Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

My Laptop Is Possessed! Multi rogue security apps [Closed]


  • This topic is locked This topic is locked

#16
velarie2112

velarie2112

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts
LOL. Yeah, we had some good times. ;) In fact my good laptop is the one he helped fix!

Edited by velarie2112, 05 February 2014 - 01:47 PM.

  • 0

Advertisements


#17
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,722 posts
Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Please reboot the PC after the Fix.

Attached Files


  • 0

#18
velarie2112

velarie2112

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts
FYI How things currently work: If I download or install a tool to the infected machine, it shuts it down, disables it so I can't run it, and also prevents me from deleting any of the files. In some cases it even prevents me from copying new files with the same names.

Fresh copy of FSRT (renamed) and fixlist.txt copied to desktop and ran. It produced an application won't execute and is infected error, but it did run. See log below and attached.

*************************************************************************
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 05-02-2014
Ran by Administrator at 2014-02-06 10:24:56 Run:1
Running from C:\Documents and Settings\Administrator\Desktop
Boot Mode: Safe Mode (with Networking)

==============================================

Content of fixlist:
*****************
HKLM\...\Run: [MKayc] - C:\WINDOWS\csrss.exe
HKLM\...\Run: [MKeuf] - C:\WINDOWS\spoolsv.exe
HKLM\...\Run: [MKfsc] - C:\WINDOWS\winlogon.exe
HKLM\...\Run: [MKcuc] - C:\WINDOWS\lsass.exe
HKLM\...\Run: [MKeta] - C:\WINDOWS\services.exe
HKLM\...\Run: [MKdw+] - C:\WINDOWS\nvsvc32.exe
HKLM\...\Run: [MKfa] - C:\WINDOWS\win.exe
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe [95148 2010-09-28] () <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [smss32.exe] - C:\WINDOWS\system32\smss32.exe [18944 2010-09-30] ()
HKLM\...\Run: [MKeufla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.9) Gecko/20100315 Firefox/3.5.9] - C:\WINDOWS\spoolsv.exe
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\system32\winlogon32.exe
HKU\.DEFAULT\...\Run: [MKetWgg0] - C:\WINDOWS\services .exe
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe [95148 2010-09-28] () <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [smss32.exe] - C:\WINDOWS\system32\smss32.exe [18944 2010-09-30] ()
HKU\.DEFAULT\...\Policies\system: [DisableRegistryTools] 1
HKU\.DEFAULT\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-21-2700236382-4009610293-4285289237-500\...\Run: [smss32.exe] - C:\WINDOWS\system32\smss32.exe [18944 2010-09-30] ()
HKU\S-1-5-21-2700236382-4009610293-4285289237-500\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-21-2700236382-4009610293-4285289237-500\...\MountPoints2: E - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
Winsock: Catalog9 01 C:\WINDOWS\system32\helpers32.dll [25600] ()
Winsock: Catalog9 23 C:\WINDOWS\system32\helpers32.dll [25600] ()
cmd: netsh winsock reset
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
C:\WINDOWS\csrss.exe
C:\WINDOWS\spoolsv.exe
C:\WINDOWS\winlogon.exe
C:\WINDOWS\lsass.exe
C:\WINDOWS\services.exe
C:\WINDOWS\nvsvc32.exe
C:\WINDOWS\win.exe
C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe
C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe
C:\WINDOWS\system32\smss32.exe
C:\WINDOWS\system32\winlogon32.exe
C:\WINDOWS\services .exe
C:\WINDOWS\system32\helpers32.dll
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MKayc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MKeuf => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MKfsc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MKcuc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MKeta => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MKdw+ => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MKfa => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\smss32.exe => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MKeufla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.9) Gecko/20100315 Firefox/3.5.9 => Value deleted successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Userinit => Value was restored successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MKetWgg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\smss32.exe => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableRegistryTools => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableTaskMgr => Value deleted successfully.
HKU\S-1-5-21-2700236382-4009610293-4285289237-500\Software\Microsoft\Windows\CurrentVersion\Run\\smss32.exe => Value deleted successfully.
HKU\S-1-5-21-2700236382-4009610293-4285289237-500\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableTaskMgr => Value deleted successfully.
HKU\1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-2700236382-4009610293-4285289237-500 => Key not found.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001 => Key deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000023 => Key deleted successfully.

========= netsh winsock reset =========

Initialization Function InitHelperDll in IPMONTR.DLL failed to start with error code 10107

WARNING: Could not obtain host information from machine: [JPRICELAP]. Some commands may not be available.
Access is denied.


Sucessfully reset the Winsock Catalog.
You must restart the machine in order to complete the reset.

Attached Files


  • 0

#19
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,722 posts
Yeah, hopefully the Scan will run, instructions for that are below.

