Edited by velarie2112, 05 February 2014 - 01:47 PM.
My Laptop Is Possessed! Multi rogue security apps [Closed]
#16
Posted 05 February 2014 - 01:47 PM
#17
Posted 06 February 2014 - 09:31 AM
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Run FRST and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
Please reboot the PC after the Fix.
Attached Files
#18
Posted 06 February 2014 - 10:23 AM
Fresh copy of FSRT (renamed) and fixlist.txt copied to desktop and ran. It produced an application won't execute and is infected error, but it did run. See log below and attached.
*************************************************************************
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 05-02-2014
Ran by Administrator at 2014-02-06 10:24:56 Run:1
Running from C:\Documents and Settings\Administrator\Desktop
Boot Mode: Safe Mode (with Networking)
==============================================
Content of fixlist:
*****************
HKLM\...\Run: [MKayc] - C:\WINDOWS\csrss.exe
HKLM\...\Run: [MKeuf] - C:\WINDOWS\spoolsv.exe
HKLM\...\Run: [MKfsc] - C:\WINDOWS\winlogon.exe
HKLM\...\Run: [MKcuc] - C:\WINDOWS\lsass.exe
HKLM\...\Run: [MKeta] - C:\WINDOWS\services.exe
HKLM\...\Run: [MKdw+] - C:\WINDOWS\nvsvc32.exe
HKLM\...\Run: [MKfa] - C:\WINDOWS\win.exe
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe [95148 2010-09-28] () <===== ATTENTION
HKLM\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKLM\...\Run: [smss32.exe] - C:\WINDOWS\system32\smss32.exe [18944 2010-09-30] ()
HKLM\...\Run: [MKeufla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.9) Gecko/20100315 Firefox/3.5.9] - C:\WINDOWS\spoolsv.exe
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\system32\winlogon32.exe
HKU\.DEFAULT\...\Run: [MKetWgg0] - C:\WINDOWS\services .exe
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggg0] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggggj] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggggc] - C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe [95148 2010-09-28] () <===== ATTENTION
HKU\.DEFAULT\...\Run: [HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggggK] - C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe <===== ATTENTION
HKU\.DEFAULT\...\Run: [smss32.exe] - C:\WINDOWS\system32\smss32.exe [18944 2010-09-30] ()
HKU\.DEFAULT\...\Policies\system: [DisableRegistryTools] 1
HKU\.DEFAULT\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-21-2700236382-4009610293-4285289237-500\...\Run: [smss32.exe] - C:\WINDOWS\system32\smss32.exe [18944 2010-09-30] ()
HKU\S-1-5-21-2700236382-4009610293-4285289237-500\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-21-2700236382-4009610293-4285289237-500\...\MountPoints2: E - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
Winsock: Catalog9 01 C:\WINDOWS\system32\helpers32.dll [25600] ()
Winsock: Catalog9 23 C:\WINDOWS\system32\helpers32.dll [25600] ()
cmd: netsh winsock reset
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
C:\WINDOWS\csrss.exe
C:\WINDOWS\spoolsv.exe
C:\WINDOWS\winlogon.exe
C:\WINDOWS\lsass.exe
C:\WINDOWS\services.exe
C:\WINDOWS\nvsvc32.exe
C:\WINDOWS\win.exe
C:\DOCUME~1\jprice\LOCALS~1\Temp\wininst .exe
C:\DOCUME~1\jprice\LOCALS~1\Temp\win .exe
C:\WINDOWS\system32\smss32.exe
C:\WINDOWS\system32\winlogon32.exe
C:\WINDOWS\services .exe
C:\WINDOWS\system32\helpers32.dll
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MKayc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MKeuf => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MKfsc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MKcuc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MKeta => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MKdw+ => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MKfa => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\smss32.exe => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MKeufla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.9) Gecko/20100315 Firefox/3.5.9 => Value deleted successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Userinit => Value was restored successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\MKetWgg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggg0 => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvgggggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqgggggggggggggggggggggggggggggggggggggggggggggggggj => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqggggggggggggggggggggggggggggggggggggggggggggggggggc => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\HNUtcHXlqvggggggggggggggggggggggggggggggggggggggggggggggggK => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\smss32.exe => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableRegistryTools => Value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableTaskMgr => Value deleted successfully.
HKU\S-1-5-21-2700236382-4009610293-4285289237-500\Software\Microsoft\Windows\CurrentVersion\Run\\smss32.exe => Value deleted successfully.
HKU\S-1-5-21-2700236382-4009610293-4285289237-500\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableTaskMgr => Value deleted successfully.
