------    d-----w-    c:\program files\Symantec AntiVirus
2015-01-21 17:09:02    --------    d-----w-    c:\program files\YourSiteBar
2015-01-21 17:09:02    --------    d-----w-    c:\documents and settings\alan\application data\SurfAccuracy
2015-01-21 17:04:57    --------    d-----w-    c:\program files\ISTsvc
2015-01-21 16:57:51    --------    d-----w-    c:\windows\system32\CatRoot_bak
2015-01-21 13:05:45    --------    d-----w-    c:\documents and settings\alan\IETldCache
2015-01-21 11:53:36    --------    d-----w-    c:\windows\ie8updates
2015-01-21 11:49:46    --------    dc----w-    c:\windows\ie8
2015-01-21 05:54:30    --------    d-----w-    c:\windows\system32\scripting
2015-01-21 05:54:27    --------    d-----w-    c:\windows\l2schemas
2015-01-21 05:48:12    --------    d-----w-    c:\windows\network diagnostic
2015-01-20 23:46:48    --------    d-----w-    C:\cmdcons
2015-01-20 13:30:11    --------    d-----w-    c:\program files\Malwarebytes Anti-Malware
2015-01-20 13:30:11    --------    d-----w-    c:\documents and settings\all users\application data\Malwarebytes
2015-01-20 13:24:50    --------    d-----w-    C:\AdwCleaner
2015-01-20 13:10:09    --------    d-----w-    c:\windows\ERUNT
2015-01-20 11:55:32    21504    -c--a-w-    c:\windows\system32\dllcache\hidserv.dll
2015-01-20 11:55:32    21504    ----a-w-    c:\windows\system32\hidserv.dll
2015-01-20 11:55:32    21504    ----a-w-    c:\windows\system32\hidserv(2).dll
2015-01-20 11:55:25    14848    -c--a-w-    c:\windows\system32\dllcache\kbdhid.sys
2015-01-20 11:55:25    14848    ----a-w-    c:\windows\system32\drivers\kbdhid.sys
2015-01-20 02:07:09    31616    -c--a-w-    c:\windows\system32\dllcache\usbccgp.sys
2015-01-20 02:07:09    31616    ----a-w-    c:\windows\system32\drivers\usbccgp.sys
.
==================== Find3M  ====================
.
2004-05-05 19:14:10    5245352    -c--a-w-    c:\program files\SetupDl.exe
2004-02-15 08:49:18    3401360    -c--a-w-    c:\program files\Install_AIM.exe
.
============= FINISH: 17:10:33.43 ===============
 

Attached Files


Edited by chakotay2, 21 January 2015 - 07:16 PM.


BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:04:23 PM

Posted 21 January 2015 - 08:05 PM

Hello chakotay2

  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
      
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
      
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Follow This Topic.I suggest you click it and select Immediate E-Mail notification and click on Follow This Topic. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

      
  • Finally, please reply using the Post  button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.
  •   I will be analyzing your log. I will get back to you with instructions.

 

1.

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool .
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer.
  • After the scan has finished...
  • Click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

 

2.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 chakotay2

chakotay2
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:03:23 PM

Posted 21 January 2015 - 08:47 PM

# AdwCleaner v4.108 - Report created 20/01/2015 at 05:58:12
# Updated 17/01/2015 by Xplode
# Database : 2015-01-13.2 [Local]
# Operating System : Microsoft Windows XP Service Pack 2 (32 bits)
# Username : alan - GIGI
# Running from : C:\Documents and Settings\alan\Desktop\AV\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : Viewpoint Manager Service

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
Folder Deleted : C:\Program Files\Uniblue
Folder Deleted : C:\Program Files\Viewpoint
File Deleted : C:\Documents and Settings\ghislaine\Favorites\Search The Web.url

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : HKCU\Software\Viewpoint
Key Deleted : HKLM\SOFTWARE\MetaStream
Key Deleted : HKLM\SOFTWARE\Viewpoint
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Viewpoint Manager
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Yahoo! Companion

***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.2180


-\\ Mozilla Firefox v35.0 (x86 en-US)


*************************

AdwCleaner[R0].txt - [3714 octets] - [20/01/2015 06:24:55]
AdwCleaner[S0].txt - [3540 octets] - [20/01/2015 05:58:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3600 octets] ##########
# AdwCleaner v4.108 - Report created 21/01/2015 at 18:28:53
# Updated 17/01/2015 by Xplode
# Database : 2015-01-13.2 [Local]
# Operating System : Microsoft Windows XP Service Pack 2 (32 bits)
# Username : alan - GIGI
# Running from : C:\Documents and Settings\alan\Desktop\adwcleaner_4.108.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : Viewpoint Manager Service

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
Folder Deleted : C:\Program Files\Uniblue
Folder Deleted : C:\Program Files\Viewpoint

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : HKCU\Software\Viewpoint
Key Deleted : HKLM\SOFTWARE\MetaStream
Key Deleted : HKLM\SOFTWARE\Viewpoint
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Viewpoint Manager
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Yahoo! Companion

***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.2180


-\\ Mozilla Firefox v3.0.1 (en-US)


*************************

AdwCleaner[R0].txt - [7300 octets] - [20/01/2015 06:24:55]
AdwCleaner[S0].txt - [7028 octets] - [20/01/2015 05:58:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7088 octets] ##########
 



#4 chakotay2

chakotay2
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:03:23 PM

Posted 21 January 2015 - 08:49 PM

 Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-01-2015
Ran by alan (administrator) on GIGI on 21-01-2015 18:38:02
Running from C:\Documents and Settings\alan\Desktop
Loaded Profiles: alan (Available profiles: alan & ghislaine & Jenny & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 6 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
() C:\PROGRA~1\PESTPA~1\PPControl.exe
() C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
() C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
(HP) C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
(Musicmatch, Inc.) C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
(Logitech Inc.) C:\WINDOWS\LOGI_MWX.EXE
(ABBYY (BIT Software)) C:\PROGRA~1\SPRINT~1.0OF\Sprint\CAgent.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
(SEIKO EPSON CORPORATION) C:\WINDOWS\system32\spool\drivers\w32x86\3\E_S10IC2.EXE
() C:\WINDOWS\mlrekprd.exe
(Apple Computer, Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Computer, Inc.) C:\Program Files\QuickTime\qttask.exe
(Hewlett-Packard Company) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Hewlett-Packard Company) C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
(Samsung Electronics.) C:\WINDOWS\Samsung\ComSMMgr\SSMMgr.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(Musicmatch, Inc.) C:\PROGRA~1\MUSICM~1\MUSICM~2\MMDiag.exe
(Apple Computer, Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Musicmatch, Inc.) C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mim.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Eastman Kodak Company) C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
(Nikon Corporation) C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
(WinZip Computing, Inc.) C:\Program Files\WinZip\WZQKPICK.EXE
() C:\Program Files\Linksys\Wireless-B PCI Adapter\OdHost.exe
(The Linksys Group, Inc.) C:\Program Files\Linksys\Wireless-B PCI Adapter\WMP11CFG.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(HP) C:\WINDOWS\system32\HPZinw12.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [PestPatrol Control Center] => C:\Program Files\PestPatrol\PPControl.exe [53248 2003-03-26] ()
HKLM\...\Run: [PPMemCheck] => C:\Program Files\PestPatrol\PPMemCheck.exe [148480 2003-04-19] ()
HKLM\...\Run: [CookiePatrol] => C:\Program Files\PestPatrol\CookiePatrol.exe [69632 2003-05-29] ()
HKLM\...\Run: [HPDJ Taskbar Utility] => C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb03.exe [200704 2001-06-12] (HP)
HKLM\...\Run: [ihcwlxzmc] => C:\WINDOWS\ovgxc.exe
HKLM\...\Run: [MMTray] => C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe [110592 2005-03-09] (Musicmatch, Inc.)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Common Files\Real\Update_OB\realsched.exe [180269 2004-08-17] (RealNetworks, Inc.)
HKLM\...\Run: [Logitech Utility] => C:\WINDOWS\Logi_MwX.Exe [19968 2003-11-07] (Logitech Inc.)
HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [ABBYY Community Agent] => C:\Program Files\Sprint & FineReader 5.0 Office Try&Buy\Sprint\CAgent.exe [241664 2001-01-31] (ABBYY (BIT Software))
HKLM\...\Run: [MimBoot] => C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mimboot.exe [11776 2005-03-09] (Musicmatch, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe [36975 2005-06-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [wPfew] => C:\WINDOWS\mlrekprd.exe [10240 2005-11-17] ()
HKLM\...\Run: [EPSON Stylus Photo 2200] => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE [74752 2002-06-30] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [Á**³#** K"h'þ9ÓS÷3rÅ**WC:\Program Files\ISTsvc\istsvc.exe<*>] => C:\WINDOWS\mlrekprd.exe [74752 2002-06-30] (SEIKO EPSON CORPORATION) <===== ATTENTION (Value Name with invalid characters)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [278528 2005-10-18] (Apple Computer, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [155648 2005-11-24] (Apple Computer, Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2004-02-12] (Hewlett-Packard Company)
HKLM\...\Run: [HP Component Manager] => C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [241664 2004-05-12] (Hewlett-Packard Company)
HKLM\...\Run: [442.tmp] => C:\DOCUME~1\GHISLA~1\LOCALS~1\Temp\442.tmp.exe <===== ATTENTION
HKLM\...\Run: [445.tmp] => C:\DOCUME~1\GHISLA~1\LOCALS~1\Temp\445.tmp.exe <===== ATTENTION
HKLM\...\Run: [445.tmp.exe] => C:\DOCUME~1\GHISLA~1\LOCALS~1\Temp\445.tmp.exe <===== ATTENTION
HKLM\...\Run: [442.tmp.exe] => C:\DOCUME~1\GHISLA~1\LOCALS~1\Temp\442.tmp.exe <===== ATTENTION
HKLM\...\Run: [IST Service] => C:\Program Files\ISTsvc\istsvc.exe [21504 2008-03-29] ()
HKLM\...\Run: [Samsung Common SM] => C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe [372736 2005-07-03] (Samsung Electronics.)
HKLM\...\Run: [ISUSPM Startup] => "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-06-10] (InstallShield Software Corporation)
HKLM\...\Run: [Á**³#** F"h'þ9ÓSú3rÅ**WC:\Program Files\ISTsvc\istsvc.exe<*>] => C:\WINDOWS\mlrekprd.exe [81920 2005-06-10] (InstallShield Software Corporation) <===== ATTENTION (Value Name with invalid characters)
HKLM\...\Run: [appqq.exe] => C:\WINDOWS\system32\appqq.exe
HKLM\...\runonceex: [] => [X]
HKU\S-1-5-21-1078081533-789336058-854245398-1003\...\Run: [SurfAccuracy] => C:\Documents and Settings\alan\Application Data\SurfAccuracy\SAcc.exe [142336 2008-02-23] ()
HKU\S-1-5-21-1078081533-789336058-854245398-1003\...\Run: [ReJf5vH] => C:\Documents and Settings\alan\Application Data\Microsoft\Windows\imcnaxl.exe [13824 2008-02-23] ()
HKU\S-1-5-21-1078081533-789336058-854245398-1003\...\MountPoints2: {b34ba7b0-9e74-11d9-8f86-00a0c921fb67} - H:\JDSecure\Windows\JDSecure20.exe
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
ShortcutTarget: HP Image Zone Fast Start.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
ShortcutTarget: Kodak EasyShare software.lnk -> C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logo Calibration Loader.lnk
ShortcutTarget: Logo Calibration Loader.lnk -> C:\Program Files\GretagMacbeth\ProfileMaker Professional 5.0.3\CalibrationLoader.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NkbMonitor.exe.lnk
ShortcutTarget: NkbMonitor.exe.lnk -> C:\Program Files\Nikon\PictureProject\NkbMonitor.exe (Nikon Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
ShortcutTarget: WinZip Quick Pick.lnk -> C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless-B Notebook Adapter Utility.lnk
ShortcutTarget: Wireless-B Notebook Adapter Utility.lnk -> C:\Program Files\Linksys\Wireless-B PCI Adapter\Startup.exe ()
Startup: C:\Documents and Settings\ghislaine\Start Menu\Programs\Startup\Webshots.lnk
ShortcutTarget: Webshots.lnk -> C:\Program Files\Webshots\Launcher.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\mwqoi.dll/sp.html#28129%resultposition.net
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\mwqoi.dll/sp.html#28129%resultposition.net
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1078081533-789336058-854245398-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM - Class - {7352369D-E1F3-CA22-BCF3-2F9837B1EDCF} - C:\WINDOWS\crak32.dll No File
URLSearchHook: [S-1-5-21-1078081533-789336058-854245398-1003] ATTENTION ==> Default URLSearchHook is missing.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "" <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
BHO: Class -> {24D73448-369F-53B7-BCD0-CABA729B5AF4} -> C:\WINDOWS\system32\ievk.dll No File
BHO: Class -> {2E0DA8F3-D533-C35F-86F9-7941DD3B56CB} -> C:\WINDOWS\sdkdu.dll No File
BHO: No Name -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Class -> {7352369D-E1F3-CA22-BCF3-2F9837B1EDCF} -> C:\WINDOWS\crak32.dll No File
BHO: Class -> {7AA3263D-C6B3-2D60-F61D-6AA3C98512E0} -> C:\WINDOWS\system32\netjl32.dll No File
BHO: AOL Toolbar Launcher -> {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} -> C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (America Online, Inc.)
BHO: jimmyhelp.CBrowserHelper -> {B07F6318-D54F-4D87-8D73-9233883EBA2D} -> C:\WINDOWS\epfpvl.dll (asdf)
BHO: Class -> {FF9C2285-7435-9341-80FE-A833F235D80D} -> C:\WINDOWS\system32\d3yl.dll No File
Toolbar: HKLM - MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\en-us\msntb.dll (Microsoft Corporation)
Toolbar: HKLM - AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll (America Online, Inc)
Toolbar: HKLM - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (America Online, Inc.)
Toolbar: HKLM - YourSiteBar - {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - C:\Program Files\YourSiteBar\ysb.dll ()
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://active.macromedia.com/director/cabs/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204
DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} http://www.tbcode.com/ist/softwares/v4.0/ysb_regular.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38031.6930555556
DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.10 10.0.0.12

FireFox:
========
FF ProfilePath: C:\Documents and Settings\alan\Application Data\Mozilla\Firefox\Profiles\6ng5nw4z.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @real.com/nppl3260;version=6.0.11.2027 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2088 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1040 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Computer, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\answers.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml

Chrome:
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 aspnet_state; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [32768 2004-07-15] (Microsoft Corporation) [File not signed]
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [77824 2002-01-29] () [File not signed]
R2 EPSONStatusAgent2; C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe [94208 2002-07-17] (SEIKO EPSON CORPORATION) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R3 iPodService; C:\Program Files\iPod\bin\iPodService.exe [323584 2005-10-18] (Apple Computer, Inc.) [File not signed]
S2 NICSer_WMP11; C:\Program Files\Linksys\Wireless-B PCI Adapter\NICServ.exe [455680 2003-11-13] () [File not signed]
S3 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [65536 2004-03-18] (HP) [File not signed]
S2  11Fßä#·ºÄÖ`I; C:\WINDOWS\crxz.exe /s [X]
S3 SwPrv; C:\WINDOWS\System32\dllhost.exe /Processid:{1AE1D326-BFB1-4898-BC30-BA6AC23959EB}

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Asapi; C:\WINDOWS\system32\Drivers\Asapi.sys [11264 2002-04-17] (VOB Computersysteme GmbH) [File not signed]
R2 Aspi32; C:\WINDOWS\system32\Drivers\Aspi32.sys [23936 1997-12-22] (Adaptec)
R3 CBTNDIS5; C:\WINDOWS\system32\CBTNDIS5.SYS [17142 2003-07-16] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R2 cdenable; C:\WINDOWS\System32\Drivers\cdenable.sys [6112 1997-11-18] () [File not signed]
R2 CDRPDACC; C:\Program Files\321Studios\Shared\CDRPDACC.SYS [4633 2002-07-25] (Arrowkey) [File not signed]
R2 DgiVecp; C:\WINDOWS\System32\Drivers\DgiVecp.sys [41984 2005-03-13] (DeviceGuys, Inc.) [File not signed]
R3 Eplpdx02; C:\WINDOWS\System32\Drivers\EPLPDX02.SYS [70084 2001-08-09] (MK Systems CO., LTD.) [File not signed]
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2004-08-03] (Microsoft Corporation)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [665600 2005-04-15] (Aladdin Knowledge Systems) [File not signed]
R2 Haspnt; C:\WINDOWS\system32\drivers\Haspnt.sys [47616 2005-04-15] (Aladdin Knowledge Systems) [File not signed]
S3 IPN2120; C:\WINDOWS\System32\DRIVERS\LSIPNDS.sys [96256 2003-08-26] (Cisco-Linksys, LLC.)
S3 L8042PR2; C:\WINDOWS\System32\Drivers\l8042pr2.sys [51486 2003-11-07] (Logitech, Inc.)
S3 LHidUsb; C:\WINDOWS\System32\Drivers\LHidUsb.Sys [37884 2003-11-07] (Logitech, Inc.)
R2 MCSTRM; C:\WINDOWS\system32\Drivers\MCSTRM.sys [8413 2005-01-20] (RealNetworks, Inc.) [File not signed]
R3 ms_mpu401; C:\WINDOWS\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation)
R3 MxlW2k; C:\WINDOWS\system32\Drivers\MxlW2k.sys [28352 2005-02-12] (MusicMatch, Inc.) [File not signed]
R3 odysseyIM3; C:\WINDOWS\System32\DRIVERS\odysseyIM3.sys [62673 2003-05-14] (Funk Software, Inc.)
R3 Pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [31680 2004-03-06] (VSO Software) [File not signed]
R0 PxHelp20; C:\WINDOWS\System32\DRIVERS\PxHelp20.sys [20640 2005-04-25] (Sonic Solutions) [File not signed]
R3 VIASens; C:\WINDOWS\System32\drivers\viasens.sys [391680 2003-11-07] (Sensaura Ltd)
R3 VIAudio; C:\WINDOWS\System32\drivers\viaudios.sys [113024 2003-12-18] (VIA Technologies, Inc.)
R2 WIBUKEY; C:\WINDOWS\system32\Drivers\WIBUKEY.sys [44032 1997-10-31] (WIBU-SYSTEMS AG) [File not signed]
R3 WinDriver6; C:\WINDOWS\System32\drivers\windrvr6.sys [316192 2004-07-26] (Jungo) [File not signed]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96256 2004-08-03] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-21 18:38 - 2015-01-21 18:38 - 00019326 _____ () C:\Documents and Settings\alan\Desktop\FRST.txt
2015-01-21 18:37 - 2015-01-21 18:38 - 00000000 ____D () C:\FRST
2015-01-21 18:37 - 2015-01-21 18:37 - 01118208 _____ (Farbar) C:\Documents and Settings\alan\Desktop\FRST.exe
2015-01-21 10:11 - 2015-01-21 15:10 - 00000000 ____D () C:\Program Files\Symantec AntiVirus
2015-01-21 10:09 - 2015-01-21 10:09 - 00000000 ____D () C:\Program Files\YourSiteBar
2015-01-21 10:09 - 2015-01-21 10:09 - 00000000 ____D () C:\Documents and Settings\alan\Application Data\SurfAccuracy
2015-01-21 10:04 - 2015-01-21 10:09 - 00000000 ____D () C:\Program Files\ISTsvc
2015-01-21 10:04 - 2015-01-21 10:04 - 00000000 ___HD () C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2015-01-21 10:04 - 2015-01-21 10:04 - 00000000 ____D () C:\Documents and Settings\ghislaine\WINDOWS
2015-01-21 09:57 - 2015-01-21 10:41 - 00000000 ____D () C:\WINDOWS\system32\CatRoot_bak
2015-01-21 09:54 - 2015-01-21 09:54 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Registrar Registry Manager
2015-01-21 06:21 - 2015-01-21 06:21 - 00000000 ____D () C:\Documents and Settings\Administrator\IETldCache
2015-01-21 06:05 - 2015-01-21 06:05 - 00000000 ____D () C:\Documents and Settings\alan\IETldCache
2015-01-21 05:00 - 2015-01-21 05:00 - 00216041 _____ () C:\WINDOWS\KB2847311.log
2015-01-21 04:59 - 2015-01-21 09:54 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2922229$
2015-01-21 04:59 - 2015-01-21 09:54 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2868626$
2015-01-21 04:57 - 2015-01-21 04:58 - 00226523 _____ () C:\WINDOWS\KB2936068-IE8.log
2015-01-21 04:55 - 2015-01-21 04:56 - 00231212 _____ () C:\WINDOWS\KB2909921-IE8.log
2015-01-21 04:55 - 2015-01-21 04:55 - 00224444 _____ () C:\WINDOWS\KB2598845-IE8.log
2015-01-21 04:54 - 2015-01-21 04:54 - 00223822 _____ () C:\WINDOWS\KB2467659.log
2015-01-21 04:54 - 2015-01-21 04:54 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2467659$
2015-01-21 04:53 - 2015-01-21 04:54 - 00238608 _____ () C:\WINDOWS\KB982381-IE8.log
2015-01-21 04:53 - 2015-01-21 04:53 - 00000000 ____D () C:\WINDOWS\ie8updates
2015-01-21 04:51 - 2015-01-21 04:51 - 00065536 _____ () C:\WINDOWS\system32\config\Internet.evt
2015-01-21 04:49 - 2015-01-21 09:54 - 00000000 ___DC () C:\WINDOWS\ie8
2015-01-21 04:49 - 2015-01-21 04:52 - 00242824 _____ () C:\WINDOWS\ie8.log
2015-01-21 04:10 - 2015-01-21 04:58 - 00083716 _____ () C:\WINDOWS\ie8_main.log
2015-01-21 04:08 - 2015-01-21 09:54 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2387149$
2015-01-21 04:07 - 2015-01-21 09:54 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2712808$
2015-01-21 04:07 - 2015-01-21 04:09 - 00203893 _____ () C:\WINDOWS\KB2387149.log
2015-01-21 04:05 - 2015-01-21 09:54 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2479943$
2015-01-21 04:04 - 2015-01-21 04:04 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2659262$
2015-01-21 04:03 - 2015-01-21 04:04 - 00200108 _____ () C:\WINDOWS\KB2659262.log
2015-01-21 04:02 - 2015-01-21 09:54 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2564958$
2015-01-21 04:01 - 2015-01-21 04:02 - 00199402 _____ () C:\WINDOWS\KB2564958.log
2015-01-21 03:56 - 2015-01-21 09:54 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2916036$
2015-01-21 03:55 - 2015-01-21 09:54 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2478971$
2015-01-21 03:55 - 2015-01-21 03:55 - 00196480 _____ () C:\WINDOWS\KB2934207.log
2015-01-21 03:55 - 2015-01-21 03:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2934207$
2015-01-21 03:54 - 2015-01-21 09:54 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2544893-v2$
2015-01-21 03:53 - 2015-01-21 03:54 - 00198047 _____ () C:\WINDOWS\KB2834886.log
2015-01-21 03:53 - 2015-01-21 03:53 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2834886$
2015-01-21 03:52 - 2015-01-21 09:54 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2345886$
2015-01-21 03:51 - 2015-01-21 09:54 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2585542$
2015-01-21 03:51 - 2015-01-21 09:54 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2536276-v2$
2015-01-21 03:51 - 2015-01-21 03:51 - 00199432 _____ () C:\WINDOWS\KB2536276-v2.log
2015-01-21 03:50 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB970430$
2015-01-21 03:49 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2631813$
2015-01-21 03:49 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2296011$
2015-01-21 03:49 - 2015-01-21 03:49 - 00196151 _____ () C:\WINDOWS\KB2296011.log
2015-01-21 03:48 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2691442$
2015-01-21 03:47 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB975558_WM8$
2015-01-21 03:47 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2115168$
2015-01-21 03:47 - 2015-01-21 03:48 - 00195679 _____ () C:\WINDOWS\KB2900986.log
2015-01-21 03:47 - 2015-01-21 03:47 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2900986$
2015-01-21 03:46 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2378111_WM9$
2015-01-21 03:46 - 2015-01-21 03:47 - 00195826 _____ () C:\WINDOWS\KB975558.log
2015-01-21 03:46 - 2015-01-21 03:46 - 00196770 _____ () C:\WINDOWS\KB2378111.log
2015-01-21 03:45 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB951978$
2015-01-21 03:44 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2655992$
2015-01-21 03:44 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2443105$
2015-01-21 03:43 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2834902-v2_WM10$
2015-01-21 03:43 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2802968$
2015-01-21 03:43 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2481109$
2015-01-21 03:43 - 2015-01-21 03:43 - 00194949 _____ () C:\WINDOWS\KB2834902-v2.log
2015-01-21 03:42 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2898715$
2015-01-21 03:42 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2485663$
2015-01-21 03:41 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2598479$
2015-01-21 03:41 - 2015-01-21 03:42 - 00198706 _____ () C:\WINDOWS\KB2485663.log
2015-01-21 03:40 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2929961$
2015-01-21 03:39 - 2015-01-21 03:39 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2686509$
2015-01-21 03:38 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB982132$
2015-01-21 03:38 - 2015-01-21 03:39 - 00200770 _____ () C:\WINDOWS\KB2686509.log
2015-01-21 03:37 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2862335$
2015-01-21 03:37 - 2015-01-21 03:38 - 00197703 _____ () C:\WINDOWS\KB2862335.log
2015-01-21 03:36 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2909212$
2015-01-21 03:35 - 2015-01-21 03:35 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2507938$
2015-01-21 03:34 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2780091$
2015-01-21 03:34 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2510581$
2015-01-21 03:33 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2904266$
2015-01-21 03:32 - 2015-01-21 03:33 - 00198556 _____ () C:\WINDOWS\KB2904266.log
2015-01-21 03:31 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2347290$
2015-01-21 03:30 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2876217$
2015-01-21 03:29 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2483185$
2015-01-21 03:26 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB979687$
2015-01-21 03:26 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2845142_WM64$
2015-01-21 03:26 - 2015-01-21 03:27 - 00195243 _____ () C:\WINDOWS\KB2845142.log
2015-01-21 03:25 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2930275$
2015-01-21 03:25 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2864063$
2015-01-21 03:24 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2719985$
2015-01-21 03:22 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2936068$
2015-01-21 03:20 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2862152$
2015-01-21 03:18 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2592799$
2015-01-21 03:14 - 2015-01-21 03:19 - 00202552 _____ () C:\WINDOWS\KB2592799.log
2015-01-21 03:13 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2964358$
2015-01-21 03:13 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2850869$
2015-01-21 03:13 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2770660$
2015-01-21 03:13 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2535512$
2015-01-21 03:13 - 2015-01-21 03:13 - 00199841 _____ () C:\WINDOWS\KB2535512.log
2015-01-21 03:13 - 2015-01-21 03:13 - 00198440 _____ () C:\WINDOWS\KB2964358.log
2015-01-21 03:12 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2876331$
2015-01-21 03:12 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2859537$
2015-01-21 03:12 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2807986$
2015-01-21 03:12 - 2015-01-21 03:12 - 00200226 _____ () C:\WINDOWS\KB2807986.log
2015-01-21 03:11 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2884256$
2015-01-21 03:11 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2868038$
2015-01-21 03:11 - 2015-01-21 03:11 - 00199351 _____ () C:\WINDOWS\KB2570947.log
2015-01-21 03:11 - 2015-01-21 03:11 - 00197998 _____ () C:\WINDOWS\KB2884256.log
2015-01-21 03:11 - 2015-01-21 03:11 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2570947$
2015-01-21 03:10 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2893294$
2015-01-21 03:10 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2820917$
2015-01-21 03:10 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2757638$
2015-01-21 03:10 - 2015-01-21 03:11 - 00198411 _____ () C:\WINDOWS\KB2868038.log
2015-01-21 03:10 - 2015-01-21 03:10 - 00199190 _____ () C:\WINDOWS\KB2603381.log
2015-01-21 03:10 - 2015-01-21 03:10 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2603381$
2015-01-21 03:09 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2653956$
2015-01-21 03:09 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2508429$
2015-01-21 03:09 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2419632$
2015-01-21 03:08 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB971029$
2015-01-21 03:08 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2749655$
2015-01-21 03:08 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2506212$
2015-01-21 03:07 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2892075$
2015-01-21 03:07 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2705219-v2$
2015-01-21 03:07 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2698365$
2015-01-21 03:07 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2619339$
2015-01-21 03:07 - 2015-01-21 03:07 - 00200763 _____ () C:\WINDOWS\KB2698365.log
2015-01-21 03:06 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB981997$
2015-01-21 03:06 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2862330$
2015-01-21 03:06 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2727528$
2015-01-21 03:06 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2723135-v2$
2015-01-21 03:06 - 2015-01-21 03:06 - 00199650 _____ () C:\WINDOWS\KB2723135-v2.log
2015-01-21 03:06 - 2015-01-21 03:06 - 00199111 _____ () C:\WINDOWS\KB981997.log
2015-01-21 03:05 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2813345$
2015-01-21 03:05 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2676562$
2015-01-21 03:05 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2509553$
2015-01-21 03:04 - 2015-01-21 09:56 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2393802$
2015-01-21 03:04 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB982665$
2015-01-21 03:04 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2478960$
2015-01-21 03:04 - 2015-01-21 03:04 - 00201384 _____ () C:\WINDOWS\KB2393802.log
2015-01-21 03:03 - 2015-01-21 09:56 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2914368$
2015-01-21 03:03 - 2015-01-21 09:56 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2620712$
2015-01-21 03:03 - 2015-01-21 09:56 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2566454$
2015-01-21 03:03 - 2015-01-21 03:03 - 00199653 _____ () C:\WINDOWS\KB2566454.log
2015-01-21 03:03 - 2015-01-21 03:03 - 00198790 _____ () C:\WINDOWS\KB2661637.log
2015-01-21 03:03 - 2015-01-21 03:03 - 00197234 _____ () C:\WINDOWS\KB2914368.log
2015-01-21 03:03 - 2015-01-21 03:03 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2661637$
2015-01-21 03:02 - 2015-01-21 09:56 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2584146$
2015-01-21 03:02 - 2015-01-21 09:56 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2423089$
2015-01-21 03:01 - 2015-01-21 03:02 - 00200829 _____ () C:\WINDOWS\KB2423089.log
2015-01-21 00:30 - 2015-01-21 04:59 - 00414886 _____ () C:\WINDOWS\KB2868626.log
2015-01-21 00:30 - 2015-01-21 04:59 - 00414079 _____ () C:\WINDOWS\KB2922229.log
2015-01-21 00:30 - 2015-01-21 03:35 - 00395284 _____ () C:\WINDOWS\KB2780091.log
2015-01-21 00:30 - 2015-01-21 03:12 - 00393921 _____ () C:\WINDOWS\KB2876331.log
2015-01-21 00:29 - 2015-01-21 03:25 - 00394033 _____ () C:\WINDOWS\KB2864063.log
2015-01-21 00:29 - 2015-01-21 03:23 - 00401767 _____ () C:\WINDOWS\KB2936068.log
2015-01-21 00:29 - 2015-01-21 03:12 - 00394678 _____ () C:\WINDOWS\KB2859537.log
2015-01-21 00:28 - 2015-01-21 04:07 - 00398551 _____ () C:\WINDOWS\KB2712808.log
2015-01-21 00:28 - 2015-01-21 04:05 - 00398189 _____ () C:\WINDOWS\KB2479943.log
2015-01-21 00:28 - 2015-01-21 03:40 - 00392583 _____ () C:\WINDOWS\KB2929961.log
2015-01-21 00:28 - 2015-01-21 03:36 - 00393330 _____ () C:\WINDOWS\KB2909212.log
2015-01-21 00:28 - 2015-01-21 03:31 - 00395314 _____ () C:\WINDOWS\KB2876217.log
2015-01-21 00:28 - 2015-01-21 03:26 - 00393893 _____ () C:\WINDOWS\KB2930275.log
2015-01-21 00:27 - 2015-01-21 03:56 - 00393093 _____ () C:\WINDOWS\KB2916036.log
2015-01-21 00:27 - 2015-01-21 03:44 - 00394575 _____ () C:\WINDOWS\KB2802968.log
2015-01-21 00:27 - 2015-01-21 03:42 - 00393692 _____ () C:\WINDOWS\KB2898715.log
2015-01-21 00:27 - 2015-01-21 03:13 - 00393916 _____ () C:\WINDOWS\KB2850869.log
2015-01-21 00:26 - 2015-01-21 03:55 - 00395195 _____ () C:\WINDOWS\KB2478971.log
2015-01-21 00:26 - 2015-01-21 03:51 - 00395909 _____ () C:\WINDOWS\KB2585542.log
2015-01-21 00:26 - 2015-01-21 03:49 - 00394564 _____ () C:\WINDOWS\KB2691442.log
2015-01-21 00:26 - 2015-01-21 03:44 - 00395053 _____ () C:\WINDOWS\KB2655992.log
2015-01-21 00:26 - 2015-01-21 03:36 - 00394850 _____ () C:\WINDOWS\KB2507938.log
2015-01-21 00:26 - 2015-01-21 03:21 - 00395136 _____ () C:\WINDOWS\KB2862152.log
2015-01-21 00:25 - 2015-01-21 03:54 - 00394072 _____ () C:\WINDOWS\KB2544893-v2.log
2015-01-21 00:25 - 2015-01-21 03:50 - 00393071 _____ () C:\WINDOWS\KB2631813.log
2015-01-21 00:25 - 2015-01-21 03:41 - 00394929 _____ () C:\WINDOWS\KB2598479.log
2015-01-21 00:25 - 2015-01-21 03:26 - 00396489 _____ () C:\WINDOWS\KB979687.log
2015-01-21 00:25 - 2015-01-21 03:25 - 00397217 _____ () C:\WINDOWS\KB2719985.log
2015-01-21 00:24 - 2015-01-21 03:52 - 00394234 _____ () C:\WINDOWS\KB2345886.log
2015-01-21 00:24 - 2015-01-21 03:47 - 00394349 _____ () C:\WINDOWS\KB2115168.log
2015-01-21 00:24 - 2015-01-21 03:46 - 00393745 _____ () C:\WINDOWS\KB951978.log
2015-01-21 00:24 - 2015-01-21 03:43 - 00394505 _____ () C:\WINDOWS\KB2481109.log
2015-01-21 00:24 - 2015-01-21 03:38 - 00393399 _____ () C:\WINDOWS\KB982132.log
2015-01-21 00:23 - 2015-01-21 03:45 - 00392646 _____ () C:\WINDOWS\KB2443105.log
2015-01-21 00:23 - 2015-01-21 03:34 - 00395736 _____ () C:\WINDOWS\KB2510581.log
2015-01-21 00:23 - 2015-01-21 03:30 - 00397685 _____ () C:\WINDOWS\KB2483185.log
2015-01-21 00:23 - 2015-01-21 03:10 - 00394473 _____ () C:\WINDOWS\KB2820917.log
2015-01-21 00:22 - 2015-01-21 03:10 - 00393452 _____ () C:\WINDOWS\KB2757638.log
2015-01-21 00:22 - 2015-01-21 03:10 - 00391452 _____ () C:\WINDOWS\KB2893294.log
2015-01-21 00:22 - 2015-01-21 03:09 - 00402305 _____ () C:\WINDOWS\KB2419632.log
2015-01-21 00:22 - 2015-01-21 03:09 - 00393275 _____ () C:\WINDOWS\KB2508429.log
2015-01-21 00:22 - 2015-01-21 03:09 - 00392840 _____ () C:\WINDOWS\KB2653956.log
2015-01-21 00:21 - 2015-01-21 03:09 - 00393249 _____ () C:\WINDOWS\KB2749655.log
2015-01-21 00:21 - 2015-01-21 03:08 - 00393998 _____ () C:\WINDOWS\KB971029.log
2015-01-21 00:21 - 2015-01-21 03:08 - 00393376 _____ () C:\WINDOWS\KB2506212.log
2015-01-21 00:21 - 2015-01-21 03:08 - 00389864 _____ () C:\WINDOWS\KB2892075.log
2015-01-21 00:21 - 2015-01-21 03:07 - 00394237 _____ () C:\WINDOWS\KB2705219-v2.log
2015-01-21 00:21 - 2015-01-21 03:07 - 00392187 _____ () C:\WINDOWS\KB2619339.log
2015-01-21 00:20 - 2015-01-21 03:07 - 00392163 _____ () C:\WINDOWS\KB2727528.log
2015-01-21 00:20 - 2015-01-21 03:05 - 00396569 _____ () C:\WINDOWS\KB2509553.log
2015-01-21 00:20 - 2015-01-21 03:05 - 00393615 _____ () C:\WINDOWS\KB2813345.log
2015-01-21 00:19 - 2015-01-21 03:05 - 00395749 _____ () C:\WINDOWS\KB2676562.log
2015-01-21 00:19 - 2015-01-21 03:04 - 00391673 _____ () C:\WINDOWS\KB982665.log
2015-01-21 00:17 - 2015-01-21 03:04 - 00391822 _____ () C:\WINDOWS\KB2620712.log
2015-01-21 00:16 - 2015-01-21 03:03 - 00392927 _____ () C:\WINDOWS\KB2584146.log
2015-01-20 23:37 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB980232$(2)
2015-01-20 23:37 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB980218$(2)
2015-01-20 23:36 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB979683$(2)
2015-01-20 23:36 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB979559$(2)
2015-01-20 23:36 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB979482$(2)
2015-01-20 23:35 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB979309$(2)
2015-01-20 23:35 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB978706$(2)
2015-01-20 23:35 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB978601$(2)
2015-01-20 23:35 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB978542$(2)
2015-01-20 23:34 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB978338$(2)
2015-01-20 23:34 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB978037$(2)
2015-01-20 23:34 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB977914$(2)
2015-01-20 23:34 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB975713$(2)
2015-01-20 23:33 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB975562$(2)
2015-01-20 23:33 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB975561$(2)
2015-01-20 23:33 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB975560$(2)
2015-01-20 23:32 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB975467$(2)
2015-01-20 23:32 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB975025$(2)
2015-01-20 23:32 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB974571$(2)
2015-01-20 23:32 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB974392$(2)
2015-01-20 23:31 - 2015-01-21 09:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974112$(2)
2015-01-20 23:31 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB974318$(2)
2015-01-20 23:31 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB973869$(2)
2015-01-20 23:30 - 2015-01-21 09:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973687$(2)
2015-01-20 23:30 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB973815$(2)
2015-01-20 23:30 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB973507$(2)
2015-01-20 23:30 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB972270$(2)
2015-01-20 23:29 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB971657$(2)
2015-01-20 23:29 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB971468$(2)
2015-01-20 23:29 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB970238$(2)
2015-01-20 23:29 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB969059$(2)
2015-01-20 23:28 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB968389$(2)
2015-01-20 23:28 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB967715$(2)
2015-01-20 23:28 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB961501$(2)
2015-01-20 23:27 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB960859$(2)
2015-01-20 23:27 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB960803$(2)
2015-01-20 23:27 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB960714$(2)
2015-01-20 23:26 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB959426$(2)
2015-01-20 23:26 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB958687$(2)
2015-01-20 23:26 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB958644$(2)
2015-01-20 23:26 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB958215$(2)
2015-01-20 23:25 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB957097$(2)
2015-01-20 23:25 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB957095$(2)
2015-01-20 23:25 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB956844$(2)
2015-01-20 23:24 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB956841$(2)
2015-01-20 23:24 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB956803$(2)
2015-01-20 23:24 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB956802$(2)
2015-01-20 23:23 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB956572$(2)
2015-01-20 23:23 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB956390$(2)
2015-01-20 23:23 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB955759$(2)
2015-01-20 23:22 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB974112$(3)
2015-01-20 23:22 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB973687$(3)
2015-01-20 23:22 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB955069$(2)
2015-01-20 23:21 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB954600$(2)
2015-01-20 23:21 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB954211$(2)
2015-01-20 23:17 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB952954$(2)
2015-01-20 23:16 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB952287$(2)
2015-01-20 23:16 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB952004$(2)
2015-01-20 23:16 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB951748$(2)
2015-01-20 23:15 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB951698$(2)
2015-01-20 23:15 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB951376-v2$(2)
2015-01-20 23:14 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB951376$(2)
2015-01-20 23:14 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB951066$(2)
2015-01-20 23:14 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB950974$(2)
2015-01-20 23:13 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB950762$(2)
2015-01-20 23:13 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB950759$(2)
2015-01-20 23:12 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB946648$(2)
2015-01-20 23:12 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB938464$(2)
2015-01-20 23:12 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB923561$(2)
2015-01-20 23:11 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2229593$(2)
2015-01-20 22:54 - 2015-01-20 22:54 - 00000000 ____D () C:\WINDOWS\system32\scripting
2015-01-20 22:54 - 2015-01-20 22:54 - 00000000 ____D () C:\WINDOWS\l2schemas
2015-01-20 20:17 - 2015-01-20 20:18 - 00008067 _____ () C:\WINDOWS\WgaNotify.log
2015-01-20 19:34 - 2015-01-20 19:34 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2015-01-20 19:34 - 2015-01-20 19:34 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2015-01-20 19:34 - 2015-01-20 19:34 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\temp
2015-01-20 19:33 - 2015-01-20 19:33 - 00098557 _____ () C:\ComboFix.txt
2015-01-20 19:29 - 2015-01-21 10:04 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB954155_WM9$
2015-01-20 19:29 - 2015-01-20 19:29 - 00010785 _____ () C:\WINDOWS\KB954155.log
2015-01-20 19:28 - 2015-01-21 10:04 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB974318$
2015-01-20 19:27 - 2015-01-21 10:04 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB956572$
2015-01-20 19:26 - 2015-01-20 23:24 - 00212450 _____ () C:\WINDOWS\KB956572.log
2015-01-20 19:24 - 2015-01-21 10:04 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB974571$
2015-01-20 19:21 - 2015-01-21 10:04 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB973904$
2015-01-20 19:18 - 2015-01-20 19:22 - 00007805 _____ () C:\WINDOWS\KB973904.log
2015-01-20 17:53 - 2015-01-20 17:53 - 00008192 ____H () C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2015-01-20 17:53 - 2015-01-20 17:53 - 00000000 ____H () C:\WINDOWS\system32\config\system.tmp.LOG
2015-01-20 17:53 - 2015-01-20 17:53 - 00000000 ____H () C:\WINDOWS\system32\config\software.tmp.LOG
2015-01-20 17:53 - 2015-01-20 17:53 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.tmp.LOG
2015-01-20 17:53 - 2015-01-20 17:53 - 00000000 ____H () C:\WINDOWS\system32\config\default.tmp.LOG
2015-01-20 16:47 - 2004-10-10 08:52 - 00000211 _____ () C:\Boot.bak
2015-01-20 16:46 - 2015-01-21 10:05 - 00000000 ____D () C:\cmdcons
2015-01-20 16:46 - 2004-08-03 23:00 - 00260272 __RSH () C:\cmldr
2015-01-20 16:42 - 2015-01-21 10:07 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB980218$
2015-01-20 16:42 - 2015-01-21 10:05 - 00000000 ____D () C:\Qoobox
2015-01-20 16:41 - 2015-01-21 10:07 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB959426$
2015-01-20 16:41 - 2015-01-21 10:04 - 00000000 ____D () C:\WINDOWS\erdnt
2015-01-20 16:40 - 2015-01-21 10:07 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB979683$
2015-01-20 16:40 - 2015-01-21 10:07 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB971468$
2015-01-20 16:40 - 2015-01-21 10:07 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB960859$
2015-01-20 16:40 - 2015-01-20 23:36 - 00214505 _____ () C:\WINDOWS\KB979683.log
2015-01-20 16:40 - 2015-01-20 23:29 - 00211022 _____ () C:\WINDOWS\KB971468.log
2015-01-20 16:39 - 2015-01-21 10:07 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB980232$
2015-01-20 16:39 - 2015-01-20 23:37 - 00211727 _____ () C:\WINDOWS\KB980232.log
2015-01-20 16:39 - 2015-01-20 16:40 - 00014164 _____ () C:\WINDOWS\KB958869.log
2015-01-20 16:39 - 2015-01-20 16:39 - 00016279 _____ () C:\WINDOWS\KB980195.log
2015-01-20 16:39 - 2015-01-20 16:39 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB980195$
2015-01-20 16:39 - 2015-01-20 16:39 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB958869$
2015-01-20 16:38 - 2015-01-21 10:07 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB981350$
2015-01-20 16:33 - 2015-01-21 10:07 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB955759$
2015-01-20 16:32 - 2015-01-20 23:23 - 00209946 _____ () C:\WINDOWS\KB955759.log
2015-01-20 16:13 - 2015-01-21 10:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB969059$
2015-01-20 16:12 - 2015-01-21 10:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB978037$
2015-01-20 16:12 - 2015-01-21 10:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB975713$
2015-01-20 16:12 - 2015-01-21 10:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB971657$
2015-01-20 16:12 - 2015-01-21 10:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2229593$
2015-01-20 16:12 - 2015-01-20 23:11 - 00208677 _____ () C:\WINDOWS\KB2229593.log
2015-01-20 16:11 - 2015-01-21 10:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB978338$
2015-01-20 16:11 - 2015-01-21 10:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB974112$
2015-01-20 16:11 - 2015-01-21 10:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB972270$
2015-01-20 16:11 - 2015-01-21 10:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB956844$
2015-01-20 16:10 - 2015-01-21 10:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB975561$
2015-01-20 16:10 - 2015-01-21 10:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB973869$
2015-01-20 16:10 - 2015-01-21 10:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB961501$
2015-01-20 16:10 - 2015-01-20 23:33 - 00207192 _____ () C:\WINDOWS\KB975561.log
2015-01-20 16:10 - 2015-01-20 23:31 - 00207217 _____ () C:\WINDOWS\KB973869.log
2015-01-20 16:10 - 2015-01-20 23:25 - 00205909 _____ () C:\WINDOWS\KB956844.log
2015-01-20 16:09 - 2015-01-21 10:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB975560$
2015-01-20 16:09 - 2015-01-21 10:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB973540_WM9L$
2015-01-20 16:09 - 2015-01-21 10:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB952004$
2015-01-20 16:09 - 2015-01-20 16:09 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB975025$
2015-01-20 16:08 - 2015-01-21 10:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB977816$
2015-01-20 16:08 - 2015-01-21 10:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB973687$
2015-01-20 16:08 - 2015-01-21 10:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB973507$
2015-01-20 16:08 - 2015-01-20 23:30 - 00409303 _____ () C:\WINDOWS\KB973687.log
2015-01-20 16:07 - 2015-01-21 10:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB981793$
2015-01-20 16:07 - 2015-01-21 10:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB979559$
2015-01-20 16:07 - 2015-01-21 10:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB978601$
2015-01-20 16:07 - 2015-01-21 10:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB967715$
2015-01-20 16:07 - 2015-01-20 16:08 - 00007579 _____ () C:\WINDOWS\KB981793.log
2015-01-20 16:06 - 2015-01-21 10:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB977914$
2015-01-20 16:06 - 2015-01-21 10:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB974392$
2015-01-20 16:06 - 2015-01-21 10:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB971961$
2015-01-20 16:06 - 2015-01-20 16:06 - 00010294 _____ () C:\WINDOWS\KB971961.log
2015-01-20 16:05 - 2015-01-21 10:08 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB978542$
2015-01-20 07:01 - 2015-01-21 10:11 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB970238$
2015-01-20 06:54 - 2015-01-21 10:11 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB979309$
2015-01-20 06:53 - 2015-01-21 10:11 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB978695_WM9$
2015-01-20 06:53 - 2015-01-20 06:53 - 00016441 _____ () C:\WINDOWS\KB978695.log
2015-01-20 06:52 - 2015-01-21 10:11 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB979482$
2015-01-20 06:49 - 2015-01-21 10:11 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB978706$
2015-01-20 06:46 - 2015-01-21 10:11 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB958470$
2015-01-20 06:44 - 2015-01-21 10:11 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB960803$
2015-01-20 06:43 - 2015-01-21 10:11 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB973815$
2015-01-20 06:41 - 2015-01-21 10:11 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB975562$
2015-01-20 06:31 - 2015-01-21 10:11 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB971032$
2015-01-20 06:30 - 2015-01-21 10:11 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-01-20 06:30 - 2015-01-20 06:30 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2015-01-20 06:24 - 2015-01-21 18:29 - 00000000 ____D () C:\AdwCleaner
2015-01-20 06:19 - 2015-01-20 06:19 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Mozilla
2015-01-20 06:13 - 2015-01-20 06:18 - 00310980 _____ () C:\WINDOWS\msxml4-KB973688-enu.LOG
2015-01-20 06:12 - 2015-01-21 10:11 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB923561$
2015-01-20 06:12 - 2015-01-20 23:12 - 00207146 _____ () C:\WINDOWS\KB923561.log
2015-01-20 06:11 - 2015-01-21 10:11 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB975467$
2015-01-20 06:10 - 2015-01-21 10:11 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB968389$
2015-01-20 06:10 - 2015-01-20 06:10 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-01-20 06:06 - 2015-01-20 06:07 - 00000000 ____D () C:\Documents and Settings\alan\Application Data\MSN6
2015-01-20 05:04 - 2015-01-21 10:42 - 00248563 _____ () C:\WINDOWS\KB959426.log
2015-01-20 05:04 - 2015-01-21 10:42 - 00247772 _____ () C:\WINDOWS\KB980218.log
2015-01-20 05:04 - 2015-01-21 10:42 - 00246813 _____ () C:\WINDOWS\KB960859.log
2015-01-20 05:03 - 2015-01-21 10:42 - 00242568 _____ () C:\WINDOWS\KB974318.log
2015-01-20 05:03 - 2015-01-21 10:41 - 00261843 _____ () C:\WINDOWS\KB975713.log
2015-01-20 05:03 - 2015-01-21 10:41 - 00260445 _____ () C:\WINDOWS\KB978338.log
2015-01-20 05:03 - 2015-01-21 10:41 - 00246044 _____ () C:\WINDOWS\KB978037.log
2015-01-20 05:03 - 2015-01-21 10:41 - 00244682 _____ () C:\WINDOWS\KB971657.log
2015-01-20 05:03 - 2015-01-21 10:41 - 00242847 _____ () C:\WINDOWS\KB969059.log
2015-01-20 05:03 - 2015-01-21 10:41 - 00017974 _____ () C:\WINDOWS\KB960225.log
2015-01-20 05:02 - 2015-01-21 10:22 - 00433413 _____ () C:\WINDOWS\KB974112.log
2015-01-20 05:02 - 2015-01-21 10:22 - 00242711 _____ () C:\WINDOWS\KB961501.log
2015-01-20 05:02 - 2015-01-20 23:32 - 00231199 _____ () C:\WINDOWS\KB975025.log
2015-01-20 05:00 - 2015-01-21 10:22 - 00258721 _____ () C:\WINDOWS\KB952004.log
2015-01-20 05:00 - 2015-01-21 10:21 - 00257189 _____ () C:\WINDOWS\KB973507.log
2015-01-20 05:00 - 2015-01-21 10:21 - 00236917 _____ () C:\WINDOWS\KB974571.log
2015-01-20 05:00 - 2015-01-21 10:21 - 00045643 _____ () C:\WINDOWS\KB977816.log
2015-01-20 04:59 - 2015-01-21 10:21 - 00253049 _____ () C:\WINDOWS\KB967715.log
2015-01-20 04:59 - 2015-01-21 10:21 - 00244174 _____ () C:\WINDOWS\KB979559.log
2015-01-20 04:59 - 2015-01-21 10:20 - 00255542 _____ () C:\WINDOWS\KB974392.log
2015-01-20 04:59 - 2015-01-21 10:20 - 00241861 _____ () C:\WINDOWS\KB977914.log
2015-01-20 04:58 - 2015-01-21 10:21 - 00255052 _____ () C:\WINDOWS\KB978601.log
2015-01-20 04:58 - 2015-01-21 10:20 - 00240902 _____ () C:\WINDOWS\KB978542.log
2015-01-20 04:58 - 2015-01-21 10:20 - 00239446 _____ () C:\WINDOWS\KB970238.log
2015-01-20 04:58 - 2015-01-21 10:19 - 00237791 _____ () C:\WINDOWS\KB978706.log
2015-01-20 04:58 - 2015-01-21 10:19 - 00237771 _____ () C:\WINDOWS\KB979482.log
2015-01-20 04:58 - 2015-01-21 10:19 - 00237238 _____ () C:\WINDOWS\KB960803.log
2015-01-20 04:57 - 2015-01-21 10:19 - 00237260 _____ () C:\WINDOWS\KB975562.log
2015-01-20 04:57 - 2015-01-21 10:19 - 00237205 _____ () C:\WINDOWS\KB973815.log
2015-01-20 04:57 - 2015-01-21 10:19 - 00043336 _____ () C:\WINDOWS\KB971032.log
2015-01-20 04:56 - 2015-01-21 10:18 - 00225504 _____ () C:\WINDOWS\KB975467.log
2015-01-20 04:55 - 2015-01-21 10:19 - 00227907 _____ () C:\WINDOWS\KB968389.log
2015-01-20 04:55 - 2004-08-04 01:56 - 00021504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidserv.dll
2015-01-20 04:55 - 2004-08-04 01:56 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidserv.dll
2015-01-20 04:55 - 2004-08-04 01:56 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidserv(2).dll
2015-01-20 04:55 - 2004-08-03 23:58 - 00014848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdhid.sys
2015-01-20 04:55 - 2004-08-03 23:58 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-01-19 19:07 - 2004-08-04 00:08 - 00031616 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys
2015-01-19 19:07 - 2004-08-04 00:08 - 00031616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2015-01-19 19:06 - 2015-01-21 10:21 - 00257131 _____ () C:\WINDOWS\KB979309.log
2015-01-19 13:43 - 2015-01-19 13:43 - 00000000 ____D () C:\Documents and Settings\alan\Application Data\Image Zone Express