Farbar Recovery Scan Tool (FRST)

  • Run FRST.
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

  • 0

#20
velarie2112

velarie2112

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts
Ran with no errors!

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-02-2014
Ran by Administrator (administrator) on JPRICELAP on 06-02-2014 10:42:08
Running from C:\Documents and Settings\Administrator\Desktop
Microsoft Windows XP Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Safe Mode (with Networking)

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

ATTENTION: If processes are not listed WMI should be repaired.


==================== Processes (Whitelisted) ===================



==================== Registry (Whitelisted) ==================

HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [Scheduler] - C:\WINDOWS\SMINST\Scheduler.exe [94736 2014-01-30] ()
HKLM\...\Run: [Reminder] - C:\WINDOWS\Creator\Remind_XP.exe [94736 2014-01-30] ()
HKLM\...\Run: [Recguard] - C:\WINDOWS\Sminst\Recguard.exe [94736 2014-01-30] ()
HKLM\...\Run: [MsmqIntCert] - regsvr32 /s mqrt.dll
HKLM\...\Run: [hpWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [94736 2014-01-30] ()
HKLM\...\Run: [Cpqset] - C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe [94736 2014-01-30] ()
HKLM\...\Run: [CognizanceTS] - C:\Program Files\HEWLET~1\IAM\Bin\ASTSVCC.dll [17920 2003-12-22] (Cognizance Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [94736 2014-01-30] ()
HKLM\...\Run: [HPHmon06] - C:\WINDOWS\system32\hphmon06.exe [622592 2004-12-16] (Hewlett-Packard)
HKLM\...\Run: [HPDJ Taskbar Utility] - C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb13.exe [172032 2004-11-24] (HP)
HKLM\...\Run: [MSConfig] - C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [169984 2008-04-14] (Microsoft Corporation)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\NavLogon: C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
Winlogon\Notify\OneCard: C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll (Cognizance Corporation)
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 1
HKU\.DEFAULT\...\Run: [DWQueuedReporting] - C:\Program Files\COMMON~1\Microsoft Shared\DW\dwtrig20.exe [94724 2010-09-26] ()
HKU\.DEFAULT\...\Run: [SE11] - C:\Program Files\SecEss\SE11.exe
HKU\.DEFAULT\...\RunOnce: [TSClientMSIUninstaller] - cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs"
HKU\.DEFAULT\...\RunOnce: [TSClientAXDisabler] - cmd.exe /C "%systemroot%\Installer\TSClientMsiTrans\tscdsbl.bat"
HKU\.DEFAULT\...\Policies\Explorer: [NoFolderOptions] 1
HKU\.DEFAULT\...\Policies\Explorer: [NoSetActiveDesktop] 1
HKU\S-1-5-21-2700236382-4009610293-4285289237-500\...\Policies\Explorer: [NoFolderOptions] 1
HKU\S-1-5-21-2700236382-4009610293-4285289237-500\...\Policies\Explorer: [NoSetActiveDesktop] 1
HKU\S-1-5-21-2700236382-4009610293-4285289237-500\...\MountPoints2: E - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
AppInit_DLLs: APSHook.dll => C:\WINDOWS\system32\APSHook.dll [70144 2007-02-25] (Bioscrypt Inc.)
Lsa: [Notification Packages] scecli ASWLNPkg
Startup: C:\Documents and Settings\Administrator.IDI\Start Menu\Programs\Startup\CCC.lnk
ShortcutTarget: CCC.lnk -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\CCC.lnk
ShortcutTarget: CCC.lnk -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
Startup: C:\Documents and Settings\jprice\Start Menu\Programs\Startup\CCC.lnk
ShortcutTarget: CCC.lnk -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
Startup: C:\Documents and Settings\jprice\Start Menu\Programs\Startup\palmOne Registration.lnk
ShortcutTarget: palmOne Registration.lnk -> C:\Program Files\palmOne\register.exe (No File)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...d=smb&pf=laptop
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...d=smb&pf=laptop
SearchScopes: HKLM - DefaultScope value is missing.
BHO: C:\WINDOWS\system32\rpk5dkg.dll - {B1BA40A1-75F2-51BD-F313-04B03A2C8953} - C:\WINDOWS\system32\rpk5dkg.dll No File
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg...l_v1-0-27-0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll No File [ ]
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\AdwCleaner\newsas\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
  • 0

#21
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,722 posts
Is this the full log?
  • 0

#22
velarie2112

velarie2112

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts
Dear, I will ALWAYS give you full log.

Attached Files

  • Attached File  FRST.txt   5.69KB   155 downloads

Edited by velarie2112, 06 February 2014 - 10:47 AM.

  • 0

#23
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,722 posts
OK, sorry, but FRST didn't produced the Full Log. Let's try OTL again.