HKU\1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-2700236382-4009610293-4285289237-500 => Key not found.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001 => Key deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000023 => Key deleted successfully.
========= netsh winsock reset =========
Initialization Function InitHelperDll in IPMONTR.DLL failed to start with error code 10107
WARNING: Could not obtain host information from machine: [JPRICELAP]. Some commands may not be available.
Access is denied.
Sucessfully reset the Winsock Catalog.
You must restart the machine in order to complete the reset.
Attached Files
#19
Posted 06 February 2014 - 10:26 AM
Farbar Recovery Scan Tool (FRST)
- Run FRST.
- Click Scan to start FRST.
- When FRST finishes scanning, a log, FRST.txt, will open.
- Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.
#20
Posted 06 February 2014 - 10:35 AM
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-02-2014
Ran by Administrator (administrator) on JPRICELAP on 06-02-2014 10:42:08
Running from C:\Documents and Settings\Administrator\Desktop
Microsoft Windows XP Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Safe Mode (with Networking)
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/
ATTENTION: If processes are not listed WMI should be repaired.
==================== Processes (Whitelisted) ===================
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [Scheduler] - C:\WINDOWS\SMINST\Scheduler.exe [94736 2014-01-30] ()
HKLM\...\Run: [Reminder] - C:\WINDOWS\Creator\Remind_XP.exe [94736 2014-01-30] ()
HKLM\...\Run: [Recguard] - C:\WINDOWS\Sminst\Recguard.exe [94736 2014-01-30] ()
HKLM\...\Run: [MsmqIntCert] - regsvr32 /s mqrt.dll
HKLM\...\Run: [hpWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [94736 2014-01-30] ()
HKLM\...\Run: [Cpqset] - C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe [94736 2014-01-30] ()
HKLM\...\Run: [CognizanceTS] - C:\Program Files\HEWLET~1\IAM\Bin\ASTSVCC.dll [17920 2003-12-22] (Cognizance Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [94736 2014-01-30] ()
HKLM\...\Run: [HPHmon06] - C:\WINDOWS\system32\hphmon06.exe [622592 2004-12-16] (Hewlett-Packard)
HKLM\...\Run: [HPDJ Taskbar Utility] - C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb13.exe [172032 2004-11-24] (HP)
HKLM\...\Run: [MSConfig] - C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [169984 2008-04-14] (Microsoft Corporation)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\NavLogon: C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)
Winlogon\Notify\OneCard: C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll (Cognizance Corporation)
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 1
HKU\.DEFAULT\...\Run: [DWQueuedReporting] - C:\Program Files\COMMON~1\Microsoft Shared\DW\dwtrig20.exe [94724 2010-09-26] ()
HKU\.DEFAULT\...\Run: [SE11] - C:\Program Files\SecEss\SE11.exe
HKU\.DEFAULT\...\RunOnce: [TSClientMSIUninstaller] - cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs"
HKU\.DEFAULT\...\RunOnce: [TSClientAXDisabler] - cmd.exe /C "%systemroot%\Installer\TSClientMsiTrans\tscdsbl.bat"
HKU\.DEFAULT\...\Policies\Explorer: [NoFolderOptions] 1
HKU\.DEFAULT\...\Policies\Explorer: [NoSetActiveDesktop] 1
HKU\S-1-5-21-2700236382-4009610293-4285289237-500\...\Policies\Explorer: [NoFolderOptions] 1
HKU\S-1-5-21-2700236382-4009610293-4285289237-500\...\Policies\Explorer: [NoSetActiveDesktop] 1
HKU\S-1-5-21-2700236382-4009610293-4285289237-500\...\MountPoints2: E - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
AppInit_DLLs: APSHook.dll => C:\WINDOWS\system32\APSHook.dll [70144 2007-02-25] (Bioscrypt Inc.)
Lsa: [Notification Packages] scecli ASWLNPkg
Startup: C:\Documents and Settings\Administrator.IDI\Start Menu\Programs\Startup\CCC.lnk
ShortcutTarget: CCC.lnk -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\CCC.lnk
ShortcutTarget: CCC.lnk -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
Startup: C:\Documents and Settings\jprice\Start Menu\Programs\Startup\CCC.lnk
ShortcutTarget: CCC.lnk -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
Startup: C:\Documents and Settings\jprice\Start Menu\Programs\Startup\palmOne Registration.lnk
ShortcutTarget: palmOne Registration.lnk -> C:\Program Files\palmOne\register.exe (No File)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...d=smb&pf=laptop
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...d=smb&pf=laptop
SearchScopes: HKLM - DefaultScope value is missing.