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-21 18:40 - 2008-04-26 09:04 - 00000024 ____H () C:\WINDOWS\psgxk
2015-01-21 18:38 - 2004-02-14 17:29 - 00000000 ____D () C:\Documents and Settings\alan\Local Settings\Temp
2015-01-21 18:35 - 2005-05-03 16:47 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-21 18:35 - 2004-02-14 10:06 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-01-21 18:35 - 2004-02-14 10:03 - 00439552 ____C () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-21 18:34 - 2004-02-15 18:47 - 00000000 ____D () C:\Program Files\PestPatrol
2015-01-21 18:31 - 2004-08-12 06:00 - 01726627 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-21 18:30 - 2004-02-14 17:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-21 18:29 - 2004-02-14 17:29 - 00000178 __SHC () C:\Documents and Settings\alan\ntuser.ini
2015-01-21 18:29 - 2004-02-14 17:28 - 00032570 _____ () C:\WINDOWS\SchedLgU.Txt
2015-01-21 15:19 - 2004-06-24 18:31 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2015-01-21 15:19 - 2004-02-14 09:56 - 00000000 ____D () C:\WINDOWS\security
2015-01-21 15:10 - 2005-12-18 10:48 - 00000000 ____D () C:\Program Files\Symantec
2015-01-21 15:10 - 2005-12-18 10:48 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2015-01-21 15:10 - 2005-12-18 10:48 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Symantec
2015-01-21 10:41 - 2004-09-05 01:23 - 01021726 _____ () C:\WINDOWS\svcpack.log
2015-01-21 10:31 - 2008-04-25 21:02 - 00828263 _____ () C:\WINDOWS\setupapi.log
2015-01-21 10:31 - 2004-02-14 17:19 - 00000000 ____D () C:\WINDOWS\system32\Restore
2015-01-21 10:14 - 2001-08-23 06:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2015-01-21 10:13 - 2004-02-14 10:02 - 00196160 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-21 10:12 - 2005-12-29 16:40 - 00000000 ____D () C:\Documents and Settings\Administrator
2015-01-21 10:12 - 2004-05-01 20:06 - 00000000 ____D () C:\Documents and Settings\Jenny
2015-01-21 10:12 - 2004-02-14 20:36 - 00000000 ____D () C:\Documents and Settings\ghislaine
2015-01-21 10:12 - 2004-02-14 17:29 - 00000000 ____D () C:\Documents and Settings\alan
2015-01-21 10:12 - 2004-02-14 17:28 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2015-01-21 10:12 - 2004-02-14 17:28 - 00000000 __SHD () C:\Documents and Settings\LocalService
2015-01-21 10:12 - 2004-02-14 17:18 - 00000000 ____D () C:\WINDOWS\Registration
2015-01-21 10:11 - 2008-02-23 00:18 - 00000000 ____D () C:\Documents and Settings\alan\Application Data\Adobe
2015-01-21 10:08 - 2004-02-14 17:19 - 00000000 ____D () C:\Program Files\Outlook Express
2015-01-21 10:08 - 2004-02-14 17:19 - 00000000 ____D () C:\Program Files\Movie Maker
2015-01-21 10:03 - 2004-10-10 08:43 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2015-01-21 10:01 - 2004-02-14 17:19 - 00000000 ____D () C:\WINDOWS\srchasst
2015-01-21 10:01 - 2004-02-14 17:19 - 00000000 ____D () C:\Program Files\NetMeeting
2015-01-21 10:01 - 2004-02-14 17:19 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-21 10:01 - 2004-02-14 17:16 - 00000000 ____D () C:\WINDOWS\system32\Com
2015-01-21 10:01 - 2004-02-14 17:16 - 00000000 ____D () C:\Program Files\Windows NT
2015-01-21 10:01 - 2004-02-14 09:56 - 00000000 ____D () C:\WINDOWS\system32\usmt
2015-01-21 10:01 - 2004-02-14 09:56 - 00000000 ____D () C:\WINDOWS\system32\npp
2015-01-21 10:01 - 2004-02-14 09:56 - 00000000 ____D () C:\WINDOWS\system
2015-01-21 10:01 - 2004-02-14 09:56 - 00000000 ____D () C:\WINDOWS\mui
2015-01-21 10:01 - 2004-02-14 09:56 - 00000000 ____D () C:\WINDOWS\msagent
2015-01-21 10:01 - 2004-02-14 09:56 - 00000000 ____D () C:\WINDOWS\ime
2015-01-21 10:01 - 2004-02-14 09:56 - 00000000 ____D () C:\WINDOWS\Help
2015-01-21 09:58 - 2004-10-10 08:50 - 00000000 ____D () C:\WINDOWS\peernet
2015-01-21 09:58 - 2004-08-10 21:21 - 00000000 ____D () C:\WINDOWS\system32\bits
2015-01-21 09:58 - 2004-02-14 17:17 - 00000000 ____D () C:\Program Files\Messenger
2015-01-21 09:58 - 2004-02-14 17:12 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
2015-01-21 09:58 - 2004-02-14 09:56 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2015-01-21 09:54 - 2006-01-02 14:08 - 00000000 ____D () C:\Program Files\Registrar Registry Manager
2015-01-21 09:54 - 2005-06-09 16:14 - 00000000 ____D () C:\Program Files\Common Files\AOL
2015-01-21 09:54 - 2005-06-09 16:14 - 00000000 ____D () C:\Program Files\AOL
2015-01-21 06:07 - 2004-05-23 04:20 - 00000000 ____D () C:\WINDOWS\pss
2015-01-21 06:07 - 2001-08-23 06:00 - 00001278 _____ () C:\WINDOWS\win.ini
2015-01-21 06:07 - 2001-08-23 06:00 - 00000327 _____ () C:\WINDOWS\system.ini
2015-01-21 04:59 - 2007-08-10 22:33 - 00124631 _____ () C:\WINDOWS\msgsocm.log
2015-01-21 04:59 - 2005-04-16 02:01 - 00230023 _____ () C:\WINDOWS\updspapi.log
2015-01-21 04:59 - 2004-02-14 10:04 - 00436080 _____ () C:\WINDOWS\netfxocm.log
2015-01-21 04:59 - 2004-02-14 10:04 - 00172046 _____ () C:\WINDOWS\MedCtrOC.log
2015-01-21 04:59 - 2004-02-14 10:04 - 00125521 _____ () C:\WINDOWS\tabletoc.log
2015-01-21 04:59 - 2004-02-14 10:04 - 00111477 _____ () C:\WINDOWS\ocmsn.log
2015-01-21 04:59 - 2004-02-14 10:03 - 02483950 _____ () C:\WINDOWS\FaxSetup.log
2015-01-21 04:59 - 2004-02-14 10:03 - 01202761 _____ () C:\WINDOWS\ocgen.log
2015-01-21 04:59 - 2004-02-14 10:03 - 01141757 _____ () C:\WINDOWS\tsoc.log
2015-01-21 04:59 - 2004-02-14 10:03 - 00763904 _____ () C:\WINDOWS\msmqinst.log
2015-01-21 04:59 - 2004-02-14 10:03 - 00687567 _____ () C:\WINDOWS\comsetup.log
2015-01-21 04:59 - 2004-02-14 10:03 - 00647162 _____ () C:\WINDOWS\iis6.log
2015-01-21 04:59 - 2004-02-14 10:03 - 00416808 _____ () C:\WINDOWS\ntdtcsetup.log
2015-01-21 04:59 - 2004-02-14 10:03 - 00001374 _____ () C:\WINDOWS\imsins.log
2015-01-21 04:59 - 2004-02-14 10:03 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2015-01-21 04:55 - 2004-10-15 21:48 - 00000000 ___HD () C:\WINDOWS\$hf_mig$
2015-01-21 04:51 - 2004-10-10 09:36 - 00033418 _____ () C:\WINDOWS\spupdsvc.log
2015-01-21 04:50 - 2004-02-14 09:56 - 00000000 ____D () C:\WINDOWS\Media
2015-01-21 03:46 - 2004-02-15 22:40 - 00101797 ____C () C:\WINDOWS\wmsetup.log
2015-01-21 03:33 - 2008-02-24 03:11 - 00598936 _____ () C:\WINDOWS\system32\TZLog.log
2015-01-20 23:37 - 2004-02-14 10:03 - 02068538 _____ () C:\WINDOWS\iis6.BAK
2015-01-20 23:27 - 2009-01-26 03:01 - 00202438 _____ () C:\WINDOWS\KB960714.log
2015-01-20 23:26 - 2009-01-26 03:02 - 00210961 _____ () C:\WINDOWS\KB958215.log
2015-01-20 23:26 - 2009-01-26 03:01 - 00200421 _____ () C:\WINDOWS\KB958687.log
2015-01-20 23:26 - 2008-11-09 03:01 - 00204250 _____ () C:\WINDOWS\KB958644.log
2015-01-20 23:25 - 2008-11-13 03:01 - 00200473 _____ () C:\WINDOWS\KB957097.log
2015-01-20 23:25 - 2008-11-09 03:03 - 00204065 _____ () C:\WINDOWS\KB957095.log
2015-01-20 23:25 - 2008-11-09 03:02 - 00204837 _____ () C:\WINDOWS\KB956841.log
2015-01-20 23:24 - 2009-01-25 22:35 - 00205831 _____ () C:\WINDOWS\KB956802.log
2015-01-20 23:24 - 2008-11-09 03:03 - 00204025 _____ () C:\WINDOWS\KB956803.log
2015-01-20 23:23 - 2009-01-25 22:36 - 00031875 _____ () C:\WINDOWS\KB955839.log
2015-01-20 23:22 - 2008-11-13 03:01 - 00200048 _____ () C:\WINDOWS\KB955069.log
2015-01-20 23:21 - 2008-11-09 03:03 - 00204449 _____ () C:\WINDOWS\KB954211.log
2015-01-20 23:20 - 2008-11-08 11:21 - 00207892 _____ () C:\WINDOWS\KB952954.log
2015-01-20 23:17 - 2008-11-09 03:02 - 00202096 _____ () C:\WINDOWS\KB952287.log
2015-01-20 23:16 - 2008-08-03 21:21 - 00210701 _____ () C:\WINDOWS\KB951748.log
2015-01-20 23:15 - 2008-06-24 02:00 - 00199192 _____ () C:\WINDOWS\KB951376-v2.log
2015-01-20 23:15 - 2008-06-11 02:00 - 00198856 _____ () C:\WINDOWS\KB951376.log
2015-01-20 23:15 - 2008-06-10 11:55 - 00205828 _____ () C:\WINDOWS\KB951698.log
2015-01-20 23:14 - 2008-11-09 03:02 - 00202021 _____ () C:\WINDOWS\KB951066.log
2015-01-20 23:14 - 2008-11-08 11:17 - 00208751 _____ () C:\WINDOWS\KB950974.log
2015-01-20 23:14 - 2008-11-08 11:14 - 00031769 _____ () C:\WINDOWS\KB951072-v2.log
2015-01-20 23:13 - 2008-06-11 02:01 - 00202003 _____ () C:\WINDOWS\KB950762.log
2015-01-20 23:13 - 2008-06-10 11:54 - 00212822 _____ () C:\WINDOWS\KB950759.log
2015-01-20 23:12 - 2008-11-09 03:04 - 00202872 _____ () C:\WINDOWS\KB946648.log
2015-01-20 23:12 - 2008-11-09 03:02 - 00201293 _____ () C:\WINDOWS\KB938464.log
2015-01-20 22:57 - 2008-04-25 21:02 - 00001536 ____C () C:\WINDOWS\sessmgr.setup.log
2015-01-20 22:57 - 2004-10-10 08:52 - 00000373 _____ () C:\WINDOWS\cmsetacl.log
2015-01-20 22:47 - 2002-08-29 03:05 - 00250048 __RSH () C:\ntldr
2015-01-20 22:44 - 2004-10-10 08:39 - 00000000 __HDC () C:\WINDOWS\$NtServicePackUninstall$
2015-01-20 17:54 - 2004-02-14 10:02 - 00049152 _____ () C:\WINDOWS\system32\config\SECURITY.bak
2015-01-20 17:54 - 2004-02-14 10:02 - 00032768 _____ () C:\WINDOWS\system32\config\SAM.bak
2015-01-20 17:54 - 2004-02-14 10:01 - 34603008 _____ () C:\WINDOWS\system32\config\software.bak
2015-01-20 17:54 - 2004-02-14 10:01 - 06553600 _____ () C:\WINDOWS\system32\config\system.bak
2015-01-20 17:54 - 2004-02-14 10:01 - 00524288 _____ () C:\WINDOWS\system32\config\default.bak
2015-01-20 14:14 - 2008-02-24 03:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB920872$
2015-01-20 13:45 - 2004-02-14 20:36 - 00000000 ____D () C:\Documents and Settings\ghislaine\Local Settings\Temp
2015-01-20 06:46 - 2004-10-10 08:47 - 00000000 ____D () C:\WINDOWS\ServicePackFiles
2015-01-20 04:55 - 2004-02-14 10:02 - 00183779 _____ () C:\WINDOWS\setupact.log
2015-01-19 14:01 - 2004-02-15 21:56 - 00002479 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Word.lnk

==================== Files in the root of some directories =======
2004-05-10 15:22 - 2003-04-07 13:06 - 0000377 ___RC () C:\Program Files\Film-1280x720-vbr.wv9
2004-05-10 15:22 - 2003-04-07 13:06 - 0000665 ___RC () C:\Program Files\Film-320x240-vbr.wv9
2004-05-10 15:22 - 2003-04-07 13:06 - 0000659 ___RC () C:\Program Files\Film-640x480-vbr.wv9
2004-02-15 01:49 - 2004-02-15 01:49 - 3401360 ____C () C:\Program Files\Install_AIM.exe
2004-05-10 15:22 - 2003-06-09 11:21 - 0021158 ____R () C:\Program Files\license.txt
2004-05-10 15:22 - 2003-06-10 23:28 - 0000653 ___RC () C:\Program Files\NTSC-vbr.wv9
2004-05-10 15:22 - 2003-06-10 23:28 - 0000653 ___RC () C:\Program Files\PAL-vbr.wv9
2004-05-10 15:22 - 2003-06-10 23:28 - 0000661 ___RC () C:\Program Files\qNTSC-vbr.wv9
2004-05-10 15:22 - 2003-06-10 23:28 - 0000666 ___RC () C:\Program Files\qPAL-vbr.wv9
2004-05-05 12:14 - 2004-05-05 12:14 - 5245352 ____C (Microsoft Corporation) C:\Program Files\SetupDl.exe
2004-05-10 15:22 - 2003-06-20 23:26 - 0064591 ___RC () C:\Program Files\WMV9VCM.chm
2004-05-10 15:22 - 2003-06-20 23:26 - 0012347 ____R () C:\Program Files\WMV9VCM_readme.htm
2005-04-27 16:35 - 2005-04-27 16:35 - 0003584 ____C () C:\Documents and Settings\alan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2006-01-21 22:37 - 2006-01-21 22:37 - 0000127 _____ () C:\Documents and Settings\alan\Local Settings\Application Data\fusioncache.dat

Files to move or delete:
====================
C:\WINDOWS\mlrekprd.exe


Some content of TEMP:
====================
C:\Documents and Settings\alan\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\alan\Local Settings\Temp\sqlite3.dll
C:\Documents and Settings\ghislaine\Local Settings\Temp\IadHide5.dll
C:\Documents and Settings\ghislaine\Local Settings\Temp\iinstall.exe
C:\Documents and Settings\ghislaine\Local Settings\Temp\MsnMusic.exe
C:\Documents and Settings\ghislaine\Local Settings\Temp\MsnWmpPl.dll
C:\Documents and Settings\ghislaine\Local Settings\Temp\nw9qcdly.exe
C:\Documents and Settings\ghislaine\Local Settings\Temp\optimize.exe
C:\Documents and Settings\ghislaine\Local Settings\Temp\p4D22t.exe
C:\Documents and Settings\ghislaine\Local Settings\Temp\setup_wm.exe
C:\Documents and Settings\ghislaine\Local Settings\Temp\StrDst.exe
C:\Documents and Settings\ghislaine\Local Settings\Temp\unicows.dll
C:\Documents and Settings\ghislaine\Local Settings\Temp\wpdedit.exe


Some zero byte size files/folders:
==========================
C:\Windows\addac.exe
C:\Windows\addao.exe
C:\Windows\addax.exe
C:\Windows\addbi32.exe
C:\Windows\addbk32.exe
C:\Windows\addbo32.exe
C:\Windows\addbq.exe
C:\Windows\addcf.exe
C:\Windows\addcl.exe
C:\Windows\addco.exe
C:\Windows\addcq.exe
C:\Windows\addcr32.exe
C:\Windows\addcu32.exe
C:\Windows\adddp.exe
C:\Windows\adddu32.exe
C:\Windows\addel32.exe
C:\Windows\addeo32.exe
C:\Windows\addeq32.exe
C:\Windows\addfd32.exe
C:\Windows\addff.exe
C:\Windows\addfg.exe
C:\Windows\addfg32.exe
C:\Windows\addfk.exe
C:\Windows\addfy.exe
C:\Windows\addgc.exe
C:\Windows\addgl32.exe
C:\Windows\addgn32.exe
C:\Windows\addgq.exe
C:\Windows\addhh32.exe
C:\Windows\addic.exe
C:\Windows\addic32.exe
C:\Windows\addim.exe
C:\Windows\addiq32.exe
C:\Windows\addir.exe
C:\Windows\addjf32.exe
C:\Windows\addjh32.exe
C:\Windows\addjk32.exe
C:\Windows\addjp.exe
C:\Windows\addju.exe
C:\Windows\addjx32.exe
C:\Windows\addkb32.exe
C:\Windows\addki.exe
C:\Windows\addkn.exe
C:\Windows\addkp32.exe
C:\Windows\addkr.exe
C:\Windows\addks32.exe
C:\Windows\addkz.exe
C:\Windows\addlc32.exe
C:\Windows\addld.exe
C:\Windows\addlf32.exe
C:\Windows\addlj.exe
C:\Windows\addlp32.exe
C:\Windows\addlt32.exe
C:\Windows\addlz.exe
C:\Windows\addmc32.exe
C:\Windows\addmn32.exe
C:\Windows\addmv32.exe
C:\Windows\addmx.exe
C:\Windows\addnb.exe
C:\Windows\addnf.exe
C:\Windows\addnq32.exe
C:\Windows\addoq32.exe
C:\Windows\addpc32.exe
C:\Windows\addpe32.exe
C:\Windows\addpf32.exe
C:\Windows\addps.exe
C:\Windows\addpy32.exe
C:\Windows\addqm32.exe
C:\Windows\addqq32.exe
C:\Windows\addqr.exe
C:\Windows\addrh.exe
C:\Windows\addrm.exe
C:\Windows\addro.exe
C:\Windows\addrv32.exe
C:\Windows\addsk32.exe
C:\Windows\addso.exe
C:\Windows\addsw.exe
C:\Windows\addtb.exe
C:\Windows\addti32.exe
C:\Windows\addtj32.exe
C:\Windows\addtl32.exe
C:\Windows\addts32.exe
C:\Windows\addve.exe
C:\Windows\addve32.exe
C:\Windows\addvm32.exe
C:\Windows\addvs32.exe
C:\Windows\addvw.exe
C:\Windows\addwi32.exe
C:\Windows\addwj.exe
C:\Windows\addws32.exe
C:\Windows\addxc32.exe
C:\Windows\addxe.exe
C:\Windows\addxl.exe
C:\Windows\addxp32.exe
C:\Windows\addxu32.exe
C:\Windows\addxw.exe
C:\Windows\addyc.exe
C:\Windows\addyn.exe
C:\Windows\addyo.exe
C:\Windows\addyr.exe
C:\Windows\addyu.exe
C:\Windows\addyw32.exe
C:\Windows\addzg32.exe
C:\Windows\addzj.exe
C:\Windows\addzk.exe
C:\Windows\addzs.exe
C:\Windows\addzt.exe
C:\Windows\apiad32.exe
C:\Windows\apiag.exe
C:\Windows\apial32.exe
C:\Windows\apiau.exe
C:\Windows\apibh32.exe
C:\Windows\apibx.exe
C:\Windows\apibz32.exe
C:\Windows\apice32.exe
C:\Windows\apicf32.exe
C:\Windows\apict32.exe
C:\Windows\apidh32.exe
C:\Windows\apidt32.exe
C:\Windows\apies32.exe
C:\Windows\apifb.exe
C:\Windows\apifi32.exe
C:\Windows\apifs.exe
C:\Windows\apify32.exe
C:\Windows\apigc32.exe
C:\Windows\apigp32.exe
C:\Windows\apigv.exe
C:\Windows\apigw.exe
C:\Windows\apihb.exe
C:\Windows\apihk32.exe
C:\Windows\apihq32.exe
C:\Windows\apihr.exe
C:\Windows\apihu32.exe
C:\Windows\apiik.exe
C:\Windows\apijb.exe
C:\Windows\apijg32.exe
C:\Windows\apijh.exe
C:\Windows\apijr.exe
C:\Windows\apijv.exe
C:\Windows\apiki.exe
C:\Windows\apikj32.exe
C:\Windows\apikm.exe
C:\Windows\apikn32.exe
C:\Windows\apikp.exe
C:\Windows\apikq.exe
C:\Windows\apile.exe
C:\Windows\apilg.exe
C:\Windows\apils32.exe
C:\Windows\apimf32.exe
C:\Windows\apimr.exe
C:\Windows\apims32.exe
C:\Windows\apimt.exe
C:\Windows\apimy32.exe
C:\Windows\apinn.exe
C:\Windows\apinp.exe
C:\Windows\apiow.exe
C:\Windows\apioz32.exe
C:\Windows\apipi32.exe
C:\Windows\apipn32.exe
C:\Windows\apipt32.exe
C:\Windows\apipv32.exe
C:\Windows\apipy32.exe
C:\Windows\apiqe32.exe
C:\Windows\apiqf.exe
C:\Windows\apiqf32.exe
C:\Windows\apiqj.exe
C:\Windows\apiqt.exe
C:\Windows\apiqx.exe
C:\Windows\apiri.exe
C:\Windows\apisk32.exe
C:\Windows\apisu32.exe
C:\Windows\apita.exe
C:\Windows\apita32.exe
C:\Windows\apitk32.exe
C:\Windows\apitm32.exe
C:\Windows\apitz.exe
C:\Windows\apiuf.exe
C:\Windows\apiun32.exe
C:\Windows\apiuu.exe
C:\Windows\apivc.exe
C:\Windows\apivl32.exe
C:\Windows\apivo.exe
C:\Windows\apivo32.exe
C:\Windows\apivt32.exe
C:\Windows\apiwi.exe
C:\Windows\apiwm.exe
C:\Windows\apixc.exe
C:\Windows\apixh.exe
C:\Windows\apixl.exe
C:\Windows\apixm32.exe
C:\Windows\apixw.exe
C:\Windows\apiyc32.exe
C:\Windows\apiye.exe
C:\Windows\apiyj32.exe
C:\Windows\apiyk32.exe
C:\Windows\apiym32.exe
C:\Windows\apizh.exe
C:\Windows\apizt32.exe
C:\Windows\apizu.exe
C:\Windows\appad.exe
C:\Windows\appao32.exe
C:\Windows\appaq32.exe
C:\Windows\appav32.exe
C:\Windows\appba.exe
C:\Windows\appbk.exe
C:\Windows\appbt.exe
C:\Windows\appcb32.exe
C:\Windows\appcl32.exe
C:\Windows\appcs.exe
C:\Windows\appcw.exe
C:\Windows\appcy.exe
C:\Windows\appdd.exe
C:\Windows\appeq32.exe
C:\Windows\appet.exe
C:\Windows\appeu32.exe
C:\Windows\appev32.exe
C:\Windows\appfb.exe
C:\Windows\appfd32.exe
C:\Windows\appfj.exe
C:\Windows\appfk32.exe
C:\Windows\appfq32.exe
C:\Windows\appft.exe
C:\Windows\appfz32.exe
C:\Windows\appgb32.exe
C:\Windows\appgc.exe
C:\Windows\appgr.exe
C:\Windows\appgt32.exe
C:\Windows\apphd32.exe
C:\Windows\apphj32.exe
C:\Windows\apphs32.exe
C:\Windows\apphz.exe
C:\Windows\appim.exe
C:\Windows\appiq32.exe
C:\Windows\appit32.exe
C:\Windows\appix.exe
C:\Windows\appjd32.exe
C:\Windows\appjj32.exe
C:\Windows\appke32.exe
C:\Windows\appkf.exe
C:\Windows\appkj.exe
C:\Windows\appko32.exe
C:\Windows\appkv32.exe
C:\Windows\appky.exe
C:\Windows\applk.exe
C:\Windows\applx32.exe
C:\Windows\appmc.exe
C:\Windows\appmc32.exe
C:\Windows\appme.exe
C:\Windows\appmt.exe
C:\Windows\appna.exe
C:\Windows\appnh.exe
C:\Windows\appnk.exe
C:\Windows\appnn32.exe
C:\Windows\appnp32.exe
C:\Windows\appnq32.exe
C:\Windows\appns.exe
C:\Windows\appnw.exe
C:\Windows\appnw32.exe
C:\Windows\appob32.exe
C:\Windows\appog.exe
C:\Windows\appoo32.exe
C:\Windows\appor32.exe
C:\Windows\apppy32.exe
C:\Windows\appql32.exe
C:\Windows\appqn.exe
C:\Windows\appqr.exe
C:\Windows\appqr32.exe
C:\Windows\appqt.exe
C:\Windows\apprb32.exe
C:\Windows\apprc.exe
C:\Windows\apprf32.exe
C:\Windows\apprh.exe
C:\Windows\appri32.exe
C:\Windows\apprm32.exe
C:\Windows\appro32.exe
C:\Windows\apprp32.exe
C:\Windows\appru32.exe
C:\Windows\appsb.exe
C:\Windows\appsy.exe
C:\Windows\apptf.exe
C:\Windows\apptf32.exe
C:\Windows\appti32.exe
C:\Windows\apptl32.exe
C:\Windows\apptm.exe
C:\Windows\apptn32.exe
C:\Windows\appts.exe
C:\Windows\apptu.exe
C:\Windows\appve.exe
C:\Windows\appvn.exe
C:\Windows\appvr32.exe
C:\Windows\appwc32.exe
C:\Windows\appwf.exe
C:\Windows\appwf32.exe
C:\Windows\appwm.exe
C:\Windows\appwy32.exe
C:\Windows\appwz.exe
C:\Windows\appwz32.exe
C:\Windows\appxb.exe
C:\Windows\appxh32.exe
C:\Windows\appxi.exe
C:\Windows\appxj.exe
C:\Windows\appya.exe
C:\Windows\appys.exe
C:\Windows\appyt32.exe
C:\Windows\appyx.exe
C:\Windows\appyx32.exe
C:\Windows\appzo.exe
C:\Windows\appzo32.exe
C:\Windows\appzs32.exe
C:\Windows\appzu32.exe
C:\Windows\appzv.exe
C:\Windows\appzy.exe
C:\Windows\appzy32.exe
C:\Windows\atlag.exe
C:\Windows\atlah32.exe
C:\Windows\atlbb.exe
C:\Windows\atlbl.exe
C:\Windows\atlbn.exe
C:\Windows\atlcd.exe
C:\Windows\atlcq32.exe
C:\Windows\atlcs32.exe
C:\Windows\atlct.exe
C:\Windows\atldj.exe
C:\Windows\atlen.exe
C:\Windows\atleu.exe
C:\Windows\atlfg.exe
C:\Windows\atlfl32.exe
C:\Windows\atlfy.exe
C:\Windows\atlfy32.exe
C:\Windows\atlga.exe
C:\Windows\atlga32.exe
C:\Windows\atlgs32.exe
C:\Windows\atlib32.exe
C:\Windows\atlix32.exe
C:\Windows\atliy.exe
C:\Windows\atljp32.exe
C:\Windows\atlkd32.exe
C:\Windows\atlkm.exe
C:\Windows\atlkq.exe
C:\Windows\atlky.exe
C:\Windows\atllb32.exe
C:\Windows\atlle.exe
C:\Windows\atllf32.exe
C:\Windows\atlli.exe
C:\Windows\atllj.exe
C:\Windows\atlln.exe
C:\Windows\atllq.exe
C:\Windows\atlly32.exe
C:\Windows\atlmc.exe
C:\Windows\atlmc32.exe
C:\Windows\atlmf32.exe
C:\Windows\atlmh.exe
C:\Windows\atlms.exe
C:\Windows\atlnb.exe
C:\Windows\atlnc.exe
C:\Windows\atlne32.exe
C:\Windows\atlnf.exe
C:\Windows\atlng.exe
C:\Windows\atlni.exe
C:\Windows\atlnt32.exe
C:\Windows\atlof.exe
C:\Windows\atloj32.exe
C:\Windows\atlom32.exe
C:\Windows\atlop32.exe
C:\Windows\atloy32.exe
C:\Windows\atlph32.exe
C:\Windows\atlpn.exe
C:\Windows\atlpt32.exe
C:\Windows\atlpw.exe
C:\Windows\atlpw32.exe
C:\Windows\atlpy.exe
C:\Windows\atlqg.exe
C:\Windows\atlqk.exe
C:\Windows\atlqm32.exe
C:\Windows\atlrd32.exe
C:\Windows\atlrl32.exe
C:\Windows\atlrq32.exe
C:\Windows\atlru32.exe
C:\Windows\atlrv32.exe
C:\Windows\atlry.exe
C:\Windows\atlsv.exe
C:\Windows\atlsx32.exe
C:\Windows\atltd.exe
C:\Windows\atltf.exe
C:\Windows\atltf32.exe
C:\Windows\atltn.exe
C:\Windows\atltq.exe
C:\Windows\atltt.exe
C:\Windows\atltx.exe
C:\Windows\atlug32.exe
C:\Windows\atlun.exe
C:\Windows\atlvp.exe
C:\Windows\atlwd32.exe
C:\Windows\atlwm32.exe
C:\Windows\atlwn32.exe
C:\Windows\atlwy.exe
C:\Windows\atlxh32.exe
C:\Windows\atlxm.exe
C:\Windows\atlxn.exe
C:\Windows\atlxo32.exe
C:\Windows\atlyn.exe
C:\Windows\atlyn32.exe
C:\Windows\atlyx32.exe
C:\Windows\atlze32.exe
C:\Windows\atlzr32.exe
C:\Windows\craa32.exe
C:\Windows\craq.exe
C:\Windows\crbj32.exe
C:\Windows\crby.exe
C:\Windows\crbz32.exe
C:\Windows\crca.exe
C:\Windows\crcb.exe
C:\Windows\crcc32.exe
C:\Windows\crcg.exe
C:\Windows\crcg32.exe
C:\Windows\crch32.exe
C:\Windows\crcl.exe
C:\Windows\crcy.exe
C:\Windows\crdg32.exe
C:\Windows\crdm32.exe
C:\Windows\crdo32.exe
C:\Windows\crdq.exe
C:\Windows\crds.exe
C:\Windows\crea.exe
C:\Windows\cree32.exe
C:\Windows\crfc32.exe
C:\Windows\crfj.exe
C:\Windows\crfj32.exe
C:\Windows\crfw32.exe
C:\Windows\crge.exe
C:\Windows\crgr.exe
C:\Windows\crgz.exe
C:\Windows\crhr32.exe
C:\Windows\crhx.exe
C:\Windows\crhz.exe
C:\Windows\crij.exe
C:\Windows\crix.exe
C:\Windows\crjt32.exe
C:\Windows\crkm32.exe
C:\Windows\crkw.exe
C:\Windows\crla32.exe
C:\Windows\crlg.exe
C:\Windows\crlk32.exe
C:\Windows\crlv32.exe
C:\Windows\crlx32.exe
C:\Windows\crmb32.exe
C:\Windows\crmd32.exe
C:\Windows\crmf32.exe
C:\Windows\crnh32.exe
C:\Windows\crnn.exe
C:\Windows\crnu.exe
C:\Windows\crnu32.exe
C:\Windows\crob32.exe
C:\Windows\crof32.exe
C:\Windows\crpe.exe
C:\Windows\crpv32.exe
C:\Windows\crqc32.exe
C:\Windows\crqk32.exe
C:\Windows\crqo32.exe
C:\Windows\crqr.exe
C:\Windows\crqt.exe
C:\Windows\crqy32.exe
C:\Windows\crrl.exe
C:\Windows\crsj.exe
C:\Windows\crsq.exe
C:\Windows\crsv32.exe
C:\Windows\crte.exe
C:\Windows\crtj.exe
C:\Windows\crtk32.exe
C:\Windows\crtr32.exe
C:\Windows\crtv.exe
C:\Windows\crtw32.exe
C:\Windows\crua.exe
C:\Windows\cruf32.exe
C:\Windows\crul.exe
C:\Windows\crum.exe
C:\Windows\crut32.exe
C:\Windows\cruv32.exe
C:\Windows\cruw.exe
C:\Windows\crux.exe
C:\Windows\crvd32.exe
C:\Windows\crvh.exe
C:\Windows\crvn.exe
C:\Windows\crwy.exe
C:\Windows\crxd32.exe
C:\Windows\crxi.exe
C:\Windows\crxw32.exe
C:\Windows\cryd.exe
C:\Windows\crzg.exe
C:\Windows\crzi32.exe
C:\Windows\crzj32.exe
C:\Windows\crzp.exe
C:\Windows\d3ao32.exe
C:\Windows\d3au32.exe
C:\Windows\d3bc.exe
C:\Windows\d3bf32.exe
C:\Windows\d3bi.exe
C:\Windows\d3bp32.exe
C:\Windows\d3bx32.exe
C:\Windows\d3cd.exe
C:\Windows\d3cy32.exe
C:\Windows\d3db.exe
C:\Windows\d3dm32.exe
C:\Windows\d3dq32.exe
C:\Windows\d3ds32.exe
C:\Windows\d3du.exe
C:\Windows\d3ef.exe
C:\Windows\d3ej.exe
C:\Windows\d3er32.exe
C:\Windows\d3ez.exe
C:\Windows\d3fg32.exe
C:\Windows\d3fk.exe
C:\Windows\d3fl.exe
C:\Windows\d3gd32.exe
C:\Windows\d3gn32.exe
C:\Windows\d3gp.exe
C:\Windows\d3gz.exe
C:\Windows\d3hc.exe
C:\Windows\d3ht.exe
C:\Windows\d3hu.exe
C:\Windows\d3hu32.exe
C:\Windows\d3hv32.exe
C:\Windows\d3ia32.exe
C:\Windows\d3if.exe
C:\Windows\d3ig32.exe
C:\Windows\d3ix32.exe
C:\Windows\d3jf32.exe
C:\Windows\d3jh32.exe
C:\Windows\d3jm32.exe
C:\Windows\d3jp.exe
C:\Windows\d3jv32.exe
C:\Windows\d3jz32.exe
C:\Windows\d3ka32.exe
C:\Windows\d3kd.exe
C:\Windows\d3kj.exe
C:\Windows\d3km32.exe
C:\Windows\d3kx.exe
C:\Windows\d3kz32.exe
C:\Windows\d3lf32.exe
C:\Windows\d3li.exe
C:\Windows\d3lq32.exe
C:\Windows\d3lt.exe
C:\Windows\d3lu.exe
C:\Windows\d3lu32.exe
C:\Windows\d3mj.exe
C:\Windows\d3na.exe
C:\Windows\d3nf32.exe
C:\Windows\d3ni32.exe
C:\Windows\d3oc32.exe
C:\Windows\d3od.exe
C:\Windows\d3od32.exe
C:\Windows\d3oj32.exe
C:\Windows\d3op.exe
C:\Windows\d3or.exe
C:\Windows\d3ov32.exe
C:\Windows\d3ox32.exe
C:\Windows\d3pk32.exe
C:\Windows\d3ps.exe
C:\Windows\d3pu.exe
C:\Windows\d3qb.exe
C:\Windows\d3qc32.exe
C:\Windows\d3qf32.exe
C:\Windows\d3qp32.exe
C:\Windows\d3qq.exe
C:\Windows\d3qt32.exe
C:\Windows\d3rd32.exe
C:\Windows\d3rl.exe
C:\Windows\d3ro32.exe
C:\Windows\d3rp32.exe
C:\Windows\d3rz32.exe
C:\Windows\d3sh32.exe
C:\Windows\d3sj.exe
C:\Windows\d3sk.exe
C:\Windows\d3sm.exe
C:\Windows\d3sp.exe
C:\Windows\d3sy32.exe
C:\Windows\d3tj.exe
C:\Windows\d3tl.exe
C:\Windows\d3tp.exe
C:\Windows\d3tq32.exe
C:\Windows\d3ts32.exe
C:\Windows\d3tw32.exe
C:\Windows\d3ua32.exe
C:\Windows\d3uf.exe
C:\Windows\d3uf32.exe
C:\Windows\d3ur32.exe
C:\Windows\d3uu.exe
C:\Windows\d3vu32.exe
C:\Windows\d3vx.exe
C:\Windows\d3wc32.exe
C:\Windows\d3wv.exe
C:\Windows\d3ww.exe
C:\Windows\d3wx32.exe
C:\Windows\d3xb32.exe
C:\Windows\d3xo32.exe
C:\Windows\d3xr32.exe
C:\Windows\d3xt.exe
C:\Windows\d3xu.exe
C:\Windows\d3yc32.exe
C:\Windows\d3yg32.exe
C:\Windows\d3yh32.exe
C:\Windows\d3yj32.exe
C:\Windows\d3yn.exe
C:\Windows\d3yp32.exe
C:\Windows\d3yw32.exe
C:\Windows\d3yy.exe
C:\Windows\d3yz.exe
C:\Windows\d3zb32.exe
C:\Windows\d3zi.exe
C:\Windows\d3zp.exe
C:\Windows\d3zs32.exe
C:\Windows\d3zw.exe
C:\Windows\d3zy.exe
C:\Windows\ieaa.exe
C:\Windows\ieao.exe
C:\Windows\ieau32.exe
C:\Windows\iebb.exe
C:\Windows\iebj.exe
C:\Windows\iebr32.exe
C:\Windows\ieca32.exe
C:\Windows\iecl32.exe
C:\Windows\iect32.exe
C:\Windows\iecz32.exe
C:\Windows\iedf32.exe
C:\Windows\iedv.exe
C:\Windows\iedz.exe
C:\Windows\ieed32.exe
C:\Windows\ieee32.exe
C:\Windows\ieef.exe
C:\Windows\ieek.exe
C:\Windows\ieen32.exe
C:\Windows\ieeu.exe
C:\Windows\iefk.exe
C:\Windows\iefl.exe
C:\Windows\iegc.exe
C:\Windows\iegf32.exe
C:\Windows\iegg.exe
C:\Windows\iegg32.exe
C:\Windows\iegx.exe
C:\Windows\iegx32.exe
C:\Windows\ieha32.exe
C:\Windows\iehg32.exe
C:\Windows\iehr.exe
C:\Windows\iehu.exe
C:\Windows\ieie.exe
C:\Windows\ieif32.exe
C:\Windows\ieig.exe
C:\Windows\ieik32.exe
C:\Windows\iein.exe
C:\Windows\ieiz.exe
C:\Windows\iejc32.exe
C:\Windows\iejd32.exe
C:\Windows\iejh32.exe
C:\Windows\ieji.exe
C:\Windows\iejj32.exe
C:\Windows\iejn.exe
C:\Windows\iejn32.exe
C:\Windows\iejr32.exe
C:\Windows\iejz.exe
C:\Windows\ieky32.exe
C:\Windows\ielc32.exe
C:\Windows\ielg32.exe
C:\Windows\ielh32.exe
C:\Windows\iell32.exe
C:\Windows\iely32.exe
C:\Windows\iemh.exe
C:\Windows\iemj.exe
C:\Windows\iemn32.exe
C:\Windows\iemo32.exe
C:\Windows\iemy.exe
C:\Windows\ienn32.exe
C:\Windows\ieoh.exe
C:\Windows\ieom32.exe
C:\Windows\ieor32.exe
C:\Windows\ieos32.exe
C:\Windows\iepo.exe
C:\Windows\ieps32.exe
C:\Windows\ieql.exe
C:\Windows\ieqz.exe
C:\Windows\ierf.exe
C:\Windows\iers32.exe
C:\Windows\iesd.exe
C:\Windows\iesu32.exe
C:\Windows\ieta32.exe
C:\Windows\ietg.exe
C:\Windows\ieth32.exe
C:\Windows\ietm32.exe
C:\Windows\iett32.exe
C:\Windows\ietu32.exe
C:\Windows\ietv.exe
C:\Windows\ieui32.exe
C:\Windows\ieul32.exe
C:\Windows\ieun32.exe
C:\Windows\ieuv.exe
C:\Windows\ievd32.exe
C:\Windows\ievk32.exe
C:\Windows\ievp.exe
C:\Windows\ievy.exe
C:\Windows\iewc32.exe
C:\Windows\iewo.exe
C:\Windows\iewv32.exe
C:\Windows\iexg.exe
C:\Windows\iexn32.exe
C:\Windows\iexo32.exe
C:\Windows\iexu.exe
C:\Windows\iexu32.exe
C:\Windows\ieyp.exe
C:\Windows\ieyu32.exe
C:\Windows\ieyv.exe
C:\Windows\ieza.exe
C:\Windows\iezk32.exe
C:\Windows\iezp32.exe
C:\Windows\iezr32.exe
C:\Windows\ipaj32.exe
C:\Windows\ipaq.exe
C:\Windows\ipar32.exe
C:\Windows\ipat.exe
C:\Windows\ipbj.exe
C:\Windows\ipbp32.exe
C:\Windows\ipby.exe
C:\Windows\ipdz32.exe
C:\Windows\iped32.exe
C:\Windows\ipel.exe
C:\Windows\ipen32.exe
C:\Windows\ipes.exe
C:\Windows\ipfc32.exe
C:\Windows\ipfe32.exe
C:\Windows\ipff.exe
C:\Windows\ipfh32.exe
C:\Windows\ipfn32.exe
C:\Windows\ipfu32.exe
C:\Windows\ipga32.exe
C:\Windows\ipgc.exe
C:\Windows\ipgd.exe
C:\Windows\ipgn.exe
C:\Windows\ipgv.exe
C:\Windows\iphs.exe
C:\Windows\iphx.exe
C:\Windows\ipid32.exe
C:\Windows\ipil32.exe
C:\Windows\ipix.exe
C:\Windows\ipja.exe
C:\Windows\ipjd.exe
C:\Windows\ipjn.exe
C:\Windows\ipju.exe
C:\Windows\ipki.exe
C:\Windows\ipkj32.exe
C:\Windows\ipkn32.exe
C:\Windows\ipkq.exe
C:\Windows\ipkt.exe
C:\Windows\ipku.exe
C:\Windows\ipkz32.exe
C:\Windows\iplb32.exe
C:\Windows\iplc.exe
C:\Windows\iplg.exe
C:\Windows\ipli.exe
C:\Windows\iplk.exe
C:\Windows\iplk32.exe
C:\Windows\iplx.exe
C:\Windows\iply32.exe
C:\Windows\iplz.exe
C:\Windows\ipmc32.exe
C:\Windows\ipmh.exe
C:\Windows\ipmo32.exe
C:\Windows\ipmt32.exe
C:\Windows\ipmx.exe
C:\Windows\ipmx32.exe
C:\Windows\ipmz32.exe
C:\Windows\ipni.exe
C:\Windows\ipno.exe
C:\Windows\ipnp32.exe
C:\Windows\ipns.exe
C:\Windows\ipoa.exe
C:\Windows\ipoh32.exe
C:\Windows\ipoo32.exe
C:\Windows\ippa.exe
C:\Windows\ippb.exe
C:\Windows\ippg32.exe
C:\Windows\ippm.exe
C:\Windows\ippv.exe
C:\Windows\ipqq.exe
C:\Windows\ipqs.exe
C:\Windows\ipre.exe
C:\Windows\iprk32.exe
C:\Windows\iprp.exe
C:\Windows\iprw.exe
C:\Windows\iprz32.exe
C:\Windows\ipsc32.exe
C:\Windows\ipsf.exe
C:\Windows\ipsh32.exe
C:\Windows\ipsj.exe
C:\Windows\ipso32.exe
C:\Windows\ipsx32.exe
C:\Windows\iptk32.exe
C:\Windows\iptw32.exe
C:\Windows\iptx32.exe
C:\Windows\iptz32.exe
C:\Windows\ipub32.exe
C:\Windows\ipuj32.exe
C:\Windows\ipux32.exe
C:\Windows\ipvj.exe
C:\Windows\ipvl32.exe
C:\Windows\ipvo.exe
C:\Windows\ipvx.exe
C:\Windows\ipwf32.exe
C:\Windows\ipwi32.exe
C:\Windows\ipxb32.exe
C:\Windows\ipxc.exe
C:\Windows\ipxe32.exe
C:\Windows\ipxi.exe
C:\Windows\ipxj.exe
C:\Windows\ipxv32.exe
C:\Windows\ipxz32.exe
C:\Windows\ipyf32.exe
C:\Windows\ipyi32.exe
C:\Windows\ipyj.exe
C:\Windows\ipzb32.exe
C:\Windows\ipzg32.exe
C:\Windows\ipzr32.exe
C:\Windows\javaac32.exe
C:\Windows\javaam.exe
C:\Windows\javaat.exe
C:\Windows\javaau.exe
C:\Windows\javabg32.exe
C:\Windows\javabz.exe
C:\Windows\javacl.exe
C:\Windows\javacy.exe
C:\Windows\javadc.exe
C:\Windows\javadp32.exe
C:\Windows\javadq.exe
C:\Windows\javafi.exe
C:\Windows\javafk32.exe
C:\Windows\javafm32.exe
C:\Windows\javafn.exe
C:\Windows\javafn32.exe
C:\Windows\javafq.exe
C:\Windows\javago32.exe
C:\Windows\javags.exe
C:\Windows\javahb.exe
C:\Windows\javahh32.exe
C:\Windows\javahm32.exe
C:\Windows\javaia.exe
C:\Windows\javaib32.exe
C:\Windows\javait32.exe
C:\Windows\javaiw.exe
C:\Windows\javajf32.exe
C:\Windows\javajg32.exe
C:\Windows\javajw.exe
C:\Windows\javajw32.exe
C:\Windows\javajy32.exe
C:\Windows\javaka.exe
C:\Windows\javakb32.exe
C:\Windows\javaki32.exe
C:\Windows\javaku32.exe
C:\Windows\javakv32.exe
C:\Windows\javakx32.exe
C:\Windows\javalg32.exe
C:\Windows\javalj.exe
C:\Windows\javalm.exe
C:\Windows\javaln.exe
C:\Windows\javalo.exe
C:\Windows\javalo32.exe
C:\Windows\javaly32.exe
C:\Windows\javamb32.exe
C:\Windows\javamk.exe
C:\Windows\javann32.exe
C:\Windows\javano.exe
C:\Windows\javano32.exe
C:\Windows\javanp32.exe
C:\Windows\javant.exe
C:\Windows\javanw.exe
C:\Windows\javanz32.exe
C:\Windows\javaoc32.exe
C:\Windows\javaoq32.exe
C:\Windows\javaow.exe
C:\Windows\javape.exe
C:\Windows\javapr32.exe
C:\Windows\javaqs.exe
C:\Windows\javaqt32.exe
C:\Windows\javaqv32.exe
C:\Windows\javarc.exe
C:\Windows\javark.exe
C:\Windows\javarl.exe
C:\Windows\javarv32.exe
C:\Windows\javasb.exe
C:\Windows\javash.exe
C:\Windows\javasi.exe
C:\Windows\javasj32.exe
C:\Windows\javask.exe
C:\Windows\javasr32.exe
C:\Windows\javasu32.exe
C:\Windows\javasy.exe
C:\Windows\javatt32.exe
C:\Windows\javatv32.exe
C:\Windows\javatx.exe
C:\Windows\javatx32.exe
C:\Windows\javauj.exe
C:\Windows\javauq.exe
C:\Windows\javauu.exe
C:\Windows\javava32.exe
C:\Windows\javavb32.exe
C:\Windows\javavr32.exe
C:\Windows\javavv32.exe
C:\Windows\javavx.exe
C:\Windows\javavz32.exe
C:\Windows\javawc32.exe
C:\Windows\javawn32.exe
C:\Windows\javawq.exe
C:\Windows\javawt.exe
C:\Windows\javaxd.exe
C:\Windows\javaxs32.exe
C:\Windows\javaxt32.exe
C:\Windows\javaxy.exe
C:\Windows\javayi.exe
C:\Windows\javayr.exe
C:\Windows\javayx.exe
C:\Windows\javazb.exe
C:\Windows\javazd32.exe
C:\Windows\javazs.exe
C:\Windows\javazy32.exe
C:\Windows\mfcad32.exe
C:\Windows\mfcaf32.exe
C:\Windows\mfcap32.exe
C:\Windows\mfcbe.exe
C:\Windows\mfcbh32.exe
C:\Windows\mfcbm32.exe
C:\Windows\mfcbn.exe
C:\Windows\mfcbp32.exe
C:\Windows\mfcbq32.exe
C:\Windows\mfcbr32.exe
C:\Windows\mfcbt32.exe
C:\Windows\mfccd.exe
C:\Windows\mfcce.exe
C:\Windows\mfccx.exe
C:\Windows\mfcdc.exe
C:\Windows\mfcdd32.exe
C:\Windows\mfcdj.exe
C:\Windows\mfcdw32.exe
C:\Windows\mfcec.exe
C:\Windows\mfcej.exe
C:\Windows\mfcek32.exe
C:\Windows\mfcer32.exe
C:\Windows\mfces32.exe
C:\Windows\mfcey32.exe
C:\Windows\mfcfh32.exe
C:\Windows\mfcfp.exe
C:\Windows\mfcfv32.exe
C:\Windows\mfcfw32.exe
C:\Windows\mfcgj.exe
C:\Windows\mfcgn.exe
C:\Windows\mfcgt32.exe
C:\Windows\mfchm32.exe
C:\Windows\mfchn.exe
C:\Windows\mfcia32.exe
C:\Windows\mfcik.exe
C:\Windows\mfcir.exe
C:\Windows\mfciu32.exe
C:\Windows\mfcjt32.exe
C:\Windows\mfcju32.exe
C:\Windows\mfcki32.exe
C:\Windows\mfclk32.exe
C:\Windows\mfclu32.exe
C:\Windows\mfclw.exe
C:\Windows\mfclx.exe
C:\Windows\mfcmb32.exe
C:\Windows\mfcmg.exe
C:\Windows\mfcmm32.exe
C:\Windows\mfcmo.exe
C:\Windows\mfcnb.exe
C:\Windows\mfcng.exe
C:\Windows\mfcnr32.exe
C:\Windows\mfcnt.exe
C:\Windows\mfcnx32.exe
C:\Windows\mfcod32.exe
C:\Windows\mfcoe.exe
C:\Windows\mfcou32.exe
C:\Windows\mfcov32.exe
C:\Windows\mfcoy.exe
C:\Windows\mfcpj.exe
C:\Windows\mfcpk32.exe
C:\Windows\mfcpn.exe
C:\Windows\mfcqa32.exe
C:\Windows\mfcqf.exe
C:\Windows\mfcqf32.exe
C:\Windows\mfcqh.exe
C:\Windows\mfcqh32.exe
C:\Windows\mfcqn.exe
C:\Windows\mfcqu.exe
C:\Windows\mfcqz.exe
C:\Windows\mfcqz32.exe
C:\Windows\mfcrm.exe
C:\Windows\mfcrm32.exe
C:\Windows\mfcrq.exe
C:\Windows\mfcrt32.exe
C:\Windows\mfcrv32.exe
C:\Windows\mfcsl.exe
C:\Windows\mfcsz.exe
C:\Windows\mfctf32.exe
C:\Windows\mfcti.exe
C:\Windows\mfctk32.exe
C:\Windows\mfcup.exe
C:\Windows\mfcuq32.exe
C:\Windows\mfcvg.exe
C:\Windows\mfcvg32.exe
C:\Windows\mfcvi32.exe
C:\Windows\mfcvo32.exe
C:\Windows\mfcwf32.exe
C:\Windows\mfcwp32.exe
C:\Windows\mfcwx32.exe
C:\Windows\mfcxa32.exe
C:\Windows\mfcxe32.exe
C:\Windows\mfcxk32.exe
C:\Windows\mfcxl32.exe
C:\Windows\mfcxu32.exe
C:\Windows\mfcxw.exe
C:\Windows\mfcyq32.exe
C:\Windows\mfcyy32.exe
C:\Windows\msaf.exe
C:\Windows\msam32.exe
C:\Windows\msbi32.exe
C:\Windows\msbj32.exe
C:\Windows\msbs32.exe
C:\Windows\msbt32.exe
C:\Windows\msbx32.exe
C:\Windows\mscg.exe
C:\Windows\mscm.exe
C:\Windows\mscy32.exe
C:\Windows\msdj.exe
C:\Windows\msdq.exe
C:\Windows\msdr.exe
C:\Windows\msdv.exe
C:\Windows\msdx.exe
C:\Windows\msei.exe
C:\Windows\msek32.exe
C:\Windows\msel.exe
C:\Windows\msfb.exe
C:\Windows\msfc32.exe
C:\Windows\msfe.exe
C:\Windows\msff.exe
C:\Windows\msfi.exe
C:\Windows\msfl.exe
C:\Windows\msfs32.exe
C:\Windows\msgd32.exe
C:\Windows\msgm.exe
C:\Windows\msgq32.exe
C:\Windows\mshc32.exe
C:\Windows\mshf.exe
C:\Windows\mshx32.exe
C:\Windows\msic32.exe
C:\Windows\msid32.exe
C:\Windows\msih32.exe
C:\Windows\msiy.exe
C:\Windows\msja.exe
C:\Windows\msjj.exe
C:\Windows\msjq.exe
C:\Windows\msjx.exe
C:\Windows\msjy.exe
C:\Windows\mskb.exe
C:\Windows\mslg.exe
C:\Windows\mslm32.exe
C:\Windows\mslo.exe
C:\Windows\mslp.exe
C:\Windows\msmi32.exe
C:\Windows\msmw.exe
C:\Windows\msne.exe
C:\Windows\msnm.exe
C:\Windows\msnr32.exe
C:\Windows\msny32.exe
C:\Windows\msof32.exe
C:\Windows\msoi32.exe
C:\Windows\msoj32.exe
C:\Windows\msol32.exe
C:\Windows\mspm32.exe
C:\Windows\mspo.exe
C:\Windows\msqn.exe
C:\Windows\msrm32.exe
C:\Windows\msrn32.exe
C:\Windows\msrq32.exe
C:\Windows\msrr32.exe
C:\Windows\msrw32.exe
C:\Windows\mssd.exe
C:\Windows\mssf32.exe
C:\Windows\msst32.exe
C:\Windows\mssv32.exe
C:\Windows\mstq32.exe
C:\Windows\msty.exe
C:\Windows\msuc.exe
C:\Windows\msul.exe
C:\Windows\msuz32.exe
C:\Windows\msvb32.exe
C:\Windows\msve32.exe
C:\Windows\msvf.exe
C:\Windows\msvq32.exe
C:\Windows\mswo.exe
C:\Windows\mswq32.exe
C:\Windows\mswv32.exe
C:\Windows\msxg.exe
C:\Windows\msxj.exe
C:\Windows\msxr.exe
C:\Windows\msxt.exe
C:\Windows\msxu32.exe
C:\Windows\msxy32.exe
C:\Windows\msya32.exe
C:\Windows\msym32.exe
C:\Windows\msyn32.exe
C:\Windows\msyr.exe
C:\Windows\msyu32.exe
C:\Windows\msyy.exe
C:\Windows\msyy32.exe
C:\Windows\mszo.exe
C:\Windows\netag.exe
C:\Windows\netah.exe
C:\Windows\netam32.exe
C:\Windows\netaq.exe
C:\Windows\netbj32.exe
C:\Windows\netbk32.exe
C:\Windows\netbm.exe
C:\Windows\netbm32.exe
C:\Windows\netbu.exe
C:\Windows\netcb.exe
C:\Windows\netcm32.exe
C:\Windows\netcs.exe
C:\Windows\netdc.exe
C:\Windows\netdg.exe
C:\Windows\netds32.exe
C:\Windows\netdt32.exe
C:\Windows\netdw.exe
C:\Windows\netfa.exe
C:\Windows\netff32.exe
C:\Windows\netfp32.exe
C:\Windows\netft.exe
C:\Windows\netfw.exe
C:\Windows\netgd.exe
C:\Windows\netgm32.exe
C:\Windows\netgs.exe
C:\Windows\netgy.exe
C:\Windows\nethp.exe
C:\Windows\nethr32.exe
C:\Windows\nethx.exe
C:\Windows\netia.exe
C:\Windows\netii.exe
C:\Windows\netij32.exe
C:\Windows\netin32.exe
C:\Windows\netio32.exe
C:\Windows\netiz32.exe
C:\Windows\netja32.exe
C:\Windows\netjg.exe
C:\Windows\netjj.exe
C:\Windows\netjx32.exe
C:\Windows\netkm32.exe
C:\Windows\netkn.exe
C:\Windows\netkr.exe
C:\Windows\netks.exe
C:\Windows\netkt.exe
C:\Windows\netku.exe
C:\Windows\netky.exe
C:\Windows\netlj.exe
C:\Windows\netll.exe
C:\Windows\netlo.exe
C:\Windows\netmj.exe
C:\Windows\netms.exe
C:\Windows\netni.exe
C:\Windows\netnj.exe
C:\Windows\netnl.exe
C:\Windows\netnm.exe
C:\Windows\netns.exe
C:\Windows\netoa32.exe
C:\Windows\netob.exe
C:\Windows\neton32.exe
C:\Windows\netow.exe
C:\Windows\netpf32.exe
C:\Windows\netpg32.exe
C:\Windows\netph32.exe
C:\Windows\netpt.exe
C:\Windows\netpw32.exe
C:\Windows\netpz.exe
C:\Windows\netqm.exe
C:\Windows\netqp.exe
C:\Windows\netqt32.exe
C:\Windows\netrb.exe
C:\Windows\netrg.exe
C:\Windows\netri32.exe
C:\Windows\netro32.exe
C:\Windows\netrt32.exe
C:\Windows\netrv32.exe
C:\Windows\netsa32.exe
C:\Windows\netsd32.exe
C:\Windows\netsj.exe
C:\Windows\netso32.exe
C:\Windows\netsw.exe
C:\Windows\netsy.exe
C:\Windows\netsz32.exe
C:\Windows\nettd32.exe
C:\Windows\nettf32.exe
C:\Windows\netth32.exe
C:\Windows\netti32.exe
C:\Windows\nettn.exe
C:\Windows\nettr32.exe
C:\Windows\nettt32.exe
C:\Windows\netul32.exe
C:\Windows\netvg.exe
C:\Windows\netvh32.exe
C:\Windows\netvy32.exe
C:\Windows\netwb.exe
C:\Windows\netwh.exe
C:\Windows\netwi.exe
C:\Windows\netwo.exe
C:\Windows\netxh32.exe
C:\Windows\netxk32.exe
C:\Windows\netxz32.exe
C:\Windows\netys32.exe
C:\Windows\netyw32.exe
C:\Windows\netzc.exe
C:\Windows\netzc32.exe
C:\Windows\netzp.exe
C:\Windows\netzu32.exe
C:\Windows\netzv32.exe
C:\Windows\ntab.exe
C:\Windows\ntai.exe
C:\Windows\ntan.exe
C:\Windows\ntao.exe
C:\Windows\ntba32.exe
C:\Windows\ntbx32.exe
C:\Windows\ntci32.exe
C:\Windows\ntcm32.exe
C:\Windows\ntcx.exe
C:\Windows\ntcz32.exe
C:\Windows\ntda.exe
C:\Windows\ntdh32.exe
C:\Windows\ntdk32.exe
C:\Windows\ntdl32.exe
C:\Windows\ntds.exe
C:\Windows\ntdy.exe
C:\Windows\nteg32.exe
C:\Windows\ntej.exe
C:\Windows\ntet.exe
C:\Windows\ntey32.exe
C:\Windows\ntfc.exe
C:\Windows\ntfu32.exe
C:\Windows\ntgb32.exe
C:\Windows\ntgi.exe
C:\Windows\ntgu.exe
C:\Windows\ntgu32.exe
C:\Windows\nthe.exe
C:\Windows\nthm.exe
C:\Windows\nthp32.exe
C:\Windows\ntij.exe
C:\Windows\ntir.exe
C:\Windows\ntit.exe
C:\Windows\ntix.exe
C:\Windows\ntjr.exe
C:\Windows\ntju.exe
C:\Windows\ntjw32.exe
C:\Windows\ntkt32.exe
C:\Windows\ntky.exe
C:\Windows\ntlz32.exe
C:\Windows\ntmk32.exe
C:\Windows\ntmo32.exe
C:\Windows\ntmq32.exe
C:\Windows\ntmr32.exe
C:\Windows\ntnb32.exe
C:\Windows\ntnk32.exe
C:\Windows\ntno.exe
C:\Windows\ntnq.exe
C:\Windows\ntns.exe
C:\Windows\ntny.exe
C:\Windows\ntny32.exe
C:\Windows\ntod32.exe
C:\Windows\ntoe32.exe
C:\Windows\ntof.exe
C:\Windows\ntoj.exe
C:\Windows\ntok32.exe
C:\Windows\ntop32.exe
C:\Windows\ntor32.exe
C:\Windows\ntpk.exe
C:\Windows\ntpn32.exe
C:\Windows\ntpy.exe
C:\Windows\ntqd32.exe
C:\Windows\ntqe32.exe
C:\Windows\ntql32.exe
C:\Windows\ntqn.exe
C:\Windows\ntqp32.exe
C:\Windows\ntqt.exe
C:\Windows\ntrr.exe
C:\Windows\ntrs.exe
C:\Windows\ntrs32.exe
C:\Windows\ntrv32.exe
C:\Windows\ntsb.exe
C:\Windows\ntsi32.exe
C:\Windows\ntsj.exe
C:\Windows\ntsw.exe
C:\Windows\nttw.exe
C:\Windows\ntty32.exe
C:\Windows\ntub32.exe
C:\Windows\ntuk32.exe
C:\Windows\ntuv.exe
C:\Windows\ntve32.exe
C:\Windows\ntvi32.exe
C:\Windows\ntvl32.exe
C:\Windows\ntvp.exe
C:\Windows\ntvz32.exe
C:\Windows\ntwf32.exe
C:\Windows\ntwi32.exe
C:\Windows\ntwj.exe
C:\Windows\ntwq32.exe
C:\Windows\ntww.exe
C:\Windows\ntxa.exe
C:\Windows\ntxe.exe
C:\Windows\ntxh32.exe
C:\Windows\ntxm.exe
C:\Windows\ntxu.exe
C:\Windows\ntxy.exe
C:\Windows\ntyb.exe
C:\Windows\ntyd32.exe
C:\Windows\ntyt32.exe
C:\Windows\ntyz.exe
C:\Windows\ntze32.exe
C:\Windows\ntzh32.exe
C:\Windows\ntzt32.exe
C:\Windows\sdkay32.exe
C:\Windows\sdkbf.exe
C:\Windows\sdkbi.exe
C:\Windows\sdkbp32.exe
C:\Windows\sdkbr32.exe
C:\Windows\sdkbw.exe
C:\Windows\sdkbw32.exe
C:\Windows\sdkcc32.exe
C:\Windows\sdkcf32.exe
C:\Windows\sdkch32.exe
C:\Windows\sdkcq32.exe
C:\Windows\sdkct32.exe
C:\Windows\sdkcu.exe
C:\Windows\sdkcw32.exe
C:\Windows\sdkde32.exe
C:\Windows\sdkef32.exe
C:\Windows\sdkei32.exe
C:\Windows\sdkfa.exe
C:\Windows\sdkfe.exe
C:\Windows\sdkfi32.exe
C:\Windows\sdkfl32.exe
C:\Windows\sdkfm.exe
C:\Windows\sdkfs32.exe
C:\Windows\sdkfy.exe
C:\Windows\sdkgh32.exe
C:\Windows\sdkgm32.exe
C:\Windows\sdkgp.exe
C:\Windows\sdkgt32.exe
C:\Windows\sdkhn.exe
C:\Windows\sdkib32.exe
C:\Windows\sdkid.exe
C:\Windows\sdkig32.exe
C:\Windows\sdkin32.exe
C:\Windows\sdkiw32.exe
C:\Windows\sdkix32.exe
C:\Windows\sdkji.exe
C:\Windows\sdkjy32.exe
C:\Windows\sdkkf.exe
C:\Windows\sdkkp.exe
C:\Windows\sdkky.exe
C:\Windows\sdklm32.exe
C:\Windows\sdkmy32.exe
C:\Windows\sdknf32.exe
C:\Windows\sdknl32.exe
C:\Windows\sdknn.exe
C:\Windows\sdknn32.exe
C:\Windows\sdknw.exe
C:\Windows\sdkob.exe
C:\Windows\sdkom.exe
C:\Windows\sdkor32.exe
C:\Windows\sdkou.exe
C:\Windows\sdkou32.exe
C:\Windows\sdkpw.exe
C:\Windows\sdkqo.exe
C:\Windows\sdkqt32.exe
C:\Windows\sdkqy.exe
C:\Windows\sdkra.exe
C:\Windows\sdksc32.exe
C:\Windows\sdksg32.exe
C:\Windows\sdksj.exe
C:\Windows\sdksn32.exe
C:\Windows\sdktf.exe
C:\Windows\sdkti32.exe
C:\Windows\sdktr.exe
C:\Windows\sdkuc32.exe
C:\Windows\sdkuj.exe
C:\Windows\sdkuj32.exe
C:\Windows\sdkut.exe
C:\Windows\sdkvl.exe
C:\Windows\sdkvw.exe
C:\Windows\sdkwa32.exe
C:\Windows\sdkwh.exe
C:\Windows\sdkwl.exe
C:\Windows\sdkxi32.exe
C:\Windows\sdkxu.exe
C:\Windows\sdkyb.exe
C:\Windows\sdkyc.exe
C:\Windows\sdkyp32.exe
C:\Windows\sdkzg32.exe
C:\Windows\sdkzk.exe
C:\Windows\sdkzl32.exe
C:\Windows\sdkzw.exe
C:\Windows\sysab32.exe
C:\Windows\sysaf.exe
C:\Windows\sysas.exe
C:\Windows\sysav32.exe
C:\Windows\sysbh32.exe
C:\Windows\sysce32.exe
C:\Windows\syscn.exe
C:\Windows\sysdc32.exe
C:\Windows\sysdd32.exe
C:\Windows\sysds32.exe
C:\Windows\sysej32.exe
C:\Windows\syset32.exe
C:\Windows\syseu32.exe
C:\Windows\sysfa32.exe
C:\Windows\sysfl32.exe
C:\Windows\sysfx.exe
C:\Windows\sysfx32.exe
C:\Windows\sysgf.exe
C:\Windows\sysgq32.exe
C:\Windows\sysgt32.exe
C:\Windows\sysgx.exe
C:\Windows\syshn32.exe
C:\Windows\sysie.exe
C:\Windows\sysjf.exe
C:\Windows\sysjf32.exe
C:\Windows\sysjn32.exe
C:\Windows\sysjt.exe
C:\Windows\sysjw.exe
C:\Windows\syskh32.exe
C:\Windows\syski.exe
C:\Windows\sysko32.exe
C:\Windows\syskw32.exe
C:\Windows\syslc32.exe
C:\Windows\syslf.exe
C:\Windows\sysli32.exe
C:\Windows\syslj.exe
C:\Windows\syslv32.exe
C:\Windows\syslx.exe
C:\Windows\sysmj.exe
C:\Windows\sysmo.exe
C:\Windows\sysmq32.exe
C:\Windows\sysms.exe
C:\Windows\sysmu32.exe
C:\Windows\sysmv32.exe
C:\Windows\sysnm.exe
C:\Windows\sysnq.exe
C:\Windows\sysnr.exe
C:\Windows\sysnw.exe
C:\Windows\sysok.exe
C:\Windows\sysoq.exe
C:\Windows\sysow.exe
C:\Windows\syspb.exe
C:\Windows\syspg.exe
C:\Windows\syspn.exe
C:\Windows\sysqf.exe
C:\Windows\sysqi.exe
C:\Windows\sysqm.exe
C:\Windows\sysri.exe
C:\Windows\sysrl.exe
C:\Windows\sysrm.exe
C:\Windows\sysrr.exe
C:\Windows\sysrt.exe
C:\Windows\sysry32.exe
C:\Windows\syssl.exe
C:\Windows\systw32.exe
C:\Windows\sysud32.exe
C:\Windows\sysuo32.exe
C:\Windows\sysuq.exe
C:\Windows\sysux.exe
C:\Windows\sysvg32.exe
C:\Windows\sysvh32.exe
C:\Windows\sysvl32.exe
C:\Windows\sysvq.exe
C:\Windows\sysvy32.exe
C:\Windows\syswd32.exe
C:\Windows\syswp32.exe
C:\Windows\sysxm.exe
C:\Windows\sysxv.exe
C:\Windows\sysxv32.exe
C:\Windows\sysxw.exe
C:\Windows\sysxw32.exe
C:\Windows\sysxx.exe
C:\Windows\sysyg32.exe
C:\Windows\sysyj.exe
C:\Windows\syszl32.exe
C:\Windows\syszt.exe
C:\Windows\winab.exe
C:\Windows\winac32.exe
C:\Windows\winae32.exe
C:\Windows\winat.exe
C:\Windows\winaw32.exe
C:\Windows\winbl32.exe
C:\Windows\winbs.exe
C:\Windows\winbz.exe
C:\Windows\wincj32.exe
C:\Windows\wincn32.exe
C:\Windows\wincp32.exe
C:\Windows\winct.exe
C:\Windows\windb32.exe
C:\Windows\windc.exe
C:\Windows\windf.exe
C:\Windows\windm.exe
C:\Windows\windr.exe
C:\Windows\windx32.exe
C:\Windows\winei32.exe
C:\Windows\winej32.exe
C:\Windows\winez.exe
C:\Windows\winfj32.exe
C:\Windows\wingk.exe
C:\Windows\wingx32.exe
C:\Windows\winhb32.exe
C:\Windows\winhm.exe
C:\Windows\winic.exe
C:\Windows\winig.exe
C:\Windows\winij.exe
C:\Windows\winjf32.exe
C:\Windows\winjj32.exe
C:\Windows\winjx32.exe
C:\Windows\winkf.exe
C:\Windows\winku32.exe
C:\Windows\winlg.exe
C:\Windows\winli32.exe
C:\Windows\winlk.exe
C:\Windows\winll.exe
C:\Windows\winlu32.exe
C:\Windows\winlz32.exe
C:\Windows\winmd32.exe
C:\Windows\winms32.exe
C:\Windows\winnm32.exe
C:\Windows\winnn32.exe
C:\Windows\winns.exe
C:\Windows\winnw32.exe
C:\Windows\winog.exe
C:\Windows\winop32.exe
C:\Windows\winoq.exe
C:\Windows\winoq32.exe
C:\Windows\winou.exe
C:\Windows\winoz32.exe
C:\Windows\winpp32.exe
C:\Windows\winpq.exe
C:\Windows\winpq32.exe
C:\Windows\winpx32.exe
C:\Windows\winqb.exe
C:\Windows\winqz32.exe
C:\Windows\winry32.exe
C:\Windows\winsk32.exe
C:\Windows\winss32.exe
C:\Windows\winsx.exe
C:\Windows\winsx32.exe
C:\Windows\winsy32.exe
C:\Windows\winti32.exe
C:\Windows\wintt.exe
C:\Windows\wintw32.exe
C:\Windows\winub.exe
C:\Windows\winum32.exe
C:\Windows\winuu32.exe
C:\Windows\winuw.exe
C:\Windows\winvg32.exe
C:\Windows\winvn.exe
C:\Windows\winvo32.exe
C:\Windows\winvr.exe
C:\Windows\winvt.exe
C:\Windows\winwf.exe
C:\Windows\winwg.exe
C:\Windows\winwn.exe
C:\Windows\winxc32.exe
C:\Windows\winxf32.exe
C:\Windows\winxo.exe
C:\Windows\winxv32.exe
C:\Windows\winyb32.exe
C:\Windows\winyr32.exe
C:\Windows\winzb32.exe
C:\Windows\winzf32.exe
C:\Windows\winzn.exe
C:\Windows\winzv32.exe
C:\Windows\winzw32.exe
C:\Windows\System32\addaj32.exe
C:\Windows\System32\addan32.exe
C:\Windows\System32\addas32.exe
C:\Windows\System32\addbb32.exe
C:\Windows\System32\addbk.exe
C:\Windows\System32\addbv32.exe
C:\Windows\System32\addch32.exe
C:\Windows\System32\addcj32.exe
C:\Windows\System32\addcq.exe
C:\Windows\System32\addcw32.exe
C:\Windows\System32\adddi.exe
C:\Windows\System32\adddk.exe
C:\Windows\System32\adddn32.exe
C:\Windows\System32\adddr.exe
C:\Windows\System32\addec.exe
C:\Windows\System32\addet.exe
C:\Windows\System32\addeu32.exe
C:\Windows\System32\addfd32.exe
C:\Windows\System32\addfh.exe
C:\Windows\System32\addfl.exe
C:\Windows\System32\addfo32.exe
C:\Windows\System32\addfr.exe
C:\Windows\System32\addfv.exe
C:\Windows\System32\addfw32.exe
C:\Windows\System32\addfx32.exe
C:\Windows\System32\addgl.exe
C:\Windows\System32\addgp32.exe
C:\Windows\System32\addgq.exe
C:\Windows\System32\addhh.exe
C:\Windows\System32\addhl32.exe
C:\Windows\System32\addhn32.exe
C:\Windows\System32\addie32.exe
C:\Windows\System32\addin.exe
C:\Windows\System32\addio32.exe
C:\Windows\System32\addjd.exe
C:\Windows\System32\addje.exe
C:\Windows\System32\addju32.exe
C:\Windows\System32\addkd32.exe
C:\Windows\System32\addki32.exe
C:\Windows\System32\addkl32.exe
C:\Windows\System32\addkz.exe
C:\Windows\System32\addle32.exe
C:\Windows\System32\addln.exe
C:\Windows\System32\addls.exe
C:\Windows\System32\addlv32.exe
C:\Windows\System32\addlw.exe
C:\Windows\System32\addlx.exe
C:\Windows\System32\addnc32.exe
C:\Windows\System32\addnf32.exe
C:\Windows\System32\addnt32.exe
C:\Windows\System32\addnv32.exe
C:\Windows\System32\addoa.exe
C:\Windows\System32\addog32.exe
C:\Windows\System32\addoq32.exe
C:\Windows\System32\addpe.exe
C:\Windows\System32\addpe32.exe
C:\Windows\System32\addpm.exe
C:\Windows\System32\addqp32.exe
C:\Windows\System32\addqr.exe
C:\Windows\System32\addrr32.exe
C:\Windows\System32\addrx32.exe
C:\Windows\System32\addsk.exe
C:\Windows\System32\addso.exe
C:\Windows\System32\addsw32.exe
C:\Windows\System32\addtd32.exe
C:\Windows\System32\addtf32.exe
C:\Windows\System32\addtg32.exe
C:\Windows\System32\addtm.exe
C:\Windows\System32\addub32.exe
C:\Windows\System32\adduc32.exe
C:\Windows\System32\addue32.exe
C:\Windows\System32\adduj.exe
C:\Windows\System32\addux32.exe
C:\Windows\System32\addww.exe
C:\Windows\System32\addxd32.exe
C:\Windows\System32\addxf32.exe
C:\Windows\System32\addxp32.exe
C:\Windows\System32\addyj32.exe
C:\Windows\System32\addym.exe
C:\Windows\System32\addym32.exe
C:\Windows\System32\addyu32.exe
C:\Windows\System32\addyz.exe
C:\Windows\System32\addzo32.exe
C:\Windows\System32\addzs.exe
C:\Windows\System32\apian32.exe
C:\Windows\System32\apiao32.exe
C:\Windows\System32\apiaq32.exe
C:\Windows\System32\apias32.exe
C:\Windows\System32\apiav.exe
C:\Windows\System32\apiaw32.exe
C:\Windows\System32\apiaz.exe
C:\Windows\System32\apiba.exe
C:\Windows\System32\apibb.exe
C:\Windows\System32\apibc.exe
C:\Windows\System32\apibg32.exe
C:\Windows\System32\apibm.exe
C:\Windows\System32\apibm32.exe
C:\Windows\System32\apicn32.exe
C:\Windows\System32\apicy.exe
C:\Windows\System32\apidk.exe
C:\Windows\System32\apidt32.exe
C:\Windows\System32\apidv.exe
C:\Windows\System32\apiej.exe
C:\Windows\System32\apiej32.exe
C:\Windows\System32\apieo.exe
C:\Windows\System32\apiet.exe
C:\Windows\System32\apiex.exe
C:\Windows\System32\apiey.exe
C:\Windows\System32\apifj32.exe
C:\Windows\System32\apifo32.exe
C:\Windows\System32\apifs.exe
C:\Windows\System32\apigb32.exe
C:\Windows\System32\apigy32.exe
C:\Windows\System32\apiha32.exe
C:\Windows\System32\apihb.exe
C:\Windows\System32\apihc.exe
C:\Windows\System32\apihc32.exe
C:\Windows\System32\apihz.exe
C:\Windows\System32\apiib.exe
C:\Windows\System32\apiig32.exe
C:\Windows\System32\apiij.exe
C:\Windows\System32\apiik32.exe
C:\Windows\System32\apiit32.exe
C:\Windows\System32\apiiw32.exe
C:\Windows\System32\apiiy32.exe
C:\Windows\System32\apijm32.exe
C:\Windows\System32\apijp.exe
C:\Windows\System32\apijx.exe
C:\Windows\System32\apika32.exe
C:\Windows\System32\apikl.exe
C:\Windows\System32\apiko32.exe
C:\Windows\System32\apikq32.exe
C:\Windows\System32\apikz32.exe
C:\Windows\System32\apile.exe
C:\Windows\System32\apilo32.exe
C:\Windows\System32\apily32.exe
C:\Windows\System32\apimc.exe
C:\Windows\System32\apimn.exe
C:\Windows\System32\apimt.exe
C:\Windows\System32\apinf32.exe
C:\Windows\System32\aping32.exe
C:\Windows\System32\apinn32.exe
C:\Windows\System32\apiou.exe
C:\Windows\System32\apipd.exe
C:\Windows\System32\apipf32.exe
C:\Windows\System32\apipq.exe
C:\Windows\System32\apipz.exe
C:\Windows\System32\apiqd.exe
C:\Windows\System32\apiqo32.exe
C:\Windows\System32\apiqy.exe
C:\Windows\System32\apiqz.exe
C:\Windows\System32\apiqz32.exe
C:\Windows\System32\apirb.exe
C:\Windows\System32\apirf.exe
C:\Windows\System32\apiri32.exe
C:\Windows\System32\apirs.exe
C:\Windows\System32\apirt.exe
C:\Windows\System32\apirt32.exe
C:\Windows\System32\apisl32.exe
C:\Windows\System32\apisn32.exe
C:\Windows\System32\apisp.exe
C:\Windows\System32\apisq32.exe
C:\Windows\System32\apist32.exe
C:\Windows\System32\apisu32.exe
C:\Windows\System32\apisz32.exe
C:\Windows\System32\apitl.exe
C:\Windows\System32\apiuf.exe
C:\Windows\System32\apiuj.exe
C:\Windows\System32\apiuv32.exe
C:\Windows\System32\apiuw32.exe
C:\Windows\System32\apivd32.exe
C:\Windows\System32\apivm.exe
C:\Windows\System32\apivt.exe
C:\Windows\System32\apivx32.exe
C:\Windows\System32\apiwc32.exe
C:\Windows\System32\apiwr32.exe
C:\Windows\System32\apiwu.exe
C:\Windows\System32\apiwy.exe
C:\Windows\System32\apixd32.exe
C:\Windows\System32\apixm.exe
C:\Windows\System32\apixn32.exe
C:\Windows\System32\apixq32.exe
C:\Windows\System32\apixy32.exe
C:\Windows\System32\apiya.exe
C:\Windows\System32\apiyj32.exe
C:\Windows\System32\apiyz32.exe
C:\Windows\System32\apizb32.exe
C:\Windows\System32\apizj32.exe
C:\Windows\System32\apizx32.exe
C:\Windows\System32\appag32.exe
C:\Windows\System32\appar32.exe
C:\Windows\System32\appbd32.exe
C:\Windows\System32\appbk32.exe
C:\Windows\System32\appbl32.exe
C:\Windows\System32\appbw32.exe
C:\Windows\System32\appcb32.exe
C:\Windows\System32\appcn32.exe
C:\Windows\System32\appcp32.exe
C:\Windows\System32\appcv.exe
C:\Windows\System32\appcy32.exe
C:\Windows\System32\appdc32.exe
C:\Windows\System32\appdk.exe
C:\Windows\System32\appdm32.exe
C:\Windows\System32\appdn.exe
C:\Windows\System32\appdt32.exe
C:\Windows\System32\appdy.exe
C:\Windows\System32\appek.exe
C:\Windows\System32\appez.exe
C:\Windows\System32\appez32.exe
C:\Windows\System32\appff.exe
C:\Windows\System32\appfi.exe
C:\Windows\System32\appfj32.exe
C:\Windows\System32\appfn32.exe
C:\Windows\System32\appfq32.exe
C:\Windows\System32\appfw32.exe
C:\Windows\System32\appgc32.exe
C:\Windows\System32\appgg32.exe
C:\Windows\System32\appgm32.exe
C:\Windows\System32\appgq32.exe
C:\Windows\System32\appgu32.exe
C:\Windows\System32\appht.exe
C:\Windows\System32\apphy.exe
C:\Windows\System32\appie.exe
C:\Windows\System32\appio.exe
C:\Windows\System32\appir32.exe
C:\Windows\System32\appji32.exe
C:\Windows\System32\appjl.exe
C:\Windows\System32\appjs.exe
C:\Windows\System32\appjt32.exe
C:\Windows\System32\appkd.exe
C:\Windows\System32\appko32.exe
C:\Windows\System32\appkq.exe
C:\Windows\System32\appkt32.exe
C:\Windows\System32\applj.exe
C:\Windows\System32\applk.exe
C:\Windows\System32\appll.exe
C:\Windows\System32\appln.exe
C:\Windows\System32\applu.exe
C:\Windows\System32\applu32.exe
C:\Windows\System32\applv32.exe
C:\Windows\System32\applw.exe
C:\Windows\System32\appmc32.exe
C:\Windows\System32\appmd32.exe
C:\Windows\System32\appmo32.exe
C:\Windows\System32\appnc.exe
C:\Windows\System32\appnf32.exe
C:\Windows\System32\appnq.exe
C:\Windows\System32\appnt.exe
C:\Windows\System32\appoc32.exe
C:\Windows\System32\appog32.exe
C:\Windows\System32\appow.exe
C:\Windows\System32\apppb.exe
C:\Windows\System32\apppq.exe
C:\Windows\System32\appps.exe
C:\Windows\System32\apppu32.exe
C:\Windows\System32\apppw.exe
C:\Windows\System32\appqg.exe
C:\Windows\System32\appqn.exe
C:\Windows\System32\appqo32.exe
C:\Windows\System32\appqu.exe
C:\Windows\System32\apprb.exe
C:\Windows\System32\apprg.exe
C:\Windows\System32\apprn.exe
C:\Windows\System32\appru32.exe
C:\Windows\System32\appsg32.exe
C:\Windows\System32\appsn32.exe
C:\Windows\System32\apptb32.exe
C:\Windows\System32\apptf.exe
C:\Windows\System32\apptk.exe
C:\Windows\System32\apptl.exe
C:\Windows\System32\apptz.exe
C:\Windows\System32\appub.exe
C:\Windows\System32\appuc32.exe
C:\Windows\System32\appug32.exe
C:\Windows\System32\appvb32.exe
C:\Windows\System32\appvh.exe
C:\Windows\System32\appvj.exe
C:\Windows\System32\appvu32.exe
C:\Windows\System32\appvz.exe
C:\Windows\System32\appwc32.exe
C:\Windows\System32\appwl.exe
C:\Windows\System32\appwl32.exe
C:\Windows\System32\appwt32.exe
C:\Windows\System32\appww.exe
C:\Windows\System32\appww32.exe
C:\Windows\System32\appwx32.exe
C:\Windows\System32\appxu.exe
C:\Windows\System32\appya.exe
C:\Windows\System32\appyg32.exe
C:\Windows\System32\appzd32.exe
C:\Windows\System32\appzu32.exe
C:\Windows\System32\appzz32.exe
C:\Windows\System32\atlaw32.exe
C:\Windows\System32\atlay32.exe
C:\Windows\System32\atlbf32.exe
C:\Windows\System32\atlbk.exe
C:\Windows\System32\atlbl32.exe
C:\Windows\System32\atlce32.exe
C:\Windows\System32\atlcr.exe
C:\Windows\System32\atlcv32.exe
C:\Windows\System32\atldl32.exe
C:\Windows\System32\atldp32.exe
C:\Windows\System32\atldt32.exe
C:\Windows\System32\atldy.exe
C:\Windows\System32\atlen.exe
C:\Windows\System32\atleu32.exe
C:\Windows\System32\atlex32.exe
C:\Windows\System32\atlfb32.exe
C:\Windows\System32\atlfc.exe
C:\Windows\System32\atlfw.exe
C:\Windows\System32\atlhb.exe
C:\Windows\System32\atlhd.exe
C:\Windows\System32\atlhj.exe
C:\Windows\System32\atlho32.exe
C:\Windows\System32\atlhx32.exe
C:\Windows\System32\atlid.exe
C:\Windows\System32\atlif.exe
C:\Windows\System32\atliu.exe
C:\Windows\System32\atljd32.exe
C:\Windows\System32\atlka32.exe
C:\Windows\System32\atlkh32.exe
C:\Windows\System32\atlki32.exe
C:\Windows\System32\atlkj32.exe
C:\Windows\System32\atlko.exe
C:\Windows\System32\atlkp32.exe
C:\Windows\System32\atlkw32.exe
C:\Windows\System32\atllh.exe
C:\Windows\System32\atllj.exe
C:\Windows\System32\atllq.exe
C:\Windows\System32\atllu32.exe
C:\Windows\System32\atlmd32.exe
C:\Windows\System32\atlmm.exe
C:\Windows\System32\atlmo.exe
C:\Windows\System32\atlmu32.exe
C:\Windows\System32\atlnd32.exe
C:\Windows\System32\atlnl32.exe
C:\Windows\System32\atlnp.exe
C:\Windows\System32\atlnw.exe
C:\Windows\System32\atlok32.exe
C:\Windows\System32\atlos32.exe
C:\Windows\System32\atlpg32.exe
C:\Windows\System32\atlpo32.exe
C:\Windows\System32\atlpw32.exe
C:\Windows\System32\atlqe.exe
C:\Windows\System32\atlqi32.exe
C:\Windows\System32\atlqp32.exe
C:\Windows\System32\atlqr32.exe
C:\Windows\System32\atlqs32.exe
C:\Windows\System32\atlqw.exe
C:\Windows\System32\atlqx.exe
C:\Windows\System32\atlqy.exe
C:\Windows\System32\atlre.exe
C:\Windows\System32\atlrh32.exe
C:\Windows\System32\atlrn.exe
C:\Windows\System32\atlsh32.exe
C:\Windows\System32\atlsl.exe
C:\Windows\System32\atlsq32.exe
C:\Windows\System32\atlsz32.exe
C:\Windows\System32\atltc32.exe
C:\Windows\System32\atltf.exe
C:\Windows\System32\atlti32.exe
C:\Windows\System32\atlto.exe
C:\Windows\System32\atltp.exe
C:\Windows\System32\atltp32.exe
C:\Windows\System32\atlub32.exe
C:\Windows\System32\atlul32.exe
C:\Windows\System32\atlum32.exe
C:\Windows\System32\atlvh32.exe
C:\Windows\System32\atlvw.exe
C:\Windows\System32\atlvz.exe
C:\Windows\System32\atlwi32.exe
C:\Windows\System32\atlwk32.exe
C:\Windows\System32\atlwm32.exe
C:\Windows\System32\atlwq.exe
C:\Windows\System32\atlwr32.exe
C:\Windows\System32\atlwz32.exe
C:\Windows\System32\atlxe.exe
C:\Windows\System32\atlxq32.exe
C:\Windows\System32\atlxs.exe
C:\Windows\System32\atlxw32.exe
C:\Windows\System32\atlya.exe
C:\Windows\System32\atlyq.exe
C:\Windows\System32\atlzc.exe
C:\Windows\System32\atlze32.exe
C:\Windows\System32\atlzg32.exe
C:\Windows\System32\atlzu.exe
C:\Windows\System32\atlzz.exe
C:\Windows\System32\atlzz32.exe
C:\Windows\System32\craa.exe
C:\Windows\System32\crao32.exe
C:\Windows\System32\craw32.exe
C:\Windows\System32\crbl32.exe
C:\Windows\System32\crbr32.exe
C:\Windows\System32\crbu.exe
C:\Windows\System32\crbv32.exe
C:\Windows\System32\crbx32.exe
C:\Windows\System32\crbz.exe
C:\Windows\System32\crcf.exe
C:\Windows\System32\crch.exe
C:\Windows\System32\crcj32.exe
C:\Windows\System32\crcp.exe
C:\Windows\System32\crcx32.exe
C:\Windows\System32\crdo32.exe
C:\Windows\System32\crdt32.exe
C:\Windows\System32\creg.exe
C:\Windows\System32\creg32.exe
C:\Windows\System32\crer.exe
C:\Windows\System32\cres32.exe
C:\Windows\System32\crfc.exe
C:\Windows\System32\crfi32.exe
C:\Windows\System32\crfl.exe
C:\Windows\System32\crfq32.exe
C:\Windows\System32\crft.exe
C:\Windows\System32\crga.exe
C:\Windows\System32\crgb.exe
C:\Windows\System32\crgs32.exe
C:\Windows\System32\crhf.exe
C:\Windows\System32\crho32.exe
C:\Windows\System32\crht32.exe
C:\Windows\System32\crit32.exe
C:\Windows\System32\criw32.exe
C:\Windows\System32\crix32.exe
C:\Windows\System32\crjb32.exe
C:\Windows\System32\crjd.exe
C:\Windows\System32\crjg.exe
C:\Windows\System32\crjm.exe
C:\Windows\System32\crjn.exe
C:\Windows\System32\crjq.exe
C:\Windows\System32\crjr32.exe
C:\Windows\System32\crjs32.exe
C:\Windows\System32\crkb32.exe
C:\Windows\System32\crke32.exe
C:\Windows\System32\crkj.exe
C:\Windows\System32\crkn32.exe
C:\Windows\System32\crku32.exe
C:\Windows\System32\crlb32.exe
C:\Windows\System32\crld32.exe
C:\Windows\System32\crll.exe
C:\Windows\System32\crlq.exe
C:\Windows\System32\crlu32.exe
C:\Windows\System32\crmb.exe
C:\Windows\System32\crme.exe
C:\Windows\System32\crmr.exe
C:\Windows\System32\crmw32.exe
C:\Windows\System32\crmy32.exe
C:\Windows\System32\crng.exe
C:\Windows\System32\crnj32.exe
C:\Windows\System32\crnq32.exe
C:\Windows\System32\crnt32.exe
C:\Windows\System32\crnz32.exe
C:\Windows\System32\croj.exe
C:\Windows\System32\crop.exe
C:\Windows\System32\croq.exe
C:\Windows\System32\crpr32.exe
C:\Windows\System32\crqb.exe
C:\Windows\System32\crqb32.exe
C:\Windows\System32\crqc.exe
C:\Windows\System32\crqg32.exe
C:\Windows\System32\crqi32.exe
C:\Windows\System32\crqj.exe
C:\Windows\System32\crqm.exe
C:\Windows\System32\crqy.exe
C:\Windows\System32\crrk.exe
C:\Windows\System32\crrt.exe
C:\Windows\System32\crrx.exe
C:\Windows\System32\crsc32.exe
C:\Windows\System32\crsp32.exe
C:\Windows\System32\crsr32.exe
C:\Windows\System32\crtj.exe
C:\Windows\System32\crtl32.exe
C:\Windows\System32\crtq.exe
C:\Windows\System32\crub.exe
C:\Windows\System32\cruj.exe
C:\Windows\System32\crum.exe
C:\Windows\System32\cruq32.exe
C:\Windows\System32\crus32.exe
C:\Windows\System32\cruw32.exe
C:\Windows\System32\crvd32.exe
C:\Windows\System32\crvj.exe
C:\Windows\System32\crvt32.exe
C:\Windows\System32\crvv.exe
C:\Windows\System32\crwa32.exe
C:\Windows\System32\crwk.exe
C:\Windows\System32\crwm.exe
C:\Windows\System32\crws32.exe
C:\Windows\System32\crwx.exe
C:\Windows\System32\crxg32.exe
C:\Windows\System32\crxk32.exe
C:\Windows\System32\crxq.exe
C:\Windows\System32\cryu.exe
C:\Windows\System32\cryu32.exe
C:\Windows\System32\crzb32.exe
C:\Windows\System32\crzk.exe
C:\Windows\System32\d3ag32.exe
C:\Windows\System32\d3ak.exe
C:\Windows\System32\d3au32.exe
C:\Windows\System32\d3bi.exe
C:\Windows\System32\d3bk.exe
C:\Windows\System32\d3bl32.exe
C:\Windows\System32\d3bm32.exe
C:\Windows\System32\d3bo.exe
C:\Windows\System32\d3cf.exe
C:\Windows\System32\d3cu32.exe
C:\Windows\System32\d3dg.exe
C:\Windows\System32\d3fb.exe
C:\Windows\System32\d3fc32.exe
C:\Windows\System32\d3fv.exe
C:\Windows\System32\d3fy32.exe
C:\Windows\System32\d3hd.exe
C:\Windows\System32\d3hm32.exe
C:\Windows\System32\d3hp.exe
C:\Windows\System32\d3hr32.exe
C:\Windows\System32\d3hz32.exe
C:\Windows\System32\d3ie.exe
C:\Windows\System32\d3if32.exe
C:\Windows\System32\d3in32.exe
C:\Windows\System32\d3iq.exe
C:\Windows\System32\d3iv32.exe
C:\Windows\System32\d3ix.exe
C:\Windows\System32\d3iz32.exe
C:\Windows\System32\d3jp.exe
C:\Windows\System32\d3jv32.exe
C:\Windows\System32\d3ke32.exe
C:\Windows\System32\d3ki32.exe
C:\Windows\System32\d3kq32.exe
C:\Windows\System32\d3kz.exe
C:\Windows\System32\d3lb32.exe
C:\Windows\System32\d3li.exe
C:\Windows\System32\d3ll.exe
C:\Windows\System32\d3lu.exe
C:\Windows\System32\d3lx32.exe
C:\Windows\System32\d3ly.exe
C:\Windows\System32\d3mh32.exe
C:\Windows\System32\d3mn.exe
C:\Windows\System32\d3mx32.exe
C:\Windows\System32\d3nj32.exe
C:\Windows\System32\d3nm32.exe
C:\Windows\System32\d3np32.exe
C:\Windows\System32\d3ny.exe
C:\Windows\System32\d3nz.exe
C:\Windows\System32\d3oj.exe
C:\Windows\System32\d3ol.exe
C:\Windows\System32\d3ow.exe
C:\Windows\System32\d3pa.exe
C:\Windows\System32\d3pe32.exe
C:\Windows\System32\d3pk.exe
C:\Windows\System32\d3pn.exe
C:\Windows\System32\d3ps32.exe
C:\Windows\System32\d3pw32.exe
C:\Windows\System32\d3py.exe
C:\Windows\System32\d3qm32.exe
C:\Windows\System32\d3qq.exe
C:\Windows\System32\d3qs.exe
C:\Windows\System32\d3qy32.exe
C:\Windows\System32\d3qz32.exe
C:\Windows\System32\d3rj.exe
C:\Windows\System32\d3rz32.exe
C:\Windows\System32\d3sh.exe
C:\Windows\System32\d3so.exe
C:\Windows\System32\d3sq.exe
C:\Windows\System32\d3ti32.exe
C:\Windows\System32\d3to32.exe
C:\Windows\System32\d3tt32.exe
C:\Windows\System32\d3tw.exe
C:\Windows\System32\d3um32.exe
C:\Windows\System32\d3ur.exe
C:\Windows\System32\d3us.exe
C:\Windows\System32\d3vg32.exe
C:\Windows\System32\d3vp.exe
C:\Windows\System32\d3vy32.exe
C:\Windows\System32\d3wi.exe
C:\Windows\System32\d3wm32.exe
C:\Windows\System32\d3wp.exe
C:\Windows\System32\d3wt32.exe
C:\Windows\System32\d3xi32.exe
C:\Windows\System32\d3xl32.exe
C:\Windows\System32\d3xy.exe
C:\Windows\System32\d3yk32.exe
C:\Windows\System32\d3yl32.exe
C:\Windows\System32\d3yp32.exe
C:\Windows\System32\d3zb.exe
C:\Windows\System32\d3zc.exe
C:\Windows\System32\d3zj32.exe
C:\Windows\System32\d3zo.exe
C:\Windows\System32\ieac.exe
C:\Windows\System32\ieaf.exe
C:\Windows\System32\ieaj.exe
C:\Windows\System32\ieay.exe
C:\Windows\System32\ieay32.exe
C:\Windows\System32\ieaz32.exe
C:\Windows\System32\iebg32.exe
C:\Windows\System32\iebj.exe
C:\Windows\System32\iecf32.exe
C:\Windows\System32\iecg32.exe
C:\Windows\System32\ieci.exe
C:\Windows\System32\iecj.exe
C:\Windows\System32\iecn32.exe
C:\Windows\System32\ieco.exe
C:\Windows\System32\iedc.exe
C:\Windows\System32\ieeg32.exe
C:\Windows\System32\ieer32.exe
C:\Windows\System32\ieff.exe
C:\Windows\System32\iefn.exe
C:\Windows\System32\iefz32.exe
C:\Windows\System32\iegd32.exe
C:\Windows\System32\iegh32.exe
C:\Windows\System32\iegi.exe
C:\Windows\System32\iego.exe
C:\Windows\System32\iegr.exe
C:\Windows\System32\iegx.exe
C:\Windows\System32\iehl32.exe
C:\Windows\System32\iehv32.exe
C:\Windows\System32\iehw.exe
C:\Windows\System32\ieiz.exe
C:\Windows\System32\iejb.exe
C:\Windows\System32\iejd32.exe
C:\Windows\System32\ieje32.exe
C:\Windows\System32\iejf32.exe
C:\Windows\System32\iejg32.exe
C:\Windows\System32\iejm.exe
C:\Windows\System32\iejs32.exe
C:\Windows\System32\iejw32.exe
C:\Windows\System32\iejz.exe
C:\Windows\System32\iekx32.exe
C:\Windows\System32\ielb.exe
C:\Windows\System32\ielb32.exe
C:\Windows\System32\ielg.exe
C:\Windows\System32\iell.exe
C:\Windows\System32\ieln.exe
C:\Windows\System32\ieme32.exe
C:\Windows\System32\iemj.exe
C:\Windows\System32\iemq.exe
C:\Windows\System32\iemu32.exe
C:\Windows\System32\iemz32.exe
C:\Windows\System32\ienm32.exe
C:\Windows\System32\ienn.exe
C:\Windows\System32\ieoj.exe
C:\Windows\System32\ieol.exe
C:\Windows\System32\ieou.exe
C:\Windows\System32\ieoy32.exe
C:\Windows\System32\iepk32.exe
C:\Windows\System32\iepq.exe
C:\Windows\System32\ieps32.exe
C:\Windows\System32\iepv32.exe
C:\Windows\System32\iepx32.exe
C:\Windows\System32\iepy.exe
C:\Windows\System32\ieqg.exe
C:\Windows\System32\iera.exe
C:\Windows\System32\ierg32.exe
C:\Windows\System32\iesd.exe
C:\Windows\System32\iese32.exe
C:\Windows\System32\iesg32.exe
C:\Windows\System32\iesw32.exe
C:\Windows\System32\ietc.exe
C:\Windows\System32\ietm.exe
C:\Windows\System32\ietq.exe
C:\Windows\System32\ieui32.exe
C:\Windows\System32\ieul.exe
C:\Windows\System32\ieum32.exe
C:\Windows\System32\ieuo32.exe
C:\Windows\System32\ieuq.exe
C:\Windows\System32\ievc.exe
C:\Windows\System32\ievh32.exe
C:\Windows\System32\ievk32.exe
C:\Windows\System32\ievl.exe
C:\Windows\System32\ievq.exe
C:\Windows\System32\ievx32.exe
C:\Windows\System32\iewc.exe
C:\Windows\System32\iewi32.exe
C:\Windows\System32\iewl32.exe
C:\Windows\System32\iews32.exe
C:\Windows\System32\iexa32.exe
C:\Windows\System32\iexk32.exe
C:\Windows\System32\iexy32.exe
C:\Windows\System32\ieyb32.exe
C:\Windows\System32\ieyx32.exe
C:\Windows\System32\ieyz.exe
C:\Windows\System32\ieza.exe
C:\Windows\System32\iezg.exe
C:\Windows\System32\iezk.exe
C:\Windows\System32\iezo32.exe
C:\Windows\System32\iezu32.exe
C:\Windows\System32\ipab.exe
C:\Windows\System32\ipal32.exe
C:\Windows\System32\ipan.exe
C:\Windows\System32\ipar.exe
C:\Windows\System32\ipat32.exe
C:\Windows\System32\ipbd.exe
C:\Windows\System32\ipbj.exe
C:\Windows\System32\ipbv.exe
C:\Windows\System32\ipdk.exe
C:\Windows\System32\ipdt.exe
C:\Windows\System32\iped32.exe
C:\Windows\System32\ipej.exe
C:\Windows\System32\ipem.exe
C:\Windows\System32\ipen32.exe
C:\Windows\System32\ipep.exe
C:\Windows\System32\iper32.exe
C:\Windows\System32\ipfd32.exe
C:\Windows\System32\ipfo32.exe
C:\Windows\System32\ipgz.exe
C:\Windows\System32\iphi.exe
C:\Windows\System32\iphs32.exe
C:\Windows\System32\iphu32.exe
C:\Windows\System32\iphv.exe
C:\Windows\System32\iphw32.exe
C:\Windows\System32\ipid32.exe
C:\Windows\System32\ipig32.exe
C:\Windows\System32\ipih32.exe
C:\Windows\System32\ipio32.exe
C:\Windows\System32\ipiq32.exe
C:\Windows\System32\ipiu.exe
C:\Windows\System32\ipjb32.exe
C:\Windows\System32\ipje.exe
C:\Windows\System32\ipji32.exe
C:\Windows\System32\ipjm32.exe
C:\Windows\System32\ipjs32.exe
C:\Windows\System32\ipjv32.exe
C:\Windows\System32\ipkb32.exe
C:\Windows\System32\ipku32.exe
C:\Windows\System32\iplo.exe
C:\Windows\System32\iplq32.exe
C:\Windows\System32\ipmi32.exe
C:\Windows\System32\ipml32.exe
C:\Windows\System32\ipmq32.exe
C:\Windows\System32\ipmt.exe
C:\Windows\System32\ipna.exe
C:\Windows\System32\ipnm32.exe
C:\Windows\System32\ipns32.exe
C:\Windows\System32\ipny.exe
C:\Windows\System32\ipny32.exe
C:\Windows\System32\ipon32.exe
C:\Windows\System32\ipoq32.exe
C:\Windows\System32\ipor32.exe
C:\Windows\System32\ipoy32.exe
C:\Windows\System32\ippa32.exe
C:\Windows\System32\ippg32.exe
C:\Windows\System32\ippm32.exe
C:\Windows\System32\ippq.exe
C:\Windows\System32\ippw.exe
C:\Windows\System32\ipqb.exe
C:\Windows\System32\ipqh32.exe
C:\Windows\System32\ipqm.exe
C:\Windows\System32\ipqo32.exe
C:\Windows\System32\ipqx32.exe
C:\Windows\System32\iprg.exe
C:\Windows\System32\ipri.exe
C:\Windows\System32\iprm32.exe
C:\Windows\System32\iprr32.exe
C:\Windows\System32\iprz.exe
C:\Windows\System32\iprz32.exe
C:\Windows\System32\ipsg.exe
C:\Windows\System32\ipsk.exe
C:\Windows\System32\ipsm32.exe
C:\Windows\System32\ipsx32.exe
C:\Windows\System32\ipsy32.exe
C:\Windows\System32\ipta.exe
C:\Windows\System32\iptg32.exe
C:\Windows\System32\ipts32.exe
C:\Windows\System32\iptt.exe
C:\Windows\System32\iptx32.exe
C:\Windows\System32\ipue32.exe
C:\Windows\System32\ipuh.exe
C:\Windows\System32\ipun32.exe
C:\Windows\System32\ipuv.exe
C:\Windows\System32\ipvg32.exe
C:\Windows\System32\ipvn.exe
C:\Windows\System32\ipvn32.exe
C:\Windows\System32\ipwh.exe
C:\Windows\System32\ipwp32.exe
C:\Windows\System32\ipwz.exe
C:\Windows\System32\ipxh.exe
C:\Windows\System32\ipxn32.exe
C:\Windows\System32\ipxp32.exe
C:\Windows\System32\ipxt32.exe
C:\Windows\System32\ipyq.exe
C:\Windows\System32\ipyx.exe
C:\Windows\System32\ipzy32.exe
C:\Windows\System32\javaaa32.exe
C:\Windows\System32\javaac32.exe
C:\Windows\System32\javaah32.exe
C:\Windows\System32\javaal32.exe
C:\Windows\System32\javaan.exe
C:\Windows\System32\javaau.exe
C:\Windows\System32\javaav32.exe
C:\Windows\System32\javabd32.exe
C:\Windows\System32\javabg32.exe
C:\Windows\System32\javabv.exe
C:\Windows\System32\javaby.exe
C:\Windows\System32\javaca.exe
C:\Windows\System32\javacb.exe
C:\Windows\System32\javacs32.exe
C:\Windows\System32\javacz.exe
C:\Windows\System32\javadd.exe
C:\Windows\System32\javadg.exe
C:\Windows\System32\javadm32.exe
C:\Windows\System32\javadu32.exe
C:\Windows\System32\javadv.exe
C:\Windows\System32\javadw32.exe
C:\Windows\System32\javaeh32.exe
C:\Windows\System32\javaei.exe
C:\Windows\System32\javaew32.exe
C:\Windows\System32\javaff.exe
C:\Windows\System32\javafx.exe
C:\Windows\System32\javafx32.exe
C:\Windows\System32\javagc32.exe
C:\Windows\System32\javagf32.exe
C:\Windows\System32\javags.exe
C:\Windows\System32\javahk.exe
C:\Windows\System32\javahp.exe
C:\Windows\System32\javaht.exe
C:\Windows\System32\javahu32.exe
C:\Windows\System32\javaib.exe
C:\Windows\System32\javaib32.exe
C:\Windows\System32\javaik.exe
C:\Windows\System32\javaiz.exe
C:\Windows\System32\javaja.exe
C:\Windows\System32\javajg32.exe
C:\Windows\System32\javaju32.exe
C:\Windows\System32\javajv.exe
C:\Windows\System32\javakr32.exe
C:\Windows\System32\javaks32.exe
C:\Windows\System32\javakv.exe
C:\Windows\System32\javalh.exe
C:\Windows\System32\javamc.exe
C:\Windows\System32\javamo.exe
C:\Windows\System32\javams.exe
C:\Windows\System32\javamy.exe
C:\Windows\System32\javand.exe
C:\Windows\System32\javang32.exe
C:\Windows\System32\javanj32.exe
C:\Windows\System32\javanw32.exe
C:\Windows\System32\javany32.exe
C:\Windows\System32\javaos32.exe
C:\Windows\System32\javapa.exe
C:\Windows\System32\javapb32.exe
C:\Windows\System32\javapq32.exe
C:\Windows\System32\javapr.exe
C:\Windows\System32\javapx.exe
C:\Windows\System32\javaqh32.exe
C:\Windows\System32\javaqi32.exe
C:\Windows\System32\javaqj.exe
C:\Windows\System32\javaqx.exe
C:\Windows\System32\javari32.exe
C:\Windows\System32\javarj.exe
C:\Windows\System32\javarq32.exe
C:\Windows\System32\javarz32.exe
C:\Windows\System32\javase.exe
C:\Windows\System32\javasl.exe
C:\Windows\System32\javasu32.exe
C:\Windows\System32\javatf.exe
C:\Windows\System32\javatg.exe
C:\Windows\System32\javatj32.exe
C:\Windows\System32\javatp.exe
C:\Windows\System32\javatt32.exe
C:\Windows\System32\javauc.exe
C:\Windows\System32\javaue32.exe
C:\Windows\System32\javaum.exe
C:\Windows\System32\javauq.exe
C:\Windows\System32\javauq32.exe
C:\Windows\System32\javaur.exe
C:\Windows\System32\javauv.exe
C:\Windows\System32\javavb32.exe
C:\Windows\System32\javawl32.exe
C:\Windows\System32\javawy.exe
C:\Windows\System32\javaxp32.exe
C:\Windows\System32\javayb.exe
C:\Windows\System32\javayo.exe
C:\Windows\System32\javayp32.exe
C:\Windows\System32\javayr.exe
C:\Windows\System32\javazd32.exe
C:\Windows\System32\javazj32.exe
C:\Windows\System32\javazn32.exe
C:\Windows\System32\javazq.exe
C:\Windows\System32\javazq32.exe
C:\Windows\System32\mfcam32.exe
C:\Windows\System32\mfcaq.exe
C:\Windows\System32\mfcat.exe
C:\Windows\System32\mfcbe32.exe
C:\Windows\System32\mfcbj.exe
C:\Windows\System32\mfccc.exe
C:\Windows\System32\mfcce32.exe
C:\Windows\System32\mfccg32.exe
C:\Windows\System32\mfccj.exe
C:\Windows\System32\mfcco.exe
C:\Windows\System32\mfcct32.exe
C:\Windows\System32\mfcdc32.exe
C:\Windows\System32\mfcdj32.exe
C:\Windows\System32\mfcdl32.exe
C:\Windows\System32\mfcdr32.exe
C:\Windows\System32\mfcef.exe
C:\Windows\System32\mfcei32.exe
C:\Windows\System32\mfceq32.exe
C:\Windows\System32\mfcew.exe
C:\Windows\System32\mfcfj32.exe
C:\Windows\System32\mfcfn.exe
C:\Windows\System32\mfcfp32.exe
C:\Windows\System32\mfcfq.exe
C:\Windows\System32\mfcgc32.exe
C:\Windows\System32\mfcge32.exe
C:\Windows\System32\mfcgi.exe
C:\Windows\System32\mfcgj32.exe
C:\Windows\System32\mfcgq32.exe
C:\Windows\System32\mfchf.exe
C:\Windows\System32\mfchg32.exe
C:\Windows\System32\mfchj32.exe
C:\Windows\System32\mfchk32.exe
C:\Windows\System32\mfchm32.exe
C:\Windows\System32\mfchp32.exe
C:\Windows\System32\mfchw.exe
C:\Windows\System32\mfchx.exe
C:\Windows\System32\mfchy32.exe
C:\Windows\System32\mfcii.exe
C:\Windows\System32\mfcii32.exe
C:\Windows\System32\mfcil.exe
C:\Windows\System32\mfcio.exe
C:\Windows\System32\mfciq32.exe
C:\Windows\System32\mfcis32.exe
C:\Windows\System32\mfcji.exe
C:\Windows\System32\mfcjp.exe
C:\Windows\System32\mfcjw.exe
C:\Windows\System32\mfckd32.exe
C:\Windows\System32\mfckh32.exe
C:\Windows\System32\mfcko32.exe
C:\Windows\System32\mfclg32.exe
C:\Windows\System32\mfcli32.exe
C:\Windows\System32\mfclo.exe
C:\Windows\System32\mfclq.exe
C:\Windows\System32\mfclw32.exe
C:\Windows\System32\mfcmc32.exe
C:\Windows\System32\mfcmm.exe
C:\Windows\System32\mfcmp.exe
C:\Windows\System32\mfcmt.exe
C:\Windows\System32\mfcmy32.exe
C:\Windows\System32\mfcnd.exe
C:\Windows\System32\mfcnl32.exe
C:\Windows\System32\mfcnm.exe
C:\Windows\System32\mfcnr32.exe
C:\Windows\System32\mfcnu.exe
C:\Windows\System32\mfcou.exe
C:\Windows\System32\mfcpg32.exe
C:\Windows\System32\mfcpz.exe
C:\Windows\System32\mfcqs.exe
C:\Windows\System32\mfcqs32.exe
C:\Windows\System32\mfcqu.exe
C:\Windows\System32\mfcqz.exe
C:\Windows\System32\mfcra32.exe
C:\Windows\System32\mfcrg.exe
C:\Windows\System32\mfcrn32.exe
C:\Windows\System32\mfcrv.exe
C:\Windows\System32\mfcsh.exe
C:\Windows\System32\mfcth.exe
C:\Windows\System32\mfctk.exe
C:\Windows\System32\mfctm.exe
C:\Windows\System32\mfcto32.exe
C:\Windows\System32\mfctq32.exe
C:\Windows\System32\mfcts.exe
C:\Windows\System32\mfcuc.exe
C:\Windows\System32\mfcuf32.exe
C:\Windows\System32\mfcuj32.exe
C:\Windows\System32\mfcvj32.exe
C:\Windows\System32\mfcvq32.exe
C:\Windows\System32\mfcxs32.exe
C:\Windows\System32\mfcxw32.exe
C:\Windows\System32\mfcxx32.exe
C:\Windows\System32\mfcyx.exe
C:\Windows\System32\mfczt.exe
C:\Windows\System32\msae32.exe
C:\Windows\System32\msag32.exe
C:\Windows\System32\msat32.exe
C:\Windows\System32\msbi32.exe
C:\Windows\System32\msbo32.exe
C:\Windows\System32\msbz.exe
C:\Windows\System32\mscn.exe
C:\Windows\System32\msco32.exe
C:\Windows\System32\mscx32.exe
C:\Windows\System32\msdf.exe
C:\Windows\System32\msdr.exe
C:\Windows\System32\msdr32.exe
C:\Windows\System32\msdu.exe
C:\Windows\System32\msen.exe
C:\Windows\System32\mseo.exe
C:\Windows\System32\mset32.exe
C:\Windows\System32\msey.exe
C:\Windows\System32\msfa.exe
C:\Windows\System32\msfb32.exe
C:\Windows\System32\msfg32.exe
C:\Windows\System32\msfi32.exe
C:\Windows\System32\msfk.exe
C:\Windows\System32\msfy32.exe
C:\Windows\System32\msga.exe
C:\Windows\System32\msgn.exe
C:\Windows\System32\msgo.exe
C:\Windows\System32\msgy32.exe
C:\Windows\System32\msha32.exe
C:\Windows\System32\mshh32.exe
C:\Windows\System32\mshl32.exe
C:\Windows\System32\msht32.exe
C:\Windows\System32\mshw.exe
C:\Windows\System32\msiz.exe
C:\Windows\System32\msji32.exe
C:\Windows\System32\msjn32.exe
C:\Windows\System32\msjq.exe
C:\Windows\System32\msjt32.exe
C:\Windows\System32\msjz32.exe
C:\Windows\System32\mska32.exe
C:\Windows\System32\mskb32.exe
C:\Windows\System32\mskc.exe
C:\Windows\System32\mskn32.exe
C:\Windows\System32\mskt.exe
C:\Windows\System32\mskx32.exe
C:\Windows\System32\msky32.exe
C:\Windows\System32\mslm32.exe
C:\Windows\System32\mslq.exe
C:\Windows\System32\mslq32.exe
C:\Windows\System32\msmf32.exe
C:\Windows\System32\msmh32.exe
C:\Windows\System32\msmj.exe
C:\Windows\System32\msmj32.exe
C:\Windows\System32\msnp32.exe
C:\Windows\System32\msns.exe
C:\Windows\System32\msnt.exe
C:\Windows\System32\msoa32.exe
C:\Windows\System32\msob32.exe
C:\Windows\System32\msoe32.exe
C:\Windows\System32\msog.exe
C:\Windows\System32\msoh.exe
C:\Windows\System32\msoj.exe
C:\Windows\System32\msos32.exe
C:\Windows\System32\msow32.exe
C:\Windows\System32\mspf.exe
C:\Windows\System32\mspf32.exe
C:\Windows\System32\mspw32.exe
C:\Windows\System32\msqc32.exe
C:\Windows\System32\msqn32.exe
C:\Windows\System32\msqw.exe
C:\Windows\System32\msrh.exe
C:\Windows\System32\msri.exe
C:\Windows\System32\msrj.exe
C:\Windows\System32\msrp.exe
C:\Windows\System32\msrz32.exe
C:\Windows\System32\mssd.exe
C:\Windows\System32\mssh32.exe
C:\Windows\System32\mssj.exe
C:\Windows\System32\mssk32.exe
C:\Windows\System32\mssn.exe
C:\Windows\System32\msss32.exe
C:\Windows\System32\mstg32.exe
C:\Windows\System32\mstk32.exe
C:\Windows\System32\mstn32.exe
C:\Windows\System32\mstv32.exe
C:\Windows\System32\mstx32.exe
C:\Windows\System32\msub32.exe
C:\Windows\System32\msuc32.exe
C:\Windows\System32\msuh32.exe
C:\Windows\System32\msuv32.exe
C:\Windows\System32\msvg.exe
C:\Windows\System32\msvi32.exe
C:\Windows\System32\msvl32.exe
C:\Windows\System32\msvp32.exe
C:\Windows\System32\msvw32.exe
C:\Windows\System32\mswe32.exe
C:\Windows\System32\mswg.exe
C:\Windows\System32\mswk.exe
C:\Windows\System32\mswo32.exe
C:\Windows\System32\msxo32.exe
C:\Windows\System32\msxp32.exe
C:\Windows\System32\msya.exe
C:\Windows\System32\msyd.exe
C:\Windows\System32\msyd32.exe
C:\Windows\System32\msyh.exe
C:\Windows\System32\msyn.exe
C:\Windows\System32\msys.exe
C:\Windows\System32\msyv32.exe
C:\Windows\System32\msyx.exe
C:\Windows\System32\msyz.exe
C:\Windows\System32\msza.exe
C:\Windows\System32\mszc32.exe
C:\Windows\System32\mszi32.exe
C:\Windows\System32\mszm.exe
C:\Windows\System32\netaa.exe
C:\Windows\System32\netaf.exe
C:\Windows\System32\netah.exe
C:\Windows\System32\netai32.exe
C:\Windows\System32\netam32.exe
C:\Windows\System32\netaw32.exe
C:\Windows\System32\netax32.exe
C:\Windows\System32\netbb32.exe
C:\Windows\System32\netbc.exe
C:\Windows\System32\netbg.exe
C:\Windows\System32\netbn32.exe
C:\Windows\System32\netcc.exe
C:\Windows\System32\netcm32.exe
C:\Windows\System32\netcu32.exe
C:\Windows\System32\netcx.exe
C:\Windows\System32\netdh32.exe
C:\Windows\System32\netdr.exe
C:\Windows\System32\netdu32.exe
C:\Windows\System32\neted.exe
C:\Windows\System32\neteh.exe
C:\Windows\System32\netel.exe
C:\Windows\System32\netes.exe
C:\Windows\System32\netev32.exe
C:\Windows\System32\netfh32.exe
C:\Windows\System32\netgf.exe
C:\Windows\System32\netgk32.exe
C:\Windows\System32\netgy.exe
C:\Windows\System32\netgz.exe
C:\Windows\System32\nethf32.exe
C:\Windows\System32\nethn32.exe
C:\Windows\System32\netho.exe
C:\Windows\System32\netid.exe
C:\Windows\System32\netja.exe
C:\Windows\System32\netje32.exe
C:\Windows\System32\netjg.exe
C:\Windows\System32\netjm32.exe
C:\Windows\System32\netjo32.exe
C:\Windows\System32\netjs32.exe
C:\Windows\System32\netjy.exe
C:\Windows\System32\netke.exe
C:\Windows\System32\netkg.exe
C:\Windows\System32\netlk32.exe
C:\Windows\System32\netlz32.exe
C:\Windows\System32\netmk.exe
C:\Windows\System32\netml32.exe
C:\Windows\System32\netmq32.exe
C:\Windows\System32\netmr.exe
C:\Windows\System32\netmu32.exe
C:\Windows\System32\netna32.exe
C:\Windows\System32\netnb32.exe
C:\Windows\System32\netnd32.exe
C:\Windows\System32\netnp32.exe
C:\Windows\System32\netoi.exe
C:\Windows\System32\netom.exe
C:\Windows\System32\netor32.exe
C:\Windows\System32\netov32.exe
C:\Windows\System32\netoy.exe
C:\Windows\System32\netpl32.exe
C:\Windows\System32\netpr.exe
C:\Windows\System32\netpr32.exe
C:\Windows\System32\netpu32.exe
C:\Windows\System32\netpz.exe
C:\Windows\System32\netqp32.exe
C:\Windows\System32\netqt32.exe
C:\Windows\System32\netqy32.exe
C:\Windows\System32\netre.exe
C:\Windows\System32\netrf.exe
C:\Windows\System32\netro.exe
C:\Windows\System32\netry32.exe
C:\Windows\System32\netsm32.exe
C:\Windows\System32\netsx.exe
C:\Windows\System32\nettf.exe
C:\Windows\System32\nettk.exe
C:\Windows\System32\netug.exe
C:\Windows\System32\netuq.exe
C:\Windows\System32\netur32.exe
C:\Windows\System32\netvm.exe
C:\Windows\System32\netvr.exe
C:\Windows\System32\netvu32.exe
C:\Windows\System32\netvy32.exe
C:\Windows\System32\netwf.exe
C:\Windows\System32\netwz.exe
C:\Windows\System32\netxh32.exe
C:\Windows\System32\netxs32.exe
C:\Windows\System32\netxu32.exe
C:\Windows\System32\netyf.exe
C:\Windows\System32\netyi.exe
C:\Windows\System32\netyt32.exe
C:\Windows\System32\netyw.exe
C:\Windows\System32\netzg.exe
C:\Windows\System32\netzg32.exe
C:\Windows\System32\ntak.exe
C:\Windows\System32\ntap32.exe
C:\Windows\System32\ntaw.exe
C:\Windows\System32\ntay.exe
C:\Windows\System32\ntaz32.exe
C:\Windows\System32\ntbh32.exe
C:\Windows\System32\ntbj.exe
C:\Windows\System32\ntbp.exe
C:\Windows\System32\ntbw.exe
C:\Windows\System32\ntby32.exe
C:\Windows\System32\ntcc32.exe
C:\Windows\System32\ntcl32.exe
C:\Windows\System32\ntcp32.exe
C:\Windows\System32\ntct.exe
C:\Windows\System32\nted.exe
C:\Windows\System32\ntef.exe
C:\Windows\System32\ntej32.exe
C:\Windows\System32\ntek32.exe
C:\Windows\System32\ntem.exe
C:\Windows\System32\ntep32.exe
C:\Windows\System32\ntes32.exe
C:\Windows\System32\ntey32.exe
C:\Windows\System32\ntff.exe
C:\Windows\System32\ntgl32.exe
C:\Windows\System32\ntgm.exe
C:\Windows\System32\ntgn.exe
C:\Windows\System32\ntgn32.exe
C:\Windows\System32\nthp32.exe
C:\Windows\System32\nthz32.exe
C:\Windows\System32\ntii.exe
C:\Windows\System32\ntim32.exe
C:\Windows\System32\ntis32.exe
C:\Windows\System32\ntja32.exe
C:\Windows\System32\ntjb.exe
C:\Windows\System32\ntjf32.exe
C:\Windows\System32\ntjh.exe
C:\Windows\System32\ntkp.exe
C:\Windows\System32\ntla32.exe
C:\Windows\System32\ntls.exe
C:\Windows\System32\ntlv32.exe
C:\Windows\System32\ntmp.exe
C:\Windows\System32\ntmv.exe
C:\Windows\System32\ntnb32.exe
C:\Windows\System32\ntng32.exe
C:\Windows\System32\ntni32.exe
C:\Windows\System32\ntoe32.exe
C:\Windows\System32\ntok.exe
C:\Windows\System32\ntom32.exe
C:\Windows\System32\ntop.exe
C:\Windows\System32\ntoq32.exe
C:\Windows\System32\ntow32.exe
C:\Windows\System32\ntpt32.exe
C:\Windows\System32\ntqd32.exe
C:\Windows\System32\ntqq.exe
C:\Windows\System32\ntqr.exe
C:\Windows\System32\ntqy.exe
C:\Windows\System32\ntrf.exe
C:\Windows\System32\ntrh.exe
C:\Windows\System32\ntrw.exe
C:\Windows\System32\ntrz.exe
C:\Windows\System32\ntsl32.exe
C:\Windows\System32\ntsy.exe
C:\Windows\System32\nttc32.exe
C:\Windows\System32\ntth32.exe
C:\Windows\System32\nttn.exe
C:\Windows\System32\ntto.exe
C:\Windows\System32\nttp.exe
C:\Windows\System32\nttz.exe
C:\Windows\System32\ntul.exe
C:\Windows\System32\ntut32.exe
C:\Windows\System32\ntuy32.exe
C:\Windows\System32\ntuz.exe
C:\Windows\System32\ntvi.exe
C:\Windows\System32\ntvj32.exe
C:\Windows\System32\ntvp.exe
C:\Windows\System32\ntvx32.exe
C:\Windows\System32\ntwo32.exe
C:\Windows\System32\ntwq.exe
C:\Windows\System32\ntwv32.exe
C:\Windows\System32\ntxg.exe
C:\Windows\System32\ntxh32.exe
C:\Windows\System32\ntxl.exe
C:\Windows\System32\ntxq32.exe
C:\Windows\System32\ntxw.exe
C:\Windows\System32\ntxx32.exe
C:\Windows\System32\ntzb32.exe
C:\Windows\System32\ntzt.exe
C:\Windows\System32\ntzv.exe
C:\Windows\System32\ntzx32.exe
C:\Windows\System32\sdkaq32.exe
C:\Windows\System32\sdkay.exe
C:\Windows\System32\sdkbc32.exe
C:\Windows\System32\sdkbf32.exe
C:\Windows\System32\sdkbh.exe
C:\Windows\System32\sdkbo.exe
C:\Windows\System32\sdkbt32.exe
C:\Windows\System32\sdkcg32.exe
C:\Windows\System32\sdkct.exe
C:\Windows\System32\sdkcv.exe
C:\Windows\System32\sdkcw.exe
C:\Windows\System32\sdkcw32.exe
C:\Windows\System32\sdkcx32.exe
C:\Windows\System32\sdkdh32.exe
C:\Windows\System32\sdkdo.exe
C:\Windows\System32\sdkdw.exe
C:\Windows\System32\sdkea.exe
C:\Windows\System32\sdkeh.exe
C:\Windows\System32\sdken.exe
C:\Windows\System32\sdkex.exe
C:\Windows\System32\sdkfc32.exe
C:\Windows\System32\sdkfg32.exe
C:\Windows\System32\sdkfj.exe
C:\Windows\System32\sdkfj32.exe
C:\Windows\System32\sdkfp.exe
C:\Windows\System32\sdkfu.exe
C:\Windows\System32\sdkfw.exe
C:\Windows\System32\sdkgf.exe
C:\Windows\System32\sdkgh32.exe
C:\Windows\System32\sdkgn.exe
C:\Windows\System32\sdkgz32.exe
C:\Windows\System32\sdkhb.exe
C:\Windows\System32\sdkhr32.exe
C:\Windows\System32\sdkib.exe
C:\Windows\System32\sdkig.exe
C:\Windows\System32\sdkij32.exe
C:\Windows\System32\sdkio32.exe
C:\Windows\System32\sdkip32.exe
C:\Windows\System32\sdkiv.exe
C:\Windows\System32\sdkix.exe
C:\Windows\System32\sdkiz.exe
C:\Windows\System32\sdkkl32.exe
C:\Windows\System32\sdkkw32.exe
C:\Windows\System32\sdkky32.exe
C:\Windows\System32\sdkkz32.exe
C:\Windows\System32\sdklf32.exe
C:\Windows\System32\sdklg.exe
C:\Windows\System32\sdklh32.exe
C:\Windows\System32\sdklq.exe
C:\Windows\System32\sdklz.exe
C:\Windows\System32\sdkmm32.exe
C:\Windows\System32\sdkmq.exe
C:\Windows\System32\sdkmq32.exe
C:\Windows\System32\sdkms32.exe
C:\Windows\System32\sdkmu.exe
C:\Windows\System32\sdkmv32.exe
C:\Windows\System32\sdknb32.exe
C:\Windows\System32\sdkng32.exe
C:\Windows\System32\sdknv32.exe
C:\Windows\System32\sdkob.exe
C:\Windows\System32\sdkom.exe
C:\Windows\System32\sdkpf32.exe
C:\Windows\System32\sdkpg32.exe
C:\Windows\System32\sdkpk32.exe
C:\Windows\System32\sdkpl.exe
C:\Windows\System32\sdkpm.exe
C:\Windows\System32\sdkpr32.exe
C:\Windows\System32\sdkqb.exe
C:\Windows\System32\sdkqd.exe
C:\Windows\System32\sdkql32.exe
C:\Windows\System32\sdkqm32.exe
C:\Windows\System32\sdkqp.exe
C:\Windows\System32\sdkqv32.exe
C:\Windows\System32\sdkrc.exe
C:\Windows\System32\sdkrk32.exe
C:\Windows\System32\sdkrn.exe
C:\Windows\System32\sdkro.exe
C:\Windows\System32\sdkrq32.exe
C:\Windows\System32\sdkrv.exe
C:\Windows\System32\sdksq32.exe
C:\Windows\System32\sdkss32.exe
C:\Windows\System32\sdksv32.exe
C:\Windows\System32\sdksw.exe
C:\Windows\System32\sdkub32.exe
C:\Windows\System32\sdkuk32.exe
C:\Windows\System32\sdkum32.exe
C:\Windows\System32\sdkun32.exe
C:\Windows\System32\sdkur.exe
C:\Windows\System32\sdkvh.exe
C:\Windows\System32\sdkvr32.exe
C:\Windows\System32\sdkvu.exe
C:\Windows\System32\sdkwc.exe
C:\Windows\System32\sdkwl.exe
C:\Windows\System32\sdkxc.exe
C:\Windows\System32\sdkxh.exe
C:\Windows\System32\sdkxj.exe
C:\Windows\System32\sdkxs32.exe
C:\Windows\System32\sdkxt32.exe
C:\Windows\System32\sdkyc32.exe
C:\Windows\System32\sdkym.exe
C:\Windows\System32\sdkyn.exe
C:\Windows\System32\sdkza.exe
C:\Windows\System32\sdkzg.exe
C:\Windows\System32\sdkzt.exe
C:\Windows\System32\sdkzv.exe
C:\Windows\System32\sysaa.exe
C:\Windows\System32\sysac32.exe
C:\Windows\System32\sysaf32.exe
C:\Windows\System32\sysam.exe
C:\Windows\System32\sysau32.exe
C:\Windows\System32\sysbk32.exe
C:\Windows\System32\sysbo.exe
C:\Windows\System32\sysbp32.exe
C:\Windows\System32\syscq32.exe
C:\Windows\System32\syscs.exe
C:\Windows\System32\syscx32.exe
C:\Windows\System32\sysda.exe
C:\Windows\System32\sysdc32.exe
C:\Windows\System32\sysdf32.exe
C:\Windows\System32\sysdi32.exe
C:\Windows\System32\sysdm32.exe
C:\Windows\System32\sysdn32.exe
C:\Windows\System32\sysed.exe
C:\Windows\System32\syseg32.exe
C:\Windows\System32\syset.exe
C:\Windows\System32\sysew.exe
C:\Windows\System32\sysez32.exe
C:\Windows\System32\sysfb32.exe
C:\Windows\System32\sysfd32.exe
C:\Windows\System32\sysfe32.exe
C:\Windows\System32\sysfq.exe
C:\Windows\System32\sysfq32.exe
C:\Windows\System32\sysfs32.exe
C:\Windows\System32\sysfx.exe
C:\Windows\System32\sysgj32.exe
C:\Windows\System32\sysgm32.exe
C:\Windows\System32\syshj32.exe
C:\Windows\System32\syshm.exe
C:\Windows\System32\syshq.exe
C:\Windows\System32\sysid.exe
C:\Windows\System32\sysif.exe
C:\Windows\System32\sysig32.exe
C:\Windows\System32\sysii32.exe
C:\Windows\System32\sysij32.exe
C:\Windows\System32\sysin.exe
C:\Windows\System32\sysio.exe
C:\Windows\System32\sysio32.exe
C:\Windows\System32\sysjt32.exe
C:\Windows\System32\sysju.exe
C:\Windows\System32\sysjv32.exe
C:\Windows\System32\syskm32.exe
C:\Windows\System32\sysky.exe
C:\Windows\System32\syskz32.exe
C:\Windows\System32\sysll.exe
C:\Windows\System32\syslx32.exe
C:\Windows\System32\sysmc.exe
C:\Windows\System32\sysmf32.exe
C:\Windows\System32\sysmj32.exe
C:\Windows\System32\sysmk.exe
C:\Windows\System32\sysne.exe
C:\Windows\System32\sysng32.exe
C:\Windows\System32\sysnn32.exe
C:\Windows\System32\sysnt32.exe
C:\Windows\System32\sysnu.exe
C:\Windows\System32\sysof.exe
C:\Windows\System32\sysoi.exe
C:\Windows\System32\sysom32.exe
C:\Windows\System32\sysop32.exe
C:\Windows\System32\syspc.exe
C:\Windows\System32\syspc32.exe
C:\Windows\System32\syspf.exe
C:\Windows\System32\syspn32.exe
C:\Windows\System32\syspv32.exe
C:\Windows\System32\syspz.exe
C:\Windows\System32\sysqc.exe
C:\Windows\System32\sysqe32.exe
C:\Windows\System32\sysqj.exe
C:\Windows\System32\sysql.exe
C:\Windows\System32\sysqo.exe
C:\Windows\System32\sysqp32.exe
C:\Windows\System32\sysqq.exe
C:\Windows\System32\sysrc.exe
C:\Windows\System32\sysrj32.exe
C:\Windows\System32\sysrt32.exe
C:\Windows\System32\sysrx32.exe
C:\Windows\System32\syssa.exe
C:\Windows\System32\syssd32.exe
C:\Windows\System32\syssr32.exe
C:\Windows\System32\syssu.exe
C:\Windows\System32\syssx.exe
C:\Windows\System32\systc.exe
C:\Windows\System32\systi.exe
C:\Windows\System32\systm.exe
C:\Windows\System32\sysuk.exe
C:\Windows\System32\sysvb32.exe
C:\Windows\System32\sysvf.exe
C:\Windows\System32\sysvh32.exe
C:\Windows\System32\sysvj32.exe
C:\Windows\System32\sysvx32.exe
C:\Windows\System32\syswm32.exe
C:\Windows\System32\syswq.exe
C:\Windows\System32\syswq32.exe
C:\Windows\System32\syswy32.exe
C:\Windows\System32\sysxb.exe
C:\Windows\System32\sysxg.exe
C:\Windows\System32\sysxl.exe
C:\Windows\System32\sysxm32.exe
C:\Windows\System32\sysxp32.exe
C:\Windows\System32\sysxq.exe
C:\Windows\System32\sysxt.exe
C:\Windows\System32\sysxy32.exe
C:\Windows\System32\sysyb.exe
C:\Windows\System32\sysyi.exe
C:\Windows\System32\sysyl32.exe
C:\Windows\System32\sysyw32.exe
C:\Windows\System32\sysze.exe
C:\Windows\System32\syszf32.exe
C:\Windows\System32\syszl32.exe
C:\Windows\System32\syszt.exe
C:\Windows\System32\syszw.exe
C:\Windows\System32\winae32.exe
C:\Windows\System32\winam32.exe
C:\Windows\System32\winan.exe
C:\Windows\System32\winaw32.exe
C:\Windows\System32\winca.exe
C:\Windows\System32\winch.exe
C:\Windows\System32\wincm32.exe
C:\Windows\System32\wincv.exe
C:\Windows\System32\wincz32.exe
C:\Windows\System32\windf32.exe
C:\Windows\System32\windk.exe
C:\Windows\System32\windl.exe
C:\Windows\System32\windq.exe
C:\Windows\System32\windt.exe
C:\Windows\System32\winej.exe
C:\Windows\System32\winex.exe
C:\Windows\System32\winfm32.exe
C:\Windows\System32\winfr.exe
C:\Windows\System32\wingd32.exe
C:\Windows\System32\wingg32.exe
C:\Windows\System32\wingp.exe
C:\Windows\System32\winhh32.exe
C:\Windows\System32\winhn.exe
C:\Windows\System32\winhs.exe
C:\Windows\System32\winid32.exe
C:\Windows\System32\winil32.exe
C:\Windows\System32\winjc.exe
C:\Windows\System32\winjq.exe
C:\Windows\System32\winkc.exe
C:\Windows\System32\winkd.exe
C:\Windows\System32\winki32.exe
C:\Windows\System32\winkr32.exe
C:\Windows\System32\winlh32.exe
C:\Windows\System32\winlk32.exe
C:\Windows\System32\winls32.exe
C:\Windows\System32\winly.exe
C:\Windows\System32\winmd.exe
C:\Windows\System32\winmo32.exe
C:\Windows\System32\winmp.exe
C:\Windows\System32\winnm.exe
C:\Windows\System32\winno.exe
C:\Windows\System32\winnu.exe
C:\Windows\System32\winob.exe
C:\Windows\System32\winob32.exe
C:\Windows\System32\winof.exe
C:\Windows\System32\winok32.exe
C:\Windows\System32\winon.exe
C:\Windows\System32\winpm.exe
C:\Windows\System32\winpn32.exe
C:\Windows\System32\winpu32.exe
C:\Windows\System32\winpv32.exe
C:\Windows\System32\winqb32.exe
C:\Windows\System32\winqh.exe
C:\Windows\System32\winqi.exe
C:\Windows\System32\winqj.exe
C:\Windows\System32\winql32.exe
C:\Windows\System32\winqt.exe
C:\Windows\System32\winqz32.exe
C:\Windows\System32\winrc.exe
C:\Windows\System32\winrg32.exe
C:\Windows\System32\winrn32.exe
C:\Windows\System32\winsb32.exe
C:\Windows\System32\winsc32.exe
C:\Windows\System32\winsi.exe
C:\Windows\System32\wintj32.exe
C:\Windows\System32\wintv32.exe
C:\Windows\System32\winud.exe
C:\Windows\System32\winuj.exe
C:\Windows\System32\winuj32.exe
C:\Windows\System32\winul32.exe
C:\Windows\System32\winuo32.exe
C:\Windows\System32\winur32.exe
C:\Windows\System32\winut32.exe
C:\Windows\System32\winuw.exe
C:\Windows\System32\winva.exe
C:\Windows\System32\winvj32.exe
C:\Windows\System32\winvk.exe
C:\Windows\System32\winwx.exe
C:\Windows\System32\winxf32.exe
C:\Windows\System32\winxk.exe
C:\Windows\System32\winyb.exe
C:\Windows\System32\winye32.exe
C:\Windows\System32\winyl32.exe
C:\Windows\System32\winyp32.exe
C:\Windows\System32\winys32.exe
C:\Windows\System32\winyx32.exe
C:\Windows\System32\winzd.exe
C:\Windows\System32\winzh32.exe
C:\Windows\System32\winzm32.exe
C:\Windows\System32\winzn32.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================



#5 chakotay2

chakotay2
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:03:23 PM

Posted 21 January 2015 - 08:50 PM

 Additional scan result of Farbar Recovery Scan Tool (x86) Version: 19-01-2015
Ran by alan at 2015-01-21 18:43:17
Running from C:\Documents and Settings\alan\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2600 (Version: 43.0.217.000 - Hewlett-Packard) Hidden
2600_Help (Version: 43.0.217.000 -  Hewlett-Packard) Hidden
2600Trb (Version: 43.0.217.000 -  Hewlett-Packard) Hidden
A768 Theme Assistant (HKLM\...\{CB91B16A-376F-4DF3-A689-28FA35F4E3F8}) (Version:  - )
Ad-aware 6 Personal (HKLM\...\Ad-aware 6 Personal) (Version: 6.0.1.181 Personal - Lavasoft)
Adobe Acrobat 5.0 (HKLM\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Flash Player ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe Flash Player Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe Illustrator 10 (HKLM\...\{412033BC-44CF-48D9-B813-4B835101F4D3}) (Version: 10 - Adobe Systems, Inc.)
Adobe Photoshop 7.0 (HKLM\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (HKLM\...\Adobe SVG Viewer) (Version:  3.0 - )
AFPL Ghostscript 8.14 (HKLM\...\AFPL Ghostscript 8.14) (Version:  - )
AFPL Ghostscript Fonts (HKLM\...\AFPL Ghostscript Fonts) (Version:  - )
Ahead Nero Burning ROM (HKLM\...\Nero - Burning Rom!UninstallKey) (Version:  - )
AIM Toolbar (HKLM\...\AIMToolbar) (Version:  - )
AiO_Scan (Version: 43.0.217.000 - Hewlett-Packard) Hidden
AiOSoftware (Version: 43.0.217.000 - Hewlett-Packard) Hidden
Alohabob PC Relocator Ultra Control (HKLM\...\InstallShield_{ADF98CF7-1458-412F-976F-BF761A26F2A0}) (Version: 6.2.10.14 - Eisenworld, Inc.)
Alohabob PC Relocator Ultra Control (Version: 6.2.10.14 - Eisenworld, Inc.) Hidden
AOL Toolbar 2.0 (HKLM\...\AOL Toolbar) (Version:  - )
ArcSoft Panorama Maker 3 (HKLM\...\{A5F68DC8-0278-4AD8-B413-861509B5F25B}) (Version:  - ArcSoft)
ArcSoft PhotoImpression (HKLM\...\ArcSoft PhotoImpression) (Version:  - )
Art-Scan Pro 5.03 Shareware (HKLM\...\Art-Scan Pro 5.03 Shareware) (Version:  - )
ASAPI Update (HKLM\...\ASAPI Update) (Version:  - )
BufferChm (Version: 43.1.5.000 - Hewlett-Packard) Hidden
Camedia Master 4.3 (Version: 1.00.0000 - OLYMPUS) Hidden
CCHelp (Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
CCScore (Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
CD and DVD Burning Software (HKLM\...\CD & DVD Burning Software) (Version:  - )
ColorTune 3.0.1 (HKLM\...\ColorTune 3.0.1) (Version:  - )
ContextPlus (HKLM\...\{83B7F6B6-7832-475D-9FEA-93F0C947CD66}) (Version:  - )
Copy (Version: 43.1.5.000 - Hewlett-Packard) Hidden
Cortona® VRML Client (HKLM\...\Cortona® VRML Client) (Version: 4.2.0.93 - ParallelGraphics)
CreativeProjects (Version: 43.1.5.000 - Hewlett-Packard) Hidden
CreativeProjectsTemplates (Version: 43.1.5.000 - Hewlett-Packard) Hidden
CueTour (Version: 43.1.5.000 - Hewlett-Packard) Hidden
Destinations (Version: 43.1.5.000 - Hewlett-Packard) Hidden
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM\...\Dev-C++) (Version:  - )
Director (Version: 43.1.5.000 - Hewlett-Packard) Hidden
DivX Player (HKLM\...\DivX Player) (Version: 2.5.3 - DivXNetworks, Inc.)
DocProc (Version: 4.0.0.0 - Hewlett-Packard) Hidden
DocumentViewer (Version: 43.0.217.000 - Hewlett-Packard) Hidden
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version:  - DVD Shrink)
DVD X Rescue (HKLM\...\DVD X Rescue) (Version: 2.1.0 - 321 Studios)
DVDXCopy Xpress 2.5.0 (HKLM\...\DVDXCopyXpress) (Version:  - )
Easy Chef 1,000,000 Recipes (HKLM\...\Easy Chef 1,000,000 Recipes) (Version: 4.5 - Jay Potter)
eDrawings 2006 (HKLM\...\{47078B4E-B2FD-45B4-8C88-137939E16D35}) (Version: 6.1.168 - SolidWorks)
EPSON EPIC SP2200 (HKLM\...\Setup Wizard EPIC) (Version:  - )
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version:  - )
eRouteServer (HKLM\...\eRouteServer) (Version:  - )
ESSAdpt (Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
ESSANUP (Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
ESSCAM (Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
ESSCDBK (Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
ESScore (Version: 4.00.0000.0102 - EASTMAN KODAK Company) Hidden
ESSgui (Version: 4.00.0000.0004 - EASTMAN KODAK Company) Hidden
ESShelp (Version: 4.00.0000.0003 - EASTMAN KODAK Company) Hidden
ESSini (Version: 4.00.0000.0007 - EASTMAN KODAK Company) Hidden
ESSPCD (Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
ESSSONIC (Version: 4.00.0000.0003 - EASTMAN KODAK Company) Hidden
ESSvpaht (Version: 4.00.0000.0003 - EASTMAN KODAK Company) Hidden
ESSvpot (Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
Fax (Version: 43.0.217.000 - Hewlett-Packard) Hidden
Film Factory (HKLM\...\Film Factory) (Version:  - )
Google Earth (HKLM\...\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}) (Version: 3.0.0739 - Google)
GSview 4.6 (HKLM\...\GSview 4.6) (Version:  - )
HASP Device Driver (HKLM\...\HASP Device Driver) (Version:  - )
Hello (remove only) (HKLM\...\PicasaNet) (Version:  - )
HiJaak Image Manager 1.5 (HKLM\...\{D7FD13E2-EAFE-4F08-B00C-81688C153B5B}) (Version:  - )
HijackThis 1.99.1 (HKLM\...\HijackThis) (Version: 1.99.1 - Soeperman Enterprises Ltd.)
HLPIndex (Version: 4.00.0000.0003 - EASTMAN KODAK Company) Hidden
HLPRFO (Version: 4.00.0000.0004 - EASTMAN KODAK Company) Hidden
Home Search  Assistent   (HKLM\...\HSA) (Version:  - )
hp deskjet 940c series (Remove only) (HKLM\...\hp deskjet 940c series) (Version:  - )
HP Image Zone 4.2 (HKLM\...\HP Photo & Imaging) (Version: 4.2 - HP)
HP Image Zone Express (HKLM\...\{8F7A4D82-B168-4F89-99C2-B9873EC877AF}) (Version: 1.1.3.40 - Hewlett-Packard)
HP PSC & OfficeJet 4.2 (HKLM\...\{A1062847-0846-427A-92A1-BB8251A91E91}) (Version:  - HP)
HP Software Update (HKLM\...\{457791C5-D702-4143-A7B2-2744BE9573F2}) (Version: 2.0.39.20040212 - Hewlett-Packard)
HPSystemDiagnostics (Version: 1.5.0.0 - Your Company Name) Hidden
ICC Color Profiles (HKLM\...\{476D3472-3FCA-423C-8C0C-18BA780246ED}) (Version:  - )
ICC Profile Inspector 2.2 (HKLM\...\ICC Profile Inspector_is1) (Version:  - Huanzhao Zeng)
InstantShare (Version: 4.0.0.40 - Hewlett-Packard) Hidden
IPhoto (HKLM\...\IPhoto) (Version:  - )
IPhoto ICC inspect (HKLM\...\IPhoto ICC inspect) (Version:  - )
iPod for Windows 2005-03-23 (HKLM\...\InstallShield_{44A537A5-859C-43A6-8285-C0668142A090}) (Version: 3.8.0 - Apple Computer, Inc.)
iPod for Windows 2005-03-23 (Version: 3.8.0 - Apple Computer, Inc.) Hidden
iPod Updater 2004-08-06 (HKLM\...\InstallShield_{2F8C106A-7DFC-45DE-8006-F9145AADF1D8}) (Version: 1.0 - Apple Computer, Inc.)
iPod Updater 2004-08-06 (HKLM\...\InstallShield_{D43E1D3F-CC1F-4E41-80F5-9C1D28187DE9}) (Version: 1.0 - Apple Computer, Inc.)
iPod Updater 2004-08-06 (Version: 1.0 - Apple Computer, Inc.) Hidden
IsoBuster 1.8 (HKLM\...\IsoBuster_is1) (Version: 1.8 - Smart Projects)
ISTsvc (HKLM\...\ISTsvc) (Version:  - )
iTunes (HKLM\...\InstallShield_{00FC6799-866E-44A1-A60C-DCF394CF56FD}) (Version: 4.6.0.15 - Apple Computer, Inc.)
iTunes (Version: 6.0.1.3 - Apple Computer, Inc.) Hidden
J2SE Runtime Environment 5.0 Update 1 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150010}) (Version: 1.5.0.10 - Sun Microsystems, Inc.)
J2SE Runtime Environment 5.0 Update 2 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150020}) (Version: 1.5.0.20 - Sun Microsystems, Inc.)
J2SE Runtime Environment 5.0 Update 4 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150040}) (Version: 1.5.0.40 - Sun Microsystems, Inc.)
Kodak EasyShare software (HKLM\...\{D32470A1-B10C-4059-BA53-CF0486F68EBC}) (Version:  - Eastman Kodak Company)
KSU (Version: 632.62.0002.0001 - EASTMAN KODAK Company) Hidden
LiveUpdate 2.0 (Symantec Corporation) (HKLM\...\LiveUpdate) (Version: 2.0.39.0 - Symantec Corporation)
Logitech MouseWare 9.79  (HKLM\...\{5809E7CF-4DCF-11D4-9875-00105ACE7734}) (Version:  - )
Macromedia Flash Player 8 (HKLM\...\ShockwaveFlash) (Version: 9.0.124.0 - Macromedia)
Macromedia Shockwave Player (HKLM\...\Macromedia Shockwave Player) (Version:  - )
Media-Motor (HKLM\...\mediamotor) (Version:  - )
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Hotfix (KB928366) (HKLM\...\M928366) (Version:  - )
Microsoft Data Access Components KB870669 (HKLM\...\KB870669) (Version:  - Microsoft Corporation)
Microsoft Office 2000 Professional (HKLM\...\{00010409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Office XP Professional with FrontPage (HKLM\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.4330.0 - Microsoft Corporation)
Microsoft Platform SDK (3790.1830) (HKLM\...\{BA96A695-E9CE-4B2A-919A-540B73E7A78E}) (Version: 5.2.3790.1830 - Microsoft Corporation)
Microsoft Visual C++ Toolkit 2003 (HKLM\...\{362882AE-E40A-4435-B214-6420634C401F}) (Version: 1.01.0000 - Microsoft)
Microsoft Windows Media Video 9 VCM (HKLM\...\WMV9_VCM) (Version:  - )
MiraScan V5.10 (HKLM\...\{FEADEF36-004A-11D6-8CB3-0000F801D6BF}) (Version:  - )
Mozilla Firefox (3.0.1) (HKLM\...\Mozilla Firefox (3.0.1)) (Version: 3.0.1 (en-US) - Mozilla)
MSN Messenger 6.2 (HKLM\...\{ABEB838C-A1A7-4C5D-B7E1-8B4314600205}) (Version: 6.2.0205 - Microsoft Corporation)
MSN Music Assistant (HKLM\...\MSN Music Assistant) (Version:  - )
MSN Toolbar (HKLM\...\MSN Toolbar) (Version:  - )
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
Musicmatch® Jukebox (HKLM\...\{85D3CC30-8859-481A-9654-FD9B74310BEF}) (Version: 10.00.2058 - )
Nero Suite (HKLM\...\NeroMultiInstaller!UninstallKey) (Version:  - )
Nikon Message Center (HKLM\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.91.000 - )
Notifier (Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
Odyssey Client (HKLM\...\{99D42EC7-652B-4819-B3E6-6450C815E03F}) (Version: 2.00.00.00 - Funk Software)
OLYMPUS CAMEDIA Master 4.3 (HKLM\...\{30BB4D60-81DB-11D5-BB77-00400536ABAC}) (Version:  - )
OTtBP (Version: 4.00.0000.0003 - EASTMAN KODAK Company) Hidden
OTtBPSDK (Version: 4.00.0000.0000 - EASTMAN KODAK Company) Hidden
Overland (Version: 2.1.5 - Hewlett-Packard) Hidden
P.I.M. II Plug-In (HKLM\...\{735D7AC9-BC7B-4491-9D06-7F4642849E7C}) (Version:  - )
PCDADDIN (Version: 4.00.0000.0001 - Eastman Kodak Company) Hidden
PCDHELP (Version: 4.0000.0000.0002 - Eastman Kodak Company) Hidden
PCDLNCH (Version: 4.00.0000.0101 - EASTMAN KODAK Company) Hidden
PhotoBase 3.0 (HKLM\...\PhotoBase 3.0) (Version:  - )
PhotoGallery (Version: 43.1.5.000 - Hewlett-Packard) Hidden
PictureProject (HKLM\...\{FF3999BE-1A7B-4738-88AA-97BF14094A4A}) (Version: 1.0 - )
PictureProject In Touch Downloader 1.0 (HKLM\...\PictureProject In Touch Downloader) (Version: 1.0 - Fotonation Inc.)
Power Scan (HKLM\...\Power Scan) (Version:  - )
PowerDVD (HKLM\...\PowerDVD) (Version:  - )
PreDesigner [English] (HKLM\...\ST6UNST #2) (Version:  - )
Print Perfect Scrapbooks Deluxe (HKLM\...\{831BAA47-680F-4760-83B2-5B6E3195F990}) (Version: 9.3.41 - Cosmi Corporation)
PrintScreen (Version: 43.1.5.000 - Hewlett-Packard) Hidden
ProductContext (Version: 43.0.217.000 - Hewlett-Packard) Hidden
ProfileMaker Professional 5.0.3 (HKLM\...\ProfileMaker Professional 5.0.3) (Version: 5.0.3 - GretagMacbeth)
QFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
QuickGamma 2.0.0.3 (HKLM\...\QuickGamma_is1) (Version:  - Eberhard Werle)
QuickProjects (Version: 43.1.5.000 - Hewlett-Packard) Hidden
QuickTime (Version: 7.0.3 - Apple Computer, Inc.) Hidden
Readme (Version: 43.0.217.000 - Hewlett-Packard) Hidden
RealPlayer (HKLM\...\RealPlayer 6.0) (Version:  - )
Registrar Registry Manager 4.03  (Lite Edition) (HKLM\...\Registrar Registry Manager 4.03  (Lite Edition)) (Version:  - Resplendence Software Projects Sp.)
Registrar Registry Manager 4.03 (HKLM\...\Registrar Registry Manager (Lite Edition)_is1) (Version:  - Resplendence Software Projects Sp.)
Samsung ML-2010 Series (HKLM\...\Samsung ML-2010 Series) (Version:  - )
Scan (Version: 4.1.0.0 - Hewlett-Packard) Hidden
Search  Extender   (HKLM\...\SE) (Version:  - )
SFR (Version: 3.03.0000.0001 - Eastman Kodak Company) Hidden
SFR2 (Version: 3.03.0000.0002 - EASTMAN KODAK Company) Hidden
Shopping Wizard  (HKLM\...\SW) (Version:  - )
SkinsHP1 (Version: 43.1.5.000 - Hewlett-Packard) Hidden
Sony ACID XPress 5.0a (HKLM\...\{12F4BE69-6614-41D3-BB3B-DF7F921DF2BB}) (Version: 5.0.152 - Sony)
SoulSeek Client 156c (HKLM\...\Soulseek) (Version:  - )
SP2200 Canvas-Luster Premium ICC Profiles (HKLM\...\{6224C583-094C-4734-99CD-F6B3DFD3FCAB}) (Version:  - )
SP2200 EnhancedMatte Premium ICC Profiles (HKLM\...\{CA42DB1B-CA81-48FC-B625-DAF2FAF7ECB0}) (Version:  - )
SP2200 Prem.Glossy Premium ICC Profiles (HKLM\...\{934E914F-7F58-49C2-A6BB-C93BA836DF23}) (Version:  - )
SP2200 Prem.Luster Premium ICC Profiles (HKLM\...\{CB9E953C-A225-4C9B-96B5-7197F6DC6CF7}) (Version:  - )
SP2200 Prem.Semigloss Premium ICC Profiles (HKLM\...\{AB613005-5353-49A7-AC2B-F5163AC157D2}) (Version:  - )
SP2200 VelvetFineArt Premium ICC Profiles (HKLM\...\{57908758-8987-4B40-9FB6-F804833BFB2F}) (Version:  - )
SP2200 Wtrclr-RW Premium ICC Profiles (HKLM\...\{AEDAEA64-31A0-4E2F-9113-1D5A73F7F161}) (Version:  - )
Spectrocam (HKLM\...\Spectrocam 1.0) (Version:  - )
Spectrocam 2.10.10 (HKLM\...\Spectrocam_is1) (Version:  - Avantes)
SpectrocamSDK (HKLM\...\SpectrocamSDK) (Version:  - )
Sprint & FineReader 5.0 Office Try&Buy (HKLM\...\Sprint & FineReader 5.0 Office Try&Buy) (Version:  - )
Spybot - Search & Destroy 1.3 (HKLM\...\Spybot - Search & Destroy_is1) (Version: 1.3 - Safer Networking Limited)
Surf Accuracy (HKU\S-1-5-21-1078081533-789336058-854245398-1003\...\SAcc) (Version:  - )
the little cms demo (HKLM\...\the little cms demo) (Version:  - )
TrayApp (Version: 43.1.5.000 - Hewlett-Packard) Hidden
Uniblue ProcessScanner (HKLM\...\ProcessScanner_is1) (Version:  - Uniblue)
Unload (Version: 4.0.0 - Hewlett-Packard) Hidden
VPRINTOL (Version: 4.00.0000.0001 - EASTMAN KODAK Company) Hidden
WebFldrs XP (Version: 9.50.6513 - Microsoft Corporation) Hidden
WebReg (Version: 43.1.5.000 - Hewlett-Packard) Hidden
Webshots Desktop (HKLM\...\Webshots Desktop) (Version:  - )
Windows Installer 3.1 (KB893803) (HKLM\...\KB893803v2) (Version: 3.1 - Microsoft Corporation)
Windows Media Format Runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 10 (HKLM\...\Windows Media Player) (Version:  - )
Windows SR 2.0 (HKLM\...\Windows SR 2.0) (Version:  - )
Windows XP Hotfix - KB834707 (HKLM\...\KB834707) (Version: 20040929.110854 - Microsoft Corporation)
Windows XP Hotfix - KB867282 (HKLM\...\KB867282) (Version: 20050127.090417 - Microsoft Corporation)
Windows XP Hotfix - KB873333 (HKLM\...\KB873333) (Version: 20050114.005213 - Microsoft Corporation)
Windows XP Hotfix - KB873339 (HKLM\...\KB873339) (Version: 20041117.092459 - Microsoft Corporation)
Windows XP Hotfix - KB885250 (HKLM\...\KB885250) (Version: 20050118.202711 - Microsoft Corporation)
Windows XP Hotfix - KB885835 (HKLM\...\KB885835) (Version: 20041027.181713 - Microsoft Corporation)
Windows XP Hotfix - KB885836 (HKLM\...\KB885836) (Version: 20041028.173203 - Microsoft Corporation)
Windows XP Hotfix - KB885884 (HKLM\...\KB885884) (Version: 20040924.025457 - Microsoft Corporation)
Windows XP Hotfix - KB886185 (HKLM\...\KB886185) (Version: 20041021.090540 - Microsoft Corporation)
Windows XP Hotfix - KB887472 (HKLM\...\KB887472) (Version: 20041014.162858 - Microsoft Corporation)
Windows XP Hotfix - KB887742 (HKLM\...\KB887742) (Version: 20041103.095002 - Microsoft Corporation)
Windows XP Hotfix - KB888113 (HKLM\...\KB888113) (Version: 20041116.131036 - Microsoft Corporation)
Windows XP Hotfix - KB888302 (HKLM\...\KB888302) (Version: 20041207.111426 - Microsoft Corporation)
Windows XP Hotfix - KB890047 (HKLM\...\KB890047) (Version: 20041221.124506 - Microsoft Corporation)
Windows XP Hotfix - KB890175 (HKLM\...\KB890175) (Version: 20041201.233338 - Microsoft Corporation)
Windows XP Hotfix - KB890859 (HKLM\...\KB890859) (Version: 1 - Microsoft Corporation)
Windows XP Hotfix - KB890923 (HKLM\...\KB890923) (Version: 1 - Microsoft Corporation)
Windows XP Hotfix - KB891781 (HKLM\...\KB891781) (Version: 20050110.165439 - Microsoft Corporation)
Windows XP Hotfix - KB893066 (HKLM\...\KB893066) (Version: 1 - Microsoft Corporation)
Windows XP Hotfix - KB893086 (HKLM\...\KB893086) (Version: 1 - Microsoft Corporation)
Windows XP Service Pack 2 (HKLM\...\Windows XP Service Pack) (Version: 20040803.231319 - Microsoft Corporation)
WinLens 4.3 (HKLM\...\ST6UNST #1) (Version:  - )
WinZip (HKLM\...\WinZip) (Version:  9.0 SR-1 (6224) - WinZip Computing, Inc.)
Wireless-B PCI Adapter (HKLM\...\{5C6956F3-B586-4674-BCD0-CCF7EC1DF766}) (Version:  - )
YourSiteBar (HKLM\...\YourSiteBar) (Version:  - Integrated Seach Technologies)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