  • Please copy the text in the Quote box below, (Do Not copy the word Quote), and paste it in the Posted Image box in OTL. To do that:
    • Highlight everything inside the quote box, (except the word Quote), right click the mouse and click Copy.

    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    qmgr.dll
    winsock.*
    /md5stop
    dir "%systemdrive%\*" /S /A:L /C
    CREATERESTOREPOINT

  • Open Posted Image on the desktop. To do that:
    • XP users: Double click on the OTL icon.
    • Vista / 7 Users: Right click on the icon and click Run as Administrator)
  • Make sure all other windows are closed.
    • You will see a console like the one below:

      Posted Image

    • Click the box beside Scan All Users at the top of the console
    • If you have a 64bit Windows, click the box beside Include 64bit Scans at the top of the console.
    • Make sure the Output box at the top is set to Standard Output.
    • Check the boxes beside LOP Check and Purity Check.
    • Place the mouse pointer inside the Posted Image box, right click and click Paste. This will put the above script inside OTL
    • Click the Posted Image button. Do not change any settings unless otherwise told to do so.
    • Let the scan run uninterrupted.
    • When the scan completes, it will open OTL.Txt on the desktop.
    • Please copy the contents of these files and paste it into your reply. To do that:
    • On the OTL.txt file Menu Bar click Edit then click Select All. This will highlight the contents of the file. Then click Copy.
    • Right click inside the forum post window then click Paste. This will paste the contents of the OTL.txt file in the in the post window.
  • Please do the same for the Extras.txt
[/list]
  • 0

#24
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,722 posts
Sorry, double post. My fault.

Edited by Machiavelli, 06 February 2014 - 10:56 AM.

  • 0

#25
velarie2112

velarie2112

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts
No worries. ;)

OTL (renamed) shutdown while running. No log. Also, no more pop ups in safe mode.
  • 0

Advertisements


#26
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,722 posts
  • Step 1: FRST Fix

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

  • Step 2: ComboFix

Warning: this fix is specific to the user in this thread. No one else should follow these instructions as it may cause more harm than good. If you are after assistance, please start a thread of your own.

Please download Combofix from one of the following locations:

Download Mirror #1
Download Mirror #2
Download Mirror #3


Note: You must save this directly to your Desktop.

  • Save any open documents, then close any open programs.
  • Disable all anti-virus and anti-malware software to prevent them inhibiting Combofix in any way. If you are unsure how to do this, see THIS
  • Rename ComboFix.exe to Machiavelli.exe (Right click on ComboFix.exe >> Rename)
  • Double-click on combofix.exe then follow the on screen prompts
  • When Combofix finishes, it will open the log. Please Copy (Ctrl + C) and Paste (Ctrl + V) all of this text into your next post.

Note: If ComboFix detects Rootkit activity and asks to reboot the system, please allow this to be done.

If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer.

If, for whatever reason, the log does not open, it can be found in this location: C:\combofix.txt

Attached Files


  • 0

#27
velarie2112

velarie2112

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts
After ComboFix started running I got a message that "ComboFix has detected that Symantec Antivirus is running" and that it needs to be disabled. However, there is nothing in the system tray and if I open msconfig all services for Symantec (in fact all services besides MS) are disabled. I am running the tool in safe mode with networking. ComboFix then told me it would continue to run at my own risk? I didn't know what else to do so I said yes.

Next I got an error that this machine does not have the MS Win Recovery Console installed. If it is present it needs updating. Without it, ComboFix shall not attempt fixing the infections. It wanted an internet connection and at this point I said No.

So now it is just sitting there. I'm not sure if it is scanning or not.
  • 0

#28
velarie2112

velarie2112

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts
fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 06-02-2014
Ran by Administrator at 2014-02-06 14:43:28 Run:2
Running from C:\Documents and Settings\Administrator\Desktop
Boot Mode: Safe Mode (with Networking)

==============================================

Content of fixlist:
*****************
BHO: C:\WINDOWS\system32\rpk5dkg.dll - {B1BA40A1-75F2-51BD-F313-04B03A2C8953} - C:\WINDOWS\system32\rpk5dkg.dll No File
*****************

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B1BA40A1-75F2-51BD-F313-04B03A2C8953} => Key deleted successfully.
HKCR\CLSID\{B1BA40A1-75F2-51BD-F313-04B03A2C8953} => Key deleted successfully.

==== End of Fixlog ====
  • 0

#29
Machiavelli

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,722 posts

So now it is just sitting there.

What does it say on the screen? Wait 10 - 20 minutes, ComboFix should be finished then if it is running correctly.
  • 0

#30
velarie2112

velarie2112

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 108 posts
I fudged up. :( Rebooted. So sorry. What should I do now?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP