Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer infected with Trojan.Agent, Worm.Agent, Music folders& Aplikasi folders


  • Please log in to reply
23 replies to this topic

#1 Ambience

Ambience

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Nowhere Near Yours
  • Local time:10:16 AM

Posted 04 January 2016 - 11:21 AM

Can someone please give me some help regarding this?

I can provide screenshots if a volunteer helps.



BC AdBot (Login to Remove)

 


#2 shelf life

shelf life

  • Malware Response Team
  • 2,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:06:16 AM

Posted 04 January 2016 - 07:43 PM

hi Ambience,

 

Need to see this topic about generating and posting a FRST log. You can start at Step 6

 

http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

 

Iam usually only on line once or twice per day so you may not get a response back from me until the following day.


How Can I Reduce My Risk to Malware?


#3 Ambience

Ambience
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Nowhere Near Yours
  • Local time:10:16 AM

Posted 05 January 2016 - 07:34 AM

Thank you so much for that reply, I really appreciate it!

 

As requested here are the logs. 

Attached File  FRST.txt   334.94KB   7 downloads

 

And the addition:

Attached File  Addition.txt   46.98KB   1 downloads

 

I can't copy the whole thing from Notepad and paste it here because the website says it is too long.

I'm sorry if that might affect the creation of solution to this problem.



#4 shelf life

shelf life

  • Malware Response Team
  • 2,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:06:16 AM

Posted 05 January 2016 - 06:07 PM

No problem.

 

1) We will use FRST to remove some items. Copy whats below in the box into notepad. Save it as fixlist.txt in the same location you have. FRST, (desktop).

 

Start FRST like before except this time click on the fix button once. Machine may reboot to finish the process. Upon restart you will find a new text file on the desktop called fixlog.txt. Please copy paste that log in your reply and we will go from there.

Thats quite a load of tmp files you have there. After you run FRST. you can get one more download.

HKLM\...\Run: [WinUpdate] => Wscript.exe //e:VBScript "C:\Windows\:Microsoft Office Update for Windows XP.sys"
HKU\S-1-5-21-3774938920-3611944914-2639708701-1000\...\Run: [Df5serv] => Wscript.exe //e:VBScript "C:\Users\pc\Documents\df5srvc.bfe"
HKU\S-1-5-21-3774938920-3611944914-2639708701-1000\...\Run: [Explorer] => Wscript.exe //e:VBScript "C:\Users\pc\AppData\Local\Microsoft\CD Burning\dekstop.ini"
Task: {67A212E1-3A9B-4A34-8158-4C6FBA27A462} - System32\Tasks\{514D9C1E-2316-40A0-98B3-EC5B731FC859} => pcalua.exe -a C:\Users\pc\AppData\Roaming\omiga-plus\UninstallManager.exe -c  -ptid=adks <==== ATTENTION
2016-01-05 19:26 - 2016-01-05 19:26 - 00000581 _____ C:\Windows\Tasks\trzEB4C.tmp
2016-01-05 19:25 - 2016-01-05 19:26 - 00016993 _____ C:\Users\pc\Desktop\FRST.txt
2016-01-05 19:25 - 2016-01-05 19:25 - 00000603 _____ C:\Users\Public\trz406D.tmp
2016-01-05 19:25 - 2016-01-05 19:25 - 00000603 _____ C:\Users\Public\trz402E.tmp
2016-01-05 19:25 - 2016-01-05 19:25 - 00000603 _____ C:\Users\Public\trz3FEE.tmp
2016-01-05 19:25 - 2016-01-05 19:25 - 00000603 _____ C:\Users\Public\trz3F9F.tmp
2016-01-05 19:25 - 2016-01-05 19:25 - 00000603 _____ C:\Users\Public\trz3DAB.tmp
2016-01-05 19:25 - 2016-01-05 19:25 - 00000603 _____ C:\Users\pc\trz3A7F.tmp
2016-01-05 19:25 - 2016-01-05 19:25 - 00000603 _____ C:\Users\Guest\trz382D.tmp
2016-01-05 19:25 - 2016-01-05 19:25 - 00000603 _____ C:\Users\Default\trz357E.tmp
2016-01-05 19:25 - 2016-01-05 19:25 - 00000603 _____ C:\Users\Default\trz3261.tmp
2016-01-05 19:25 - 2016-01-05 19:25 - 00000603 _____ C:\Users\Administrator\trz2C57.tmp
2016-01-05 19:25 - 2016-01-05 19:25 - 00000603 _____ C:\ProgramData\trz2F25.tmp
2016-01-05 19:25 - 2016-01-05 19:25 - 00000603 _____ C:\ProgramData\Microsoft\Windows\Start Menu\trzF9F0.tmp
2016-01-05 19:25 - 2016-01-05 19:25 - 00000597 _____ C:\Users\trz2ADF.tmp
2016-01-05 19:25 - 2016-01-05 19:25 - 00000597 _____ C:\Users\trz28DB.tmp
2016-01-05 19:25 - 2016-01-05 19:25 - 00000581 _____ C:\Windows\Minidump\trzA136.tmp
2016-01-05 19:25 - 2016-01-05 19:25 - 00000579 _____ C:\Windows\trz42FE.tmp
2016-01-05 19:25 - 2016-01-05 19:25 - 00000579 _____ C:\Windows\trz40FA.tmp
2016-01-05 19:24 - 2016-01-05 19:24 - 00000603 _____ C:\Users\Public\Documents\trzA4DA.tmp
2016-01-05 19:24 - 2016-01-05 19:24 - 00000597 _____ C:\ProgramData\trz8869.tmp
2016-01-05 19:22 - 2016-01-05 19:22 - 00000595 _____ C:\trz981B.tmp
2016-01-04 23:10 - 2016-01-04 23:10 - 0000597 _____ () C:\Program Files\trz144D.tmp
2016-01-04 21:08 - 2016-01-04 21:08 - 0000597 _____ () C:\Program Files\trz15C2.tmp
2016-01-03 18:51 - 2016-01-03 18:51 - 0000597 _____ () C:\Program Files\trz1B02.tmp
2016-01-04 23:17 - 2016-01-04 23:17 - 0000597 _____ () C:\Program Files\trz1C95.tmp
2016-01-04 17:56 - 2016-01-04 17:56 - 0000750 _____ () C:\Program Files\trz1E3C.tmp
2016-01-05 01:12 - 2016-01-05 01:12 - 0000597 _____ () C:\Program Files\trz20D9.tmp
2016-01-03 09:54 - 2016-01-03 09:54 - 0000597 _____ () C:\Program Files\trz21D9.tmp
2016-01-04 18:12 - 2016-01-04 18:12 - 0000597 _____ () C:\Program Files\trz221E.tmp
2016-01-05 17:59 - 2016-01-05 17:59 - 0000750 _____ () C:\Program Files\trz25.tmp
2016-01-04 18:40 - 2016-01-04 18:40 - 0000597 _____ () C:\Program Files\trz26AE.tmp
2016-01-04 20:58 - 2016-01-04 20:58 - 0000750 _____ () C:\Program Files\trz27BA.tmp
2016-01-05 00:43 - 2016-01-05 00:43 - 0000750 _____ () C:\Program Files\trz2899.tmp
2016-01-03 20:27 - 2016-01-03 20:27 - 0000597 _____ () C:\Program Files\trz2ACD.tmp
2016-01-03 15:19 - 2016-01-03 15:19 - 0000597 _____ () C:\Program Files\trz2BAB.tmp
2016-01-04 21:14 - 2016-01-04 21:14 - 0000597 _____ () C:\Program Files\trz2CCE.tmp
2016-01-03 21:18 - 2016-01-03 21:18 - 0000597 _____ () C:\Program Files\trz32E4.tmp
2016-01-03 09:45 - 2016-01-03 09:45 - 0000597 _____ () C:\Program Files\trz33BE.tmp
2016-01-03 17:47 - 2016-01-03 17:47 - 0000597 _____ () C:\Program Files\trz36C0.tmp
2016-01-03 22:36 - 2016-01-03 22:36 - 0000597 _____ () C:\Program Files\trz3889.tmp
2016-01-05 19:03 - 2016-01-05 19:03 - 0000597 _____ () C:\Program Files\trz3B0D.tmp
2016-01-03 08:24 - 2016-01-03 08:23 - 0000246 __RSH () C:\Program Files\trz3BD1.tmp
2016-01-03 08:24 - 2016-01-03 08:24 - 0000750 _____ () C:\Program Files\trz3C5E.tmp
2016-01-04 19:57 - 2016-01-04 19:57 - 0000597 _____ () C:\Program Files\trz3CF6.tmp
2016-01-04 22:41 - 2016-01-04 22:41 - 0000750 _____ () C:\Program Files\trz3F28.tmp
2016-01-03 19:36 - 2016-01-03 19:36 - 0000597 _____ () C:\Program Files\trz443A.tmp
2016-01-03 21:58 - 2016-01-03 21:58 - 0000597 _____ () C:\Program Files\trz4900.tmp
2016-01-04 22:43 - 2016-01-04 22:43 - 0000597 _____ () C:\Program Files\trz4AF2.tmp
2016-01-03 09:49 - 2016-01-03 09:49 - 0000597 _____ () C:\Program Files\trz5054.tmp
2016-01-04 23:02 - 2016-01-04 23:02 - 0000597 _____ () C:\Program Files\trz515B.tmp
2016-01-03 20:14 - 2016-01-03 20:14 - 0000597 _____ () C:\Program Files\trz52C7.tmp
2016-01-04 18:27 - 2016-01-04 18:27 - 0000597 _____ () C:\Program Files\trz5AC9.tmp
2016-01-04 22:49 - 2016-01-04 22:49 - 0000597 _____ () C:\Program Files\trz5E4A.tmp
2016-01-03 20:40 - 2016-01-03 20:40 - 0000597 _____ () C:\Program Files\trz5EE.tmp
2016-01-03 21:31 - 2016-01-03 21:31 - 0000597 _____ () C:\Program Files\trz657.tmp
2016-01-03 18:38 - 2016-01-03 18:38 - 0000597 _____ () C:\Program Files\trz6599.tmp
2016-01-05 18:50 - 2016-01-05 18:50 - 0000597 _____ () C:\Program Files\trz65EE.tmp
2016-01-02 22:34 - 2016-01-02 22:34 - 0000597 _____ () C:\Program Files\trz6AB9.tmp
2016-01-03 21:45 - 2016-01-03 21:45 - 0000597 _____ () C:\Program Files\trz6B21.tmp
2016-01-03 08:46 - 2016-01-03 08:46 - 0000597 _____ () C:\Program Files\trz6CF6.tmp
2016-01-03 15:35 - 2016-01-03 15:35 - 0000597 _____ () C:\Program Files\trz7011.tmp
2016-01-03 18:25 - 2016-01-03 18:25 - 0000597 _____ () C:\Program Files\trz7015.tmp
2016-01-02 22:59 - 2016-01-02 22:59 - 0000597 _____ () C:\Program Files\trz7216.tmp
2016-01-03 19:16 - 2016-01-03 19:16 - 0000597 _____ () C:\Program Files\trz73E8.tmp
2016-01-03 19:23 - 2016-01-03 19:23 - 0000750 _____ () C:\Program Files\trz749D.tmp
2016-01-05 17:50 - 2016-01-05 17:50 - 0000597 _____ () C:\Program Files\trz75C6.tmp
2016-01-04 23:10 - 2016-01-04 23:10 - 0000597 _____ () C:\Program Files\trz761F.tmp
2016-01-05 00:35 - 2016-01-05 00:35 - 0000750 _____ () C:\Program Files\trz7B80.tmp
EmptyTemp:
RemoveProxy:

2) Please download MiniToolBox, save it to your desktop

    http://download.bleepingcomputer.com/farbar/MiniToolBox.exe

    Please close any Firefox browsers you may have open
    Double click the icon to launch the program
    Make sure only the following options are checked:

 Reset IE proxy settings

 Reset FF proxy settings

    Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
    Please copy and paste the contents in your reply.

 

3) Last: Google chrome has been altered. you will have to uninstall it via add/remove programs panel then reinstall it:

 

Uninstall:

https://support.google.com/chrome/answer/95319?hl=en

 

Install Chrome:

https://support.google.com/chrome/answer/95346?hl=en

 

 


How Can I Reduce My Risk to Malware?


#5 Ambience

Ambience
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Nowhere Near Yours
  • Local time:10:16 AM

Posted 06 January 2016 - 07:14 PM

Here is the fix log:

 

Attached File  Fixlog.txt   11.78KB   4 downloads

 

And these ones:

 

Attached File  MTB.txt   1.21KB   1 downloads

 

I have tried to delete all of the suspicious by hand .tmp files but my computer couldn't handle it as they were too many.

And in the MiniToolBox, there were two Reset IE proxy settings and Reset FF proxy settings, and I clicked them both just to be sure, is that okay?

 

Anyways, thank you so much yet again as I feel my computer running more faster, do we still have work to do?

 

P.S. The result.txt turned out to be an MTB text, is that a problem?



#6 shelf life

shelf life

  • Malware Response Team
  • 2,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:06:16 AM

Posted 06 January 2016 - 08:15 PM

hi,

 

 

I clicked them both

MTB text, is that a problem

No problem.

Yep more work to do. Your antivirus is up to date and dosnt report any problems after a system scan?

We will use FRST again like before and try To get rid of those temp files, so like you did before:

 

Copy whats below in the box into notepad. Save it as fixlist.txt in the same location you have. FRST, (desktop).

 

Start FRST like before except this time click on the fix button once. Machine may reboot to finish the process. Upon restart you will find a new text file on the desktop called fixlog.txt. Please copy paste that log in your reply and we will go from there.