21-01-2015 11:35:31 System Checkpoint
21-01-2015 15:09:53 Removed Symantec AntiVirus

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-01-02 12:29 - 2015-01-20 19:01 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Loaded Modules (whitelisted) =============

2004-09-30 20:39 - 2002-01-29 13:33 - 00077824 _____ () C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
2004-09-30 20:39 - 2002-04-04 23:07 - 00286720 _____ () C:\Program Files\Common Files\EPSON\EBAPI\eEBNWDev.dll
2005-11-25 19:53 - 2005-11-25 19:53 - 00045056 _____ () C:\WINDOWS\system32\geaocurs.dll
2004-02-15 18:47 - 2003-03-26 19:41 - 00053248 _____ () C:\Program Files\PestPatrol\PPControl.exe
2004-02-15 18:47 - 2003-04-19 07:53 - 00148480 _____ () C:\Program Files\PestPatrol\PPMemCheck.exe
2004-02-15 18:47 - 2003-01-26 11:07 - 00061440 _____ () C:\Program Files\PestPatrol\PPServer.dll
2004-02-15 18:47 - 2003-01-26 11:07 - 00212992 _____ () C:\Program Files\PestPatrol\PPEngine.dll
2004-02-15 18:47 - 2003-05-29 23:47 - 00069632 _____ () C:\Program Files\PestPatrol\CookiePatrol.exe
2005-11-17 22:47 - 2005-11-17 22:47 - 00010240 _____ () C:\WINDOWS\mlrekprd.exe
2004-04-25 19:36 - 2008-03-24 21:50 - 00355112 _____ () C:\WINDOWS\System32\msjetoledb40.dll
2004-06-27 20:05 - 2005-02-11 16:20 - 00122880 _____ () C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmgit.dll
2004-08-11 02:12 - 2004-08-11 02:12 - 00056832 _____ () C:\Program Files\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll
2004-07-23 08:04 - 2004-07-23 08:04 - 00081920 _____ () C:\Program Files\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll
2004-08-11 02:02 - 2004-08-11 02:02 - 00253952 _____ () C:\Program Files\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll
2004-08-11 02:08 - 2004-08-11 02:08 - 01019904 _____ () C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaControls.dll
2004-07-23 08:21 - 2004-07-23 08:21 - 00618496 _____ () C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaCameraUploadSysx.syx
2004-07-23 07:20 - 2004-07-23 07:20 - 00013312 _____ () C:\Program Files\Kodak\Kodak EasyShare software\bin\LocVistaCameraUploadSysx.dll
2004-07-23 08:00 - 2004-07-23 08:00 - 00012800 _____ () C:\Program Files\Kodak\Kodak EasyShare software\bin\LocVistaCameraUploadCamBack.dll
2004-08-11 02:09 - 2004-08-11 02:09 - 00120832 _____ () C:\Program Files\Kodak\Kodak EasyShare software\bin\kpri40.dll
2004-07-23 08:23 - 2004-07-23 08:23 - 00380928 _____ () C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaPrintOnLine.dll
2004-08-11 02:10 - 2004-08-11 02:10 - 00286720 _____ () C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll
2004-08-11 02:13 - 2004-08-11 02:13 - 00925696 _____ () C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll
2004-08-11 02:15 - 2004-08-11 02:15 - 00491520 _____ () C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaEmail.dll
2004-08-11 02:08 - 2004-08-11 02:08 - 00282624 _____ () C:\Program Files\Kodak\Kodak EasyShare software\bin\keml40.dll
2004-07-23 08:24 - 2004-07-23 08:24 - 00397312 _____ () C:\Program Files\Kodak\Kodak EasyShare software\bin\cameratodos.syx
2004-07-23 08:00 - 2004-07-23 08:00 - 00013824 _____ () C:\Program Files\Kodak\Kodak EasyShare software\bin\LocCameraToDosCamBack.dll
2004-08-11 02:23 - 2004-08-11 02:23 - 00229376 _____ () C:\Program Files\Kodak\Kodak EasyShare software\bin\PCDLaunchSysX.syx
2004-07-23 08:16 - 2004-07-23 08:16 - 00352256 _____ () C:\Program Files\Kodak\Kodak Easyshare Software\bin\Escom.dll
2003-09-16 11:32 - 2003-09-16 11:32 - 00110592 _____ () C:\Program Files\Kodak\Kodak EasyShare software\AddIn\VistaPCD.cyx
2003-09-16 11:25 - 2003-09-16 11:25 - 00024576 _____ () C:\Program Files\Kodak\Kodak EasyShare software\AddIn\LocVistaPCD.dll
2003-09-16 11:30 - 2003-09-16 11:30 - 00053248 _____ () C:\Program Files\Kodak\Kodak EasyShare software\AddIn\VPCD.dll
2008-02-23 11:55 - 2003-11-22 14:26 - 00024576 _____ () C:\Program Files\Linksys\Wireless-B PCI Adapter\OdHost.exe
2008-02-25 03:04 - 2008-02-25 03:04 - 03391488 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_4de07cb1\mscorlib.dll
2008-02-25 03:04 - 2008-02-25 03:04 - 03018752 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_140bcb9e\system.windows.forms.dll
2008-02-25 03:02 - 2008-02-25 03:02 - 01966080 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_b7ccd9d3\system.dll
2008-02-25 03:04 - 2008-02-25 03:04 - 00835584 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_27d873b5\system.drawing.dll
2008-02-25 03:04 - 2008-02-25 03:04 - 02088960 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_45abc6c8\system.xml.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\WINDOWS\ART-SCAN.INI:uxfgpf
AlternateDataStreams: C:\WINDOWS\b2_t_%22UC+VERDE%22+GRASS+LAWN&737.xml:fdpxeu
AlternateDataStreams: C:\WINDOWS\DVDRegionFree.INI:kahsh
AlternateDataStreams: C:\WINDOWS\hpinfo(2).lnk:gygtvt
AlternateDataStreams: C:\WINDOWS\hpinfo(3).lnk:gygtvt
AlternateDataStreams: C:\WINDOWS\hpinfo(4).lnk:gygtvt
AlternateDataStreams: C:\WINDOWS\hpinfo(5).lnk:gygtvt
AlternateDataStreams: C:\WINDOWS\hpinfo(6).lnk:gygtvt
AlternateDataStreams: C:\WINDOWS\hpinfo.lnk:gygtvt
AlternateDataStreams: C:\WINDOWS\inetcfg(2).ini:rzjdro
AlternateDataStreams: C:\WINDOWS\inetcfg(3).ini:rzjdro
AlternateDataStreams: C:\WINDOWS\inetcfg(4).ini:rzjdro
AlternateDataStreams: C:\WINDOWS\inetcfg(5).ini:rzjdro
AlternateDataStreams: C:\WINDOWS\inetcfg(6).ini:rzjdro
AlternateDataStreams: C:\WINDOWS\inetcfg.ini:rzjdro
AlternateDataStreams: C:\WINDOWS\KB901017.log:qzqjue
AlternateDataStreams: C:\WINDOWS\KB904706.log:iabwop
AlternateDataStreams: C:\WINDOWS\KB905915.log:aatbqz
AlternateDataStreams: C:\WINDOWS\mozregistry.dat:ijqrkj
AlternateDataStreams: C:\WINDOWS\msgsocm.log:acbxel
AlternateDataStreams: C:\WINDOWS\PIMwarn.txt:naquzj
AlternateDataStreams: C:\WINDOWS\psgxk:xbtfvd
AlternateDataStreams: C:\WINDOWS\Q828026.log:qclspg
AlternateDataStreams: C:\WINDOWS\regopt.log:tnujif
AlternateDataStreams: C:\WINDOWS\sessmgr.setup.log:epgcfs
AlternateDataStreams: C:\WINDOWS\setupapi.log:wpqhhc
AlternateDataStreams: C:\WINDOWS\vb(10).ini:gardl
AlternateDataStreams: C:\WINDOWS\vb(2).ini:gardl
AlternateDataStreams: C:\WINDOWS\vb(3).ini:gardl
AlternateDataStreams: C:\WINDOWS\vb(4).ini:gardl
AlternateDataStreams: C:\WINDOWS\vb(5).ini:gardl
AlternateDataStreams: C:\WINDOWS\vb(6).ini:gardl
AlternateDataStreams: C:\WINDOWS\vb(7).ini:gardl
AlternateDataStreams: C:\WINDOWS\vb(8).ini:gardl
AlternateDataStreams: C:\WINDOWS\vb(9).ini:gardl
AlternateDataStreams: C:\WINDOWS\vb.ini:gardl
AlternateDataStreams: C:\WINDOWS\_default(10)(2).pif:bhilgq
AlternateDataStreams: C:\WINDOWS\_default(10)(2).pif:bxemyk
AlternateDataStreams: C:\WINDOWS\_default(10)(2).pif:ghyjxz
AlternateDataStreams: C:\WINDOWS\_default(10)(2).pif:iwlhdh
AlternateDataStreams: C:\WINDOWS\_default(10)(2).pif:nbxdla
AlternateDataStreams: C:\WINDOWS\_default(10)(2).pif:qgeak
AlternateDataStreams: C:\WINDOWS\_default(10)(2).pif:qvtbbx
AlternateDataStreams: C:\WINDOWS\_default(10)(2).pif:yuiwhm
AlternateDataStreams: C:\WINDOWS\_default(10).pif:bhilgq
AlternateDataStreams: C:\WINDOWS\_default(10).pif:bxemyk
AlternateDataStreams: C:\WINDOWS\_default(10).pif:ghyjxz
AlternateDataStreams: C:\WINDOWS\_default(10).pif:iwlhdh
AlternateDataStreams: C:\WINDOWS\_default(10).pif:nbxdla
AlternateDataStreams: C:\WINDOWS\_default(10).pif:qgeak
AlternateDataStreams: C:\WINDOWS\_default(10).pif:qvtbbx
AlternateDataStreams: C:\WINDOWS\_default(10).pif:tiayjs
AlternateDataStreams: C:\WINDOWS\_default(10).pif:uanyjp
AlternateDataStreams: C:\WINDOWS\_default(10).pif:yuiwhm
AlternateDataStreams: C:\WINDOWS\_default(10).pif:ziiork
AlternateDataStreams: C:\WINDOWS\_default(11)(2).pif:bhilgq
AlternateDataStreams: C:\WINDOWS\_default(11)(2).pif:bxemyk
AlternateDataStreams: C:\WINDOWS\_default(11)(2).pif:ghyjxz
AlternateDataStreams: C:\WINDOWS\_default(11)(2).pif:iwlhdh
AlternateDataStreams: C:\WINDOWS\_default(11)(2).pif:nbxdla
AlternateDataStreams: C:\WINDOWS\_default(11)(2).pif:qgeak
AlternateDataStreams: C:\WINDOWS\_default(11)(2).pif:qvtbbx
AlternateDataStreams: C:\WINDOWS\_default(11)(2).pif:yuiwhm
AlternateDataStreams: C:\WINDOWS\_default(11).pif:bhilgq
AlternateDataStreams: C:\WINDOWS\_default(11).pif:bxemyk
AlternateDataStreams: C:\WINDOWS\_default(11).pif:ghyjxz
AlternateDataStreams: C:\WINDOWS\_default(11).pif:iwlhdh
AlternateDataStreams: C:\WINDOWS\_default(11).pif:nbxdla
AlternateDataStreams: C:\WINDOWS\_default(11).pif:qgeak
AlternateDataStreams: C:\WINDOWS\_default(11).pif:qvtbbx
AlternateDataStreams: C:\WINDOWS\_default(11).pif:tiayjs
AlternateDataStreams: C:\WINDOWS\_default(11).pif:uanyjp
AlternateDataStreams: C:\WINDOWS\_default(11).pif:yuiwhm
AlternateDataStreams: C:\WINDOWS\_default(11).pif:ziiork
AlternateDataStreams: C:\WINDOWS\_default(12)(2).pif:bhilgq
AlternateDataStreams: C:\WINDOWS\_default(12)(2).pif:bxemyk
AlternateDataStreams: C:\WINDOWS\_default(12)(2).pif:ghyjxz
AlternateDataStreams: C:\WINDOWS\_default(12)(2).pif:iwlhdh
AlternateDataStreams: C:\WINDOWS\_default(12)(2).pif:nbxdla
AlternateDataStreams: C:\WINDOWS\_default(12)(2).pif:qgeak
AlternateDataStreams: C:\WINDOWS\_default(12)(2).pif:qvtbbx
AlternateDataStreams: C:\WINDOWS\_default(12)(2).pif:yuiwhm
AlternateDataStreams: C:\WINDOWS\_default(12).pif:bhilgq
AlternateDataStreams: C:\WINDOWS\_default(12).pif:bxemyk
AlternateDataStreams: C:\WINDOWS\_default(12).pif:ghyjxz
AlternateDataStreams: C:\WINDOWS\_default(12).pif:iwlhdh
AlternateDataStreams: C:\WINDOWS\_default(12).pif:nbxdla
AlternateDataStreams: C:\WINDOWS\_default(12).pif:qgeak
AlternateDataStreams: C:\WINDOWS\_default(12).pif:qvtbbx
AlternateDataStreams: C:\WINDOWS\_default(12).pif:tiayjs
AlternateDataStreams: C:\WINDOWS\_default(12).pif:uanyjp
AlternateDataStreams: C:\WINDOWS\_default(12).pif:yuiwhm
AlternateDataStreams: C:\WINDOWS\_default(12).pif:ziiork
AlternateDataStreams: C:\WINDOWS\_default(13).pif:bxemyk
AlternateDataStreams: C:\WINDOWS\_default(13).pif:ghyjxz
AlternateDataStreams: C:\WINDOWS\_default(13).pif:iwlhdh
AlternateDataStreams: C:\WINDOWS\_default(13).pif:nbxdla
AlternateDataStreams: C:\WINDOWS\_default(13).pif:qvtbbx
AlternateDataStreams: C:\WINDOWS\_default(13).pif:uanyjp
AlternateDataStreams: C:\WINDOWS\_default(13).pif:yuiwhm
AlternateDataStreams: C:\WINDOWS\_default(13).pif:ziiork
AlternateDataStreams: C:\WINDOWS\_default(2)(2).pif:bxemyk
AlternateDataStreams: C:\WINDOWS\_default(2)(2).pif:ghyjxz
AlternateDataStreams: C:\WINDOWS\_default(2)(2).pif:iwlhdh
AlternateDataStreams: C:\WINDOWS\_default(2)(2).pif:nbxdla
AlternateDataStreams: C:\WINDOWS\_default(2)(2).pif:qgeak
AlternateDataStreams: C:\WINDOWS\_default(2)(2).pif:qvtbbx
AlternateDataStreams: C:\WINDOWS\_default(2)(2).pif:uanyjp
AlternateDataStreams: C:\WINDOWS\_default(2)(2).pif:yuiwhm
AlternateDataStreams: C:\WINDOWS\_default(2)(2).pif:ziiork
AlternateDataStreams: C:\WINDOWS\_default(2).pif:bhilgq
AlternateDataStreams: C:\WINDOWS\_default(2).pif:bxemyk
AlternateDataStreams: C:\WINDOWS\_default(2).pif:ghyjxz
AlternateDataStreams: C:\WINDOWS\_default(2).pif:iwlhdh
AlternateDataStreams: C:\WINDOWS\_default(2).pif:nbxdla
AlternateDataStreams: C:\WINDOWS\_default(2).pif:qgeak
AlternateDataStreams: C:\WINDOWS\_default(2).pif:qvtbbx
AlternateDataStreams: C:\WINDOWS\_default(2).pif:tiayjs
AlternateDataStreams: C:\WINDOWS\_default(2).pif:uanyjp
AlternateDataStreams: C:\WINDOWS\_default(2).pif:yuiwhm
AlternateDataStreams: C:\WINDOWS\_default(2).pif:ziiork
AlternateDataStreams: C:\WINDOWS\_default(3)(2).pif:bhilgq
AlternateDataStreams: C:\WINDOWS\_default(3)(2).pif:bxemyk
AlternateDataStreams: C:\WINDOWS\_default(3)(2).pif:ghyjxz
AlternateDataStreams: C:\WINDOWS\_default(3)(2).pif:iwlhdh
AlternateDataStreams: C:\WINDOWS\_default(3)(2).pif:nbxdla
AlternateDataStreams: C:\WINDOWS\_default(3)(2).pif:qgeak
AlternateDataStreams: C:\WINDOWS\_default(3)(2).pif:qvtbbx
AlternateDataStreams: C:\WINDOWS\_default(3)(2).pif:yuiwhm
AlternateDataStreams: C:\WINDOWS\_default(3).pif:bhilgq
AlternateDataStreams: C:\WINDOWS\_default(3).pif:bxemyk
AlternateDataStreams: C:\WINDOWS\_default(3).pif:ghyjxz
AlternateDataStreams: C:\WINDOWS\_default(3).pif:iwlhdh
AlternateDataStreams: C:\WINDOWS\_default(3).pif:nbxdla
AlternateDataStreams: C:\WINDOWS\_default(3).pif:qgeak
AlternateDataStreams: C:\WINDOWS\_default(3).pif:qvtbbx
AlternateDataStreams: C:\WINDOWS\_default(3).pif:tiayjs
AlternateDataStreams: C:\WINDOWS\_default(3).pif:uanyjp
AlternateDataStreams: C:\WINDOWS\_default(3).pif:yuiwhm
AlternateDataStreams: C:\WINDOWS\_default(3).pif:ziiork
AlternateDataStreams: C:\WINDOWS\_default(4)(2).pif:bhilgq
AlternateDataStreams: C:\WINDOWS\_default(4)(2).pif:bxemyk
AlternateDataStreams: C:\WINDOWS\_default(4)(2).pif:ghyjxz
AlternateDataStreams: C:\WINDOWS\_default(4)(2).pif:iwlhdh
AlternateDataStreams: C:\WINDOWS\_default(4)(2).pif:nbxdla
AlternateDataStreams: C:\WINDOWS\_default(4)(2).pif:qgeak
AlternateDataStreams: C:\WINDOWS\_default(4)(2).pif:qvtbbx
AlternateDataStreams: C:\WINDOWS\_default(4)(2).pif:yuiwhm
AlternateDataStreams: C:\WINDOWS\_default(4).pif:bhilgq
AlternateDataStreams: C:\WINDOWS\_default(4).pif:bxemyk
AlternateDataStreams: C:\WINDOWS\_default(4).pif:ghyjxz
AlternateDataStreams: C:\WINDOWS\_default(4).pif:iwlhdh
AlternateDataStreams: C:\WINDOWS\_default(4).pif:nbxdla
AlternateDataStreams: C:\WINDOWS\_default(4).pif:qgeak
AlternateDataStreams: C:\WINDOWS\_default(4).pif:qvtbbx
AlternateDataStreams: C:\WINDOWS\_default(4).pif:tiayjs
AlternateDataStreams: C:\WINDOWS\_default(4).pif:uanyjp
AlternateDataStreams: C:\WINDOWS\_default(4).pif:yuiwhm
AlternateDataStreams: C:\WINDOWS\_default(4).pif:ziiork
AlternateDataStreams: C:\WINDOWS\_default(5).pif:bhilgq
AlternateDataStreams: C:\WINDOWS\_default(5).pif:bxemyk
AlternateDataStreams: C:\WINDOWS\_default(5).pif:ghyjxz
AlternateDataStreams: C:\WINDOWS\_default(5).pif:iwlhdh
AlternateDataStreams: C:\WINDOWS\_default(5).pif:nbxdla
AlternateDataStreams: C:\WINDOWS\_default(5).pif:qgeak
AlternateDataStreams: C:\WINDOWS\_default(5).pif:qvtbbx
AlternateDataStreams: C:\WINDOWS\_default(5).pif:tiayjs
AlternateDataStreams: C:\WINDOWS\_default(5).pif:uanyjp
AlternateDataStreams: C:\WINDOWS\_default(5).pif:yuiwhm
AlternateDataStreams: C:\WINDOWS\_default(5).pif:ziiork
AlternateDataStreams: C:\WINDOWS\_default(6)(2).pif:bhilgq
AlternateDataStreams: C:\WINDOWS\_default(6)(2).pif:bxemyk
AlternateDataStreams: C:\WINDOWS\_default(6)(2).pif:ghyjxz
AlternateDataStreams: C:\WINDOWS\_default(6)(2).pif:iwlhdh
AlternateDataStreams: C:\WINDOWS\_default(6)(2).pif:nbxdla
AlternateDataStreams: C:\WINDOWS\_default(6)(2).pif:qgeak
AlternateDataStreams: C:\WINDOWS\_default(6)(2).pif:qvtbbx
AlternateDataStreams: C:\WINDOWS\_default(6)(2).pif:yuiwhm
AlternateDataStreams: C:\WINDOWS\_default(6).pif:bhilgq
AlternateDataStreams: C:\WINDOWS\_default(6).pif:bxemyk
AlternateDataStreams: C:\WINDOWS\_default(6).pif:ghyjxz
AlternateDataStreams: C:\WINDOWS\_default(6).pif:iwlhdh
AlternateDataStreams: C:\WINDOWS\_default(6).pif:nbxdla
AlternateDataStreams: C:\WINDOWS\_default(6).pif:qgeak
AlternateDataStreams: C:\WINDOWS\_default(6).pif:qvtbbx
AlternateDataStreams: C:\WINDOWS\_default(6).pif:tiayjs
AlternateDataStreams: C:\WINDOWS\_default(6).pif:uanyjp
AlternateDataStreams: C:\WINDOWS\_default(6).pif:yuiwhm
AlternateDataStreams: C:\WINDOWS\_default(6).pif:ziiork
AlternateDataStreams: C:\WINDOWS\_default(7)(2).pif:bhilgq
AlternateDataStreams: C:\WINDOWS\_default(7)(2).pif:bxemyk
AlternateDataStreams: C:\WINDOWS\_default(7)(2).pif:ghyjxz
AlternateDataStreams: C:\WINDOWS\_default(7)(2).pif:iwlhdh
AlternateDataStreams: C:\WINDOWS\_default(7)(2).pif:nbxdla
AlternateDataStreams: C:\WINDOWS\_default(7)(2).pif:qgeak
AlternateDataStreams: C:\WINDOWS\_default(7)(2).pif:qvtbbx
AlternateDataStreams: C:\WINDOWS\_default(7)(2).pif:yuiwhm
AlternateDataStreams: C:\WINDOWS\_default(7).pif:bhilgq
AlternateDataStreams: C:\WINDOWS\_default(7).pif:bxemyk
AlternateDataStreams: C:\WINDOWS\_default(7).pif:ghyjxz
AlternateDataStreams: C:\WINDOWS\_default(7).pif:iwlhdh
AlternateDataStreams: C:\WINDOWS\_default(7).pif:nbxdla
AlternateDataStreams: C:\WINDOWS\_default(7).pif:qgeak
AlternateDataStreams: C:\WINDOWS\_default(7).pif:qvtbbx
AlternateDataStreams: C:\WINDOWS\_default(7).pif:tiayjs
AlternateDataStreams: C:\WINDOWS\_default(7).pif:uanyjp
AlternateDataStreams: C:\WINDOWS\_default(7).pif:yuiwhm
AlternateDataStreams: C:\WINDOWS\_default(7).pif:ziiork
AlternateDataStreams: C:\WINDOWS\_default(8)(2).pif:bhilgq
AlternateDataStreams: C:\WINDOWS\_default(8)(2).pif:bxemyk
AlternateDataStreams: C:\WINDOWS\_default(8)(2).pif:ghyjxz
AlternateDataStreams: C:\WINDOWS\_default(8)(2).pif:iwlhdh
AlternateDataStreams: C:\WINDOWS\_default(8)(2).pif:nbxdla
AlternateDataStreams: C:\WINDOWS\_default(8)(2).pif:qgeak
AlternateDataStreams: C:\WINDOWS\_default(8)(2).pif:qvtbbx
AlternateDataStreams: C:\WINDOWS\_default(8)(2).pif:yuiwhm
AlternateDataStreams: C:\WINDOWS\_default(8).pif:bhilgq
AlternateDataStreams: C:\WINDOWS\_default(8).pif:bxemyk
AlternateDataStreams: C:\WINDOWS\_default(8).pif:ghyjxz
AlternateDataStreams: C:\WINDOWS\_default(8).pif:iwlhdh
AlternateDataStreams: C:\WINDOWS\_default(8).pif:nbxdla
AlternateDataStreams: C:\WINDOWS\_default(8).pif:qgeak
AlternateDataStreams: C:\WINDOWS\_default(8).pif:qvtbbx
AlternateDataStreams: C:\WINDOWS\_default(8).pif:tiayjs
AlternateDataStreams: C:\WINDOWS\_default(8).pif:uanyjp
AlternateDataStreams: C:\WINDOWS\_default(8).pif:yuiwhm
AlternateDataStreams: C:\WINDOWS\_default(8).pif:ziiork
AlternateDataStreams: C:\WINDOWS\_default(9)(2).pif:bhilgq
AlternateDataStreams: C:\WINDOWS\_default(9)(2).pif:bxemyk
AlternateDataStreams: C:\WINDOWS\_default(9)(2).pif:ghyjxz
AlternateDataStreams: C:\WINDOWS\_default(9)(2).pif:iwlhdh
AlternateDataStreams: C:\WINDOWS\_default(9)(2).pif:nbxdla
AlternateDataStreams: C:\WINDOWS\_default(9)(2).pif:qgeak
AlternateDataStreams: C:\WINDOWS\_default(9)(2).pif:qvtbbx
AlternateDataStreams: C:\WINDOWS\_default(9)(2).pif:yuiwhm
AlternateDataStreams: C:\WINDOWS\_default(9).pif:bhilgq
AlternateDataStreams: C:\WINDOWS\_default(9).pif:bxemyk
AlternateDataStreams: C:\WINDOWS\_default(9).pif:ghyjxz
AlternateDataStreams: C:\WINDOWS\_default(9).pif:iwlhdh
AlternateDataStreams: C:\WINDOWS\_default(9).pif:nbxdla
AlternateDataStreams: C:\WINDOWS\_default(9).pif:qgeak
AlternateDataStreams: C:\WINDOWS\_default(9).pif:qvtbbx
AlternateDataStreams: C:\WINDOWS\_default(9).pif:tiayjs
AlternateDataStreams: C:\WINDOWS\_default(9).pif:uanyjp
AlternateDataStreams: C:\WINDOWS\_default(9).pif:yuiwhm
AlternateDataStreams: C:\WINDOWS\_default(9).pif:ziiork
AlternateDataStreams: C:\WINDOWS\_default.pif:bhilgq
AlternateDataStreams: C:\WINDOWS\_default.pif:bxemyk
AlternateDataStreams: C:\WINDOWS\_default.pif:ckpoba
AlternateDataStreams: C:\WINDOWS\_default.pif:ghyjxz
AlternateDataStreams: C:\WINDOWS\_default.pif:iwlhdh
AlternateDataStreams: C:\WINDOWS\_default.pif:nbxdla
AlternateDataStreams: C:\WINDOWS\_default.pif:qgeak
AlternateDataStreams: C:\WINDOWS\_default.pif:qvtbbx
AlternateDataStreams: C:\WINDOWS\_default.pif:tiayjs
AlternateDataStreams: C:\WINDOWS\_default.pif:uanyjp
AlternateDataStreams: C:\WINDOWS\_default.pif:vkzuwk
AlternateDataStreams: C:\WINDOWS\_default.pif:yuiwhm
AlternateDataStreams: C:\WINDOWS\_default.pif:ziiork

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UploadMgr => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\qttask.exe" -atboottime
MSCONFIG\startupreg: RunDLL => rundll32.exe "C:\WINDOWS\Downloaded Program Files\bridge.dll",Load
MSCONFIG\startupreg: wbgf => C:\WINDOWS\wbgf.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-1078081533-789336058-854245398-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
alan (S-1-5-21-1078081533-789336058-854245398-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\alan
ASPNET (S-1-5-21-1078081533-789336058-854245398-1007 - Limited - Enabled)
ghislaine (S-1-5-21-1078081533-789336058-854245398-1005 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\ghislaine
Guest (S-1-5-21-1078081533-789336058-854245398-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-1078081533-789336058-854245398-1000 - Limited - Disabled)
Jenny (S-1-5-21-1078081533-789336058-854245398-1006 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Jenny
SUPPORT_388945a0 (S-1-5-21-1078081533-789336058-854245398-1002 - Limited - Disabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/21/2015 06:35:16 PM) (Source: Application Error) (EventID: 1004) (User: )
Description: Faulting application svchost.exe, version 5.1.2600.2180, faulting module unknown, version 0.0.0.0, fault address 0x00ac96bc.
Error in creating result PEAP-TLV in response to received PEAP-TLV (svchost.exe!ld!)

Error: (01/21/2015 06:35:09 PM) (Source: Application Error) (EventID: 1004) (User: )
Description: Faulting application svchost.exe, version 5.1.2600.2180, faulting module unknown, version 0.0.0.0, fault address 0x00ac96bc.
Error in creating result PEAP-TLV in response to received PEAP-TLV (svchost.exe!ld!)

Error: (01/21/2015 06:35:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application svchost.exe, version 5.1.2600.2180, faulting module unknown, version 0.0.0.0, fault address 0x00ac96bc.
Processing media-specific event for [svchost.exe!ws!]

Error: (01/21/2015 06:34:25 PM) (Source: Application Error) (EventID: 1004) (User: )
Description: Faulting application svchost.exe, version 5.1.2600.2180, faulting module unknown, version 0.0.0.0, fault address 0x00ac96bc.
Error in creating result PEAP-TLV in response to received PEAP-TLV (svchost.exe!ld!)

Error: (01/21/2015 06:32:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application svchost.exe, version 5.1.2600.2180, faulting module unknown, version 0.0.0.0, fault address 0x00ac96bc.
Processing media-specific event for [svchost.exe!ws!]

Error: (01/21/2015 05:01:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application svchost.exe, version 5.1.2600.2180, faulting module unknown, version 0.0.0.0, fault address 0x00ac96bc.
Processing media-specific event for [svchost.exe!ws!]

Error: (01/21/2015 05:01:21 PM) (Source: Application Error) (EventID: 1004) (User: )
Description: Faulting application svchost.exe, version 5.1.2600.2180, faulting module unknown, version 0.0.0.0, fault address 0x00ac96bc.
Error in creating result PEAP-TLV in response to received PEAP-TLV (svchost.exe!ld!)

Error: (01/21/2015 05:01:05 PM) (Source: Application Error) (EventID: 1004) (User: )
Description: Faulting application svchost.exe, version 5.1.2600.2180, faulting module unknown, version 0.0.0.0, fault address 0x00ac96bc.
Error in creating result PEAP-TLV in response to received PEAP-TLV (svchost.exe!ld!)

Error: (01/21/2015 03:22:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application svchost.exe, version 5.1.2600.2180, faulting module unknown, version 0.0.0.0, fault address 0x00ac96bc.
Processing media-specific event for [svchost.exe!ws!]

Error: (01/21/2015 02:54:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application svchost.exe, version 5.1.2600.2180, faulting module unknown, version 0.0.0.0, fault address 0x00ac96bc.
Processing media-specific event for [svchost.exe!ws!]


System errors:
=============
Error: (01/20/2015 11:06:06 PM) (Source: PlugPlayManager) (EventID: 11) (User: )
Description: The device Root\LEGACY_GEAUDIO\0000 disappeared from the system without first being prepared for removal.

Error: (01/20/2015 09:57:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Image Acquisition (WIA) service terminated unexpectedly.  It has done this 1 time(s).

Error: (01/20/2015 09:56:08 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Image Acquisition (WIA) service hung on starting.

Error: (01/20/2015 09:54:42 PM) (Source: Print) (EventID: 19) (User: NT AUTHORITY)
Description: Sharing printer failed + 1722, Printer Samsung ML-2010 Series share name SamsungM.

Error: (01/20/2015 08:10:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Image Acquisition (WIA) service terminated unexpectedly.  It has done this 1 time(s).

Error: (01/20/2015 08:08:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Application Layer Gateway Service service failed to start due to the following error:
%%1053

Error: (01/20/2015 08:08:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.

Error: (01/20/2015 08:07:51 PM) (Source: PlugPlayManager) (EventID: 11) (User: )
Description: The device Root\LEGACY_GEAUDIO\0000 disappeared from the system without first being prepared for removal.

Error: (01/20/2015 08:07:49 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Image Acquisition (WIA) service hung on starting.

Error: (01/20/2015 08:04:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BITS service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================
Error: (01/21/2015 06:35:16 PM) (Source: Application Error) (EventID: 1004) (User: )
Description: svchost.exe5.1.2600.2180unknown0.0.0.000ac96bc

Error: (01/21/2015 06:35:09 PM) (Source: Application Error) (EventID: 1004) (User: )
Description: svchost.exe5.1.2600.2180unknown0.0.0.000ac96bc

Error: (01/21/2015 06:35:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe5.1.2600.2180unknown0.0.0.000ac96bc

Error: (01/21/2015 06:34:25 PM) (Source: Application Error) (EventID: 1004) (User: )
Description: svchost.exe5.1.2600.2180unknown0.0.0.000ac96bc

Error: (01/21/2015 06:32:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe5.1.2600.2180unknown0.0.0.000ac96bc

Error: (01/21/2015 05:01:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe5.1.2600.2180unknown0.0.0.000ac96bc

Error: (01/21/2015 05:01:21 PM) (Source: Application Error) (EventID: 1004) (User: )
Description: svchost.exe5.1.2600.2180unknown0.0.0.000ac96bc

Error: (01/21/2015 05:01:05 PM) (Source: Application Error) (EventID: 1004) (User: )
Description: svchost.exe5.1.2600.2180unknown0.0.0.000ac96bc

Error: (01/21/2015 03:22:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe5.1.2600.2180unknown0.0.0.000ac96bc

Error: (01/21/2015 02:54:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe5.1.2600.2180unknown0.0.0.000ac96bc


==================== Memory info ===========================

Processor: AMD Duron™ processor
Percentage of memory in use: 74%
Total physical RAM: 511.49 MB
Available physical RAM: 130.44 MB
Total Pagefile: 1248.51 MB
Available Pagefile: 924.48 MB
Total Virtual: 2047.88 MB
Available Virtual: 1957.25 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:39.06 GB) (Free:4.26 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (other) (Fixed) (Total:16.85 GB) (Free:15.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 55.9 GB) (Disk ID: 3A0039FF)
Partition 1: (Active) - (Size=39.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=16.8 GB) - (Type=OF Extended)

==================== End Of Log ============================



#6 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:04:23 PM

Posted 21 January 2015 - 09:26 PM

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Attached File  fixlist.txt   206.75KB   1 downloads

 

Let me know how the machine is doing after this fix.

 


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#7 chakotay2

chakotay2
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:03:23 PM

Posted 21 January 2015 - 10:42 PM

Hi,

 

Thanks for helping me out. Same error still.

 

It's not letting me post the result in the text area and was too big to attach without zipping. Sorry. Here it is however.

Attached Files


Edited by chakotay2, 21 January 2015 - 10:43 PM.


#8 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:04:23 PM

Posted 21 January 2015 - 11:08 PM

Pleae run FRST like you did the first time you ran it. The post the new FRST.txt


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#9 chakotay2

chakotay2
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:03:23 PM

Posted 22 January 2015 - 09:20 AM

 Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-01-2015
Ran by alan (administrator) on GIGI on 22-01-2015 07:15:12
Running from C:\Documents and Settings\alan\Desktop
Loaded Profiles: alan (Available profiles: alan & ghislaine & Jenny & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 6 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
() C:\PROGRA~1\PESTPA~1\PPControl.exe
() C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
() C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
(HP) C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe
(Musicmatch, Inc.) C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
(Logitech Inc.) C:\WINDOWS\LOGI_MWX.EXE
(ABBYY (BIT Software)) C:\PROGRA~1\SPRINT~1.0OF\Sprint\CAgent.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
(Apple Computer, Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Computer, Inc.) C:\Program Files\QuickTime\qttask.exe
(Hewlett-Packard Company) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Hewlett-Packard Company) C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
(Samsung Electronics.) C:\WINDOWS\Samsung\ComSMMgr\SSMMgr.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Musicmatch, Inc.) C:\PROGRA~1\MUSICM~1\MUSICM~2\MMDiag.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Apple Computer, Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Musicmatch, Inc.) C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mim.exe
(Eastman Kodak Company) C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
(Nikon Corporation) C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
(WinZip Computing, Inc.) C:\Program Files\WinZip\WZQKPICK.EXE
() C:\Program Files\Linksys\Wireless-B PCI Adapter\OdHost.exe
(The Linksys Group, Inc.) C:\Program Files\Linksys\Wireless-B PCI Adapter\WMP11CFG.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(HP) C:\WINDOWS\system32\HPZinw12.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [PestPatrol Control Center] => C:\Program Files\PestPatrol\PPControl.exe [53248 2003-03-26] ()
HKLM\...\Run: [PPMemCheck] => C:\Program Files\PestPatrol\PPMemCheck.exe [148480 2003-04-19] ()
HKLM\...\Run: [CookiePatrol] => C:\Program Files\PestPatrol\CookiePatrol.exe [69632 2003-05-29] ()
HKLM\...\Run: [HPDJ Taskbar Utility] => C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb03.exe [200704 2001-06-12] (HP)
HKLM\...\Run: [MMTray] => C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe [110592 2005-03-09] (Musicmatch, Inc.)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Common Files\Real\Update_OB\realsched.exe [180269 2004-08-17] (RealNetworks, Inc.)
HKLM\...\Run: [Logitech Utility] => C:\WINDOWS\Logi_MwX.Exe [19968 2003-11-07] (Logitech Inc.)
HKLM\...\Run: [NeroFilterCheck] => C:\WINDOWS\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM\...\Run: [ABBYY Community Agent] => C:\Program Files\Sprint & FineReader 5.0 Office Try&Buy\Sprint\CAgent.exe [241664 2001-01-31] (ABBYY (BIT Software))
HKLM\...\Run: [MimBoot] => C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mimboot.exe [11776 2005-03-09] (Musicmatch, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe [36975 2005-06-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [wPfew] => C:\WINDOWS\mlrekprd.exe
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [278528 2005-10-18] (Apple Computer, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [155648 2005-11-24] (Apple Computer, Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2004-02-12] (Hewlett-Packard Company)
HKLM\...\Run: [HP Component Manager] => C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [241664 2004-05-12] (Hewlett-Packard Company)
HKLM\...\Run: [IST Service] => C:\Program Files\ISTsvc\istsvc.exe
HKLM\...\Run: [Samsung Common SM] => C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe [372736 2005-07-03] (Samsung Electronics.)
HKLM\...\Run: [ISUSPM Startup] => "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-06-10] (InstallShield Software Corporation)
HKLM\...\Run: [UserFaultCheck] => %systemroot%\system32\dumprep 0 -u
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk
ShortcutTarget: HP Image Zone Fast Start.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
ShortcutTarget: Kodak EasyShare software.lnk -> C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logo Calibration Loader.lnk
ShortcutTarget: Logo Calibration Loader.lnk -> C:\Program Files\GretagMacbeth\ProfileMaker Professional 5.0.3\CalibrationLoader.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NkbMonitor.exe.lnk
ShortcutTarget: NkbMonitor.exe.lnk -> C:\Program Files\Nikon\PictureProject\NkbMonitor.exe (Nikon Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
ShortcutTarget: WinZip Quick Pick.lnk -> C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless-B Notebook Adapter Utility.lnk
ShortcutTarget: Wireless-B Notebook Adapter Utility.lnk -> C:\Program Files\Linksys\Wireless-B PCI Adapter\Startup.exe ()
Startup: C:\Documents and Settings\ghislaine\Start Menu\Programs\Startup\Webshots.lnk
ShortcutTarget: Webshots.lnk -> C:\Program Files\Webshots\Launcher.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: [S-1-5-21-1078081533-789336058-854245398-1003] ATTENTION ==> Default URLSearchHook is missing.
BHO: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
BHO: No Name -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: AOL Toolbar Launcher -> {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} -> C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (America Online, Inc.)
Toolbar: HKLM - MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\en-us\msntb.dll (Microsoft Corporation)
Toolbar: HKLM - AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll (America Online, Inc)
Toolbar: HKLM - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll (America Online, Inc.)
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://active.macromedia.com/director/cabs/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204
DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} http://www.tbcode.com/ist/softwares/v4.0/ysb_regular.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38031.6930555556
DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.10 10.0.0.12

FireFox:
========
FF ProfilePath: C:\Documents and Settings\alan\Application Data\Mozilla\Firefox\Profiles\6ng5nw4z.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @real.com/nppl3260;version=6.0.11.2027 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2088 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1040 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Computer, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\answers.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml

Chrome:
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 aspnet_state; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [32768 2004-07-15] (Microsoft Corporation) [File not signed]
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [77824 2002-01-29] () [File not signed]
R2 EPSONStatusAgent2; C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe [94208 2002-07-17] (SEIKO EPSON CORPORATION) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R3 iPodService; C:\Program Files\iPod\bin\iPodService.exe [323584 2005-10-18] (Apple Computer, Inc.) [File not signed]
S2 NICSer_WMP11; C:\Program Files\Linksys\Wireless-B PCI Adapter\NICServ.exe [455680 2003-11-13] () [File not signed]
S3 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [65536 2004-03-18] (HP) [File not signed]
S2  11Fßä#·ºÄÖ`I; C:\WINDOWS\crxz.exe /s [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Asapi; C:\WINDOWS\system32\Drivers\Asapi.sys [11264 2002-04-17] (VOB Computersysteme GmbH) [File not signed]
R2 Aspi32; C:\WINDOWS\system32\Drivers\Aspi32.sys [23936 1997-12-22] (Adaptec)
R3 CBTNDIS5; C:\WINDOWS\system32\CBTNDIS5.SYS [17142 2003-07-16] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R2 cdenable; C:\WINDOWS\System32\Drivers\cdenable.sys [6112 1997-11-18] () [File not signed]
R2 CDRPDACC; C:\Program Files\321Studios\Shared\CDRPDACC.SYS [4633 2002-07-25] (Arrowkey) [File not signed]
R2 DgiVecp; C:\WINDOWS\System32\Drivers\DgiVecp.sys [41984 2005-03-13] (DeviceGuys, Inc.) [File not signed]
R3 Eplpdx02; C:\WINDOWS\System32\Drivers\EPLPDX02.SYS [70084 2001-08-09] (MK Systems CO., LTD.) [File not signed]
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2004-08-03] (Microsoft Corporation)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [665600 2005-04-15] (Aladdin Knowledge Systems) [File not signed]
R2 Haspnt; C:\WINDOWS\system32\drivers\Haspnt.sys [47616 2005-04-15] (Aladdin Knowledge Systems) [File not signed]
S3 IPN2120; C:\WINDOWS\System32\DRIVERS\LSIPNDS.sys [96256 2003-08-26] (Cisco-Linksys, LLC.)
S3 L8042PR2; C:\WINDOWS\System32\Drivers\l8042pr2.sys [51486 2003-11-07] (Logitech, Inc.)
S3 LHidUsb; C:\WINDOWS\System32\Drivers\LHidUsb.Sys [37884 2003-11-07] (Logitech, Inc.)
R2 MCSTRM; C:\WINDOWS\system32\Drivers\MCSTRM.sys [8413 2005-01-20] (RealNetworks, Inc.) [File not signed]
R3 ms_mpu401; C:\WINDOWS\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation)
R3 MxlW2k; C:\WINDOWS\system32\Drivers\MxlW2k.sys [28352 2005-02-12] (MusicMatch, Inc.) [File not signed]
R3 odysseyIM3; C:\WINDOWS\System32\DRIVERS\odysseyIM3.sys [62673 2003-05-14] (Funk Software, Inc.)
R3 Pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [31680 2004-03-06] (VSO Software) [File not signed]
R0 PxHelp20; C:\WINDOWS\System32\DRIVERS\PxHelp20.sys [20640 2005-04-25] (Sonic Solutions) [File not signed]
R3 VIASens; C:\WINDOWS\System32\drivers\viasens.sys [391680 2003-11-07] (Sensaura Ltd)
R3 VIAudio; C:\WINDOWS\System32\drivers\viaudios.sys [113024 2003-12-18] (VIA Technologies, Inc.)
R2 WIBUKEY; C:\WINDOWS\system32\Drivers\WIBUKEY.sys [44032 1997-10-31] (WIBU-SYSTEMS AG) [File not signed]
R3 WinDriver6; C:\WINDOWS\System32\drivers\windrvr6.sys [316192 2004-07-26] (Jungo) [File not signed]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96256 2004-08-03] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-22 03:37 - 2015-01-22 03:37 - 00036712 _____ () C:\WINDOWS\KB971737.log
2015-01-22 03:13 - 2015-01-22 07:13 - 00000260 _____ () C:\WINDOWS\Tasks\WGASetup.job
2015-01-22 03:13 - 2015-01-22 03:31 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-22 03:13 - 2015-01-22 03:13 - 00000000 ____D () C:\WINDOWS\system32\KB905474
2015-01-22 03:11 - 2015-01-22 03:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB960225$
2015-01-21 18:38 - 2015-01-22 07:15 - 00015860 _____ () C:\Documents and Settings\alan\Desktop\FRST.txt
2015-01-21 18:37 - 2015-01-22 07:15 - 00000000 ____D () C:\FRST
2015-01-21 18:37 - 2015-01-21 18:37 - 01118208 _____ (Farbar) C:\Documents and Settings\alan\Desktop\FRST.exe
2015-01-21 10:11 - 2015-01-21 15:10 - 00000000 ____D () C:\Program Files\Symantec AntiVirus
2015-01-21 10:04 - 2015-01-21 10:04 - 00000000 ___HD () C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2015-01-21 10:04 - 2015-01-21 10:04 - 00000000 ____D () C:\Documents and Settings\ghislaine\WINDOWS
2015-01-21 09:57 - 2015-01-21 10:41 - 00000000 ____D () C:\WINDOWS\system32\CatRoot_bak
2015-01-21 09:54 - 2015-01-21 09:54 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Registrar Registry Manager
2015-01-21 06:21 - 2015-01-21 06:21 - 00000000 ____D () C:\Documents and Settings\Administrator\IETldCache
2015-01-21 06:05 - 2015-01-21 06:05 - 00000000 ____D () C:\Documents and Settings\alan\IETldCache
2015-01-21 05:00 - 2015-01-21 05:00 - 00216041 _____ () C:\WINDOWS\KB2847311.log
2015-01-21 04:59 - 2015-01-21 09:54 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2922229$
2015-01-21 04:59 - 2015-01-21 09:54 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2868626$
2015-01-21 04:57 - 2015-01-21 04:58 - 00226523 _____ () C:\WINDOWS\KB2936068-IE8.log
2015-01-21 04:55 - 2015-01-21 04:56 - 00231212 _____ () C:\WINDOWS\KB2909921-IE8.log
2015-01-21 04:55 - 2015-01-21 04:55 - 00224444 _____ () C:\WINDOWS\KB2598845-IE8.log
2015-01-21 04:54 - 2015-01-21 04:54 - 00223822 _____ () C:\WINDOWS\KB2467659.log
2015-01-21 04:54 - 2015-01-21 04:54 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2467659$
2015-01-21 04:53 - 2015-01-21 04:54 - 00238608 _____ () C:\WINDOWS\KB982381-IE8.log
2015-01-21 04:53 - 2015-01-21 04:53 - 00000000 ____D () C:\WINDOWS\ie8updates
2015-01-21 04:51 - 2015-01-21 04:51 - 00065536 _____ () C:\WINDOWS\system32\config\Internet.evt
2015-01-21 04:49 - 2015-01-21 09:54 - 00000000 ___DC () C:\WINDOWS\ie8
2015-01-21 04:49 - 2015-01-21 04:52 - 00242824 _____ () C:\WINDOWS\ie8.log
2015-01-21 04:10 - 2015-01-21 04:58 - 00083716 _____ () C:\WINDOWS\ie8_main.log
2015-01-21 04:08 - 2015-01-21 09:54 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2387149$
2015-01-21 04:07 - 2015-01-21 09:54 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2712808$
2015-01-21 04:07 - 2015-01-21 04:09 - 00203893 _____ () C:\WINDOWS\KB2387149.log
2015-01-21 04:05 - 2015-01-21 09:54 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2479943$
2015-01-21 04:04 - 2015-01-21 04:04 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2659262$
2015-01-21 04:03 - 2015-01-21 04:04 - 00200108 _____ () C:\WINDOWS\KB2659262.log
2015-01-21 04:02 - 2015-01-21 09:54 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2564958$
2015-01-21 04:01 - 2015-01-21 04:02 - 00199402 _____ () C:\WINDOWS\KB2564958.log
2015-01-21 03:56 - 2015-01-21 09:54 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2916036$
2015-01-21 03:55 - 2015-01-21 09:54 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2478971$
2015-01-21 03:55 - 2015-01-21 03:55 - 00196480 _____ () C:\WINDOWS\KB2934207.log
2015-01-21 03:55 - 2015-01-21 03:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2934207$
2015-01-21 03:54 - 2015-01-21 09:54 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2544893-v2$
2015-01-21 03:53 - 2015-01-21 03:54 - 00198047 _____ () C:\WINDOWS\KB2834886.log
2015-01-21 03:53 - 2015-01-21 03:53 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2834886$
2015-01-21 03:52 - 2015-01-21 09:54 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2345886$
2015-01-21 03:51 - 2015-01-21 09:54 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2585542$
2015-01-21 03:51 - 2015-01-21 09:54 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2536276-v2$
2015-01-21 03:51 - 2015-01-21 03:51 - 00199432 _____ () C:\WINDOWS\KB2536276-v2.log
2015-01-21 03:50 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB970430$
2015-01-21 03:49 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2631813$
2015-01-21 03:49 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2296011$
2015-01-21 03:49 - 2015-01-21 03:49 - 00196151 _____ () C:\WINDOWS\KB2296011.log
2015-01-21 03:48 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2691442$
2015-01-21 03:47 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB975558_WM8$
2015-01-21 03:47 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2115168$
2015-01-21 03:47 - 2015-01-21 03:48 - 00195679 _____ () C:\WINDOWS\KB2900986.log
2015-01-21 03:47 - 2015-01-21 03:47 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2900986$
2015-01-21 03:46 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2378111_WM9$
2015-01-21 03:46 - 2015-01-21 03:47 - 00195826 _____ () C:\WINDOWS\KB975558.log
2015-01-21 03:46 - 2015-01-21 03:46 - 00196770 _____ () C:\WINDOWS\KB2378111.log
2015-01-21 03:45 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB951978$
2015-01-21 03:44 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2655992$
2015-01-21 03:44 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2443105$
2015-01-21 03:43 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2834902-v2_WM10$
2015-01-21 03:43 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2802968$
2015-01-21 03:43 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2481109$
2015-01-21 03:43 - 2015-01-21 03:43 - 00194949 _____ () C:\WINDOWS\KB2834902-v2.log
2015-01-21 03:42 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2898715$
2015-01-21 03:42 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2485663$
2015-01-21 03:41 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2598479$
2015-01-21 03:41 - 2015-01-21 03:42 - 00198706 _____ () C:\WINDOWS\KB2485663.log
2015-01-21 03:40 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2929961$
2015-01-21 03:39 - 2015-01-21 03:39 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2686509$
2015-01-21 03:38 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB982132$
2015-01-21 03:38 - 2015-01-21 03:39 - 00200770 _____ () C:\WINDOWS\KB2686509.log
2015-01-21 03:37 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2862335$
2015-01-21 03:37 - 2015-01-21 03:38 - 00197703 _____ () C:\WINDOWS\KB2862335.log
2015-01-21 03:36 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2909212$
2015-01-21 03:35 - 2015-01-21 03:35 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2507938$
2015-01-21 03:34 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2780091$
2015-01-21 03:34 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2510581$
2015-01-21 03:33 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2904266$
2015-01-21 03:32 - 2015-01-21 03:33 - 00198556 _____ () C:\WINDOWS\KB2904266.log
2015-01-21 03:31 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2347290$
2015-01-21 03:30 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2876217$
2015-01-21 03:29 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2483185$
2015-01-21 03:26 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB979687$
2015-01-21 03:26 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2845142_WM64$
2015-01-21 03:26 - 2015-01-21 03:27 - 00195243 _____ () C:\WINDOWS\KB2845142.log
2015-01-21 03:25 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2930275$
2015-01-21 03:25 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2864063$
2015-01-21 03:24 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2719985$
2015-01-21 03:22 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2936068$
2015-01-21 03:20 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2862152$
2015-01-21 03:18 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2592799$
2015-01-21 03:14 - 2015-01-21 03:19 - 00202552 _____ () C:\WINDOWS\KB2592799.log
2015-01-21 03:13 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2964358$
2015-01-21 03:13 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2850869$
2015-01-21 03:13 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2770660$
2015-01-21 03:13 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2535512$
2015-01-21 03:13 - 2015-01-21 03:13 - 00199841 _____ () C:\WINDOWS\KB2535512.log
2015-01-21 03:13 - 2015-01-21 03:13 - 00198440 _____ () C:\WINDOWS\KB2964358.log
2015-01-21 03:12 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2876331$
2015-01-21 03:12 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2859537$
2015-01-21 03:12 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2807986$
2015-01-21 03:12 - 2015-01-21 03:12 - 00200226 _____ () C:\WINDOWS\KB2807986.log
2015-01-21 03:11 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2884256$
2015-01-21 03:11 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2868038$
2015-01-21 03:11 - 2015-01-21 03:11 - 00199351 _____ () C:\WINDOWS\KB2570947.log
2015-01-21 03:11 - 2015-01-21 03:11 - 00197998 _____ () C:\WINDOWS\KB2884256.log
2015-01-21 03:11 - 2015-01-21 03:11 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2570947$
2015-01-21 03:10 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2893294$
2015-01-21 03:10 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2820917$
2015-01-21 03:10 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2757638$
2015-01-21 03:10 - 2015-01-21 03:11 - 00198411 _____ () C:\WINDOWS\KB2868038.log
2015-01-21 03:10 - 2015-01-21 03:10 - 00199190 _____ () C:\WINDOWS\KB2603381.log
2015-01-21 03:10 - 2015-01-21 03:10 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2603381$
2015-01-21 03:09 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2653956$
2015-01-21 03:09 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2508429$
2015-01-21 03:09 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2419632$
2015-01-21 03:08 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB971029$
2015-01-21 03:08 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2749655$
2015-01-21 03:08 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2506212$
2015-01-21 03:07 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2892075$
2015-01-21 03:07 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2705219-v2$
2015-01-21 03:07 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2698365$
2015-01-21 03:07 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2619339$
2015-01-21 03:07 - 2015-01-21 03:07 - 00200763 _____ () C:\WINDOWS\KB2698365.log
2015-01-21 03:06 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB981997$
2015-01-21 03:06 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2862330$
2015-01-21 03:06 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2727528$
2015-01-21 03:06 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2723135-v2$
2015-01-21 03:06 - 2015-01-21 03:06 - 00199650 _____ () C:\WINDOWS\KB2723135-v2.log
2015-01-21 03:06 - 2015-01-21 03:06 - 00199111 _____ () C:\WINDOWS\KB981997.log
2015-01-21 03:05 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2813345$
2015-01-21 03:05 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2676562$
2015-01-21 03:05 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2509553$
2015-01-21 03:04 - 2015-01-21 09:56 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2393802$
2015-01-21 03:04 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB982665$
2015-01-21 03:04 - 2015-01-21 09:55 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2478960$
2015-01-21 03:04 - 2015-01-21 03:04 - 00201384 _____ () C:\WINDOWS\KB2393802.log
2015-01-21 03:03 - 2015-01-21 09:56 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2914368$
2015-01-21 03:03 - 2015-01-21 09:56 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2620712$
2015-01-21 03:03 - 2015-01-21 09:56 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2566454$
2015-01-21 03:03 - 2015-01-21 03:03 - 00199653 _____ () C:\WINDOWS\KB2566454.log
2015-01-21 03:03 - 2015-01-21 03:03 - 00198790 _____ () C:\WINDOWS\KB2661637.log
2015-01-21 03:03 - 2015-01-21 03:03 - 00197234 _____ () C:\WINDOWS\KB2914368.log
2015-01-21 03:03 - 2015-01-21 03:03 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2661637$
2015-01-21 03:02 - 2015-01-21 09:56 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2584146$
2015-01-21 03:02 - 2015-01-21 09:56 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2423089$
2015-01-21 03:01 - 2015-01-21 03:02 - 00200829 _____ () C:\WINDOWS\KB2423089.log
2015-01-21 00:30 - 2015-01-21 04:59 - 00414886 _____ () C:\WINDOWS\KB2868626.log
2015-01-21 00:30 - 2015-01-21 04:59 - 00414079 _____ () C:\WINDOWS\KB2922229.log
2015-01-21 00:30 - 2015-01-21 03:35 - 00395284 _____ () C:\WINDOWS\KB2780091.log
2015-01-21 00:30 - 2015-01-21 03:12 - 00393921 _____ () C:\WINDOWS\KB2876331.log
2015-01-21 00:29 - 2015-01-21 03:25 - 00394033 _____ () C:\WINDOWS\KB2864063.log
2015-01-21 00:29 - 2015-01-21 03:23 - 00401767 _____ () C:\WINDOWS\KB2936068.log
2015-01-21 00:29 - 2015-01-21 03:12 - 00394678 _____ () C:\WINDOWS\KB2859537.log
2015-01-21 00:28 - 2015-01-21 04:07 - 00398551 _____ () C:\WINDOWS\KB2712808.log
2015-01-21 00:28 - 2015-01-21 04:05 - 00398189 _____ () C:\WINDOWS\KB2479943.log
2015-01-21 00:28 - 2015-01-21 03:40 - 00392583 _____ () C:\WINDOWS\KB2929961.log
2015-01-21 00:28 - 2015-01-21 03:36 - 00393330 _____ () C:\WINDOWS\KB2909212.log
2015-01-21 00:28 - 2015-01-21 03:31 - 00395314 _____ () C:\WINDOWS\KB2876217.log
2015-01-21 00:28 - 2015-01-21 03:26 - 00393893 _____ () C:\WINDOWS\KB2930275.log
2015-01-21 00:27 - 2015-01-21 03:56 - 00393093 _____ () C:\WINDOWS\KB2916036.log
2015-01-21 00:27 - 2015-01-21 03:44 - 00394575 _____ () C:\WINDOWS\KB2802968.log
2015-01-21 00:27 - 2015-01-21 03:42 - 00393692 _____ () C:\WINDOWS\KB2898715.log
2015-01-21 00:27 - 2015-01-21 03:13 - 00393916 _____ () C:\WINDOWS\KB2850869.log
2015-01-21 00:26 - 2015-01-21 03:55 - 00395195 _____ () C:\WINDOWS\KB2478971.log
2015-01-21 00:26 - 2015-01-21 03:51 - 00395909 _____ () C:\WINDOWS\KB2585542.log
2015-01-21 00:26 - 2015-01-21 03:49 - 00394564 _____ () C:\WINDOWS\KB2691442.log
2015-01-21 00:26 - 2015-01-21 03:44 - 00395053 _____ () C:\WINDOWS\KB2655992.log
2015-01-21 00:26 - 2015-01-21 03:36 - 00394850 _____ () C:\WINDOWS\KB2507938.log
2015-01-21 00:26 - 2015-01-21 03:21 - 00395136 _____ () C:\WINDOWS\KB2862152.log
2015-01-21 00:25 - 2015-01-21 03:54 - 00394072 _____ () C:\WINDOWS\KB2544893-v2.log
2015-01-21 00:25 - 2015-01-21 03:50 - 00393071 _____ () C:\WINDOWS\KB2631813.log
2015-01-21 00:25 - 2015-01-21 03:41 - 00394929 _____ () C:\WINDOWS\KB2598479.log
2015-01-21 00:25 - 2015-01-21 03:26 - 00396489 _____ () C:\WINDOWS\KB979687.log
2015-01-21 00:25 - 2015-01-21 03:25 - 00397217 _____ () C:\WINDOWS\KB2719985.log
2015-01-21 00:24 - 2015-01-21 03:52 - 00394234 _____ () C:\WINDOWS\KB2345886.log
2015-01-21 00:24 - 2015-01-21 03:47 - 00394349 _____ () C:\WINDOWS\KB2115168.log
2015-01-21 00:24 - 2015-01-21 03:46 - 00393745 _____ () C:\WINDOWS\KB951978.log
2015-01-21 00:24 - 2015-01-21 03:43 - 00394505 _____ () C:\WINDOWS\KB2481109.log
2015-01-21 00:24 - 2015-01-21 03:38 - 00393399 _____ () C:\WINDOWS\KB982132.log
2015-01-21 00:23 - 2015-01-21 03:45 - 00392646 _____ () C:\WINDOWS\KB2443105.log
2015-01-21 00:23 - 2015-01-21 03:34 - 00395736 _____ () C:\WINDOWS\KB2510581.log
2015-01-21 00:23 - 2015-01-21 03:30 - 00397685 _____ () C:\WINDOWS\KB2483185.log
2015-01-21 00:23 - 2015-01-21 03:10 - 00394473 _____ () C:\WINDOWS\KB2820917.log
2015-01-21 00:22 - 2015-01-21 03:10 - 00393452 _____ () C:\WINDOWS\KB2757638.log
2015-01-21 00:22 - 2015-01-21 03:10 - 00391452 _____ () C:\WINDOWS\KB2893294.log
2015-01-21 00:22 - 2015-01-21 03:09 - 00402305 _____ () C:\WINDOWS\KB2419632.log
2015-01-21 00:22 - 2015-01-21 03:09 - 00393275 _____ () C:\WINDOWS\KB2508429.log
2015-01-21 00:22 - 2015-01-21 03:09 - 00392840 _____ () C:\WINDOWS\KB2653956.log
2015-01-21 00:21 - 2015-01-21 03:09 - 00393249 _____ () C:\WINDOWS\KB2749655.log
2015-01-21 00:21 - 2015-01-21 03:08 - 00393998 _____ () C:\WINDOWS\KB971029.log
2015-01-21 00:21 - 2015-01-21 03:08 - 00393376 _____ () C:\WINDOWS\KB2506212.log
2015-01-21 00:21 - 2015-01-21 03:08 - 00389864 _____ () C:\WINDOWS\KB2892075.log
2015-01-21 00:21 - 2015-01-21 03:07 - 00394237 _____ () C:\WINDOWS\KB2705219-v2.log
2015-01-21 00:21 - 2015-01-21 03:07 - 00392187 _____ () C:\WINDOWS\KB2619339.log
2015-01-21 00:20 - 2015-01-21 03:07 - 00392163 _____ () C:\WINDOWS\KB2727528.log
2015-01-21 00:20 - 2015-01-21 03:05 - 00396569 _____ () C:\WINDOWS\KB2509553.log
2015-01-21 00:20 - 2015-01-21 03:05 - 00393615 _____ () C:\WINDOWS\KB2813345.log
2015-01-21 00:19 - 2015-01-21 03:05 - 00395749 _____ () C:\WINDOWS\KB2676562.log
2015-01-21 00:19 - 2015-01-21 03:04 - 00391673 _____ () C:\WINDOWS\KB982665.log
2015-01-21 00:17 - 2015-01-21 03:04 - 00391822 _____ () C:\WINDOWS\KB2620712.log
2015-01-21 00:16 - 2015-01-21 03:03 - 00392927 _____ () C:\WINDOWS\KB2584146.log
2015-01-20 23:37 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB980232$(2)
2015-01-20 23:37 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB980218$(2)
2015-01-20 23:36 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB979683$(2)
2015-01-20 23:36 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB979559$(2)
2015-01-20 23:36 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB979482$(2)
2015-01-20 23:35 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB979309$(2)
2015-01-20 23:35 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB978706$(2)
2015-01-20 23:35 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB978601$(2)
2015-01-20 23:35 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB978542$(2)
2015-01-20 23:34 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB978338$(2)
2015-01-20 23:34 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB978037$(2)
2015-01-20 23:34 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB977914$(2)
2015-01-20 23:34 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB975713$(2)
2015-01-20 23:33 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB975562$(2)
2015-01-20 23:33 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB975561$(2)
2015-01-20 23:33 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB975560$(2)
2015-01-20 23:32 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB975467$(2)
2015-01-20 23:32 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB975025$(2)
2015-01-20 23:32 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB974571$(2)
2015-01-20 23:32 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB974392$(2)
2015-01-20 23:31 - 2015-01-21 09:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974112$(2)
2015-01-20 23:31 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB974318$(2)
2015-01-20 23:31 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB973869$(2)
2015-01-20 23:30 - 2015-01-21 09:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973687$(2)
2015-01-20 23:30 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB973815$(2)
2015-01-20 23:30 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB973507$(2)
2015-01-20 23:30 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB972270$(2)
2015-01-20 23:29 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB971657$(2)
2015-01-20 23:29 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB971468$(2)
2015-01-20 23:29 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB970238$(2)
2015-01-20 23:29 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB969059$(2)
2015-01-20 23:28 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB968389$(2)
2015-01-20 23:28 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB967715$(2)
2015-01-20 23:28 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB961501$(2)
2015-01-20 23:27 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB960859$(2)
2015-01-20 23:27 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB960803$(2)
2015-01-20 23:27 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB960714$(2)
2015-01-20 23:26 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB959426$(2)
2015-01-20 23:26 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB958687$(2)
2015-01-20 23:26 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB958644$(2)
2015-01-20 23:26 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB958215$(2)
2015-01-20 23:25 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB957097$(2)
2015-01-20 23:25 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB957095$(2)
2015-01-20 23:25 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB956844$(2)
2015-01-20 23:24 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB956841$(2)
2015-01-20 23:24 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB956803$(2)
2015-01-20 23:24 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB956802$(2)
2015-01-20 23:23 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB956572$(2)
2015-01-20 23:23 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB956390$(2)
2015-01-20 23:23 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB955759$(2)
2015-01-20 23:22 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB974112$(3)
2015-01-20 23:22 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB973687$(3)
2015-01-20 23:22 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB955069$(2)
2015-01-20 23:21 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB954600$(2)
2015-01-20 23:21 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB954211$(2)
2015-01-20 23:17 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB952954$(2)
2015-01-20 23:16 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB952287$(2)
2015-01-20 23:16 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB952004$(2)
2015-01-20 23:16 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB951748$(2)
2015-01-20 23:15 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB951698$(2)
2015-01-20 23:15 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB951376-v2$(2)
2015-01-20 23:14 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB951376$(2)
2015-01-20 23:14 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB951066$(2)
2015-01-20 23:14 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB950974$(2)
2015-01-20 23:13 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB950762$(2)
2015-01-20 23:13 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB950759$(2)
2015-01-20 23:12 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB946648$(2)
2015-01-20 23:12 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB938464$(2)
2015-01-20 23:12 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB923561$(2)
2015-01-20 23:11 - 2015-01-21 09:57 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB2229593$(2)
2015-01-20 22:54 - 2015-01-20 22:54 - 00000000 ____D () C:\WINDOWS\system32\scripting
2015-01-20 22:54 - 2015-01-20 22:54 - 00000000 ____D () C:\WINDOWS\l2schemas
2015-01-20 20:17 - 2015-01-20 20:18 - 00008067 _____ () C:\WINDOWS\WgaNotify.log
2015-01-20 19:34 - 2015-01-20 19:34 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\temp
2015-01-20 19:34 - 2015-01-20 19:34 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\temp
2015-01-20 19:34 - 2015-01-20 19:34 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\temp
2015-01-20 19:33 - 2015-01-20 19:33 - 00098557 _____ () C:\ComboFix.txt
2015-01-20 19:29 - 2015-01-22 03:34 - 00043731 _____ () C:\WINDOWS\KB954155.log
2015-01-20 19:29 - 2015-01-22 03:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB954155_WM9$
2015-01-20 19:28 - 2015-01-22 03:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974318$
2015-01-20 19:27 - 2015-01-22 03:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB956572$
2015-01-20 19:26 - 2015-01-22 03:10 - 00254238 _____ () C:\WINDOWS\KB956572.log
2015-01-20 19:24 - 2015-01-22 03:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974571$
2015-01-20 19:21 - 2015-01-22 03:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973904$
2015-01-20 19:18 - 2015-01-22 03:06 - 00039321 _____ () C:\WINDOWS\KB973904.log
2015-01-20 17:53 - 2015-01-20 17:53 - 00008192 ____H () C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2015-01-20 17:53 - 2015-01-20 17:53 - 00000000 ____H () C:\WINDOWS\system32\config\system.tmp.LOG
2015-01-20 17:53 - 2015-01-20 17:53 - 00000000 ____H () C:\WINDOWS\system32\config\software.tmp.LOG
2015-01-20 17:53 - 2015-01-20 17:53 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.tmp.LOG
2015-01-20 17:53 - 2015-01-20 17:53 - 00000000 ____H () C:\WINDOWS\system32\config\default.tmp.LOG
2015-01-20 16:47 - 2004-10-10 08:52 - 00000211 _____ () C:\Boot.bak
2015-01-20 16:46 - 2015-01-21 10:05 - 00000000 ____D () C:\cmdcons
2015-01-20 16:46 - 2004-08-03 23:00 - 00260272 __RSH () C:\cmldr
2015-01-20 16:42 - 2015-01-22 03:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB980218$
2015-01-20 16:42 - 2015-01-21 10:05 - 00000000 ____D () C:\Qoobox
2015-01-20 16:41 - 2015-01-22 03:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB959426$
2015-01-20 16:41 - 2015-01-21 10:04 - 00000000 ____D () C:\WINDOWS\erdnt
2015-01-20 16:40 - 2015-01-22 03:35 - 00257022 _____ () C:\WINDOWS\KB979683.log
2015-01-20 16:40 - 2015-01-22 03:35 - 00251488 _____ () C:\WINDOWS\KB971468.log
2015-01-20 16:40 - 2015-01-22 03:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971468$
2015-01-20 16:40 - 2015-01-22 03:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB960859$
2015-01-20 16:40 - 2015-01-22 03:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979683$
2015-01-20 16:39 - 2015-01-22 03:34 - 00252566 _____ () C:\WINDOWS\KB980232.log
2015-01-20 16:39 - 2015-01-22 03:34 - 00055320 _____ () C:\WINDOWS\KB980195.log
2015-01-20 16:39 - 2015-01-22 03:34 - 00050857 _____ () C:\WINDOWS\KB958869.log
2015-01-20 16:39 - 2015-01-22 03:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB980232$
2015-01-20 16:39 - 2015-01-22 03:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB980195$
2015-01-20 16:39 - 2015-01-20 16:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB958869$
2015-01-20 16:38 - 2015-01-22 03:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB981350$
2015-01-20 16:33 - 2015-01-22 03:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB955759$
2015-01-20 16:32 - 2015-01-22 03:31 - 00250849 _____ () C:\WINDOWS\KB955759.log
2015-01-20 16:13 - 2015-01-22 03:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB969059$
2015-01-20 16:12 - 2015-01-22 03:12 - 00246749 _____ () C:\WINDOWS\KB2229593.log
2015-01-20 16:12 - 2015-01-22 03:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978037$
2015-01-20 16:12 - 2015-01-22 03:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2229593$
2015-01-20 16:12 - 2015-01-22 03:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975713$
2015-01-20 16:12 - 2015-01-22 03:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971657$
2015-01-20 16:11 - 2015-01-22 03:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978338$
2015-01-20 16:11 - 2015-01-22 03:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974112$
2015-01-20 16:11 - 2015-01-22 03:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB972270$
2015-01-20 16:11 - 2015-01-22 03:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB956844$
2015-01-20 16:10 - 2015-01-22 03:10 - 00239537 _____ () C:\WINDOWS\KB956844.log
2015-01-20 16:10 - 2015-01-22 03:09 - 00240731 _____ () C:\WINDOWS\KB973869.log
2015-01-20 16:10 - 2015-01-22 03:09 - 00240623 _____ () C:\WINDOWS\KB975561.log
2015-01-20 16:10 - 2015-01-22 03:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975561$
2015-01-20 16:10 - 2015-01-22 03:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973869$
2015-01-20 16:10 - 2015-01-22 03:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB961501$
2015-01-20 16:09 - 2015-01-22 03:09 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973540_WM9L$
2015-01-20 16:09 - 2015-01-22 03:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975560$
2015-01-20 16:09 - 2015-01-22 03:08 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952004$
2015-01-20 16:09 - 2015-01-20 16:09 - 00000000 ___DC () C:\WINDOWS\$NtUninstallKB975025$
2015-01-20 16:08 - 2015-01-22 03:07 - 00442183 _____ () C:\WINDOWS\KB973687.log
2015-01-20 16:08 - 2015-01-22 03:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB977816$
2015-01-20 16:08 - 2015-01-22 03:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973687$
2015-01-20 16:08 - 2015-01-22 03:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973507$
2015-01-20 16:07 - 2015-01-22 03:07 - 00028195 _____ () C:\WINDOWS\KB981793.log
2015-01-20 16:07 - 2015-01-22 03:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB981793$
2015-01-20 16:07 - 2015-01-22 03:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978601$
2015-01-20 16:07 - 2015-01-22 03:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979559$
2015-01-20 16:07 - 2015-01-22 03:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB967715$
2015-01-20 16:06 - 2015-01-22 03:05 - 00039568 _____ () C:\WINDOWS\KB971961.log
2015-01-20 16:06 - 2015-01-22 03:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB977914$
2015-01-20 16:06 - 2015-01-22 03:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974392$
2015-01-20 16:06 - 2015-01-22 03:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971961$
2015-01-20 16:05 - 2015-01-22 03:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978542$
2015-01-20 07:01 - 2015-01-22 03:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB970238$
2015-01-20 06:54 - 2015-01-22 03:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979309$
2015-01-20 06:53 - 2015-01-22 03:04 - 00037134 _____ () C:\WINDOWS\KB978695.log
2015-01-20 06:53 - 2015-01-22 03:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978695_WM9$
2015-01-20 06:52 - 2015-01-22 03:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979482$
2015-01-20 06:49 - 2015-01-22 03:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978706$
2015-01-20 06:46 - 2015-01-22 03:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB958470$
2015-01-20 06:44 - 2015-01-22 03:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB960803$
2015-01-20 06:43 - 2015-01-22 03:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973815$
2015-01-20 06:41 - 2015-01-22 03:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975562$
2015-01-20 06:31 - 2015-01-22 03:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971032$
2015-01-20 06:30 - 2015-01-21 10:11 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-01-20 06:30 - 2015-01-20 06:30 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2015-01-20 06:24 - 2015-01-21 18:29 - 00000000 ____D () C:\AdwCleaner
2015-01-20 06:19 - 2015-01-20 06:19 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Mozilla
2015-01-20 06:13 - 2015-01-22 03:02 - 00310804 _____ () C:\WINDOWS\msxml4-KB973688-enu.LOG
2015-01-20 06:12 - 2015-01-22 03:02 - 00229219 _____ () C:\WINDOWS\KB923561.log
2015-01-20 06:12 - 2015-01-22 03:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB923561$
2015-01-20 06:11 - 2015-01-22 03:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975467$
2015-01-20 06:10 - 2015-01-22 03:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB968389$
2015-01-20 06:10 - 2015-01-20 06:10 - 00000000 ____D () C:\WINDOWS\ERUNT
2015-01-20 06:06 - 2015-01-20 06:07 - 00000000 ____D () C:\Documents and Settings\alan\Application Data\MSN6
2015-01-20 05:04 - 2015-01-22 03:36 - 00288612 _____ () C:\WINDOWS\KB980218.log
2015-01-20 05:04 - 2015-01-22 03:35 - 00289952 _____ () C:\WINDOWS\KB959426.log
2015-01-20 05:04 - 2015-01-22 03:35 - 00287798 _____ () C:\WINDOWS\KB960859.log
2015-01-20 05:03 - 2015-01-22 03:13 - 00282503 _____ () C:\WINDOWS\KB974318.log
2015-01-20 05:03 - 2015-01-22 03:12 - 00300485 _____ () C:\WINDOWS\KB975713.log
2015-01-20 05:03 - 2015-01-22 03:12 - 00284575 _____ () C:\WINDOWS\KB978037.log
2015-01-20 05:03 - 2015-01-22 03:12 - 00281287 _____ () C:\WINDOWS\KB969059.log
2015-01-20 05:03 - 2015-01-22 03:11 - 00298814 _____ () C:\WINDOWS\KB978338.log
2015-01-20 05:03 - 2015-01-22 03:11 - 00282698 _____ () C:\WINDOWS\KB971657.log
2015-01-20 05:03 - 2015-01-22 03:11 - 00054943 _____ () C:\WINDOWS\KB960225.log
2015-01-20 05:03 - 2010-06-14 07:30 - 00743936 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\helpsvc.exe
2015-01-20 05:02 - 2015-01-22 03:10 - 00470734 _____ () C:\WINDOWS\KB974112.log
2015-01-20 05:02 - 2015-01-22 03:09 - 00276958 _____ () C:\WINDOWS\KB961501.log
2015-01-20 05:02 - 2015-01-20 23:32 - 00231199 _____ () C:\WINDOWS\KB975025.log
2015-01-20 05:02 - 2009-11-21 09:36 - 00470528 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aclayers.dll
2015-01-20 05:02 - 2009-10-23 07:27 - 03555328 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\moviemk.exe
2015-01-20 05:02 - 2009-07-27 15:40 - 00128512 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dhtmled.ocx
2015-01-20 05:02 - 2009-06-21 15:04 - 00153088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\triedit.dll
2015-01-20 05:02 - 2009-03-06 07:44 - 00283648 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pdh.dll
2015-01-20 05:02 - 2009-02-09 03:20 - 00714752 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntdll.dll
2015-01-20 05:02 - 2009-02-09 03:20 - 00616960 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\advapi32.dll
2015-01-20 05:02 - 2009-02-09 03:20 - 00473088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fastprox.dll
2015-01-20 05:02 - 2009-02-09 03:20 - 00453120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmiprvsd.dll
2015-01-20 05:02 - 2009-02-09 03:20 - 00399360 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rpcss.dll
2015-01-20 05:02 - 2009-02-06 10:14 - 00110592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\services.exe
2015-01-20 05:02 - 2009-02-06 09:39 - 00227840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmiprvse.exe
2015-01-20 05:02 - 2005-07-25 21:39 - 00060416 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\colbact.dll
2015-01-20 05:00 - 2015-01-22 03:08 - 00294857 _____ () C:\WINDOWS\KB952004.log
2015-01-20 05:00 - 2015-01-22 03:08 - 00290672 _____ () C:\WINDOWS\KB973507.log
2015-01-20 05:00 - 2015-01-22 03:08 - 00270902 _____ () C:\WINDOWS\KB974571.log
2015-01-20 05:00 - 2015-01-22 03:07 - 00077428 _____ () C:\WINDOWS\KB977816.log
2015-01-20 04:59 - 2015-01-22 03:07 - 00276804 _____ () C:\WINDOWS\KB979559.log
2015-01-20 04:59 - 2015-01-22 03:06 - 00287352 _____ () C:\WINDOWS\KB974392.log
2015-01-20 04:59 - 2015-01-22 03:06 - 00285394 _____ () C:\WINDOWS\KB967715.log
2015-01-20 04:59 - 2015-01-22 03:05 - 00274775 _____ () C:\WINDOWS\KB977914.log
2015-01-20 04:58 - 2015-01-22 03:07 - 00287844 _____ () C:\WINDOWS\KB978601.log
2015-01-20 04:58 - 2015-01-22 03:05 - 00272488 _____ () C:\WINDOWS\KB978542.log
2015-01-20 04:58 - 2015-01-22 03:04 - 00271093 _____ () C:\WINDOWS\KB970238.log
2015-01-20 04:58 - 2015-01-22 03:04 - 00267683 _____ () C:\WINDOWS\KB978706.log
2015-01-20 04:58 - 2015-01-22 03:04 - 00267585 _____ () C:\WINDOWS\KB979482.log
2015-01-20 04:58 - 2015-01-22 03:03 - 00267718 _____ () C:\WINDOWS\KB960803.log
2015-01-20 04:58 - 2009-06-05 00:42 - 00655872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstscax.dll
2015-01-20 04:57 - 2015-01-22 03:03 - 00267100 _____ () C:\WINDOWS\KB975562.log
2015-01-20 04:57 - 2015-01-22 03:03 - 00267064 _____ () C:\WINDOWS\KB973815.log
2015-01-20 04:57 - 2015-01-22 03:02 - 00073842 _____ () C:\WINDOWS\KB971032.log
2015-01-20 04:56 - 2015-01-22 03:01 - 00246610 _____ () C:\WINDOWS\KB975467.log
2015-01-20 04:56 - 2009-11-21 09:36 - 01196000 ____C () C:\WINDOWS\system32\dllcache\sysmain.sdb
2015-01-20 04:56 - 2008-04-21 03:02 - 00215552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wordpad.exe
2015-01-20 04:55 - 2015-01-22 03:01 - 00250720 _____ () C:\WINDOWS\KB968389.log
2015-01-20 04:55 - 2004-08-04 01:56 - 00021504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidserv.dll
2015-01-20 04:55 - 2004-08-04 01:56 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidserv.dll
2015-01-20 04:55 - 2004-08-04 01:56 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidserv(2).dll
2015-01-20 04:55 - 2004-08-03 23:58 - 00014848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdhid.sys
2015-01-20 04:55 - 2004-08-03 23:58 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-01-19 19:07 - 2004-08-04 00:08 - 00031616 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys
2015-01-19 19:07 - 2004-08-04 00:08 - 00031616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2015-01-19 19:06 - 2015-01-22 03:04 - 00287472 _____ () C:\WINDOWS\KB979309.log
2015-01-19 13:43 - 2015-01-19 13:43 - 00000000 ____D () C:\Documents and Settings\alan\Application Data\Image Zone Express