BHO: C:\WINDOWS\system32\rpk5dkg.dll - {B1BA40A1-75F2-51BD-F313-04B03A2C8953} - C:\WINDOWS\system32\rpk5dkg.dll No File
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg...l_v1-0-27-0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll No File [ ]
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\AdwCleaner\newsas\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
#21
Posted 06 February 2014 - 10:36 AM
#22
Posted 06 February 2014 - 10:46 AM
Attached Files
Edited by velarie2112, 06 February 2014 - 10:47 AM.
#23
Posted 06 February 2014 - 10:51 AM
- Please copy the text in the Quote box below, (Do Not copy the word Quote), and paste it in the box in OTL. To do that:
- Highlight everything inside the quote box, (except the word Quote), right click the mouse and click Copy.
netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
qmgr.dll
winsock.*
/md5stop
dir "%systemdrive%\*" /S /A:L /C
CREATERESTOREPOINT - Open on the desktop. To do that:
- XP users: Double click on the OTL icon.
- Vista / 7 Users: Right click on the icon and click Run as Administrator)
- Make sure all other windows are closed.
- You will see a console like the one below:
- Click the box beside Scan All Users at the top of the console
- If you have a 64bit Windows, click the box beside Include 64bit Scans at the top of the console.
- Make sure the Output box at the top is set to Standard Output.
- Check the boxes beside LOP Check and Purity Check.
- Place the mouse pointer inside the box, right click and click Paste. This will put the above script inside OTL
- Click the button. Do not change any settings unless otherwise told to do so.
- Let the scan run uninterrupted.
- When the scan completes, it will open OTL.Txt on the desktop.
- Please copy the contents of these files and paste it into your reply. To do that:
- On the OTL.txt file Menu Bar click Edit then click Select All. This will highlight the contents of the file. Then click Copy.
- Right click inside the forum post window then click Paste. This will paste the contents of the OTL.txt file in the in the post window.
- You will see a console like the one below:
- Please do the same for the Extras.txt
#24
Posted 06 February 2014 - 10:51 AM
Edited by Machiavelli, 06 February 2014 - 10:56 AM.
#25
Posted 06 February 2014 - 11:03 AM
OTL (renamed) shutdown while running. No log. Also, no more pop ups in safe mode.
#26
Posted 06 February 2014 - 02:19 PM
- Step 1: FRST Fix
Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
- Step 2: ComboFix
Warning: this fix is specific to the user in this thread. No one else should follow these instructions as it may cause more harm than good. If you are after assistance, please start a thread of your own.
Please download Combofix from one of the following locations:
Download Mirror #1
Download Mirror #2
Download Mirror #3
Note: You must save this directly to your Desktop.
- Save any open documents, then close any open programs.
- Disable all anti-virus and anti-malware software to prevent them inhibiting Combofix in any way. If you are unsure how to do this, see THIS
- Rename ComboFix.exe to Machiavelli.exe (Right click on ComboFix.exe >> Rename)
- Double-click on combofix.exe then follow the on screen prompts
- When Combofix finishes, it will open the log. Please Copy (Ctrl + C) and Paste (Ctrl + V) all of this text into your next post.
Note: If ComboFix detects Rootkit activity and asks to reboot the system, please allow this to be done.
If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer.
If, for whatever reason, the log does not open, it can be found in this location: C:\combofix.txt
Attached Files
#27
Posted 06 February 2014 - 02:46 PM
Next I got an error that this machine does not have the MS Win Recovery Console installed. If it is present it needs updating. Without it, ComboFix shall not attempt fixing the infections. It wanted an internet connection and at this point I said No.
So now it is just sitting there. I'm not sure if it is scanning or not.
#28
Posted 06 February 2014 - 02:46 PM
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 06-02-2014
Ran by Administrator at 2014-02-06 14:43:28 Run:2
Running from C:\Documents and Settings\Administrator\Desktop
Boot Mode: Safe Mode (with Networking)
==============================================
Content of fixlist:
*****************
BHO: C:\WINDOWS\system32\rpk5dkg.dll - {B1BA40A1-75F2-51BD-F313-04B03A2C8953} - C:\WINDOWS\system32\rpk5dkg.dll No File
*****************
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B1BA40A1-75F2-51BD-F313-04B03A2C8953} => Key deleted successfully.
HKCR\CLSID\{B1BA40A1-75F2-51BD-F313-04B03A2C8953} => Key deleted successfully.
==== End of Fixlog ====
#29
Posted 06 February 2014 - 02:53 PM
What does it say on the screen? Wait 10 - 20 minutes, ComboFix should be finished then if it is running correctly.So now it is just sitting there.
#30
Posted 06 February 2014 - 03:02 PM
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users