2016-01-03 22:38 - 2016-01-03 22:38 - 00000561 _____ C:\Windows\system32\trzECAA.tmp
2016-01-03 22:37 - 2016-01-03 22:37 - 00000603 _____ C:\Users\Public\trz559C.tmp
2016-01-03 22:37 - 2016-01-03 22:37 - 00000603 _____ C:\Users\Public\trz555D.tmp
2016-01-03 22:37 - 2016-01-03 22:37 - 00000603 _____ C:\Users\Public\trz550E.tmp
2016-01-03 22:37 - 2016-01-03 22:37 - 00000603 _____ C:\Users\Public\trz54BF.tmp
2016-01-03 22:37 - 2016-01-03 22:37 - 00000603 _____ C:\Users\Public\trz52AB.tmp
2016-01-03 22:37 - 2016-01-03 22:37 - 00000603 _____ C:\Users\Public\Documents\trzF9CD.tmp
2016-01-03 22:37 - 2016-01-03 22:37 - 00000603 _____ C:\Users\Guest\trz4D0E.tmp
2016-01-03 22:37 - 2016-01-03 22:37 - 00000603 _____ C:\Users\Default\trz4A4F.tmp
2016-01-03 22:37 - 2016-01-03 22:37 - 00000603 _____ C:\Users\Default\trz4771.tmp
2016-01-03 22:37 - 2016-01-03 22:37 - 00000603 _____ C:\Users\Administrator\trz41D4.tmp
2016-01-03 22:37 - 2016-01-03 22:37 - 00000603 _____ C:\ProgramData\trz4406.tmp
2016-01-03 22:37 - 2016-01-03 22:37 - 00000603 _____ C:\ProgramData\Microsoft\Windows\Start Menu\trz260E.tmp
2016-01-03 22:37 - 2016-01-03 22:37 - 00000597 _____ C:\Users\trz407C.tmp
2016-01-03 22:37 - 2016-01-03 22:37 - 00000597 _____ C:\ProgramData\trzE05A.tmp
2016-01-03 22:37 - 2016-01-03 22:37 - 00000581 _____ C:\Windows\Minidump\trzA88F.tmp
2016-01-03 22:37 - 2016-01-03 22:37 - 00000579 _____ C:\Windows\trz581E.tmp
2016-01-03 22:37 - 2016-01-03 22:37 - 00000579 _____ C:\Windows\trz561A.tmp
2016-01-03 22:36 - 2016-01-03 22:36 - 00000603 _____ C:\Program Files\Common Files\trz53F1.tmp
2016-01-03 22:36 - 2016-01-03 22:36 - 00000597 _____ C:\Users\trz1D1F.tmp
2016-01-03 22:36 - 2016-01-03 22:36 - 00000597 _____ C:\Program Files\trz3889.tmp
2016-01-03 22:31 - 2016-01-03 22:31 - 00000603 _____ C:\Users\Default\trz78FE.tmp
2016-01-03 22:30 - 2016-01-03 22:30 - 00000603 _____ C:\ProgramData\trz24A7.tmp
2016-01-03 22:29 - 2016-01-03 22:29 - 00000597 _____ C:\Users\trz4C4F.tmp
2016-01-03 22:25 - 2016-01-03 22:25 - 00000581 _____ C:\Windows\Tasks\trz4CA8.tmp
2016-01-03 22:25 - 2016-01-03 22:25 - 00000581 _____ C:\Windows\system\trz4535.tmp
2016-01-03 22:25 - 2016-01-03 22:25 - 00000581 _____ C:\Windows\Minidump\trz2FE.tmp
2016-01-03 22:25 - 2016-01-03 22:25 - 00000561 _____ C:\Windows\system32\trz4739.tmp
2016-01-03 22:24 - 2016-01-03 22:24 - 00000603 _____ C:\Users\Public\trzAED4.tmp
2016-01-03 22:24 - 2016-01-03 22:24 - 00000603 _____ C:\Users\Public\trzAE85.tmp
2016-01-03 22:24 - 2016-01-03 22:24 - 00000603 _____ C:\Users\Public\trzAE45.tmp
2016-01-03 22:24 - 2016-01-03 22:24 - 00000603 _____ C:\Users\Public\trzADF6.tmp
2016-01-03 22:24 - 2016-01-03 22:24 - 00000603 _____ C:\Users\Public\trzABF3.tmp
2016-01-03 22:24 - 2016-01-03 22:24 - 00000603 _____ C:\Users\Public\Documents\trz5239.tmp
2016-01-03 22:24 - 2016-01-03 22:24 - 00000603 _____ C:\Users\Guest\trzA617.tmp
2016-01-03 22:24 - 2016-01-03 22:24 - 00000603 _____ C:\Users\Default\trzA368.tmp
2016-01-03 22:24 - 2016-01-03 22:24 - 00000603 _____ C:\Users\Default\trzA04B.tmp
2016-01-03 22:24 - 2016-01-03 22:24 - 00000603 _____ C:\Users\Administrator\trz9A60.tmp
2016-01-03 22:24 - 2016-01-03 22:24 - 00000603 _____ C:\ProgramData\trz9CB1.tmp
2016-01-03 22:24 - 2016-01-03 22:24 - 00000603 _____ C:\ProgramData\Microsoft\Windows\Start Menu\trz7E1D.tmp
2016-01-03 22:24 - 2016-01-03 22:24 - 00000597 _____ C:\Users\trz98E8.tmp
2016-01-03 22:24 - 2016-01-03 22:24 - 00000597 _____ C:\ProgramData\trz39F0.tmp
2016-01-03 22:24 - 2016-01-03 22:24 - 00000579 _____ C:\Windows\trzB175.tmp
2016-01-03 22:24 - 2016-01-03 22:24 - 00000579 _____ C:\Windows\trzAF52.tmp
2016-01-03 22:23 - 2016-01-03 22:23 - 00000603 _____ C:\Program Files\Common Files\trzAEBE.tmp
2016-01-03 22:23 - 2016-01-03 22:23 - 00000597 _____ C:\Users\trz77EC.tmp
2016-01-03 22:23 - 2016-01-03 22:23 - 00000597 _____ C:\Program Files\trz9327.tmp
2016-01-03 22:18 - 2016-01-03 22:18 - 00000603 _____ C:\Users\Default\trzD706.tmp
2016-01-03 22:18 - 2016-01-03 22:18 - 00000603 _____ C:\ProgramData\trz82AF.tmp
2016-01-03 22:17 - 2016-01-03 22:17 - 00000597 _____ C:\Users\trzA5D5.tmp
2016-01-03 22:12 - 2016-01-03 22:12 - 00000603 _____ C:\Users\Public\trzC8E.tmp
2016-01-03 22:12 - 2016-01-03 22:12 - 00000603 _____ C:\Users\Public\trzC3F.tmp
2016-01-03 22:12 - 2016-01-03 22:12 - 00000603 _____ C:\Users\Public\trzBF0.tmp
2016-01-03 22:12 - 2016-01-03 22:12 - 00000603 _____ C:\Users\Public\trzBA1.tmp
2016-01-03 22:12 - 2016-01-03 22:12 - 00000603 _____ C:\Users\Public\trz98D.tmp
2016-01-03 22:12 - 2016-01-03 22:12 - 00000603 _____ C:\Users\Guest\trz3E0.tmp
2016-01-03 22:12 - 2016-01-03 22:12 - 00000603 _____ C:\Users\Default\trzFE05.tmp
2016-01-03 22:12 - 2016-01-03 22:12 - 00000603 _____ C:\Users\Default\trz112.tmp
2016-01-03 22:12 - 2016-01-03 22:12 - 00000603 _____ C:\Users\Administrator\trzF858.tmp
2016-01-03 22:12 - 2016-01-03 22:12 - 00000603 _____ C:\ProgramData\trzFA9A.tmp
2016-01-03 22:12 - 2016-01-03 22:12 - 00000603 _____ C:\ProgramData\Microsoft\Windows\Start Menu\trzDC82.tmp
2016-01-03 22:12 - 2016-01-03 22:12 - 00000597 _____ C:\Users\trzF70F.tmp
2016-01-03 22:12 - 2016-01-03 22:12 - 00000581 _____ C:\Windows\Tasks\trzA7D2.tmp
2016-01-03 22:12 - 2016-01-03 22:12 - 00000581 _____ C:\Windows\system\trzA070.tmp
2016-01-03 22:12 - 2016-01-03 22:12 - 00000581 _____ C:\Windows\Minidump\trz63C4.tmp
2016-01-03 22:12 - 2016-01-03 22:12 - 00000579 _____ C:\Windows\trzF1F.tmp
2016-01-03 22:12 - 2016-01-03 22:12 - 00000579 _____ C:\Windows\trzD1B.tmp
2016-01-03 22:12 - 2016-01-03 22:12 - 00000561 _____ C:\Windows\system32\trzA273.tmp
2016-01-03 22:11 - 2016-01-03 22:11 - 00000603 _____ C:\Users\Public\Documents\trzB09F.tmp
2016-01-03 22:11 - 2016-01-03 22:11 - 00000603 _____ C:\Program Files\Common Files\trzC1B.tmp
2016-01-03 22:11 - 2016-01-03 22:11 - 00000597 _____ C:\ProgramData\trz9874.tmp
2016-01-03 22:10 - 2016-01-03 22:10 - 00000597 _____ C:\Users\trzD440.tmp
2016-01-03 22:10 - 2016-01-03 22:10 - 00000597 _____ C:\Program Files\trzEFD8.tmp
2016-01-03 22:05 - 2016-01-03 22:05 - 00000603 _____ C:\Users\Default\trz34FF.tmp
2016-01-03 22:05 - 2016-01-03 22:05 - 00000603 _____ C:\ProgramData\trzD947.tmp
2016-01-03 22:04 - 2016-01-03 22:04 - 00000597 _____ C:\Users\trz257.tmp
2016-01-03 22:00 - 2016-01-03 22:00 - 00000581 _____ C:\Windows\Tasks\trz33B.tmp
2016-01-03 22:00 - 2016-01-03 22:00 - 00000581 _____ C:\Windows\system\trzFAC0.tmp
2016-01-03 22:00 - 2016-01-03 22:00 - 00000561 _____ C:\Windows\system32\trzFCB4.tmp
2016-01-03 21:59 - 2016-01-03 21:59 - 00000603 _____ C:\Users\Public\trz650A.tmp
2016-01-03 21:59 - 2016-01-03 21:59 - 00000603 _____ C:\Users\Public\trz64BB.tmp
2016-01-03 21:59 - 2016-01-03 21:59 - 00000603 _____ C:\Users\Public\trz646C.tmp
2016-01-03 21:59 - 2016-01-03 21:59 - 00000603 _____ C:\Users\Public\trz640D.tmp
2016-01-03 21:59 - 2016-01-03 21:59 - 00000603 _____ C:\Users\Public\trz61AC.tmp
2016-01-03 21:59 - 2016-01-03 21:59 - 00000603 _____ C:\Users\Public\Documents\trz8EC.tmp
2016-01-03 21:59 - 2016-01-03 21:59 - 00000603 _____ C:\Users\Guest\trz5C0F.tmp
2016-01-03 21:59 - 2016-01-03 21:59 - 00000603 _____ C:\Users\Default\trz5950.tmp
2016-01-03 21:59 - 2016-01-03 21:59 - 00000603 _____ C:\Users\Default\trz5672.tmp
2016-01-03 21:59 - 2016-01-03 21:59 - 00000603 _____ C:\Users\Administrator\trz5103.tmp
2016-01-03 21:59 - 2016-01-03 21:59 - 00000603 _____ C:\ProgramData\trz5336.tmp
2016-01-03 21:59 - 2016-01-03 21:59 - 00000603 _____ C:\ProgramData\Microsoft\Windows\Start Menu\trz351E.tmp
2016-01-03 21:59 - 2016-01-03 21:59 - 00000597 _____ C:\Users\trz4FBB.tmp
2016-01-03 21:59 - 2016-01-03 21:59 - 00000581 _____ C:\Windows\Minidump\trzB770.tmp
2016-01-03 21:59 - 2016-01-03 21:59 - 00000579 _____ C:\Windows\trz67AB.tmp
2016-01-03 21:59 - 2016-01-03 21:59 - 00000579 _____ C:\Windows\trz6597.tmp
2016-01-03 21:58 - 2016-01-03 21:58 - 00000603 _____ C:\Program Files\Common Files\trz6478.tmp
2016-01-03 21:58 - 2016-01-03 21:58 - 00000597 _____ C:\Users\trz2D77.tmp
2016-01-03 21:58 - 2016-01-03 21:58 - 00000597 _____ C:\ProgramData\trzF0B2.tmp
2016-01-03 21:58 - 2016-01-03 21:58 - 00000597 _____ C:\Program Files\trz4900.tmp
2016-01-03 21:53 - 2016-01-03 21:53 - 00000603 _____ C:\Users\Default\trz80ED.tmp
2016-01-03 21:52 - 2016-01-03 21:52 - 00000603 _____ C:\ProgramData\trz2C96.tmp
2016-01-03 21:51 - 2016-01-03 21:51 - 00000597 _____ C:\Users\trz544E.tmp
2016-01-03 21:47 - 2016-01-03 21:47 - 00000581 _____ C:\Windows\Tasks\trz42BC.tmp
2016-01-03 21:47 - 2016-01-03 21:47 - 00000581 _____ C:\Windows\system\trz3ADC.tmp
2016-01-03 21:47 - 2016-01-03 21:47 - 00000581 _____ C:\Windows\Minidump\trzFFD6.tmp
2016-01-03 21:47 - 2016-01-03 21:47 - 00000561 _____ C:\Windows\system32\trz3CF0.tmp
2016-01-03 21:46 - 2016-01-03 21:46 - 00000603 _____ C:\Users\Public\trz9D69.tmp
2016-01-03 21:46 - 2016-01-03 21:46 - 00000603 _____ C:\Users\Public\trz9D1A.tmp
2016-01-03 21:46 - 2016-01-03 21:46 - 00000603 _____ C:\Users\Public\trz9CCB.tmp
2016-01-03 21:46 - 2016-01-03 21:46 - 00000603 _____ C:\Users\Public\trz9C7C.tmp
2016-01-03 21:46 - 2016-01-03 21:46 - 00000603 _____ C:\Users\Public\trz9A59.tmp
2016-01-03 21:46 - 2016-01-03 21:46 - 00000603 _____ C:\Users\Public\Documents\trz3C1D.tmp
2016-01-03 21:46 - 2016-01-03 21:46 - 00000603 _____ C:\Users\Guest\trz945E.tmp
2016-01-03 21:46 - 2016-01-03 21:46 - 00000603 _____ C:\Users\Default\trz9190.tmp
2016-01-03 21:46 - 2016-01-03 21:46 - 00000603 _____ C:\Users\Default\trz8E54.tmp
2016-01-03 21:46 - 2016-01-03 21:46 - 00000603 _____ C:\Users\Administrator\trz8888.tmp
2016-01-03 21:46 - 2016-01-03 21:46 - 00000603 _____ C:\ProgramData\trz8AE9.tmp
2016-01-03 21:46 - 2016-01-03 21:46 - 00000603 _____ C:\ProgramData\Microsoft\Windows\Start Menu\trz6ADE.tmp
2016-01-03 21:46 - 2016-01-03 21:46 - 00000597 _____ C:\Users\trz8710.tmp
2016-01-03 21:46 - 2016-01-03 21:46 - 00000597 _____ C:\ProgramData\trz22DA.tmp
2016-01-03 21:46 - 2016-01-03 21:46 - 00000579 _____ C:\Windows\trz9FFA.tmp
2016-01-03 21:46 - 2016-01-03 21:46 - 00000579 _____ C:\Windows\trz9DE7.tmp
2016-01-03 21:45 - 2016-01-03 21:45 - 00000603 _____ C:\Program Files\Common Files\trz87B2.tmp
2016-01-03 21:45 - 2016-01-03 21:45 - 00000597 _____ C:\Users\trz4E22.tmp
2016-01-03 21:45 - 2016-01-03 21:45 - 00000597 _____ C:\Program Files\trz6B21.tmp
2016-01-03 21:39 - 2016-01-03 21:39 - 00000603 _____ C:\Users\Default\trz4DDD.tmp
2016-01-03 21:39 - 2016-01-03 21:39 - 00000603 _____ C:\ProgramData\trzF32F.tmp
2016-01-03 21:38 - 2016-01-03 21:38 - 00000597 _____ C:\Users\trzE95D.tmp
2016-01-03 21:33 - 2016-01-03 21:33 - 00000603 _____ C:\Users\Public\trz3027.tmp
2016-01-03 21:33 - 2016-01-03 21:33 - 00000603 _____ C:\Users\Public\trz2FC8.tmp
2016-01-03 21:33 - 2016-01-03 21:33 - 00000603 _____ C:\Users\Public\trz2F89.tmp
2016-01-03 21:33 - 2016-01-03 21:33 - 00000603 _____ C:\Users\Public\trz2F4A.tmp
2016-01-03 21:33 - 2016-01-03 21:33 - 00000603 _____ C:\Users\Public\trz2D27.tmp
2016-01-03 21:33 - 2016-01-03 21:33 - 00000603 _____ C:\Users\Guest\trz276A.tmp
2016-01-03 21:33 - 2016-01-03 21:33 - 00000603 _____ C:\Users\Default\trz24AB.tmp
2016-01-03 21:33 - 2016-01-03 21:33 - 00000581 _____ C:\Windows\Tasks\trzD2FA.tmp
2016-01-03 21:33 - 2016-01-03 21:33 - 00000581 _____ C:\Windows\system\trzCA9E.tmp