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-22 07:16 - 2008-04-26 09:04 - 00000024 ____H () C:\WINDOWS\psgxk
2015-01-22 07:15 - 2004-02-14 17:29 - 00000000 ____D () C:\Documents and Settings\alan\Local Settings\Temp
2015-01-22 07:14 - 2004-02-14 10:06 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-01-22 07:13 - 2004-02-15 18:47 - 00000000 ____D () C:\Program Files\PestPatrol
2015-01-22 07:10 - 2004-08-12 06:00 - 01916208 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-22 03:47 - 2004-02-14 10:03 - 00439552 ____C () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-22 03:44 - 2004-10-10 09:36 - 00035111 _____ () C:\WINDOWS\spupdsvc.log
2015-01-22 03:42 - 2004-02-14 17:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-22 03:42 - 2004-02-14 10:02 - 00196160 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-22 03:41 - 2004-02-14 17:29 - 00000178 __SHC () C:\Documents and Settings\alan\ntuser.ini
2015-01-22 03:41 - 2004-02-14 17:28 - 00032570 _____ () C:\WINDOWS\SchedLgU.Txt
2015-01-22 03:37 - 2004-10-15 21:48 - 00000000 ___HD () C:\WINDOWS\$hf_mig$
2015-01-22 03:36 - 2007-08-10 22:33 - 00141626 _____ () C:\WINDOWS\msgsocm.log
2015-01-22 03:36 - 2004-02-14 10:04 - 00495645 _____ () C:\WINDOWS\netfxocm.log
2015-01-22 03:36 - 2004-02-14 10:04 - 00195421 _____ () C:\WINDOWS\MedCtrOC.log
2015-01-22 03:36 - 2004-02-14 10:04 - 00142626 _____ () C:\WINDOWS\tabletoc.log
2015-01-22 03:36 - 2004-02-14 10:04 - 00130287 _____ () C:\WINDOWS\ocmsn.log
2015-01-22 03:36 - 2004-02-14 10:03 - 02824026 _____ () C:\WINDOWS\FaxSetup.log
2015-01-22 03:36 - 2004-02-14 10:03 - 01363141 _____ () C:\WINDOWS\ocgen.log
2015-01-22 03:36 - 2004-02-14 10:03 - 01296912 _____ () C:\WINDOWS\tsoc.log
2015-01-22 03:36 - 2004-02-14 10:03 - 01008980 _____ () C:\WINDOWS\iis6.log
2015-01-22 03:36 - 2004-02-14 10:03 - 00865828 _____ () C:\WINDOWS\msmqinst.log
2015-01-22 03:36 - 2004-02-14 10:03 - 00799257 _____ () C:\WINDOWS\comsetup.log
2015-01-22 03:36 - 2004-02-14 10:03 - 00484606 _____ () C:\WINDOWS\ntdtcsetup.log
2015-01-22 03:36 - 2004-02-14 10:03 - 00001374 _____ () C:\WINDOWS\imsins.log
2015-01-22 03:35 - 2004-02-14 10:03 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2015-01-22 03:31 - 2005-04-16 02:01 - 00245433 _____ () C:\WINDOWS\updspapi.log
2015-01-22 03:09 - 2004-02-15 22:40 - 00102251 ____C () C:\WINDOWS\wmsetup.log
2015-01-22 03:09 - 2004-02-14 17:19 - 00000000 ____D () C:\Program Files\Movie Maker
2015-01-22 03:08 - 2008-04-25 21:02 - 00829859 _____ () C:\WINDOWS\setupapi.log
2015-01-22 03:07 - 2008-02-24 03:11 - 00602938 _____ () C:\WINDOWS\system32\TZLog.log
2015-01-22 03:05 - 2004-02-14 17:19 - 00000000 ____D () C:\Program Files\Outlook Express
2015-01-21 20:35 - 2005-05-03 16:47 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-21 20:34 - 2008-02-23 00:18 - 00000000 ____D () C:\Documents and Settings\alan\Application Data\Adobe
2015-01-21 19:40 - 2004-02-14 20:36 - 00000000 ____D () C:\Documents and Settings\ghislaine\Local Settings\Temp
2015-01-21 15:19 - 2004-06-24 18:31 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2015-01-21 15:19 - 2004-02-14 09:56 - 00000000 ____D () C:\WINDOWS\security
2015-01-21 15:10 - 2005-12-18 10:48 - 00000000 ____D () C:\Program Files\Symantec
2015-01-21 15:10 - 2005-12-18 10:48 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2015-01-21 15:10 - 2005-12-18 10:48 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Symantec
2015-01-21 10:41 - 2004-09-05 01:23 - 01021726 _____ () C:\WINDOWS\svcpack.log
2015-01-21 10:31 - 2004-02-14 17:19 - 00000000 ____D () C:\WINDOWS\system32\Restore
2015-01-21 10:14 - 2001-08-23 06:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2015-01-21 10:12 - 2005-12-29 16:40 - 00000000 ____D () C:\Documents and Settings\Administrator
2015-01-21 10:12 - 2004-05-01 20:06 - 00000000 ____D () C:\Documents and Settings\Jenny
2015-01-21 10:12 - 2004-02-14 20:36 - 00000000 ____D () C:\Documents and Settings\ghislaine
2015-01-21 10:12 - 2004-02-14 17:29 - 00000000 ____D () C:\Documents and Settings\alan
2015-01-21 10:12 - 2004-02-14 17:28 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2015-01-21 10:12 - 2004-02-14 17:28 - 00000000 __SHD () C:\Documents and Settings\LocalService
2015-01-21 10:12 - 2004-02-14 17:18 - 00000000 ____D () C:\WINDOWS\Registration
2015-01-21 10:03 - 2004-10-10 08:43 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2015-01-21 10:01 - 2004-02-14 17:19 - 00000000 ____D () C:\WINDOWS\srchasst
2015-01-21 10:01 - 2004-02-14 17:19 - 00000000 ____D () C:\Program Files\NetMeeting
2015-01-21 10:01 - 2004-02-14 17:19 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-21 10:01 - 2004-02-14 17:16 - 00000000 ____D () C:\WINDOWS\system32\Com
2015-01-21 10:01 - 2004-02-14 17:16 - 00000000 ____D () C:\Program Files\Windows NT
2015-01-21 10:01 - 2004-02-14 09:56 - 00000000 ____D () C:\WINDOWS\system32\usmt
2015-01-21 10:01 - 2004-02-14 09:56 - 00000000 ____D () C:\WINDOWS\system32\npp
2015-01-21 10:01 - 2004-02-14 09:56 - 00000000 ____D () C:\WINDOWS\system
2015-01-21 10:01 - 2004-02-14 09:56 - 00000000 ____D () C:\WINDOWS\mui
2015-01-21 10:01 - 2004-02-14 09:56 - 00000000 ____D () C:\WINDOWS\msagent
2015-01-21 10:01 - 2004-02-14 09:56 - 00000000 ____D () C:\WINDOWS\ime
2015-01-21 10:01 - 2004-02-14 09:56 - 00000000 ____D () C:\WINDOWS\Help
2015-01-21 09:58 - 2004-10-10 08:50 - 00000000 ____D () C:\WINDOWS\peernet
2015-01-21 09:58 - 2004-08-10 21:21 - 00000000 ____D () C:\WINDOWS\system32\bits
2015-01-21 09:58 - 2004-02-14 17:17 - 00000000 ____D () C:\Program Files\Messenger
2015-01-21 09:58 - 2004-02-14 17:12 - 00000000 ___RD () C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
2015-01-21 09:58 - 2004-02-14 09:56 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2015-01-21 09:54 - 2006-01-02 14:08 - 00000000 ____D () C:\Program Files\Registrar Registry Manager
2015-01-21 09:54 - 2005-06-09 16:14 - 00000000 ____D () C:\Program Files\Common Files\AOL
2015-01-21 09:54 - 2005-06-09 16:14 - 00000000 ____D () C:\Program Files\AOL
2015-01-21 06:07 - 2004-05-23 04:20 - 00000000 ____D () C:\WINDOWS\pss
2015-01-21 06:07 - 2001-08-23 06:00 - 00001278 _____ () C:\WINDOWS\win.ini
2015-01-21 06:07 - 2001-08-23 06:00 - 00000327 _____ () C:\WINDOWS\system.ini
2015-01-21 04:50 - 2004-02-14 09:56 - 00000000 ____D () C:\WINDOWS\Media
2015-01-20 23:37 - 2004-02-14 10:03 - 02068538 _____ () C:\WINDOWS\iis6.BAK
2015-01-20 23:27 - 2009-01-26 03:01 - 00202438 _____ () C:\WINDOWS\KB960714.log
2015-01-20 23:26 - 2009-01-26 03:02 - 00210961 _____ () C:\WINDOWS\KB958215.log
2015-01-20 23:26 - 2009-01-26 03:01 - 00200421 _____ () C:\WINDOWS\KB958687.log
2015-01-20 23:26 - 2008-11-09 03:01 - 00204250 _____ () C:\WINDOWS\KB958644.log
2015-01-20 23:25 - 2008-11-13 03:01 - 00200473 _____ () C:\WINDOWS\KB957097.log
2015-01-20 23:25 - 2008-11-09 03:03 - 00204065 _____ () C:\WINDOWS\KB957095.log
2015-01-20 23:25 - 2008-11-09 03:02 - 00204837 _____ () C:\WINDOWS\KB956841.log
2015-01-20 23:24 - 2009-01-25 22:35 - 00205831 _____ () C:\WINDOWS\KB956802.log
2015-01-20 23:24 - 2008-11-09 03:03 - 00204025 _____ () C:\WINDOWS\KB956803.log
2015-01-20 23:23 - 2009-01-25 22:36 - 00031875 _____ () C:\WINDOWS\KB955839.log
2015-01-20 23:22 - 2008-11-13 03:01 - 00200048 _____ () C:\WINDOWS\KB955069.log
2015-01-20 23:21 - 2008-11-09 03:03 - 00204449 _____ () C:\WINDOWS\KB954211.log
2015-01-20 23:20 - 2008-11-08 11:21 - 00207892 _____ () C:\WINDOWS\KB952954.log
2015-01-20 23:17 - 2008-11-09 03:02 - 00202096 _____ () C:\WINDOWS\KB952287.log
2015-01-20 23:16 - 2008-08-03 21:21 - 00210701 _____ () C:\WINDOWS\KB951748.log
2015-01-20 23:15 - 2008-06-24 02:00 - 00199192 _____ () C:\WINDOWS\KB951376-v2.log
2015-01-20 23:15 - 2008-06-11 02:00 - 00198856 _____ () C:\WINDOWS\KB951376.log
2015-01-20 23:15 - 2008-06-10 11:55 - 00205828 _____ () C:\WINDOWS\KB951698.log
2015-01-20 23:14 - 2008-11-09 03:02 - 00202021 _____ () C:\WINDOWS\KB951066.log
2015-01-20 23:14 - 2008-11-08 11:17 - 00208751 _____ () C:\WINDOWS\KB950974.log
2015-01-20 23:14 - 2008-11-08 11:14 - 00031769 _____ () C:\WINDOWS\KB951072-v2.log
2015-01-20 23:13 - 2008-06-11 02:01 - 00202003 _____ () C:\WINDOWS\KB950762.log
2015-01-20 23:13 - 2008-06-10 11:54 - 00212822 _____ () C:\WINDOWS\KB950759.log
2015-01-20 23:12 - 2008-11-09 03:04 - 00202872 _____ () C:\WINDOWS\KB946648.log
2015-01-20 23:12 - 2008-11-09 03:02 - 00201293 _____ () C:\WINDOWS\KB938464.log
2015-01-20 22:57 - 2008-04-25 21:02 - 00001536 ____C () C:\WINDOWS\sessmgr.setup.log
2015-01-20 22:57 - 2004-10-10 08:52 - 00000373 _____ () C:\WINDOWS\cmsetacl.log
2015-01-20 22:47 - 2002-08-29 03:05 - 00250048 __RSH () C:\ntldr
2015-01-20 22:44 - 2004-10-10 08:39 - 00000000 __HDC () C:\WINDOWS\$NtServicePackUninstall$
2015-01-20 17:54 - 2004-02-14 10:02 - 00049152 _____ () C:\WINDOWS\system32\config\SECURITY.bak
2015-01-20 17:54 - 2004-02-14 10:02 - 00032768 _____ () C:\WINDOWS\system32\config\SAM.bak
2015-01-20 17:54 - 2004-02-14 10:01 - 34603008 _____ () C:\WINDOWS\system32\config\software.bak
2015-01-20 17:54 - 2004-02-14 10:01 - 06553600 _____ () C:\WINDOWS\system32\config\system.bak
2015-01-20 17:54 - 2004-02-14 10:01 - 00524288 _____ () C:\WINDOWS\system32\config\default.bak
2015-01-20 14:14 - 2008-02-24 03:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB920872$
2015-01-20 06:46 - 2004-10-10 08:47 - 00000000 ____D () C:\WINDOWS\ServicePackFiles
2015-01-20 04:55 - 2004-02-14 10:02 - 00183779 _____ () C:\WINDOWS\setupact.log
2015-01-19 14:01 - 2004-02-15 21:56 - 00002479 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Word.lnk
2014-12-31 13:15 - 2005-05-11 00:26 - 110348472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======
2004-05-10 15:22 - 2003-04-07 13:06 - 0000377 ___RC () C:\Program Files\Film-1280x720-vbr.wv9
2004-05-10 15:22 - 2003-04-07 13:06 - 0000665 ___RC () C:\Program Files\Film-320x240-vbr.wv9
2004-05-10 15:22 - 2003-04-07 13:06 - 0000659 ___RC () C:\Program Files\Film-640x480-vbr.wv9
2004-02-15 01:49 - 2004-02-15 01:49 - 3401360 ____C () C:\Program Files\Install_AIM.exe
2004-05-10 15:22 - 2003-06-09 11:21 - 0021158 ____R () C:\Program Files\license.txt
2004-05-10 15:22 - 2003-06-10 23:28 - 0000653 ___RC () C:\Program Files\NTSC-vbr.wv9
2004-05-10 15:22 - 2003-06-10 23:28 - 0000653 ___RC () C:\Program Files\PAL-vbr.wv9
2004-05-10 15:22 - 2003-06-10 23:28 - 0000661 ___RC () C:\Program Files\qNTSC-vbr.wv9
2004-05-10 15:22 - 2003-06-10 23:28 - 0000666 ___RC () C:\Program Files\qPAL-vbr.wv9
2004-05-05 12:14 - 2004-05-05 12:14 - 5245352 ____C (Microsoft Corporation) C:\Program Files\SetupDl.exe
2004-05-10 15:22 - 2003-06-20 23:26 - 0064591 ___RC () C:\Program Files\WMV9VCM.chm
2004-05-10 15:22 - 2003-06-20 23:26 - 0012347 ____R () C:\Program Files\WMV9VCM_readme.htm
2005-04-27 16:35 - 2005-04-27 16:35 - 0003584 ____C () C:\Documents and Settings\alan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2006-01-21 22:37 - 2006-01-21 22:37 - 0000127 _____ () C:\Documents and Settings\alan\Local Settings\Application Data\fusioncache.dat

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================



#10 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:04:23 PM

Posted 22 January 2015 - 05:04 PM

Please copy and paste the logs directly into your reply. If you need to use more than one post to this please do.

 

1.

Please download Malwarebytes Anti-Malware photo.jpg?sz=48 and save it to your desktop.

  • Double-click on the setup file (mbam-setup.exe), then click on Run to install.
  • Malwarebytes will automatically open to it's Dashboard. If you have never run this version, you should see a red note at the top indicating "A scan has never been run on your system"
     
    malwarebytes-anti-malware-fix-now.jpg
    .
  • Click on Update Now to download the current database definitions, then click the Scan Now >> button.
    .
  • If you have run this version before, you should see a green note at the top indicating "Your system is fully protected".
  • You will be prompted to update Malwarebytes...click on the Update Now button.
     
    malwarebytes-anti-malware-2-0-update-now
    .
  • The THREAT SCAN will automatically begin.
     
    malwarebytes-anti-malware-scan.jpg
    .
  • When the scan has completed, the results will be displayed. Click on Quarantine All, then click on Apply Actions.
     
    malwarebytes-anti-malware-potential-thre
    .
  • To complete any actions taken you will be prompted to restart your computer...click on Yes. Failure to reboot normally will prevent Malwarebytes from removing all the malware.
     
    mbam4_zps490948cc.png
    .
  • After rebooting the computer, copy and past the mbam.log in your next reply.

.
To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 1)
  • Open Malwarebytes Anti-Malware.
  • Click the History Tab at the top and select Application Logs.
  • Select (check) the box next to Scan Log. Choose the most current scan.
  • Click the View button.
  • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
  • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
  • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 2)
  • Open Malwarebytes Anti-Malware.
  • Click the Scan Tab at the top.
  • Click the View detailed log link on the right.
  • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
  • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
  • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.


Logs are named by the date of scan in the following format: mbam-log-yyyy-mm-dd and automatically saved to the following locations:
-- XP: C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd
-- Vista, Windows 7/8: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd

 

 

2.

ESET Online Scanner:

IMPORTANT: You MUST use Internet Explorer for this step!

  • Visit the ESET Online Scanner Web Page
  • Select the blue Run ESET Online Scanner button:
    ESET1_zps23a5e840.png
  • Tick the box next to YES, I accept the Terms of Use and click Start
    ESET_EULA2_zps9451f1c3.png
  • When asked, allow the ActiveX control to install.
  • Select Enable detection of potentially unwanted applications and select Advanced Settings:
    ESET2_zpsc701c045.png
  • Make sure to check the options Remove found threats and Enable Anti-Stealth technology are checked:
    ESET4_zps0afafd0d.png
  • Click Start. (This scan can take several hours, so please be patient):
    ESET3_zpsccd1657d.png
  • Once the scan is completed, select List of found threats:
    ESET5_zpsd27be299.png
  • Select Export to text file... and save the file as ESETlog.txt on your Desktop:
    ESET6_zpsc17d154e.png
  • Click the Back button.
  • Click the Finish button:
    ESET9_zps51587217.png
  • Use Notepad to open the saved log file (on your Desktop- ESET.txt)[/b]
  • Copy and paste that log as a reply to this topic.

 

 

Things to include in your next reply::

MBAM log

Eset log

How is the computer running now?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#11 chakotay2

chakotay2
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:03:23 PM

Posted 22 January 2015 - 09:08 PM

Here is the Malwarebytes Log. For some reason I can't pull it up in history and export it in a better format. Hoping this gives you the info you need.

 

I'm running ESET right now.

<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2015/01/22 16:25:58 -0700</date>
<logfile>mbam-log-2015-01-22 (16-25-36).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.00.4.1028</version>
<malware-database>v2015.01.22.11</malware-database>
<rootkit-database>v2015.01.14.01</rootkit-database>
<license>trial</license>
<file-protection>enabled</file-protection>
<web-protection>enabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<osversion>Windows XP Service Pack 2</osversion>
<arch>x86</arch>
<username>alan</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>445094</objects>
<time>4273</time>
<processes>0</processes>
<modules>0</modules>
<keys>31</keys>
<values>6</values>
<datas>1</datas>
<folders>0</folders>
<files>1</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
<key><path>HKLM\SOFTWARE\CLASSES\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C}</path><vendor>Adware.Minibug</vendor><action>success</action><hash>acc7986259302214a9a42fe0ee1560a0</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\TYPELIB\{3C2D2A1E-031F-4397-9614-87C932A848E0}</path><vendor>Adware.Minibug</vendor><action>success</action><hash>acc7986259302214a9a42fe0ee1560a0</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{04A38F6B-006F-4247-BA4C-02A139D5531C}</path><vendor>Adware.Minibug</vendor><action>success</action><hash>acc7986259302214a9a42fe0ee1560a0</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\MiniBugTransporter.MiniBugTransporterX.1</path><vendor>Adware.Minibug</vendor><action>success</action><hash>acc7986259302214a9a42fe0ee1560a0</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\MiniBugTransporter.MiniBugTransporterX</path><vendor>Adware.Minibug</vendor><action>success</action><hash>acc7986259302214a9a42fe0ee1560a0</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\TYPELIB\{4EE12B71-AA5E-45EC-8666-2DB3AD3FDF44}</path><vendor>Adware.ISTBar</vendor><action>success</action><hash>88eb27d3e5a4f44232ce57b839ca817f</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{03B800F9-2536-4441-8CDA-2A3E6D15B4F8}</path><vendor>Adware.ISTBar</vendor><action>success</action><hash>88eb27d3e5a4f44232ce57b839ca817f</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{DFBCC1EB-B149-487E-80C1-CC1562021542}</path><vendor>Adware.ISTBar</vendor><action>success</action><hash>88eb27d3e5a4f44232ce57b839ca817f</hash></key>
<key><path>HKU\S-1-5-21-1078081533-789336058-854245398-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{00000010-6F7D-442C-93E3-4A4827C2E4C8}</path><vendor>Adware.NetOptimizer</vendor><action>success</action><hash>2251718992f73204a1d5eb24996afd03</hash></key>
<key><path>HKU\S-1-5-21-1078081533-789336058-854245398-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{10E42047-DEB9-4535-A118-B3F6EC39B807}</path><vendor>Adware.ISTBar</vendor><action>success</action><hash>0e651ae03950c96d58a41df15da67090</hash></key>
<key><path>HKU\S-1-5-21-1078081533-789336058-854245398-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{386A771C-E96A-421F-8BA7-32F1B706892F}</path><vendor>Adware.ISTBar</vendor><action>success</action><hash>6013a5553158bd7917e7ef1fa85bc33d</hash></key>
<key><path>HKU\S-1-5-21-1078081533-789336058-854245398-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}</path><vendor>Adware.ISTBar</vendor><action>success</action><hash>1d56f802c6c3cc6af10e24eab44fc13f</hash></key>
<key><path>HKLM\SOFTWARE\MICROSOFT\CODE STORE DATABASE\DISTRIBUTION UNITS\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}</path><vendor>Adware.ISTBar</vendor><action>success</action><hash>1d56f802c6c3cc6af10e24eab44fc13f</hash></key>
<key><path>HKU\S-1-5-21-1078081533-789336058-854245398-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{7149E79C-DC19-4C5E-A53C-A54DDF75EEE9}</path><vendor>Adware.MediaMotor</vendor><action>success</action><hash>2251e2181079fb3bae9cd33cbf446d93</hash></key>
<key><path>HKU\S-1-5-21-1078081533-789336058-854245398-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{7C559105-9ECF-42B8-B3F7-832E75EDD959}</path><vendor>Adware.ISTBar</vendor><action>success</action><hash>fd768971f99089ada95c927d689bf60a</hash></key>
<key><path>HKU\S-1-5-21-1078081533-789336058-854245398-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{86227D9C-0EFE-4F8A-AA55-30386A3F5686}</path><vendor>Adware.ISTBar</vendor><action>success</action><hash>f67dc03a8efb2214ee18de310300ab55</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\Ysb.YsbObj</path><vendor>Adware.ISTBar</vendor><action>success</action><hash>f67dc03a8efb2214ee18de310300ab55</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\Ysb.YsbObj.1</path><vendor>Adware.ISTBar</vendor><action>success</action><hash>f67dc03a8efb2214ee18de310300ab55</hash></key>
<key><path>HKU\S-1-5-21-1078081533-789336058-854245398-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{8FCDF9D9-A28B-480F-8C3D-581F119A8AB8}</path><vendor>Adware.180Solutions</vendor><action>success</action><hash>0f64cd2d325704329c4327e5df246d93</hash></key>
<key><path>HKU\S-1-5-21-1078081533-789336058-854245398-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A3FDD654-A057-4971-9844-4ED8E67DBBB8}</path><vendor>Trojan.BHO</vendor><action>success</action><hash>581ba95185042115f8f4ff1cd62d37c9</hash></key>
<key><path>HKU\S-1-5-21-1078081533-789336058-854245398-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{F919FBD3-A96B-4679-AF26-F551439BB5FD}</path><vendor>Trojan.FakeAlert</vendor><action>success</action><hash>a7ccb6442168d1658faa5ec459aa47b9</hash></key>
<key><path>HKLM\SOFTWARE\ISTsvc</path><vendor>Adware.ISTBar</vendor><action>success</action><hash>3b3872888900b2840c9895a4a262c63a</hash></key>
<key><path>HKLM\SOFTWARE\YourSiteBar</path><vendor>Adware.ISTBar</vendor><action>delete-on-reboot</action><hash>9fd43bbfcdbc60d65fa74b062bd921df</hash></key>
<key><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\AMeOpt</path><vendor>Adware.NetOptimizer</vendor><action>success</action><hash>314211e9bbce9c9ad404063d4eb633cd</hash></key>
<key><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ISTsvc</path><vendor>Adware.ISTBar</vendor><action>success</action><hash>8de68a70b0d95ed84312c28b659f6f91</hash></key>
<key><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Kapabout</path><vendor>Adware.NetOptimizer</vendor><action>success</action><hash>ef847d7dfe8b44f2b5aa1a3302027090</hash></key>
<key><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\YourSiteBar</path><vendor>Adware.ISTBar</vendor><action>success</action><hash>9ed58b6ff495a294a98fc58ade2630d0</hash></key>
<key><path>HKU\S-1-5-21-1078081533-789336058-854245398-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\IST</path><vendor>Adware.ISTBar</vendor><action>success</action><hash>ea89e6148801d66094a5111b6a9a7987</hash></key>
<key><path>HKU\S-1-5-21-1078081533-789336058-854245398-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SAcc</path><vendor>Adware.SAcc</vendor><action>success</action><hash>e58e51a9078287aff6e2290dee162ad6</hash></key>
<key><path>HKU\S-1-5-21-1078081533-789336058-854245398-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\IST</path><vendor>Adware.ISTBar</vendor><action>success</action><hash>f08397633059c373d26738f4956f0af6</hash></key>
<key><path>HKU\S-1-5-21-1078081533-789336058-854245398-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\AMeOpt</path><vendor>Adware.NetOptimizer</vendor><action>success</action><hash>afc4b04af198b1858b6ff03d5da7ac54</hash></key>
<value><path>HKU\S-1-5-21-1078081533-789336058-854245398-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\EXTENSIONS\CMDMAPPING</path><valuename>{10E42047-DEB9-4535-A118-B3F6EC39B807}</valuename><vendor>Adware.ISTBar</vendor><action>success</action><valuedata>8199</valuedata><hash>0e651ae03950c96d58a41df15da67090</hash></value>
<value><path>HKU\S-1-5-21-1078081533-789336058-854245398-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER</path><valuename>{86227D9C-0EFE-4F8A-AA55-30386A3F5686}</valuename><vendor>Adware.ISTBar</vendor><action>success</action><valuedata>œ}&quot;†þŠOªU08j?V†</valuedata><hash>f67dc03a8efb2214ee18de310300ab55</hash></value>
<value><path>HKU\S-1-5-21-1078081533-789336058-854245398-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\EXTENSIONS\CMDMAPPING\{10E42047-DEB9-4535-A118-B3F6EC39B807}</path><valuename></valuename><vendor>Adware.ISTBar</vendor><action>success</action><valuedata></valuedata><hash>4231a8522a5fde58c735b85603002fd1</hash></value>
<value><path>HKU\S-1-5-21-1078081533-789336058-854245398-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{86227D9C-0EFE-4F8A-AA55-30386A3F5686}</path><valuename></valuename><vendor>Adware.ISTBar</vendor><action>success</action><valuedata></valuedata><hash>4e25ac4e0f7a9c9a020456b91fe4926e</hash></value>
<value><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN</path><valuename>IST Service</valuename><vendor>Adware.ISTBar</vendor><action>success</action><valuedata>C:\Program Files\ISTsvc\istsvc.exe</valuedata><hash>f2819466b1d8f3433d7576d08b7906fa</hash></value>
<value><path>HKU\S-1-5-21-1078081533-789336058-854245398-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM</path><valuename>Wallpaper</valuename><vendor>Hijack.Wallpaper</vendor><action>success</action><valuedata>C:\WINDOWS\desktop.html</valuedata><hash>4e252eccc0c9c0769bf6939be81cb050</hash></value>
<data><path>HKU\S-1-5-21-1078081533-789336058-854245398-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER</path><valuename>ForceActiveDesktopOn</valuename><vendor>PUM.Hijack.Desktop</vendor><action>replaced</action><valuedata>1</valuedata><baddata>1</baddata><gooddata>0</gooddata><hash>690a27d39beead89fe0506963acb7b85</hash></data>
<file><path>C:\Program Files\AWS\WeatherBug\MiniBugTransporter.dll</path><vendor>Adware.Minibug</vendor><action>success</action><hash>acc7986259302214a9a42fe0ee1560a0</hash></file>
</items>
</mbam-log>



#12 chakotay2

chakotay2
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:03:23 PM

Posted 22 January 2015 - 10:55 PM

ESET

 

C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417624.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417624.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417624.pif:qgeak    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417624.pif:tiayjs    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417625.pif:bhilgq    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417625.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417625.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417625.pif:qgeak    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417626.pif:bhilgq    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417626.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417626.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417626.pif:qgeak    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417626.pif:tiayjs    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417627.pif:bhilgq    a variant of Win32/Kryptik.BNX trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417627.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417627.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417627.pif:qgeak    a variant of Win32/Kryptik.BNX trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417627.pif:tiayjs    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417627.pif:uanyjp    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417627.pif:ziiork    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417628.pif:bhilgq    a variant of Win32/Kryptik.BNX trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417628.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417628.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417628.pif:qgeak    a variant of Win32/Kryptik.BNX trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417629.pif:bhilgq    a variant of Win32/Kryptik.BNX trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417629.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417629.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417629.pif:qgeak    a variant of Win32/Kryptik.BNX trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417629.pif:tiayjs    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417630.pif:bhilgq    a variant of Win32/Kryptik.BNX trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417630.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417630.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417630.pif:qgeak    a variant of Win32/Kryptik.BNX trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417631.pif:bhilgq    a variant of Win32/Kryptik.BNX trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417631.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417631.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417631.pif:qgeak    a variant of Win32/Kryptik.BNX trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417631.pif:tiayjs    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417632.pif:bhilgq    a variant of Win32/Kryptik.BNX trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417632.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417632.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417632.pif:qgeak    a variant of Win32/Kryptik.BNX trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417633.pif:bhilgq    a variant of Win32/Kryptik.BNX trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417633.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417633.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417633.pif:qgeak    a variant of Win32/Kryptik.BNX trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417633.pif:tiayjs    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417634.pif:bhilgq    a variant of Win32/Kryptik.BNX trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417634.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417634.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417634.pif:qgeak    a variant of Win32/Kryptik.BNX trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417635.pif:bhilgq    a variant of Win32/Kryptik.BNX trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417635.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417635.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417635.pif:qgeak    a variant of Win32/Kryptik.BNX trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417635.pif:tiayjs    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417636.pif:bhilgq    a variant of Win32/Kryptik.BNX trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417636.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417636.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417636.pif:uanyjp    Win32/TrojanDownloader.Agent.BQ trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417636.pif:ziiork    Win32/TrojanDownloader.Agent.BQ trojan    
C:\WINDOWS\mxTarget.dll    a variant of Win32/Adware.BiSpy.AA application    
C:\WINDOWS\nem220.dll_tobedeleted    Win32/TrojanDownloader.Dyfica.NAD trojan    
C:\WINDOWS\system32\atmvoica.exe    a variant of Win32/Kryptik.RJA trojan    
C:\WINDOWS\system32\geaocurs.dll    a variant of Win32/Kryptik.CSS trojan    
C:\WINDOWS\system32\nppkbdlt.exe    a variant of Win32/Kryptik.RJA trojan    
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417590.INI:uxfgpf    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417591.INI:kahsh    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417592.lnk:gygtvt    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417593.lnk:gygtvt    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417594.lnk:gygtvt    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417595.lnk:gygtvt    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417596.lnk:gygtvt    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417597.lnk:gygtvt    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417598.ini:rzjdro    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417599.ini:rzjdro    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417600.ini:rzjdro    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417601.ini:rzjdro    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417602.ini:rzjdro    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417603.ini:rzjdro    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417604.ini:gardl    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417605.ini:gardl    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417606.ini:gardl    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417607.ini:gardl    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417608.ini:gardl    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417609.ini:gardl    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417610.ini:gardl    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417611.ini:gardl    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417612.ini:gardl    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417614.pif:bhilgq    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417614.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417614.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417614.pif:qgeak    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417615.pif:bhilgq    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417615.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417615.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417615.pif:qgeak    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417615.pif:tiayjs    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417616.pif:bhilgq    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417616.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417616.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417616.pif:qgeak    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417617.pif:bhilgq    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417617.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417617.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417617.pif:qgeak    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417617.pif:tiayjs    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417618.pif:bhilgq    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417618.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417618.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417618.pif:qgeak    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417619.pif:bhilgq    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417619.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417619.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417619.pif:qgeak    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417619.pif:tiayjs    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417620.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417620.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417620.pif:uanyjp    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417620.pif:ziiork    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417621.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417621.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417621.pif:qgeak    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417621.pif:uanyjp    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417621.pif:ziiork    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417622.pif:bhilgq    a variant of Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417622.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417622.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417622.pif:qgeak    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417622.pif:uanyjp    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417622.pif:ziiork    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417623.pif:bhilgq    a variant of Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417623.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417623.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417623.pif:qgeak    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417624.pif:bhilgq    a variant of Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\FRST\Quarantine\C\Documents and Settings\ghislaine\Local Settings\Temp\iinstall.exe.xBAD    Win32/TrojanDownloader.IstBar trojan    cleaned by deleting - quarantined
C:\FRST\Quarantine\C\Documents and Settings\ghislaine\Local Settings\Temp\nw9qcdly.exe.xBAD    Win32/Downloader.Agent potentially unsafe application    deleted - quarantined
C:\FRST\Quarantine\C\Documents and Settings\ghislaine\Local Settings\Temp\optimize.exe.xBAD    Win32/TrojanDownloader.Dyfica.EI trojan    cleaned by deleting - quarantined
C:\FRST\Quarantine\C\Documents and Settings\ghislaine\Local Settings\Temp\p4D22t.exe.xBAD    Win32/TrojanDownloader.IstBar trojan    cleaned by deleting - quarantined
C:\FRST\Quarantine\C\Documents and Settings\ghislaine\Local Settings\Temp\StrDst.exe.xBAD    Win32/TrojanDownloader.IstBar trojan    cleaned by deleting - quarantined
C:\FRST\Quarantine\C\Documents and Settings\ghislaine\Local Settings\Temp\wpdedit.exe.xBAD    a variant of Win32/Kryptik.RJA trojan    cleaned by deleting - quarantined
C:\FRST\Quarantine\C\WINDOWS\epfpvl.dll.xBAD    a variant of Win32/TrojanDownloader.Lemmy.AA trojan    cleaned by deleting - quarantined
C:\FRST\Quarantine\C\WINDOWS\mlrekprd.exe.xBAD    Win32/TrojanDownloader.IstBar.gen trojan    cleaned by deleting - quarantined
C:\Program Files\Eisenworld\Alohabob\Installer.exe    a variant of Generik.DLZRHJB trojan    cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\WINDOWS\mlrekprd.exe.vir    Win32/TrojanDownloader.IstBar.gen trojan    cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\WINDOWS\Downloaded Program Files\ysbActivex.dll.vir    Win32/TrojanDownloader.IstBar trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0414441.dll    a variant of Win32/TrojanDownloader.Lemmy.AA trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0414442.exe    Win32/TrojanDownloader.IstBar.gen trojan    cleaned by deleting - quarantined
Operating memory    multiple threats    
 



#13 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:04:23 PM

Posted 23 January 2015 - 05:17 PM

Please run MBAM and ESET again and post their logs. Also include how the machine is running.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#14 chakotay2

chakotay2
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:03:23 PM

Posted 24 January 2015 - 09:46 PM

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 1/24/2015
Scan Time: 2:40:47 PM
Logfile: mb.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.24.14
Rootkit Database: v2015.01.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows XP Service Pack 2
CPU: x86
File System: NTFS
User: alan

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 447553
Time Elapsed: 1 hr, 13 min, 18 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)


C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417624.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417624.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417624.pif:qgeak    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417624.pif:tiayjs    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417625.pif:bhilgq    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417625.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417625.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417625.pif:qgeak    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417626.pif:bhilgq    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417626.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417626.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417626.pif:qgeak    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417626.pif:tiayjs    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417627.pif:bhilgq    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417627.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417627.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417627.pif:qgeak    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417627.pif:tiayjs    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417627.pif:uanyjp    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417627.pif:ziiork    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417628.pif:bhilgq    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417628.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417628.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417628.pif:qgeak    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417629.pif:bhilgq    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417629.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417629.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417629.pif:qgeak    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417629.pif:tiayjs    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417630.pif:bhilgq    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417630.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417630.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417630.pif:qgeak    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417631.pif:bhilgq    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417631.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417631.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417631.pif:qgeak    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417631.pif:tiayjs    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417632.pif:bhilgq    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417632.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417632.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417632.pif:qgeak    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417633.pif:bhilgq    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417633.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417633.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417633.pif:qgeak    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417633.pif:tiayjs    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417634.pif:bhilgq    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417634.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417634.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417634.pif:qgeak    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417635.pif:bhilgq    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417635.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417635.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417635.pif:qgeak    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417635.pif:tiayjs    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417636.pif:bhilgq    a variant of Win32/Kryptik.BNX trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417636.pif:ghyjxz    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417636.pif:nbxdla    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417636.pif:uanyjp    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP986\A0417636.pif:ziiork    Win32/TrojanDownloader.Agent.BQ trojan    cleaned by deleting - quarantined
C:\System Volume Information\_restore{D9AA1811-1C65-4038-A85A-7D56616F8EDB}\RP987\A0418624.exe    a variant of Generik.DLZRHJB trojan    cleaned by deleting - quarantined
C:\WINDOWS\mxTarget.dll    a variant of Win32/Adware.BiSpy.AA application    cleaned by deleting - quarantined
 


No more Generic Host Process pop-up's.

Things seem better.



#15 chakotay2

chakotay2
  • Topic Starter

  • Members
  • 72 posts
  • OFFLINE
  •  
  • Local time:03:23 PM

Posted 24 January 2015 - 09:54 PM

Things seem much better.


Edited by chakotay2, 24 January 2015 - 09:54 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users