2016-01-03 21:33 - 2016-01-03 21:33 - 00000581 _____ C:\Windows\Minidump\trz8EEC.tmp
2016-01-03 21:33 - 2016-01-03 21:33 - 00000579 _____ C:\Windows\trz32A9.tmp
2016-01-03 21:33 - 2016-01-03 21:33 - 00000579 _____ C:\Windows\trz30B4.tmp
2016-01-03 21:33 - 2016-01-03 21:33 - 00000561 _____ C:\Windows\system32\trzCCA2.tmp
2016-01-03 21:32 - 2016-01-03 21:32 - 00000603 _____ C:\Users\Public\Documents\trzD199.tmp
2016-01-03 21:32 - 2016-01-03 21:32 - 00000603 _____ C:\Users\Default\trz219E.tmp
2016-01-03 21:32 - 2016-01-03 21:32 - 00000603 _____ C:\Users\Administrator\trz1BF1.tmp
2016-01-03 21:32 - 2016-01-03 21:32 - 00000603 _____ C:\ProgramData\trz1E43.tmp
2016-01-03 21:32 - 2016-01-03 21:32 - 00000603 _____ C:\ProgramData\Microsoft\Windows\Start Menu\trzFF03.tmp
2016-01-03 21:32 - 2016-01-03 21:32 - 00000597 _____ C:\Users\trz1A7A.tmp
2016-01-03 21:32 - 2016-01-03 21:32 - 00000597 _____ C:\ProgramData\trzB8B4.tmp
2016-01-03 21:31 - 2016-01-03 21:31 - 00000603 _____ C:\Program Files\Common Files\trz23C2.tmp
2016-01-03 21:31 - 2016-01-03 21:31 - 00000597 _____ C:\Users\trzE977.tmp
2016-01-03 21:31 - 2016-01-03 21:31 - 00000597 _____ C:\Program Files\trz657.tmp
2016-01-03 21:26 - 2016-01-03 21:26 - 00000603 _____ C:\Users\Default\trz3984.tmp
2016-01-03 21:26 - 2016-01-03 21:26 - 00000603 _____ C:\ProgramData\trzDFC0.tmp
2016-01-03 21:25 - 2016-01-03 21:25 - 00000597 _____ C:\Users\trzFEA2.tmp
2016-01-03 21:20 - 2016-01-03 21:20 - 00000603 _____ C:\Users\Public\trz58DD.tmp
2016-01-03 21:20 - 2016-01-03 21:20 - 00000603 _____ C:\Users\Public\trz5870.tmp
2016-01-03 21:20 - 2016-01-03 21:20 - 00000603 _____ C:\Users\Public\trz5820.tmp
2016-01-03 21:20 - 2016-01-03 21:20 - 00000603 _____ C:\Users\Public\trz57E0.tmp
2016-01-03 21:20 - 2016-01-03 21:20 - 00000603 _____ C:\Users\Public\trz55CD.tmp
2016-01-03 21:20 - 2016-01-03 21:20 - 00000603 _____ C:\Users\Guest\trz4FF1.tmp
2016-01-03 21:20 - 2016-01-03 21:20 - 00000603 _____ C:\Users\Default\trz4D32.tmp
2016-01-03 21:20 - 2016-01-03 21:20 - 00000603 _____ C:\Users\Default\trz4A44.tmp
2016-01-03 21:20 - 2016-01-03 21:20 - 00000603 _____ C:\Users\Administrator\trz44B7.tmp
2016-01-03 21:20 - 2016-01-03 21:20 - 00000603 _____ C:\ProgramData\trz4709.tmp
2016-01-03 21:20 - 2016-01-03 21:20 - 00000597 _____ C:\Users\trz434F.tmp
2016-01-03 21:20 - 2016-01-03 21:20 - 00000581 _____ C:\Windows\Tasks\trzF643.tmp
2016-01-03 21:20 - 2016-01-03 21:20 - 00000581 _____ C:\Windows\system\trzEEC2.tmp
2016-01-03 21:20 - 2016-01-03 21:20 - 00000581 _____ C:\Windows\Minidump\trzB14B.tmp
2016-01-03 21:20 - 2016-01-03 21:20 - 00000579 _____ C:\Windows\trz5B4F.tmp
2016-01-03 21:20 - 2016-01-03 21:20 - 00000579 _____ C:\Windows\trz595B.tmp
2016-01-03 21:20 - 2016-01-03 21:20 - 00000561 _____ C:\Windows\system32\trzF0B6.tmp
2016-01-03 21:19 - 2016-01-03 21:19 - 00000603 _____ C:\Users\Public\Documents\trzF4F2.tmp
2016-01-03 21:19 - 2016-01-03 21:19 - 00000603 _____ C:\ProgramData\Microsoft\Windows\Start Menu\trz2864.tmp
2016-01-03 21:19 - 2016-01-03 21:19 - 00000597 _____ C:\ProgramData\trzDA77.tmp
2016-01-03 21:18 - 2016-01-03 21:18 - 00000603 _____ C:\Program Files\Common Files\trz4E6B.tmp
2016-01-03 21:18 - 2016-01-03 21:18 - 00000597 _____ C:\Users\trz17E7.tmp
2016-01-03 21:18 - 2016-01-03 21:18 - 00000597 _____ C:\Program Files\trz32E4.tmp
2016-01-03 21:13 - 2016-01-03 21:13 - 00000603 _____ C:\Users\Default\trz704D.tmp
2016-01-03 21:13 - 2016-01-03 21:13 - 00000603 _____ C:\ProgramData\trz1C15.tmp
2016-01-03 21:12 - 2016-01-03 21:12 - 00000597 _____ C:\Users\trz3C3F.tmp
2016-01-03 21:08 - 2016-01-03 21:08 - 00000581 _____ C:\Windows\Tasks\trz3DFE.tmp
2016-01-03 21:07 - 2016-01-03 21:07 - 00000603 _____ C:\Users\Public\trzA181.tmp
2016-01-03 21:07 - 2016-01-03 21:07 - 00000603 _____ C:\Users\Public\trzA132.tmp
2016-01-03 21:07 - 2016-01-03 21:07 - 00000603 _____ C:\Users\Public\trzA0E3.tmp
2016-01-03 21:07 - 2016-01-03 21:07 - 00000603 _____ C:\Users\Public\trzA094.tmp
2016-01-03 21:07 - 2016-01-03 21:07 - 00000603 _____ C:\Users\Public\trz9E71.tmp
2016-01-03 21:07 - 2016-01-03 21:07 - 00000603 _____ C:\Users\Guest\trz98C4.tmp
2016-01-03 21:07 - 2016-01-03 21:07 - 00000603 _____ C:\Users\Default\trz9605.tmp
2016-01-03 21:07 - 2016-01-03 21:07 - 00000603 _____ C:\Users\Default\trz9327.tmp
2016-01-03 21:07 - 2016-01-03 21:07 - 00000603 _____ C:\Users\Administrator\trz8D4B.tmp
2016-01-03 21:07 - 2016-01-03 21:07 - 00000603 _____ C:\ProgramData\trz8F8E.tmp
2016-01-03 21:07 - 2016-01-03 21:07 - 00000603 _____ C:\ProgramData\Microsoft\Windows\Start Menu\trz7128.tmp
2016-01-03 21:07 - 2016-01-03 21:07 - 00000597 _____ C:\Users\trz8C03.tmp
2016-01-03 21:07 - 2016-01-03 21:07 - 00000581 _____ C:\Windows\system\trz366C.tmp
2016-01-03 21:07 - 2016-01-03 21:07 - 00000581 _____ C:\Windows\Minidump\trzF9B1.tmp
2016-01-03 21:07 - 2016-01-03 21:07 - 00000579 _____ C:\Windows\trzA412.tmp
2016-01-03 21:07 - 2016-01-03 21:07 - 00000579 _____ C:\Windows\trzA20E.tmp
2016-01-03 21:07 - 2016-01-03 21:07 - 00000561 _____ C:\Windows\system32\trz3880.tmp
2016-01-03 21:06 - 2016-01-03 21:06 - 00000603 _____ C:\Users\Public\Documents\trz442C.tmp
2016-01-03 21:06 - 2016-01-03 21:06 - 00000603 _____ C:\Program Files\Common Files\trz9DF2.tmp
2016-01-03 21:06 - 2016-01-03 21:06 - 00000597 _____ C:\ProgramData\trz2BD2.tmp
2016-01-03 21:06 - 2016-01-03 21:06 - 00000597 _____ C:\Program Files\trz822C.tmp
2016-01-03 21:05 - 2016-01-03 21:05 - 00000597 _____ C:\Users\trz6675.tmp
2016-01-03 21:00 - 2016-01-03 21:00 - 00000603 _____ C:\Users\Default\trzBBDE.tmp
2016-01-03 21:00 - 2016-01-03 21:00 - 00000603 _____ C:\ProgramData\trz643C.tmp
2016-01-03 20:59 - 2016-01-03 20:59 - 00000597 _____ C:\Users\trz75D6.tmp
2016-01-03 20:55 - 2016-01-03 20:55 - 00000581 _____ C:\Windows\Tasks\trz715E.tmp
2016-01-03 20:55 - 2016-01-03 20:55 - 00000581 _____ C:\Windows\system\trz6A1A.tmp
2016-01-03 20:55 - 2016-01-03 20:55 - 00000561 _____ C:\Windows\system32\trz6C1E.tmp
2016-01-03 20:54 - 2016-01-03 20:54 - 00000603 _____ C:\Users\Public\trzD445.tmp
2016-01-03 20:54 - 2016-01-03 20:54 - 00000603 _____ C:\Users\Public\trzD406.tmp
2016-01-03 20:54 - 2016-01-03 20:54 - 00000603 _____ C:\Users\Public\trzD397.tmp
2016-01-03 20:54 - 2016-01-03 20:54 - 00000603 _____ C:\Users\Public\trzD339.tmp
2016-01-03 20:54 - 2016-01-03 20:54 - 00000603 _____ C:\Users\Public\trzD0E7.tmp
2016-01-03 20:54 - 2016-01-03 20:54 - 00000603 _____ C:\Users\Public\Documents\trz75B7.tmp
2016-01-03 20:54 - 2016-01-03 20:54 - 00000603 _____ C:\Users\Guest\trzCB1B.tmp
2016-01-03 20:54 - 2016-01-03 20:54 - 00000603 _____ C:\Users\Default\trzC85C.tmp
2016-01-03 20:54 - 2016-01-03 20:54 - 00000603 _____ C:\Users\Default\trzC55F.tmp
2016-01-03 20:54 - 2016-01-03 20:54 - 00000603 _____ C:\Users\Administrator\trzBF93.tmp
2016-01-03 20:54 - 2016-01-03 20:54 - 00000603 _____ C:\ProgramData\trzC1F4.tmp
2016-01-03 20:54 - 2016-01-03 20:54 - 00000603 _____ C:\ProgramData\Microsoft\Windows\Start Menu\trzA340.tmp
2016-01-03 20:54 - 2016-01-03 20:54 - 00000597 _____ C:\Users\trzBE0B.tmp
2016-01-03 20:54 - 2016-01-03 20:54 - 00000581 _____ C:\Windows\Minidump\trz22A5.tmp
2016-01-03 20:54 - 2016-01-03 20:54 - 00000579 _____ C:\Windows\trzD6D6.tmp
2016-01-03 20:54 - 2016-01-03 20:54 - 00000579 _____ C:\Windows\trzD4D2.tmp
2016-01-03 20:53 - 2016-01-03 20:53 - 00000603 _____ C:\Program Files\Common Files\trzCCC0.tmp
2016-01-03 20:53 - 2016-01-03 20:53 - 00000597 _____ C:\Users\trz969A.tmp
2016-01-03 20:53 - 2016-01-03 20:53 - 00000597 _____ C:\ProgramData\trz5CD2.tmp
2016-01-03 20:53 - 2016-01-03 20:53 - 00000597 _____ C:\Program Files\trzB177.tmp
2016-01-03 20:48 - 2016-01-03 20:48 - 00000603 _____ C:\Users\Default\trzF4BA.tmp
2016-01-03 20:47 - 2016-01-03 20:47 - 00000603 _____ C:\ProgramData\trz9B44.tmp
2016-01-03 20:46 - 2016-01-03 20:46 - 00000597 _____ C:\Users\trzC415.tmp
2016-01-03 20:42 - 2016-01-03 20:42 - 00000581 _____ C:\Windows\Tasks\trzC2D8.tmp
2016-01-03 20:42 - 2016-01-03 20:42 - 00000581 _____ C:\Windows\system\trzBB75.tmp
2016-01-03 20:42 - 2016-01-03 20:42 - 00000581 _____ C:\Windows\Minidump\trz7DA1.tmp
2016-01-03 20:42 - 2016-01-03 20:42 - 00000561 _____ C:\Windows\system32\trzBD69.tmp
2016-01-03 20:41 - 2016-01-03 20:41 - 00000603 _____ C:\Users\Public\trz267A.tmp
2016-01-03 20:41 - 2016-01-03 20:41 - 00000603 _____ C:\Users\Public\trz262B.tmp
2016-01-03 20:41 - 2016-01-03 20:41 - 00000603 _____ C:\Users\Public\trz25DC.tmp
2016-01-03 20:41 - 2016-01-03 20:41 - 00000603 _____ C:\Users\Public\trz258D.tmp
2016-01-03 20:41 - 2016-01-03 20:41 - 00000603 _____ C:\Users\Public\trz2399.tmp
2016-01-03 20:41 - 2016-01-03 20:41 - 00000603 _____ C:\Users\Public\Documents\trzC703.tmp
2016-01-03 20:41 - 2016-01-03 20:41 - 00000603 _____ C:\Users\Guest\trz1E2B.tmp
2016-01-03 20:41 - 2016-01-03 20:41 - 00000603 _____ C:\Users\Default\trz1B7B.tmp
2016-01-03 20:41 - 2016-01-03 20:41 - 00000603 _____ C:\Users\Default\trz18AD.tmp
2016-01-03 20:41 - 2016-01-03 20:41 - 00000603 _____ C:\Users\Administrator\trz12E1.tmp
2016-01-03 20:41 - 2016-01-03 20:41 - 00000603 _____ C:\ProgramData\trz1542.tmp
2016-01-03 20:41 - 2016-01-03 20:41 - 00000603 _____ C:\ProgramData\Microsoft\Windows\Start Menu\trzF354.tmp
2016-01-03 20:41 - 2016-01-03 20:41 - 00000597 _____ C:\Users\trz1198.tmp
2016-01-03 20:41 - 2016-01-03 20:41 - 00000597 _____ C:\ProgramData\trzAEE8.tmp
2016-01-03 20:41 - 2016-01-03 20:41 - 00000579 _____ C:\Windows\trz28EC.tmp
2016-01-03 20:41 - 2016-01-03 20:41 - 00000579 _____ C:\Windows\trz26F8.tmp
2016-01-03 20:40 - 2016-01-03 20:40 - 00000603 _____ C:\Program Files\Common Files\trz2118.tmp
2016-01-03 20:40 - 2016-01-03 20:40 - 00000597 _____ C:\Users\trzEAC3.tmp
2016-01-03 20:40 - 2016-01-03 20:40 - 00000597 _____ C:\Program Files\trz5EE.tmp
2016-01-03 20:35 - 2016-01-03 20:35 - 00000603 _____ C:\Users\Default\trz3FA0.tmp
2016-01-03 20:34 - 2016-01-03 20:34 - 00000603 _____ C:\ProgramData\trzE678.tmp
2016-01-03 20:33 - 2016-01-03 20:33 - 00000597 _____ C:\Users\trzC9A.tmp
2016-01-03 20:29 - 2016-01-03 20:29 - 00000581 _____ C:\Windows\Tasks\trzFD69.tmp
2016-01-03 20:29 - 2016-01-03 20:29 - 00000581 _____ C:\Windows\system\trzF5B8.tmp
2016-01-03 20:29 - 2016-01-03 20:29 - 00000581 _____ C:\Windows\Minidump\trzBB2E.tmp
2016-01-03 20:29 - 2016-01-03 20:29 - 00000561 _____ C:\Windows\system32\trzF7CB.tmp
2016-01-03 20:28 - 2016-01-03 20:28 - 00000603 _____ C:\Users\Public\trz5B8F.tmp
2016-01-03 20:28 - 2016-01-03 20:28 - 00000603 _____ C:\Users\Public\trz5B40.tmp
2016-01-03 20:28 - 2016-01-03 20:28 - 00000603 _____ C:\Users\Public\trz5AF1.tmp
2016-01-03 20:28 - 2016-01-03 20:28 - 00000603 _____ C:\Users\Public\trz5AA2.tmp
2016-01-03 20:28 - 2016-01-03 20:28 - 00000603 _____ C:\Users\Public\trz586F.tmp
2016-01-03 20:28 - 2016-01-03 20:28 - 00000603 _____ C:\Users\Public\Documents\trzF6DA.tmp
2016-01-03 20:28 - 2016-01-03 20:28 - 00000603 _____ C:\Users\Guest\trz5246.tmp
2016-01-03 20:28 - 2016-01-03 20:28 - 00000603 _____ C:\Users\Default\trz4F48.tmp
2016-01-03 20:28 - 2016-01-03 20:28 - 00000603 _____ C:\Users\Default\trz4C4B.tmp
2016-01-03 20:28 - 2016-01-03 20:28 - 00000603 _____ C:\Users\Administrator\trz4641.tmp
2016-01-03 20:28 - 2016-01-03 20:28 - 00000603 _____ C:\ProgramData\trz48D1.tmp
2016-01-03 20:28 - 2016-01-03 20:28 - 00000603 _____ C:\ProgramData\Microsoft\Windows\Start Menu\trz2897.tmp
2016-01-03 20:28 - 2016-01-03 20:28 - 00000597 _____ C:\Users\trz44D9.tmp
2016-01-03 20:28 - 2016-01-03 20:28 - 00000597 _____ C:\ProgramData\trzDD58.tmp
2016-01-03 20:28 - 2016-01-03 20:28 - 00000579 _____ C:\Windows\trz5E20.tmp
2016-01-03 20:28 - 2016-01-03 20:28 - 00000579 _____ C:\Windows\trz5C0D.tmp
2016-01-03 20:27 - 2016-01-03 20:27 - 00000603 _____ C:\Program Files\Common Files\trz478C.tmp
2016-01-03 20:27 - 2016-01-03 20:27 - 00000597 _____ C:\Users\trzD51.tmp
2016-01-03 20:27 - 2016-01-03 20:27 - 00000597 _____ C:\Program Files\trz2ACD.tmp
2016-01-03 20:22 - 2016-01-03 20:22 - 00000603 _____ C:\Users\Default\trz37F3.tmp
2016-01-03 20:21 - 2016-01-03 20:21 - 00000603 _____ C:\ProgramData\trzDEDB.tmp
2016-01-03 20:20 - 2016-01-03 20:20 - 00000597 _____ C:\Users\trz664.tmp
2016-01-03 20:16 - 2016-01-03 20:16 - 00000581 _____ C:\Windows\Tasks\trz7A6.tmp
2016-01-03 20:16 - 2016-01-03 20:16 - 00000581 _____ C:\Windows\system\trz34.tmp
2016-01-03 20:16 - 2016-01-03 20:16 - 00000581 _____ C:\Windows\Minidump\trzB91D.tmp
2016-01-03 20:16 - 2016-01-03 20:16 - 00000561 _____ C:\Windows\system32\trz238.tmp
2016-01-03 20:15 - 2016-01-03 20:15 - 00000603 _____ C:\Users\Public\trz6D2C.tmp
2016-01-03 20:15 - 2016-01-03 20:15 - 00000603 _____ C:\Users\Public\trz6CDD.tmp
2016-01-03 20:15 - 2016-01-03 20:15 - 00000603 _____ C:\Users\Public\trz6C9E.tmp
2016-01-03 20:15 - 2016-01-03 20:15 - 00000603 _____ C:\Users\Public\trz6C3F.tmp
2016-01-03 20:15 - 2016-01-03 20:15 - 00000603 _____ C:\Users\Public\trz6A4B.tmp
2016-01-03 20:15 - 2016-01-03 20:15 - 00000603 _____ C:\Users\Public\Documents\trz12B4.tmp
2016-01-03 20:15 - 2016-01-03 20:15 - 00000603 _____ C:\Users\Guest\trz64BE.tmp
2016-01-03 20:15 - 2016-01-03 20:15 - 00000603 _____ C:\Users\Default\trz620E.tmp
2016-01-03 20:15 - 2016-01-03 20:15 - 00000603 _____ C:\Users\Default\trz5F20.tmp
2016-01-03 20:15 - 2016-01-03 20:15 - 00000603 _____ C:\Users\Administrator\trz59A2.tmp
2016-01-03 20:15 - 2016-01-03 20:15 - 00000603 _____ C:\ProgramData\trz5BD5.tmp
2016-01-03 20:15 - 2016-01-03 20:15 - 00000603 _____ C:\ProgramData\Microsoft\Windows\Start Menu\trz3E59.tmp
2016-01-03 20:15 - 2016-01-03 20:15 - 00000597 _____ C:\Users\trz584A.tmp
2016-01-03 20:15 - 2016-01-03 20:15 - 00000597 _____ C:\ProgramData\trzFAA9.tmp
2016-01-03 20:15 - 2016-01-03 20:15 - 00000579 _____ C:\Windows\trz6FAE.tmp
2016-01-03 20:15 - 2016-01-03 20:15 - 00000579 _____ C:\Windows\trz6DAA.tmp
2016-01-03 20:14 - 2016-01-03 20:14 - 00000603 _____ C:\Program Files\Common Files\trz6EDB.tmp
2016-01-03 20:14 - 2016-01-03 20:14 - 00000597 _____ C:\Users\trz3720.tmp
2016-01-03 20:14 - 2016-01-03 20:14 - 00000597 _____ C:\Program Files\trz52C7.tmp
2016-01-03 20:09 - 2016-01-03 20:09 - 00000603 _____ C:\Users\Default\trz92DF.tmp
2016-01-03 20:09 - 2016-01-03 20:09 - 00000603 _____ C:\ProgramData\trz394A.tmp
2016-01-03 20:08 - 2016-01-03 20:08 - 00000597 _____ C:\Users\trz5FDA.tmp
2016-01-03 20:03 - 2016-01-03 20:03 - 00000603 _____ C:\Users\Public\trzC635.tmp
2016-01-03 20:03 - 2016-01-03 20:03 - 00000603 _____ C:\Users\Public\trzC5E6.tmp
2016-01-03 20:03 - 2016-01-03 20:03 - 00000603 _____ C:\Users\Public\trzC5A7.tmp
2016-01-03 20:03 - 2016-01-03 20:03 - 00000603 _____ C:\Users\Public\trzC548.tmp
2016-01-03 20:03 - 2016-01-03 20:03 - 00000603 _____ C:\Users\Public\trzC335.tmp
2016-01-03 20:03 - 2016-01-03 20:03 - 00000603 _____ C:\Users\Guest\trzBD98.tmp
2016-01-03 20:03 - 2016-01-03 20:03 - 00000603 _____ C:\Users\Default\trzBAC9.tmp
2016-01-03 20:03 - 2016-01-03 20:03 - 00000603 _____ C:\Users\Default\trzB7EB.tmp
2016-01-03 20:03 - 2016-01-03 20:03 - 00000603 _____ C:\ProgramData\trzB490.tmp
2016-01-03 20:03 - 2016-01-03 20:03 - 00000581 _____ C:\Windows\Tasks\trz60BF.tmp
2016-01-03 20:03 - 2016-01-03 20:03 - 00000581 _____ C:\Windows\system\trz590E.tmp
2016-01-03 20:03 - 2016-01-03 20:03 - 00000581 _____ C:\Windows\Minidump\trz1CEF.tmp
2016-01-03 20:03 - 2016-01-03 20:03 - 00000579 _____ C:\Windows\trzC8C6.tmp
2016-01-03 20:03 - 2016-01-03 20:03 - 00000579 _____ C:\Windows\trzC6B3.tmp
2016-01-03 20:03 - 2016-01-03 20:03 - 00000561 _____ C:\Windows\system32\trz5B12.tmp
2016-01-03 20:02 - 2016-01-03 20:02 - 00000603 _____ C:\Users\Public\Documents\trz698B.tmp
2016-01-03 20:02 - 2016-01-03 20:02 - 00000603 _____ C:\Users\Administrator\trzB24E.tmp
2016-01-03 20:02 - 2016-01-03 20:02 - 00000603 _____ C:\ProgramData\Microsoft\Windows\Start Menu\trz961A.tmp
2016-01-03 20:02 - 2016-01-03 20:02 - 00000597 _____ C:\Users\trzB0F5.tmp
2016-01-03 20:02 - 2016-01-03 20:02 - 00000597 _____ C:\ProgramData\trz50C5.tmp
2016-01-03 20:01 - 2016-01-03 20:01 - 00000603 _____ C:\Program Files\Common Files\trzC3B0.tmp
2016-01-03 20:01 - 2016-01-03 20:01 - 00000597 _____ C:\Users\trz8C42.tmp
2016-01-03 20:01 - 2016-01-03 20:01 - 00000597 _____ C:\Program Files\trzA809.tmp
2016-01-03 19:56 - 2016-01-03 19:56 - 00000603 _____ C:\Users\Default\trzE312.tmp
2016-01-03 19:56 - 2016-01-03 19:56 - 00000603 _____ C:\ProgramData\trz8E1F.tmp
2016-01-03 19:55 - 2016-01-03 19:55 - 00000597 _____ C:\Users\trzA8DC.tmp
2016-01-03 19:50 - 2016-01-03 19:50 - 00000603 _____ C:\Users\Public\trzA95.tmp
2016-01-03 19:50 - 2016-01-03 19:50 - 00000603 _____ C:\Users\Public\trzA46.tmp
2016-01-03 19:50 - 2016-01-03 19:50 - 00000603 _____ C:\Users\Public\trzA07.tmp
2016-01-03 19:50 - 2016-01-03 19:50 - 00000603 _____ C:\Users\Public\trz9B8.tmp
2016-01-03 19:50 - 2016-01-03 19:50 - 00000603 _____ C:\Users\Public\trz7A5.tmp
2016-01-03 19:50 - 2016-01-03 19:50 - 00000603 _____ C:\Users\Guest\trz1E8.tmp
2016-01-03 19:50 - 2016-01-03 19:50 - 00000603 _____ C:\Users\Default\trzFF39.tmp
2016-01-03 19:50 - 2016-01-03 19:50 - 00000603 _____ C:\Users\Default\trzFC1C.tmp
2016-01-03 19:50 - 2016-01-03 19:50 - 00000603 _____ C:\Users\Administrator\trzF66F.tmp
2016-01-03 19:50 - 2016-01-03 19:50 - 00000603 _____ C:\ProgramData\trzF8C1.tmp
2016-01-03 19:50 - 2016-01-03 19:50 - 00000603 _____ C:\ProgramData\Microsoft\Windows\Start Menu\trzDA6B.tmp
2016-01-03 19:50 - 2016-01-03 19:50 - 00000597 _____ C:\Users\trzF527.tmp
2016-01-03 19:50 - 2016-01-03 19:50 - 00000581 _____ C:\Windows\Tasks\trzA50F.tmp
2016-01-03 19:50 - 2016-01-03 19:50 - 00000581 _____ C:\Windows\system\trz9D9D.tmp
2016-01-03 19:50 - 2016-01-03 19:50 - 00000581 _____ C:\Windows\Minidump\trz5C7F.tmp
2016-01-03 19:50 - 2016-01-03 19:50 - 00000579 _____ C:\Windows\trzD17.tmp
2016-01-03 19:50 - 2016-01-03 19:50 - 00000579 _____ C:\Windows\trzB13.tmp
2016-01-03 19:50 - 2016-01-03 19:50 - 00000561 _____ C:\Windows\system32\trz9FA1.tmp
2016-01-03 19:49 - 2016-01-03 19:49 - 00000603 _____ C:\Users\Public\Documents\trzADDC.tmp
2016-01-03 19:49 - 2016-01-03 19:49 - 00000603 _____ C:\Program Files\Common Files\trz755.tmp
2016-01-03 19:49 - 2016-01-03 19:49 - 00000597 _____ C:\ProgramData\trz9573.tmp
2016-01-03 19:49 - 2016-01-03 19:49 - 00000597 _____ C:\Program Files\trzEBAE.tmp
2016-01-03 19:48 - 2016-01-03 19:48 - 00000597 _____ C:\Users\trzCFF7.tmp
2016-01-03 19:43 - 2016-01-03 19:43 - 00000603 _____ C:\Users\Default\trz2B2A.tmp
2016-01-03 19:43 - 2016-01-03 19:43 - 00000603 _____ C:\ProgramData\trzD59A.tmp
2016-01-03 19:42 - 2016-01-03 19:42 - 00000597 _____ C:\Users\trzF8C1.tmp
2016-01-03 19:38 - 2016-01-03 19:38 - 00000581 _____ C:\Windows\Tasks\trzF9E4.tmp
2016-01-03 19:38 - 2016-01-03 19:38 - 00000581 _____ C:\Windows\system\trzF2B0.tmp
2016-01-03 19:38 - 2016-01-03 19:38 - 00000561 _____ C:\Windows\system32\trzF4A4.tmp
2016-01-03 19:37 - 2016-01-03 19:37 - 00000603 _____ C:\Users\Public\trz5E9F.tmp
2016-01-03 19:37 - 2016-01-03 19:37 - 00000603 _____ C:\Users\Public\trz5E40.tmp
2016-01-03 19:37 - 2016-01-03 19:37 - 00000603 _____ C:\Users\Public\trz5E01.tmp
2016-01-03 19:37 - 2016-01-03 19:37 - 00000603 _____ C:\Users\Public\trz5DB2.tmp
2016-01-03 19:37 - 2016-01-03 19:37 - 00000603 _____ C:\Users\Public\trz5B9F.tmp
2016-01-03 19:37 - 2016-01-03 19:37 - 00000603 _____ C:\Users\Public\Documents\trz2B0.tmp
2016-01-03 19:37 - 2016-01-03 19:37 - 00000603 _____ C:\Users\Guest\trz55D3.tmp
2016-01-03 19:37 - 2016-01-03 19:37 - 00000603 _____ C:\Users\Default\trz5314.tmp
2016-01-03 19:37 - 2016-01-03 19:37 - 00000603 _____ C:\Users\Default\trz5026.tmp
2016-01-03 19:37 - 2016-01-03 19:37 - 00000603 _____ C:\Users\Administrator\trz4A79.tmp
2016-01-03 19:37 - 2016-01-03 19:37 - 00000603 _____ C:\ProgramData\trz4CBB.tmp
2016-01-03 19:37 - 2016-01-03 19:37 - 00000603 _____ C:\ProgramData\Microsoft\Windows\Start Menu\trz2E84.tmp
2016-01-03 19:37 - 2016-01-03 19:37 - 00000597 _____ C:\Users\trz4930.tmp
2016-01-03 19:37 - 2016-01-03 19:37 - 00000597 _____ C:\ProgramData\trzEA76.tmp
2016-01-03 19:37 - 2016-01-03 19:37 - 00000581 _____ C:\Windows\Minidump\trzB088.tmp
2016-01-03 19:37 - 2016-01-03 19:37 - 00000579 _____ C:\Windows\trz6121.tmp
2016-01-03 19:37 - 2016-01-03 19:37 - 00000579 _____ C:\Windows\trz5F1D.tmp
2016-01-03 19:36 - 2016-01-03 19:36 - 00000603 _____ C:\Program Files\Common Files\trz605E.tmp
2016-01-03 19:36 - 2016-01-03 19:36 - 00000597 _____ C:\Users\trz2854.tmp
2016-01-03 19:36 - 2016-01-03 19:36 - 00000597 _____ C:\Program Files\trz443A.tmp
2016-01-03 19:31 - 2016-01-03 19:31 - 00000603 _____ C:\Users\Default\trz8339.tmp
2016-01-03 19:30 - 2016-01-03 19:30 - 00000603 _____ C:\ProgramData\trz2A30.tmp
2016-01-03 19:29 - 2016-01-03 19:29 - 00000597 _____ C:\Users\trz5246.tmp
2016-01-03 19:25 - 2016-01-03 19:25 - 00000734 _____ C:\Windows\Tasks\trz4C38.tmp
2016-01-03 19:25 - 2016-01-03 19:25 - 00000734 _____ C:\Windows\system\trz4468.tmp
2016-01-03 19:25 - 2016-01-03 19:25 - 00000734 _____ C:\Windows\Minidump\trz9CF.tmp
2016-01-03 19:25 - 2016-01-03 19:25 - 00000714 _____ C:\Windows\system32\trz466C.tmp
2016-01-03 19:24 - 2016-01-03 19:24 - 00000756 _____ C:\Users\Public\trzA734.tmp
2016-01-03 19:24 - 2016-01-03 19:24 - 00000756 _____ C:\Users\Public\trzA6E5.tmp
2016-01-03 19:24 - 2016-01-03 19:24 - 00000756 _____ C:\Users\Public\trzA648.tmp
2016-01-03 19:24 - 2016-01-03 19:24 - 00000756 _____ C:\Users\Public\trzA5F9.tmp
2016-01-03 19:24 - 2016-01-03 19:24 - 00000756 _____ C:\Users\Public\trzA3B6.tmp
2016-01-03 19:24 - 2016-01-03 19:24 - 00000756 _____ C:\Users\Public\Documents\trz44A0.tmp
2016-01-03 19:24 - 2016-01-03 19:24 - 00000756 _____ C:\Users\Guest\trz9E0A.tmp
2016-01-03 19:24 - 2016-01-03 19:24 - 00000756 _____ C:\Users\Default\trz9B4B.tmp
2016-01-03 19:24 - 2016-01-03 19:24 - 00000756 _____ C:\Users\Administrator\trz92A0.tmp
2016-01-03 19:24 - 2016-01-03 19:24 - 00000756 _____ C:\ProgramData\Microsoft\Windows\Start Menu\trz7506.tmp
2016-01-03 19:24 - 2016-01-03 19:24 - 00000750 _____ C:\Users\trz910A.tmp
2016-01-03 19:24 - 2016-01-03 19:24 - 00000750 _____ C:\ProgramData\trz2AD1.tmp
2016-01-03 19:24 - 2016-01-03 19:24 - 00000732 _____ C:\Windows\trzA9F4.tmp
2016-01-03 19:24 - 2016-01-03 19:24 - 00000732 _____ C:\Windows\trzA7D1.tmp
2016-01-03 19:24 - 2016-01-03 19:24 - 00000603 _____ C:\Users\Default\trz983E.tmp
2016-01-03 19:24 - 2016-01-03 19:24 - 00000603 _____ C:\ProgramData\trz94F2.tmp
2016-01-03 19:23 - 2016-01-03 19:23 - 00000756 _____ C:\Program Files\Common Files\trz9237.tmp
2016-01-03 19:23 - 2016-01-03 19:23 - 00000750 _____ C:\Program Files\trz749D.tmp
2016-01-03 19:23 - 2016-01-03 19:23 - 00000597 _____ C:\Users\trz5731.tmp
2016-01-03 19:18 - 2016-01-03 19:18 - 00000603 _____ C:\Users\Public\trz8F18.tmp
2016-01-03 19:18 - 2016-01-03 19:18 - 00000603 _____ C:\Users\Public\trz8ED9.tmp
2016-01-03 19:18 - 2016-01-03 19:18 - 00000603 _____ C:\Users\Public\trz8E7A.tmp
2016-01-03 19:18 - 2016-01-03 19:18 - 00000603 _____ C:\Users\Public\trz8E3B.tmp
2016-01-03 19:18 - 2016-01-03 19:18 - 00000603 _____ C:\Users\Public\trz8C27.tmp
2016-01-03 19:18 - 2016-01-03 19:18 - 00000603 _____ C:\Users\Guest\trz868A.tmp
2016-01-03 19:18 - 2016-01-03 19:18 - 00000603 _____ C:\Users\Default\trz83BB.tmp
2016-01-03 19:18 - 2016-01-03 19:18 - 00000603 _____ C:\Users\Default\trz80DD.tmp
2016-01-03 19:18 - 2016-01-03 19:18 - 00000603 _____ C:\Users\Administrator\trz7B6F.tmp
2016-01-03 19:18 - 2016-01-03 19:18 - 00000603 _____ C:\ProgramData\trz7DA1.tmp
2016-01-03 19:18 - 2016-01-03 19:18 - 00000581 _____ C:\Windows\Tasks\trz2B76.tmp
2016-01-03 19:18 - 2016-01-03 19:18 - 00000581 _____ C:\Windows\system\trz2403.tmp
2016-01-03 19:18 - 2016-01-03 19:18 - 00000581 _____ C:\Windows\Minidump\trzE2D5.tmp
2016-01-03 19:18 - 2016-01-03 19:18 - 00000579 _____ C:\Windows\trz91B9.tmp
2016-01-03 19:18 - 2016-01-03 19:18 - 00000579 _____ C:\Windows\trz8FA5.tmp
2016-01-03 19:18 - 2016-01-03 19:18 - 00000561 _____ C:\Windows\system32\trz2607.tmp
2016-01-03 19:17 - 2016-01-03 19:17 - 00000603 _____ C:\Users\Public\Documents\trz33B6.tmp
2016-01-03 19:17 - 2016-01-03 19:17 - 00000603 _____ C:\ProgramData\Microsoft\Windows\Start Menu\trz5FD8.tmp
2016-01-03 19:17 - 2016-01-03 19:17 - 00000597 _____ C:\Users\trz7A26.tmp
2016-01-03 19:17 - 2016-01-03 19:17 - 00000597 _____ C:\ProgramData\trz1BC9.tmp
2016-01-03 19:16 - 2016-01-03 19:16 - 00000603 _____ C:\Program Files\Common Files\trz8F7F.tmp
2016-01-03 19:16 - 2016-01-03 19:16 - 00000597 _____ C:\Users\trz586F.tmp
2016-01-03 19:16 - 2016-01-03 19:16 - 00000597 _____ C:\Program Files\trz73E8.tmp
2016-01-03 19:11 - 2016-01-03 19:11 - 00000603 _____ C:\Users\Default\trzB335.tmp
2016-01-03 19:11 - 2016-01-03 19:11 - 00000603 _____ C:\ProgramData\trz5A0D.tmp
2016-01-03 19:10 - 2016-01-03 19:10 - 00000597 _____ C:\Users\trz808E.tmp
2016-01-03 19:06 - 2016-01-03 19:06 - 00000581 _____ C:\Windows\Tasks\trz802B.tmp
2016-01-03 19:05 - 2016-01-03 19:05 - 00000603 _____ C:\Users\Public\trzE61E.tmp
2016-01-03 19:05 - 2016-01-03 19:05 - 00000603 _____ C:\Users\Public\trzE5CF.tmp
2016-01-03 19:05 - 2016-01-03 19:05 - 00000603 _____ C:\Users\Public\trzE570.tmp
2016-01-03 19:05 - 2016-01-03 19:05 - 00000603 _____ C:\Users\Public\trzE521.tmp
2016-01-03 19:05 - 2016-01-03 19:05 - 00000603 _____ C:\Users\Public\trzE31E.tmp
2016-01-03 19:05 - 2016-01-03 19:05 - 00000603 _____ C:\Users\Guest\trzDD80.tmp
2016-01-03 19:05 - 2016-01-03 19:05 - 00000603 _____ C:\Users\Default\trzDAD1.tmp
2016-01-03 19:05 - 2016-01-03 19:05 - 00000603 _____ C:\Users\Default\trzD7D4.tmp
2016-01-03 19:05 - 2016-01-03 19:05 - 00000603 _____ C:\Users\Administrator\trzD227.tmp
2016-01-03 19:05 - 2016-01-03 19:05 - 00000603 _____ C:\ProgramData\trzD469.tmp
2016-01-03 19:05 - 2016-01-03 19:05 - 00000603 _____ C:\ProgramData\Microsoft\Windows\Start Menu\trzB5F4.tmp
2016-01-03 19:05 - 2016-01-03 19:05 - 00000597 _____ C:\Users\trzD0BF.tmp
2016-01-03 19:05 - 2016-01-03 19:05 - 00000581 _____ C:\Windows\system\trz78D8.tmp
2016-01-03 19:05 - 2016-01-03 19:05 - 00000581 _____ C:\Windows\Minidump\trz3308.tmp
2016-01-03 19:05 - 2016-01-03 19:05 - 00000579 _____ C:\Windows\trzE8BF.tmp
2016-01-03 19:05 - 2016-01-03 19:05 - 00000579 _____ C:\Windows\trzE6AB.tmp
2016-01-03 19:05 - 2016-01-03 19:05 - 00000561 _____ C:\Windows\system32\trz7ACC.tmp
2016-01-03 19:04 - 2016-01-03 19:04 - 00000603 _____ C:\Users\Public\Documents\trz89F1.tmp
2016-01-03 19:04 - 2016-01-03 19:04 - 00000603 _____ C:\Program Files\Common Files\trzE473.tmp
2016-01-03 19:04 - 2016-01-03 19:04 - 00000597 _____ C:\Users\trzAD43.tmp
2016-01-03 19:04 - 2016-01-03 19:04 - 00000597 _____ C:\ProgramData\trz71A7.tmp
2016-01-03 19:04 - 2016-01-03 19:04 - 00000597 _____ C:\Program Files\trzC8EB.tmp
2016-01-03 18:58 - 2016-01-03 18:58 - 00000603 _____ C:\Users\Default\trzDF3.tmp
2016-01-03 18:58 - 2016-01-03 18:58 - 00000603 _____ C:\ProgramData\trzB509.tmp
2016-01-03 18:57 - 2016-01-03 18:57 - 00000597 _____ C:\Users\trzDD3E.tmp
2016-01-03 18:53 - 2016-01-03 18:53 - 00000581 _____ C:\Windows\Tasks\trzDF3C.tmp
2016-01-03 18:53 - 2016-01-03 18:53 - 00000581 _____ C:\Windows\system\trzD79B.tmp
2016-01-03 18:53 - 2016-01-03 18:53 - 00000581 _____ C:\Windows\Minidump\trz9EA7.tmp
2016-01-03 18:53 - 2016-01-03 18:53 - 00000561 _____ C:\Windows\system32\trzD99F.tmp
2016-01-03 18:52 - 2016-01-03 18:52 - 00000603 _____ C:\Users\Public\trz405F.tmp
2016-01-03 18:52 - 2016-01-03 18:52 - 00000603 _____ C:\Users\Public\trz4010.tmp
2016-01-03 18:52 - 2016-01-03 18:52 - 00000603 _____ C:\Users\Public\trz3FC1.tmp
2016-01-03 18:52 - 2016-01-03 18:52 - 00000603 _____ C:\Users\Public\trz3F72.tmp
2016-01-03 18:52 - 2016-01-03 18:52 - 00000603 _____ C:\Users\Public\trz3D6E.tmp
2016-01-03 18:52 - 2016-01-03 18:52 - 00000603 _____ C:\Users\Public\Documents\trzDFBF.tmp
2016-01-03 18:52 - 2016-01-03 18:52 - 00000603 _____ C:\Users\Guest\trz37E0.tmp
2016-01-03 18:52 - 2016-01-03 18:52 - 00000603 _____ C:\Users\Default\trz34B4.tmp
2016-01-03 18:52 - 2016-01-03 18:52 - 00000603 _____ C:\Users\Default\trz3178.tmp
2016-01-03 18:52 - 2016-01-03 18:52 - 00000603 _____ C:\Users\Administrator\trz2B9D.tmp
2016-01-03 18:52 - 2016-01-03 18:52 - 00000603 _____ C:\ProgramData\trz2DFE.tmp
2016-01-03 18:52 - 2016-01-03 18:52 - 00000603 _____ C:\ProgramData\Microsoft\Windows\Start Menu\trzC5D.tmp
2016-01-03 18:52 - 2016-01-03 18:52 - 00000597 _____ C:\Users\trz2A44.tmp
2016-01-03 18:52 - 2016-01-03 18:52 - 00000597 _____ C:\ProgramData\trzC727.tmp
2016-01-03 18:52 - 2016-01-03 18:52 - 00000579 _____ C:\Windows\trz42F0.tmp
2016-01-03 18:52 - 2016-01-03 18:52 - 00000579 _____ C:\Windows\trz40EC.tmp
2016-01-03 18:51 - 2016-01-03 18:51 - 00000603 _____ C:\Program Files\Common Files\trz3792.tmp
2016-01-03 18:51 - 2016-01-03 18:51 - 00000597 _____ C:\Users\trzFD47.tmp
2016-01-03 18:51 - 2016-01-03 18:51 - 00000597 _____ C:\Program Files\trz1B02.tmp
2016-01-03 18:46 - 2016-01-03 18:46 - 00000603 _____ C:\Users\Default\trz56A7.tmp
2016-01-03 18:45 - 2016-01-03 18:45 - 00000603 _____ C:\ProgramData\trz220.tmp
2016-01-03 18:44 - 2016-01-03 18:44 - 00000597 _____ C:\Users\trz223B.tmp
2016-01-03 18:40 - 2016-01-03 18:40 - 00000581 _____ C:\Windows\Tasks\trz2023.tmp
2016-01-03 18:40 - 2016-01-03 18:40 - 00000581 _____ C:\Windows\system\trz18D0.tmp
2016-01-03 18:40 - 2016-01-03 18:40 - 00000581 _____ C:\Windows\Minidump\trzE114.tmp
2016-01-03 18:40 - 2016-01-03 18:40 - 00000561 _____ C:\Windows\system32\trz1AD4.tmp
2016-01-03 18:39 - 2016-01-03 18:39 - 00000603 _____ C:\Users\Public\trz8471.tmp
2016-01-03 18:39 - 2016-01-03 18:39 - 00000603 _____ C:\Users\Public\trz8422.tmp
2016-01-03 18:39 - 2016-01-03 18:39 - 00000603 _____ C:\Users\Public\trz83D3.tmp
2016-01-03 18:39 - 2016-01-03 18:39 - 00000603 _____ C:\Users\Public\trz8374.tmp
2016-01-03 18:39 - 2016-01-03 18:39 - 00000603 _____ C:\Users\Public\trz8171.tmp
2016-01-03 18:39 - 2016-01-03 18:39 - 00000603 _____ C:\Users\Public\Documents\trz2815.tmp
2016-01-03 18:39 - 2016-01-03 18:39 - 00000603 _____ C:\Users\Guest\trz7BD3.tmp
2016-01-03 18:39 - 2016-01-03 18:39 - 00000603 _____ C:\Users\Default\trz7905.tmp
2016-01-03 18:39 - 2016-01-03 18:39 - 00000603 _____ C:\Users\Default\trz7627.tmp
2016-01-03 18:39 - 2016-01-03 18:39 - 00000603 _____ C:\Users\Administrator\trz707A.tmp
2016-01-03 18:39 - 2016-01-03 18:39 - 00000603 _____ C:\ProgramData\trz72BC.tmp
2016-01-03 18:39 - 2016-01-03 18:39 - 00000603 _____ C:\ProgramData\Microsoft\Windows\Start Menu\trz5466.tmp
2016-01-03 18:39 - 2016-01-03 18:39 - 00000597 _____ C:\Users\trz6F31.tmp
2016-01-03 18:39 - 2016-01-03 18:39 - 00000597 _____ C:\ProgramData\trzFAC.tmp
2016-01-03 18:39 - 2016-01-03 18:39 - 00000579 _____ C:\Windows\trz8712.tmp
2016-01-03 18:39 - 2016-01-03 18:39 - 00000579 _____ C:\Windows\trz84EF.tmp
2016-01-03 18:38 - 2016-01-03 18:38 - 00000603 _____ C:\Program Files\Common Files\trz818E.tmp
2016-01-03 18:38 - 2016-01-03 18:38 - 00000597 _____ C:\Users\trz4984.tmp
2016-01-03 18:38 - 2016-01-03 18:38 - 00000597 _____ C:\Program Files\trz6599.tmp
2016-01-03 18:33 - 2016-01-03 18:33 - 00000603 _____ C:\Users\Default\trzA286.tmp
2016-01-03 18:33 - 2016-01-03 18:33 - 00000603 _____ C:\ProgramData\trz4B22.tmp
2016-01-03 18:32 - 2016-01-03 18:32 - 00000597 _____ C:\Users\trz5E61.tmp
2016-01-03 18:27 - 2016-01-03 18:27 - 00000581 _____ C:\Windows\Tasks\trz47CF.tmp
2016-01-03 18:27 - 2016-01-03 18:27 - 00000581 _____ C:\Windows\system\trz400F.tmp
2016-01-03 18:27 - 2016-01-03 18:27 - 00000581 _____ C:\Windows\Minidump\trz4DA.tmp
2016-01-03 18:27 - 2016-01-03 18:27 - 00000561 _____ C:\Windows\system32\trz4223.tmp
2016-01-03 18:26 - 2016-01-03 18:26 - 00000603 _____ C:\Users\Public\trz9CC2.tmp
2016-01-03 18:26 - 2016-01-03 18:26 - 00000603 _____ C:\Users\Public\trz9C73.tmp
2016-01-03 18:26 - 2016-01-03 18:26 - 00000603 _____ C:\Users\Public\trz9C24.tmp
2016-01-03 18:26 - 2016-01-03 18:26 - 00000603 _____ C:\Users\Public\trz9BE5.tmp
2016-01-03 18:26 - 2016-01-03 18:26 - 00000603 _____ C:\Users\Public\trz99A3.tmp
2016-01-03 18:26 - 2016-01-03 18:26 - 00000603 _____ C:\Users\Public\Documents\trz36E5.tmp
2016-01-03 18:26 - 2016-01-03 18:26 - 00000603 _____ C:\Users\Guest\trz91A5.tmp
2016-01-03 18:26 - 2016-01-03 18:26 - 00000603 _____ C:\Users\Default\trz8E69.tmp
2016-01-03 18:26 - 2016-01-03 18:26 - 00000603 _____ C:\Users\Default\trz8B3D.tmp
2016-01-03 18:26 - 2016-01-03 18:26 - 00000603 _____ C:\Users\Administrator\trz8439.tmp
2016-01-03 18:26 - 2016-01-03 18:26 - 00000603 _____ C:\ProgramData\trz8785.tmp
2016-01-03 18:26 - 2016-01-03 18:26 - 00000603 _____ C:\ProgramData\Microsoft\Windows\Start Menu\trz643F.tmp
2016-01-03 18:26 - 2016-01-03 18:26 - 00000597 _____ C:\Users\trz8235.tmp
2016-01-03 18:26 - 2016-01-03 18:26 - 00000597 _____ C:\ProgramData\trz1D63.tmp
2016-01-03 18:26 - 2016-01-03 18:26 - 00000579 _____ C:\Windows\trz9F82.tmp
2016-01-03 18:26 - 2016-01-03 18:26 - 00000579 _____ C:\Windows\trz9D40.tmp
2016-01-03 18:25 - 2016-01-03 18:25 - 00000603 _____ C:\Program Files\Common Files\trz8C39.tmp
2016-01-03 18:25 - 2016-01-03 18:25 - 00000597 _____ C:\Users\trz53D1.tmp
2016-01-03 18:25 - 2016-01-03 18:25 - 00000597 _____ C:\Program Files\trz7015.tmp
2016-01-03 18:20 - 2016-01-03 18:20 - 00000603 _____ C:\Users\Default\trzA007.tmp
2016-01-03 18:19 - 2016-01-03 18:19 - 00000603 _____ C:\ProgramData\trz48D3.tmp
2016-01-03 18:18 - 2016-01-03 18:18 - 00000597 _____ C:\Users\trz65C2.tmp
2016-01-03 18:14 - 2016-01-03 18:14 - 00000581 _____ C:\Windows\Tasks\trz63B9.tmp
2016-01-03 18:14 - 2016-01-03 18:14 - 00000581 _____ C:\Windows\system\trz5C57.tmp
2016-01-03 18:14 - 2016-01-03 18:14 - 00000581 _____ C:\Windows\Minidump\trz1A6E.tmp
2016-01-03 18:14 - 2016-01-03 18:14 - 00000561 _____ C:\Windows\system32\trz5E5A.tmp
2016-01-03 18:13 - 2016-01-03 18:13 - 00000603 _____ C:\Users\Public\trzC7F8.tmp
2016-01-03 18:13 - 2016-01-03 18:13 - 00000603 _____ C:\Users\Public\trzC7A9.tmp
2016-01-03 18:13 - 2016-01-03 18:13 - 00000603 _____ C:\Users\Public\trzC75A.tmp
2016-01-03 18:13 - 2016-01-03 18:13 - 00000603 _____ C:\Users\Public\trzC6FB.tmp
2016-01-03 18:13 - 2016-01-03 18:13 - 00000603 _____ C:\Users\Public\trzC4E8.tmp
2016-01-03 18:13 - 2016-01-03 18:13 - 00000603 _____ C:\Users\Public\Documents\trz6B9C.tmp
2016-01-03 18:13 - 2016-01-03 18:13 - 00000603 _____ C:\Users\Guest\trzBF2B.tmp
2016-01-03 18:13 - 2016-01-03 18:13 - 00000603 _____ C:\Users\Default\trzBC6C.tmp
2016-01-03 18:13 - 2016-01-03 18:13 - 00000603 _____ C:\Users\Default\trzB97F.tmp
2016-01-03 18:13 - 2016-01-03 18:13 - 00000603 _____ C:\Users\Administrator\trzB3E1.tmp
2016-01-03 18:13 - 2016-01-03 18:13 - 00000603 _____ C:\ProgramData\trzB624.tmp
2016-01-03 18:13 - 2016-01-03 18:13 - 00000603 _____ C:\ProgramData\Microsoft\Windows\Start Menu\trz97AE.tmp
2016-01-03 18:13 - 2016-01-03 18:13 - 00000597 _____ C:\Users\trzB27A.tmp
2016-01-03 18:13 - 2016-01-03 18:13 - 00000597 _____ C:\ProgramData\trz5352.tmp
2016-01-03 18:13 - 2016-01-03 18:13 - 00000579 _____ C:\Windows\trzCA79.tmp
2016-01-03 18:13 - 2016-01-03 18:13 - 00000579 _____ C:\Windows\trzC876.tmp
2016-01-03 18:12 - 2016-01-03 18:12 - 00000603 _____ C:\Program Files\Common Files\trzC563.tmp
2016-01-03 18:12 - 2016-01-03 18:12 - 00000597 _____ C:\Users\trz8D68.tmp
2016-01-03 18:12 - 2016-01-03 18:12 - 00000597 _____ C:\Program Files\trzA94F.tmp
2016-01-03 18:07 - 2016-01-03 18:07 - 00000603 _____ C:\Users\Default\trzF069.tmp
2016-01-03 18:07 - 2016-01-03 18:07 - 00000603 _____ C:\ProgramData\trz97DD.tmp
2016-01-03 18:06 - 2016-01-03 18:06 - 00000597 _____ C:\Users\trzC205.tmp
2016-01-03 18:01 - 2016-01-03 18:01 - 00000603 _____ C:\Users\Public\trz2812.tmp
2016-01-03 18:01 - 2016-01-03 18:01 - 00000603 _____ C:\Users\Public\trz27C3.tmp
2016-01-03 18:01 - 2016-01-03 18:01 - 00000603 _____ C:\Users\Public\trz2774.tmp
2016-01-03 18:01 - 2016-01-03 18:01 - 00000603 _____ C:\Users\Public\trz2725.tmp
2016-01-03 18:01 - 2016-01-03 18:01 - 00000603 _____ C:\Users\Public\trz2512.tmp
2016-01-03 18:01 - 2016-01-03 18:01 - 00000603 _____ C:\Users\Guest\trz1F75.tmp
2016-01-03 18:01 - 2016-01-03 18:01 - 00000603 _____ C:\Users\Default\trz1CC5.tmp
2016-01-03 18:01 - 2016-01-03 18:01 - 00000603 _____ C:\Users\Default\trz19E7.tmp
2016-01-03 18:01 - 2016-01-03 18:01 - 00000603 _____ C:\Users\Administrator\trz143A.tmp
2016-01-03 18:01 - 2016-01-03 18:01 - 00000603 _____ C:\ProgramData\trz167C.tmp
2016-01-03 18:01 - 2016-01-03 18:01 - 00000603 _____ C:\ProgramData\Microsoft\Windows\Start Menu\trzF855.tmp
2016-01-03 18:01 - 2016-01-03 18:01 - 00000597 _____ C:\Users\trz12E2.tmp
2016-01-03 18:01 - 2016-01-03 18:01 - 00000581 _____ C:\Windows\Tasks\trzC144.tmp
2016-01-03 18:01 - 2016-01-03 18:01 - 00000581 _____ C:\Windows\system\trzB9D2.tmp
2016-01-03 18:01 - 2016-01-03 18:01 - 00000581 _____ C:\Windows\Minidump\trz7940.tmp
2016-01-03 18:01 - 2016-01-03 18:01 - 00000579 _____ C:\Windows\trz2A94.tmp
2016-01-03 18:01 - 2016-01-03 18:01 - 00000579 _____ C:\Windows\trz2890.tmp
2016-01-03 18:01 - 2016-01-03 18:01 - 00000561 _____ C:\Windows\system32\trzBBD6.tmp
2016-01-03 18:00 - 2016-01-03 18:00 - 00000603 _____ C:\Users\Public\Documents\trzCC23.tmp
2016-01-03 18:00 - 2016-01-03 18:00 - 00000603 _____ C:\Program Files\Common Files\trz2732.tmp
2016-01-03 18:00 - 2016-01-03 18:00 - 00000597 _____ C:\ProgramData\trzB3DA.tmp
2016-01-03 18:00 - 2016-01-03 18:00 - 00000597 _____ C:\Program Files\trzBAA.tmp
2016-01-03 17:59 - 2016-01-03 17:59 - 00000597 _____ C:\Users\trzF002.tmp
2016-01-03 17:54 - 2016-01-03 17:54 - 00000603 _____ C:\Users\Default\trz5093.tmp
2016-01-03 17:54 - 2016-01-03 17:54 - 00000603 _____ C:\ProgramData\trzF826.tmp
2016-01-03 17:53 - 2016-01-03 17:53 - 00000597 _____ C:\Users\trz2126.tmp
2016-01-03 17:49 - 2016-01-03 17:49 - 00000581 _____ C:\Windows\Tasks\trz17CD.tmp
2016-01-03 17:49 - 2016-01-03 17:49 - 00000581 _____ C:\Windows\system\trz104C.tmp
2016-01-03 17:49 - 2016-01-03 17:49 - 00000561 _____ C:\Windows\system32\trz1240.tmp
2016-01-03 17:48 - 2016-01-03 17:48 - 00000603 _____ C:\Users\Public\trz720E.tmp
2016-01-03 17:48 - 2016-01-03 17:48 - 00000603 _____ C:\Users\Public\trz71BF.tmp
2016-01-03 17:48 - 2016-01-03 17:48 - 00000603 _____ C:\Users\Public\trz7170.tmp
2016-01-03 17:48 - 2016-01-03 17:48 - 00000603 _____ C:\Users\Public\trz7130.tmp
2016-01-03 17:48 - 2016-01-03 17:48 - 00000603 _____ C:\Users\Public\trz6F0D.tmp
2016-01-03 17:48 - 2016-01-03 17:48 - 00000603 _____ C:\Users\Public\Documents\trzC4F.tmp
2016-01-03 17:48 - 2016-01-03 17:48 - 00000603 _____ C:\Users\Guest\trz6912.tmp
2016-01-03 17:48 - 2016-01-03 17:48 - 00000603 _____ C:\Users\Default\trz6605.tmp
2016-01-03 17:48 - 2016-01-03 17:48 - 00000603 _____ C:\Users\Default\trz62D9.tmp
2016-01-03 17:48 - 2016-01-03 17:48 - 00000603 _____ C:\Users\Administrator\trz5D1D.tmp
2016-01-03 17:48 - 2016-01-03 17:48 - 00000603 _____ C:\ProgramData\trz5F5F.tmp
2016-01-03 17:48 - 2016-01-03 17:48 - 00000603 _____ C:\ProgramData\Microsoft\Windows\Start Menu\trz3F25.tmp
2016-01-03 17:48 - 2016-01-03 17:48 - 00000597 _____ C:\Users\trz5B77.tmp
2016-01-03 17:48 - 2016-01-03 17:48 - 00000581 _____ C:\Windows\Minidump\trzD729.tmp
2016-01-03 17:48 - 2016-01-03 17:48 - 00000579 _____ C:\Windows\trz749F.tmp
2016-01-03 17:48 - 2016-01-03 17:48 - 00000579 _____ C:\Windows\trz728B.tmp
2016-01-03 17:47 - 2016-01-03 17:47 - 00000603 _____ C:\Program Files\Common Files\trz5535.tmp
2016-01-03 17:47 - 2016-01-03 17:47 - 00000597 _____ C:\ProgramData\trzEFC1.tmp
2016-01-03 17:47 - 2016-01-03 17:47 - 00000597 _____ C:\Program Files\trz36C0.tmp
2016-01-03 17:46 - 2016-01-03 17:46 - 00000597 _____ C:\Users\trz19C1.tmp
2016-01-03 17:41 - 2016-01-03 17:41 - 00000603 _____ C:\Users\Default\trz45EA.tmp
2016-01-03 17:41 - 2016-01-03 17:41 - 00000603 _____ C:\ProgramData\trzEA04.tmp
2016-01-03 17:41 - 2016-01-03 15:18 - 00000246 __RSH C:\ProgramData\trzDA2B.tmp
2016-01-03 17:40 - 2016-01-03 17:40 - 00000597 _____ C:\Users\trz31B.tmp
2016-01-03 17:38 - 2015-12-02 13:25 - 00247976 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-01-03 17:35 - 2016-01-03 17:35 - 00000603 _____ C:\Users\Public\trz4341.tmp
2016-01-03 17:35 - 2016-01-03 17:35 - 00000603 _____ C:\Users\Public\trz4284.tmp
2016-01-03 17:35 - 2016-01-03 17:35 - 00000603 _____ C:\Users\Public\trz4216.tmp
2016-01-03 17:35 - 2016-01-03 17:35 - 00000603 _____ C:\Users\Public\trz41C7.tmp
2016-01-03 17:35 - 2016-01-03 17:35 - 00000603 _____ C:\Users\Public\trz3FA4.tmp
2016-01-03 17:35 - 2016-01-03 17:35 - 00000603 _____ C:\Users\Guest\trz399A.tmp
2016-01-03 17:35 - 2016-01-03 17:35 - 00000603 _____ C:\Users\Default\trz36DB.tmp
2016-01-03 17:35 - 2016-01-03 17:35 - 00000603 _____ C:\Users\Default\trz3351.tmp
2016-01-03 17:35 - 2016-01-03 17:35 - 00000603 _____ C:\Users\Administrator\trz2D66.tmp
2016-01-03 17:35 - 2016-01-03 17:35 - 00000603 _____ C:\ProgramData\trz2FC7.tmp
2016-01-03 17:35 - 2016-01-03 17:35 - 00000597 _____ C:\Users\trz2BDF.tmp
2016-01-03 17:35 - 2016-01-03 17:35 - 00000581 _____ C:\Windows\Tasks\trzE817.tmp
2016-01-03 17:35 - 2016-01-03 17:35 - 00000581 _____ C:\Windows\system\trzE076.tmp
2016-01-03 17:35 - 2016-01-03 17:35 - 00000581 _____ C:\Windows\Minidump\trzA5EC.tmp
2016-01-03 17:35 - 2016-01-03 17:35 - 00000579 _____ C:\Windows\trz4601.tmp
2016-01-03 17:35 - 2016-01-03 17:35 - 00000579 _____ C:\Windows\trz43ED.tmp
2016-01-03 17:35 - 2016-01-03 17:35 - 00000561 _____ C:\Windows\system32\trzE279.tmp
2016-01-03 17:34 - 2016-01-03 17:34 - 00000603 _____ C:\Users\Public\Documents\trzE0EC.tmp
2016-01-03 17:34 - 2016-01-03 17:34 - 00000603 _____ C:\ProgramData\Microsoft\Windows\Start Menu\trzF9D.tmp
2016-01-03 17:34 - 2016-01-03 17:34 - 00000597 _____ C:\ProgramData\trzC70C.tmp
2016-01-03 17:33 - 2016-01-03 17:33 - 00000603 _____ C:\Program Files\Common Files\trz2DD7.tmp
2016-01-03 17:33 - 2016-01-03 17:33 - 00000597 _____ C:\Users\trzEDA3.tmp
2016-01-03 17:33 - 2016-01-03 17:33 - 00000597 _____ C:\Program Files\trzCA5.tmp
2016-01-03 17:28 - 2016-01-03 17:28 - 00000603 _____ C:\Users\Default\trzFEFB.tmp
2016-01-03 17:27 - 2016-01-03 17:27 - 00000603 _____ C:\ProgramData\trz9215.tmp
2016-01-03 17:26 - 2016-01-03 17:26 - 00000597 _____ C:\Users\trz93B7.tmp
2016-01-03 17:22 - 2016-01-03 17:22 - 00000581 _____ C:\Windows\Tasks\trz8781.tmp
2016-01-03 17:22 - 2016-01-03 17:22 - 00000581 _____ C:\Windows\system\trz800F.tmp
2016-01-03 17:22 - 2016-01-03 17:22 - 00000581 _____ C:\Windows\Minidump\trz4660.tmp
2016-01-03 17:22 - 2016-01-03 17:22 - 00000561 _____ C:\Windows\system32\trz8213.tmp
2016-01-03 17:21 - 2016-01-03 17:21 - 00000603 _____ C:\Users\Public\trzDE58.tmp
2016-01-03 17:21 - 2016-01-03 17:21 - 00000603 _____ C:\Users\Public\trzDDF9.tmp
2016-01-03 17:21 - 2016-01-03 17:21 - 00000603 _____ C:\Users\Public\trzDDBA.tmp
2016-01-03 17:21 - 2016-01-03 17:21 - 00000603 _____ C:\Users\Public\trzDD6B.tmp
2016-01-03 17:21 - 2016-01-03 17:21 - 00000603 _____ C:\Users\Public\trzDB38.tmp
2016-01-03 17:21 - 2016-01-03 17:21 - 00000603 _____ C:\Users\Public\Documents\trz7C90.tmp
2016-01-03 17:21 - 2016-01-03 17:21 - 00000603 _____ C:\Users\Guest\trzD55D.tmp
2016-01-03 17:21 - 2016-01-03 17:21 - 00000603 _____ C:\Users\Default\trzD29E.tmp
2016-01-03 17:21 - 2016-01-03 17:21 - 00000603 _____ C:\Users\Default\trzCF62.tmp
2016-01-03 17:21 - 2016-01-03 17:21 - 00000603 _____ C:\Users\Administrator\trzC9C5.tmp
2016-01-03 17:21 - 2016-01-03 17:21 - 00000603 _____ C:\ProgramData\trzCC16.tmp
2016-01-03 17:21 - 2016-01-03 17:21 - 00000603 _____ C:\ProgramData\Microsoft\Windows\Start Menu\trzAB60.tmp
2016-01-03 17:21 - 2016-01-03 17:21 - 00000597 _____ C:\Users\trzC80F.tmp
2016-01-03 17:21 - 2016-01-03 17:21 - 00000597 _____ C:\ProgramData\trz6436.tmp
2016-01-03 17:21 - 2016-01-03 17:21 - 00000579 _____ C:\Windows\trzE0F9.tmp
2016-01-03 17:21 - 2016-01-03 17:21 - 00000579 _____ C:\Windows\trzDEE5.tmp
2016-01-03 17:20 - 2016-01-03 17:20 - 00000603 _____ C:\Program Files\Common Files\trzCCB6.tmp
2016-01-03 17:20 - 2016-01-03 17:20 - 00000597 _____ C:\Users\trz9104.tmp
2016-01-03 17:20 - 2016-01-03 17:20 - 00000597 _____ C:\Program Files\trzAEDD.tmp
2016-01-03 17:14 - 2016-01-03 17:14 - 00000603 _____ C:\Users\Default\trz8C0E.tmp
2016-01-03 17:14 - 2016-01-03 17:14 - 00000603 _____ C:\ProgramData\trz347C.tmp
2016-01-03 17:13 - 2016-01-03 17:13 - 00000597 _____ C:\Users\trz583E.tmp
2016-01-03 17:09 - 2016-01-03 17:09 - 00000581 _____ C:\Windows\Tasks\trz5858.tmp
2016-01-03 17:08 - 2016-01-03 17:08 - 00000603 _____ C:\Users\Public\trzB9B9.tmp
2016-01-03 17:08 - 2016-01-03 17:08 - 00000603 _____ C:\Users\Public\trzB97A.tmp
2016-01-03 17:08 - 2016-01-03 17:08 - 00000603 _____ C:\Users\Public\trzB92B.tmp
2016-01-03 17:08 - 2016-01-03 17:08 - 00000603 _____ C:\Users\Public\trzB8AD.tmp
2016-01-03 17:08 - 2016-01-03 17:08 - 00000603 _____ C:\Users\Public\trzB67A.tmp
2016-01-03 17:08 - 2016-01-03 17:08 - 00000603 _____ C:\Users\Guest\trzB0DD.tmp
2016-01-03 17:08 - 2016-01-03 17:08 - 00000603 _____ C:\Users\Default\trzAE2E.tmp
2016-01-03 17:08 - 2016-01-03 17:08 - 00000603 _____ C:\Users\Default\trzAB11.tmp
2016-01-03 17:08 - 2016-01-03 17:08 - 00000603 _____ C:\Users\Administrator\trzA564.tmp
2016-01-03 17:08 - 2016-01-03 17:08 - 00000603 _____ C:\ProgramData\trzA7A7.tmp

How Can I Reduce My Risk to Malware?


#7 Ambience

Ambience
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Nowhere Near Yours
  • Local time:10:16 AM

Posted 06 January 2016 - 09:16 PM

Yes, my antivirus programs are up to date, and I make sure to full scan my computer once in a month.

New log coming in 5 minutes or so.



#8 Ambience

Ambience
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Nowhere Near Yours
  • Local time:10:16 AM

Posted 06 January 2016 - 09:51 PM

Here it is:

Attached File  Fixlog.txt   91.05KB   3 downloads



#9 Ambience

Ambience
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Nowhere Near Yours
  • Local time:10:16 AM

Posted 07 January 2016 - 09:00 AM

I have tried to delete the .tmp files by hand, but my computer couldn't handle it, and also the Aplikasi folders keep coming back and they keep duplicating these kind of folders.

 

Attached File  Aplikasi.png   2.64KB   0 downloads

 

But the suspicious .tmp files have stopped multiplying although I am not sure if they have gone away already..

I searched for the suspicious .tmp files and there were a ton, ranging from numbers of 5,000 to 15,000.

 

Do I need to delete them?

 

I will be patiently waiting for your reply.



#10 shelf life

shelf life

  • Malware Response Team
  • 2,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:06:16 AM

Posted 07 January 2016 - 05:27 PM

That was going to be my next question: Are folders and temp files being recreated? Looks like the answer is yes.

 

If you have any external devices plugged in via usb, like a flash drive leave them plugged in.

 

You can delete those folders if you want and any of the tmp files.

Lets do two things: please post a new FRST log. Like you did the very first time, to create a new FRST.txt, just to get another look.

Second you can do a on line scan: Run ESET Online Scanner

 

https://www.eset.com/us/online-scanner/

 


How Can I Reduce My Risk to Malware?


#11 Ambience

Ambience
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Nowhere Near Yours
  • Local time:10:16 AM

Posted 07 January 2016 - 07:26 PM

I had a USB, that was the source of this whole thing, I already threw it away that it couldn't do any more damage.

I'll try to find it, but I'll have to run the FRST first.

 

Here is the FRST log:

Attached File  FRST.txt   60.96KB   2 downloads

 

And the Addition just to be sure:

Attached File  Addition.txt   44.37KB   1 downloads

 

 

 



#12 shelf life

shelf life

  • Malware Response Team
  • 2,657 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:06:16 AM

Posted 08 January 2016 - 08:12 AM

No-- dont plug the USB drive back in.

 

I meant if it was plugged in now leave it plugged in- but if you already removed it leave it out.

The FRST logs look better so I think we are making progress.

 

We will use FRSt again like before to remove some items-- so like before: copy/paste whats below into notepad, save as fixlist.txt to desktop, start FRST, click the fix button. Machine may reboot. Post new fixlog text on desktop.

Where you able to run the Eset scan?

HKLM\...\Run: [WinUpdate] => Wscript.exe //e:VBScript "C:\Windows\:Microsoft Office Update for Windows XP.sys"
HKU\S-1-5-21-3774938920-3611944914-2639708701-1000\...\Run: [Df5serv] => Wscript.exe //e:VBScript "C:\Users\pc\Documents\df5srvc.bfe"
HKU\S-1-5-21-3774938920-3611944914-2639708701-1000\...\Run: [Explorer] => Wscript.exe //e:VBScript "C:\Users\pc\AppData\Local\Microsoft\CD Burning\dekstop.ini"
HKU\S-1-5-21-3774938920-3611944914-2639708701-1000\...\MountPoints2: H - H:\setup.exe
HKU\S-1-5-21-3774938920-3611944914-2639708701-1000\...\MountPoints2: J - J:\Autorun.exe
HKU\S-1-5-21-3774938920-3611944914-2639708701-1000\...\MountPoints2: {abb5107e-b489-11e3-b90a-806e6f6e6963} - F:\Run.exe
C:\Users\pc\Documents\df5srvc.bfe
C:\Windows\:Microsoft Office Update for Windows XP.sys
C:\Users\pc\AppData\Local\Microsoft\CD Burning\dekstop.ini
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3774938920-3611944914-2639708701-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ph.msn.com/?rd=1&ucc=PH&dcc=PH&opt=0&ocid=iehp
HKU\S-1-5-21-3774938920-3611944914-2639708701-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bendot.co.nr
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 GGSAFERDriver; \??\E:\online\GarenaLoLPH\GameData\Room\safedrv.sys [X]
R3 gkernel; \??\C:\Users\pc\AppData\Local\Temp\gkernel.sys [X]
S3 XDva409; \??\C:\Windows\system32\XDva409.sys [X]
S3 XDva425; \??\C:\Windows\system32\XDva425.sys [X]
S3 XDva511; \??\C:\Windows\system32\XDva511.sys [X]
2016-01-08 08:22 - 2016-01-08 08:23 - 00016553 _____ C:\Users\pc\Desktop\FRST.txt
2016-01-08 08:22 - 2016-01-08 08:22 - 00000734 _____ C:\Windows\system\Microsoft.lnk
2016-01-08 08:20 - 2016-01-08 08:20 - 00000750 _____ C:\Program Files\Microsoft.lnk
2016-01-08 08:15 - 2016-01-08 08:21 - 00000734 _____ C:\Windows\Minidump\Microsoft.lnk
2016-01-08 08:07 - 2016-01-08 08:21 - 00000756 _____ C:\ProgramData\Microsoft.lnk
2016-01-08 08:07 - 2016-01-08 08:21 - 00000732 _____ C:\Windows\AppCompat.lnk
2016-01-08 07:54 - 2016-01-08 08:21 - 00000732 _____ C:\Windows\Microsoft.lnk
2016-01-08 07:34 - 2016-01-08 08:20 - 00000756 _____ C:\Program Files\Common Files\Microsoft.lnk
2016-01-08 07:14 - 2016-01-08 08:20 - 00000748 _____ C:\Users\Public\Desktop\Music.lnk
2016-01-08 07:11 - 2016-01-08 07:11 - 00007247 _____ C:\Windows\system32\rad1F1D9.tmp
2016-01-08 07:11 - 2016-01-08 07:11 - 00000246 __RSH C:\Windows\system32\auto.exe
2016-01-08 00:06 - 2016-01-08 08:19 - 00000740 _____ C:\Music.lnk
2016-01-08 00:01 - 2016-01-08 08:21 - 00000748 _____ C:\Users\pc\Music.lnk
2016-01-08 00:01 - 2016-01-08 08:21 - 00000748 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Music.lnk
2016-01-08 00:01 - 2016-01-08 08:21 - 00000724 _____ C:\Windows\Music.lnk
2016-01-07 22:33 - 2016-01-08 08:21 - 00000770 _____ C:\Users\pc\Application Data.lnk
2016-01-07 22:33 - 2016-01-08 08:21 - 00000754 _____ C:\Users\pc\Contacts.lnk
2016-01-07 22:33 - 2016-01-08 08:21 - 00000752 _____ C:\Users\pc\Desktop.lnk
2016-01-07 22:33 - 2016-01-08 08:21 - 00000752 _____ C:\Users\pc\Cookies.lnk
2016-01-07 22:33 - 2016-01-08 08:21 - 00000752 _____ C:\Users\pc\AppData.lnk
2016-01-07 22:33 - 2016-01-07 23:54 - 00000754 _____ C:\Users\pc\Aplikasi.lnk
2016-01-07 22:09 - 2016-01-07 23:54 - 00000754 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Aplikasi.lnk
2016-01-07 21:55 - 2016-01-07 21:55 - 00007247 _____ C:\Windows\system32\rad87CD8.tmp
2016-01-07 21:13 - 2016-01-07 21:13 - 00007247 _____ C:\Windows\system32\rad86A17.tmp
2016-01-07 21:13 - 2016-01-07 21:13 - 00007247 _____ C:\Windows\system32\rad72955.tmp
2016-01-07 21:09 - 2016-01-08 08:19 - 00000746 _____ C:\Aplikasi.lnk
2016-01-07 20:54 - 2016-01-08 08:20 - 00000742 _____ C:\Program Files\Common Files\AV.lnk
2016-01-07 10:44 - 2016-01-07 10:44 - 00000000 ____D C:\Program Files\Common Files\AV
2016-01-06 18:40 - 2016-01-06 18:33 - 00000246 __RSH C:\Users\pc\Documents\trz3863.tmp
2016-01-06 07:04 - 2016-01-08 07:20 - 00000764 _____ C:\Users\pc\Documents\Activation.lnk
2016-01-06 07:04 - 2016-01-06 06:56 - 00000246 __RSH C:\Users\pc\Documents\trzDC0F.tmp
2016-01-05 20:38 - 2016-01-08 07:20 - 00000000 ____D C:\Users\pc\Documents\Brushes
2016-01-05 20:38 - 2016-01-08 07:20 - 00000000 ____D C:\Users\pc\Documents\Activation
2016-01-05 17:57 - 2016-01-05 17:49 - 00000246 __RSH C:\Users\pc\Documents\trzEEAA.tmp
2016-01-05 00:44 - 2016-01-05 00:42 - 00000246 __RSH C:\ProgramData\trzFB51.tmp
2016-01-05 00:34 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\trzC956.tmp
016-01-04 23:09 - 2016-01-04 23:09 - 00000246 __RSH C:\Windows\system32\trzF444.tmp
2016-01-04 21:21 - 2016-01-04 21:13 - 00000246 __RSH C:\Users\pc\Documents\trz7376.tmp
2016-01-04 21:15 - 2016-01-04 21:13 - 00000246 __RSH C:\ProgramData\trzDCA.tmp
2016-01-04 21:08 - 2016-01-08 08:19 - 00000750 _____ C:\AdwCleaner.lnk
2016-01-04 21:06 - 2016-01-08 08:19 - 00000000 ____D C:\Aplikasi
2016-01-04 20:47 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\trzC86C.tmp
2016-01-04 18:04 - 2016-01-07 21:01 - 00000760 _____ C:\Users\pc\Documents\Aplikasi.lnk
2016-01-04 17:59 - 2016-01-07 23:55 - 00000732 _____ C:\Windows\Tasks\Aplikasi.lnk
2016-01-04 17:59 - 2016-01-07 23:55 - 00000732 _____ C:\Windows\system\Aplikasi.lnk
2016-01-04 17:59 - 2016-01-07 23:55 - 00000712 _____ C:\Windows\system32\Aplikasi.lnk
2016-01-04 17:58 - 2016-01-07 23:55 - 00000732 _____ C:\Windows\Minidump\Aplikasi.lnk
2016-01-04 17:58 - 2016-01-07 23:54 - 00000754 _____ C:\Users\Public\Aplikasi.lnk
2016-01-04 17:58 - 2016-01-07 23:54 - 00000754 _____ C:\Users\Guest\Aplikasi.lnk
2016-01-04 17:58 - 2016-01-07 23:54 - 00000754 _____ C:\Users\Default\Aplikasi.lnk
2016-01-04 17:58 - 2016-01-07 23:54 - 00000754 _____ C:\Users\Administrator\Aplikasi.lnk
2016-01-04 17:58 - 2016-01-07 23:54 - 00000730 _____ C:\Windows\Aplikasi.lnk
2016-01-04 17:57 - 2016-01-07 23:54 - 00000754 _____ C:\Users\Public\Documents\Aplikasi.lnk
2016-01-04 17:57 - 2016-01-07 23:54 - 00000754 _____ C:\ProgramData\Aplikasi.lnk
2016-01-04 17:56 - 2016-01-07 23:59 - 00000748 _____ C:\Users\Aplikasi.lnk
2016-01-04 17:56 - 2016-01-07 23:53 - 00000754 _____ C:\Program Files\Common Files\Aplikasi.lnk
2016-01-04 17:56 - 2016-01-07 23:53 - 00000748 _____ C:\Program Files\Aplikasi.lnk
2016-01-03 15:26 - 2016-01-03 15:18 - 00000246 __RSH C:\Users\pc\Documents\trz760C.tmp
2016-01-03 15:20 - 2016-01-03 15:18 - 00000246 __RSH C:\ProgramData\trzFB67.tmp
2016-01-03 09:49 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\trzD449.tmp
2016-01-03 09:24 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\trzC35D.tmp
2016-01-03 08:36 - 2016-01-03 08:23 - 00000246 __RSH C:\trz8849.tmp
2016-01-03 08:33 - 2016-01-03 08:23 - 00000246 __RSH C:\Program Files\trz864D.tmp
2016-01-03 08:33 - 2016-01-03 08:23 - 00000246 __RSH C:\Program Files\Common Files\trzA3C3.tmp
2016-01-03 08:31 - 2016-01-03 08:23 - 00000246 __RSH C:\Users\pc\Documents\trzE0BA.tmp
2016-01-03 08:26 - 2016-01-03 08:23 - 00000246 __RSH C:\Windows\trz2C2C.tmp
2016-01-03 08:26 - 2016-01-03 08:23 - 00000246 __RSH C:\Windows\Tasks\trzC84C.tmp
2016-01-03 08:26 - 2016-01-03 08:23 - 00000246 __RSH C:\Windows\system32\trzC201.tmp
2016-01-03 08:26 - 2016-01-03 08:23 - 00000246 __RSH C:\Windows\system\trzBFDD.tmp
2016-01-03 08:26 - 2016-01-03 08:23 - 00000246 __RSH C:\Windows\Minidump\trz832D.tmp
2016-01-03 08:26 - 2016-01-03 08:23 - 00000246 __RSH C:\Users\trz1214.tmp
2016-01-03 08:26 - 2016-01-03 08:23 - 00000246 __RSH C:\Users\Public\trz2820.tmp
2016-01-03 08:26 - 2016-01-03 08:23 - 00000246 __RSH C:\Users\pc\trz2467.tmp
2016-01-03 08:26 - 2016-01-03 08:23 - 00000246 __RSH C:\Users\Guest\trz2204.tmp
2016-01-03 08:26 - 2016-01-03 08:23 - 00000246 __RSH C:\Users\Default\trz1BBA.tmp
2016-01-03 08:26 - 2016-01-03 08:23 - 00000246 __RSH C:\Users\Administrator\trz160D.tmp
2016-01-03 08:25 - 2016-01-03 08:23 - 00000246 __RSH C:\Users\Public\Documents\trzB79A.tmp
2016-01-03 08:25 - 2016-01-03 08:23 - 00000246 __RSH C:\Users\Public\Desktop\trzB46D.tmp
2016-01-03 08:25 - 2016-01-03 08:23 - 00000246 __RSH C:\ProgramData\trz82B3.tmp
2016-01-03 08:25 - 2016-01-03 08:23 - 00000246 __RSH C:\ProgramData\Microsoft\Windows\Start Menu\trzF6F0.tmp
2016-01-03 08:24 - 2016-01-03 08:23 - 00000246 __RSH C:\Program Files\Common Files\trz622D.tmp
2016-01-03 08:23 - 2016-01-03 08:23 - 00000246 __RSH C:\Users\trzFD8.tmp
2016-01-02 18:25 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radC9534.tmp
2016-01-02 18:17 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radA110C.tmp
2016-01-02 18:16 - 2016-01-08 07:20 - 00000784 _____ C:\Users\pc\Documents\Assassin's Creed III.lnk
2016-01-02 18:16 - 2016-01-08 07:20 - 00000764 _____ C:\Users\pc\Documents\Activision.lnk
2016-01-02 18:16 - 2016-01-08 07:20 - 00000760 _____ C:\Users\pc\Documents\Bandicam.lnk
2016-01-02 18:16 - 2016-01-08 07:20 - 00000754 _____ C:\Users\pc\Documents\Music.lnk
2016-01-02 18:16 - 2016-01-08 07:20 - 00000754 _____ C:\Users\pc\Documents\BFBC2.lnk
2016-01-02 18:16 - 2016-01-05 17:57 - 00000774 _____ C:\Users\pc\Documents\Camtasia Studio.lnk
2016-01-02 18:16 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad84B7B.tmp
2016-01-02 18:16 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad823F1.tmp
2016-01-02 18:16 - 2006-02-03 14:30 - 00011330 __RSH C:\Users\pc\Documents\dekstop.ini
2016-01-02 18:13 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad9DBDF.tmp
2016-01-02 18:13 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad96067.tmp
2016-01-02 18:13 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad94EB8.tmp
2016-01-02 18:13 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad94A63.tmp
2016-01-02 18:13 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad6FA5C.tmp
2016-01-02 18:13 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad4DB6A.tmp
2016-01-02 18:12 - 2016-01-08 08:22 - 00000732 _____ C:\Windows\system32\AdvancedInstallers.lnk
2016-01-02 18:12 - 2016-01-08 08:22 - 00000726 _____ C:\Windows\Tasks\Music.lnk
2016-01-02 18:12 - 2016-01-08 08:22 - 00000726 _____ C:\Windows\system\Music.lnk
2016-01-02 18:12 - 2016-01-08 08:22 - 00000722 _____ C:\Windows\system32\AI_RecycleBin.lnk
2016-01-02 18:12 - 2016-01-08 08:22 - 00000710 _____ C:\Windows\system32\appmgmt.lnk
2016-01-02 18:12 - 2016-01-08 08:22 - 00000706 _____ C:\Windows\system32\Music.lnk
2016-01-02 18:12 - 2016-01-08 08:22 - 00000706 _____ C:\Windows\system32\AGEIA.lnk
2016-01-02 18:12 - 2016-01-08 08:22 - 00000704 _____ C:\Windows\system32\0409.lnk
2016-01-02 18:12 - 2016-01-08 08:21 - 00000778 _____ C:\Windows\BitLockerDiscoveryVolumeContents.lnk
2016-01-02 18:12 - 2016-01-08 08:21 - 00000752 _____ C:\Users\Public\Desktop.lnk
2016-01-02 18:12 - 2016-01-08 08:21 - 00000752 _____ C:\Users\Guest\AppData.lnk
2016-01-02 18:12 - 2016-01-08 08:21 - 00000752 _____ C:\Users\Default\Desktop.lnk
2016-01-02 18:12 - 2016-01-08 08:21 - 00000748 _____ C:\Users\Public\Music.lnk
2016-01-02 18:12 - 2016-01-08 08:21 - 00000748 _____ C:\Users\Guest\Music.lnk
2016-01-02 18:12 - 2016-01-08 08:21 - 00000730 _____ C:\Windows\assembly.lnk
2016-01-02 18:12 - 2016-01-08 08:21 - 00000730 _____ C:\Windows\AppPatch.lnk
2016-01-02 18:12 - 2016-01-08 08:21 - 00000726 _____ C:\Windows\Minidump\Music.lnk
2016-01-02 18:12 - 2016-01-08 08:21 - 00000726 _____ C:\Windows\addins.lnk
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\Tasks\dekstop.ini
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radF499B.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radF4273.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radF2BDF.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radEC155.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radE9D16.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radE7E60.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radCD498.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radCC625.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radAA4D6.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad97FE8.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad95AD6.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad8F378.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad69E9E.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad61698.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad5440B.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad53CF7.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad4BC75.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad46E94.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad46D94.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad3CDC7.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad385CC.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad30E6E.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad29199.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad242EE.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad137F0.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad0F708.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\dekstop.ini
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system\dekstop.ini
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\Minidump\dekstop.ini
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\dekstop.ini
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Users\Public\dekstop.ini
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Users\pc\dekstop.ini
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Users\Guest\dekstop.ini
2016-01-02 18:11 - 2016-01-08 08:21 - 00000770 _____ C:\Users\Default\Application Data.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000766 _____ C:\ProgramData\Alwil Software.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000760 _____ C:\ProgramData\Alex Gordon.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000760 _____ C:\ProgramData\Aeria Games.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000758 _____ C:\Users\Administrator.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000756 _____ C:\Users\Default User.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000752 _____ C:\Users\Default\Cookies.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000752 _____ C:\Users\Default\AppData.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000752 _____ C:\Users\Administrator\AppData.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000748 _____ C:\Users\Default\Music.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000748 _____ C:\Users\Administrator\Music.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000748 _____ C:\ProgramData\Music.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000748 _____ C:\ProgramData\Adobe.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000746 _____ C:\Users\Default.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000744 _____ C:\ProgramData\AMD.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000742 _____ C:\Users\Guest.lnk
2016-01-02 18:11 - 2016-01-08 08:20 - 00000748 _____ C:\Users\Public\Documents\Music.lnk
2016-01-02 18:11 - 2006-02-03 14:30 - 00011330 __RSH C:\Users\Public\Documents\dekstop.ini
2016-01-02 18:11 - 2006-02-03 14:30 - 00011330 __RSH C:\Users\Public\Desktop\dekstop.ini
2016-01-02 18:11 - 2006-02-03 14:30 - 00011330 __RSH C:\Users\Default\dekstop.ini
2016-01-02 18:11 - 2006-02-03 14:30 - 00011330 __RSH C:\Users\Administrator\dekstop.ini
2016-01-02 18:11 - 2006-02-03 14:30 - 00011330 __RSH C:\ProgramData\Microsoft\Windows\Start Menu\dekstop.ini
2016-01-02 18:11 - 2006-02-03 14:30 - 00011330 __RSH C:\ProgramData\dekstop.ini
2016-01-02 18:10 - 2016-01-08 08:21 - 00000742 _____ C:\Users\Music.lnk
2016-01-02 18:17 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radA110C.tmp
2016-01-02 18:16 - 2016-01-08 07:20 - 00000784 _____ C:\Users\pc\Documents\Assassin's Creed III.lnk
2016-01-02 18:16 - 2016-01-08 07:20 - 00000764 _____ C:\Users\pc\Documents\Activision.lnk
2016-01-02 18:16 - 2016-01-08 07:20 - 00000760 _____ C:\Users\pc\Documents\Bandicam.lnk
2016-01-02 18:16 - 2016-01-08 07:20 - 00000754 _____ C:\Users\pc\Documents\Music.lnk
2016-01-02 18:16 - 2016-01-08 07:20 - 00000754 _____ C:\Users\pc\Documents\BFBC2.lnk
2016-01-02 18:16 - 2016-01-05 17:57 - 00000774 _____ C:\Users\pc\Documents\Camtasia Studio.lnk
2016-01-02 18:16 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad84B7B.tmp
2016-01-02 18:16 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad823F1.tmp
2016-01-02 18:16 - 2006-02-03 14:30 - 00011330 __RSH C:\Users\pc\Documents\dekstop.ini
2016-01-02 18:13 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad9DBDF.tmp
2016-01-02 18:13 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad96067.tmp
2016-01-02 18:13 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad94EB8.tmp
2016-01-02 18:13 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad94A63.tmp
2016-01-02 18:13 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad6FA5C.tmp
2016-01-02 18:13 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad4DB6A.tmp
2016-01-02 18:12 - 2016-01-08 08:22 - 00000732 _____ C:\Windows\system32\AdvancedInstallers.lnk
2016-01-02 18:12 - 2016-01-08 08:22 - 00000726 _____ C:\Windows\Tasks\Music.lnk
2016-01-02 18:12 - 2016-01-08 08:22 - 00000726 _____ C:\Windows\system\Music.lnk
2016-01-02 18:12 - 2016-01-08 08:22 - 00000722 _____ C:\Windows\system32\AI_RecycleBin.lnk
2016-01-02 18:12 - 2016-01-08 08:22 - 00000710 _____ C:\Windows\system32\appmgmt.lnk
2016-01-02 18:12 - 2016-01-08 08:22 - 00000706 _____ C:\Windows\system32\Music.lnk
2016-01-02 18:12 - 2016-01-08 08:22 - 00000706 _____ C:\Windows\system32\AGEIA.lnk
2016-01-02 18:12 - 2016-01-08 08:22 - 00000704 _____ C:\Windows\system32\0409.lnk
2016-01-02 18:12 - 2016-01-08 08:21 - 00000778 _____ C:\Windows\BitLockerDiscoveryVolumeContents.lnk
2016-01-02 18:12 - 2016-01-08 08:21 - 00000752 _____ C:\Users\Public\Desktop.lnk
2016-01-02 18:12 - 2016-01-08 08:21 - 00000752 _____ C:\Users\Guest\AppData.lnk
2016-01-02 18:12 - 2016-01-08 08:21 - 00000752 _____ C:\Users\Default\Desktop.lnk
2016-01-02 18:12 - 2016-01-08 08:21 - 00000748 _____ C:\Users\Public\Music.lnk
2016-01-02 18:12 - 2016-01-08 08:21 - 00000748 _____ C:\Users\Guest\Music.lnk
2016-01-02 18:12 - 2016-01-08 08:21 - 00000730 _____ C:\Windows\assembly.lnk
2016-01-02 18:12 - 2016-01-08 08:21 - 00000730 _____ C:\Windows\AppPatch.lnk
2016-01-02 18:12 - 2016-01-08 08:21 - 00000726 _____ C:\Windows\Minidump\Music.lnk
2016-01-02 18:12 - 2016-01-08 08:21 - 00000726 _____ C:\Windows\addins.lnk
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\Tasks\dekstop.ini
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radF499B.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radF4273.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radF2BDF.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radEC155.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radE9D16.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radE7E60.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radCD498.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radCC625.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radAA4D6.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad97FE8.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad95AD6.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad8F378.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad69E9E.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad61698.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad5440B.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad53CF7.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad4BC75.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad46E94.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad46D94.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad3CDC7.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad385CC.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad30E6E.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad29199.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad242EE.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad137F0.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad0F708.tmp
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\dekstop.ini
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system\dekstop.ini
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\Minidump\dekstop.ini
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\dekstop.ini
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Users\Public\dekstop.ini
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Users\pc\dekstop.ini
2016-01-02 18:12 - 2006-02-03 14:30 - 00011330 __RSH C:\Users\Guest\dekstop.ini
2016-01-02 18:11 - 2016-01-08 08:21 - 00000770 _____ C:\Users\Default\Application Data.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000766 _____ C:\ProgramData\Alwil Software.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000760 _____ C:\ProgramData\Alex Gordon.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000760 _____ C:\ProgramData\Aeria Games.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000758 _____ C:\Users\Administrator.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000756 _____ C:\Users\Default User.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000752 _____ C:\Users\Default\Cookies.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000752 _____ C:\Users\Default\AppData.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000752 _____ C:\Users\Administrator\AppData.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000748 _____ C:\Users\Default\Music.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000748 _____ C:\Users\Administrator\Music.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000748 _____ C:\ProgramData\Music.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000748 _____ C:\ProgramData\Adobe.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000746 _____ C:\Users\Default.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000744 _____ C:\ProgramData\AMD.lnk
2016-01-02 18:11 - 2016-01-08 08:21 - 00000742 _____ C:\Users\Guest.lnk
2016-01-02 18:11 - 2016-01-08 08:20 - 00000748 _____ C:\Users\Public\Documents\Music.lnk
2016-01-02 18:11 - 2006-02-03 14:30 - 00011330 __RSH C:\Users\Public\Documents\dekstop.ini
2016-01-02 18:11 - 2006-02-03 14:30 - 00011330 __RSH C:\Users\Public\Desktop\dekstop.ini
2016-01-02 18:11 - 2006-02-03 14:30 - 00011330 __RSH C:\Users\Default\dekstop.ini
2016-01-02 18:11 - 2006-02-03 14:30 - 00011330 __RSH C:\Users\Administrator\dekstop.ini
2016-01-02 18:11 - 2006-02-03 14:30 - 00011330 __RSH C:\ProgramData\Microsoft\Windows\Start Menu\dekstop.ini
2016-01-02 18:11 - 2006-02-03 14:30 - 00011330 __RSH C:\ProgramData\dekstop.ini
2016-01-02 18:10 - 2016-01-08 08:21 - 00000742 _____ C:\Users\Music.lnk
2016-01-02 18:10 - 2016-01-08 08:20 - 00000770 _____ C:\Program Files\Common Files\ATI Technologies.lnk
2016-01-02 18:10 - 2016-01-08 08:20 - 00000768 _____ C:\Program Files\AGEIA Technologies.lnk
2016-01-02 18:10 - 2016-01-08 08:20 - 00000760 _____ C:\Program Files\Alwil Software.lnk
2016-01-02 18:10 - 2016-01-08 08:20 - 00000754 _____ C:\Program Files\Common Files\DESIGNER.lnk
2016-01-02 18:10 - 2016-01-08 08:20 - 00000752 _____ C:\Program Files\Common Files\Acronis.lnk
2016-01-02 18:10 - 2016-01-08 08:20 - 00000748 _____ C:\Program Files\Common Files\Music.lnk
2016-01-02 18:10 - 2016-01-08 08:20 - 00000748 _____ C:\Program Files\Common Files\Adobe.lnk
2016-01-02 18:10 - 2016-01-08 08:20 - 00000742 _____ C:\Program Files\Music.lnk
2016-01-02 18:10 - 2016-01-08 08:20 - 00000742 _____ C:\Program Files\Adobe.lnk
2016-01-02 18:10 - 2016-01-08 08:20 - 00000738 _____ C:\Program Files\AMD.lnk
2016-01-02 18:10 - 2016-01-08 08:20 - 00000593 _____ C:\Program Files\AMD AVT.lnk
2016-01-02 18:10 - 2016-01-08 08:19 - 00000754 _____ C:\$WINDOWS.~BT.lnk
2016-01-02 18:10 - 2016-01-08 08:19 - 00000754 _____ C:\$Recycle.Bin.lnk
2016-01-02 18:10 - 2016-01-08 08:19 - 00000744 _____ C:\acroldr.lnk
2016-01-02 18:10 - 2016-01-08 07:11 - 00000000 _____ C:\Windows\system32\Serv60d.dll
2016-01-02 18:10 - 2016-01-07 07:49 - 00000760 _____ C:\Program Files\Common Files\EAInstaller.lnk
2016-01-02 18:10 - 2016-01-04 21:06 - 00000738 _____ C:\Boot.lnk
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radF1B6A.tmp
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radEBF3C.tmp
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radDFB1C.tmp
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radDECE3.tmp
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radDC891.tmp
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radCF9B9.tmp
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radCB8D3.tmp
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radCADA8.tmp
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radC129B.tmp
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radB560C.tmp
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radB1449.tmp
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radAAF22.tmp
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radAA88A.tmp
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad97A67.tmp
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad8EFD0.tmp
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad84B00.tmp
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad81CF4.tmp
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad6730D.tmp
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad6099F.tmp
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad5EC7A.tmp
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad54F28.tmp
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad471CB.tmp
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad40ACE.tmp
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad3A7C9.tmp
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad39166.tmp
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad200F6.tmp
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad080ED.tmp
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad07F28.tmp
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad018DE.tmp
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Users\pc\Documents\df5srvc.bfe
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Users\dekstop.ini
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Program Files\dekstop.ini
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\Program Files\Common Files\dekstop.ini
2016-01-02 18:10 - 2006-02-03 14:30 - 00011330 __RSH C:\dekstop.ini
2015-12-22 22:26 - 2015-12-22 22:26 - 00000000 ____D C:\Users\pc\AppData\Local\Bluestacks
2015-12-22 21:45 - 2016-01-08 08:20 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-12-11 22:32 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad229EE.tmp
2015-12-11 22:30 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radBFB4A.tmp
2015-12-11 22:30 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\radBBF3B.tmp
2015-12-11 22:30 - 2006-02-03 14:30 - 00011330 __RSH C:\Windows\system32\rad66399.tmp
EmptyTemp:


How Can I Reduce My Risk to Malware?


#13 Ambience

Ambience
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Nowhere Near Yours
  • Local time:10:16 AM

Posted 09 January 2016 - 06:30 AM

No, It wouldn't let me do the scan for the reason that I needed to use Internet Explorer for it, it requires a certain plug-in that no matter how many times I download it just won't install on Internet Explorer.

 

Log coming in 5 minutes.



#14 Ambience

Ambience
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Nowhere Near Yours
  • Local time:10:16 AM

Posted 09 January 2016 - 06:48 AM

Here it is:

Attached File  Fixlog.txt   91.05KB   2 downloads

 

By the way, I thank for the patience you gave in fixing my computer, it has seemed to become smooth again, I feel grateful, thank you very much!



#15 Ambience

Ambience
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Nowhere Near Yours
  • Local time:10:16 AM

Posted 10 January 2016 - 04:54 AM

Any work to do still?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users