Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

(OTL Included) Alureon.A redirect virus deleted, but still having Goog

Started by Dangers , Jun 14 2011 02:15 PM

  • This topic is locked This topic is locked

#1
Dangers
Posted 14 June 2011 - 02:15 PM

Dangers

    New Member

  • Member
  • Pip
  • 6 posts
Thanks in advance for any and all help!

Hey guys, here's the deal. My computers been redirecting Google searches for about a year now, when it first started I scanned but couldn't find anything. So about once or twice everyday it would redirect a Google search. Not a big deal, I could just go back, click the search result again and proceed to my site. So this went on until yesterday.

I log onto my computer as usual. About an hour on it and it starts lagging like crazy. Taskmanager tells me svchost.exe is eating up about 100,000K and using 99% CPU. So I end the process and restart. Something from Microsoft pops up and says that my system has changed significantly since it was first activated and I have 3 days to reactivate Windows(I'm guessing this is legit? I really don't know but now it's saying I'm down to two days). The svchost.exe issue happens all over again. I kill the process, then when I go to Google.com, the page loads really slow first of all, and every result I get leads to a redirect, not just every once in a while like before. So I start researching the symptoms, and it turns out I've caught an Alureon.A redirect virus. I use Microsoft Windows Malicious Software Removal Tool. It tells me it only halfway deleted it (I forget the exact terminology it used) but to use an Antivirus scanner to finish the process. So I run Malwarebytes, TDSSKiller and Hitman Pro. The first time with each, it detects the virus. I finish and restart, use all of them again, and no trace of the virus is detected. So I figure It's gone. I'm feeling good until I log on to my computer this morning. I go to Google, still slow, but now instead of the links redirecting every time, it only happens 50% of the time. Still that's pretty bad.

So if I deleted the virus why is this still happening? I'm really depending on you guys to help me!

I'm including the results of the OTL text file below:




OTL.txt


OTL logfile created on: 6/14/2011 2:00:10 PM - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Documents and Settings\Administrator\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

509.98 Mb Total Physical Memory | 125.79 Mb Available Physical Memory | 24.67% Memory free
1.22 Gb Paging File | 0.64 Gb Available in Paging File | 52.72% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 37.24 Gb Total Space | 10.98 Gb Free Space | 29.48% Space Free | Partition Type: NTFS
Drive W: | 145.96 Gb Total Space | 15.87 Gb Free Space | 10.88% Space Free | Partition Type: NTFS

Computer Name: RBOYCE | User Name: Administrator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/14 13:59:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\Downloads\OTL.exe
PRC - [2011/04/29 11:36:26 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/03/28 15:48:36 | 001,122,304 | ---- | M] (Zhorn Software) -- C:\Program Files\Stickies\stickies.exe
PRC - [2011/03/24 05:59:34 | 000,199,904 | ---- | M] () -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
PRC - [2011/02/23 10:51:20 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.199\SSScheduler.exe
PRC - [2011/01/27 10:52:00 | 010,863,944 | ---- | M] (a la mode, inc.) -- w:\WinTOTAL\Winform.exe
PRC - [2010/09/10 23:41:42 | 001,901,056 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2010/09/10 23:41:20 | 002,500,552 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2009/03/10 22:18:14 | 000,934,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WgaTray.exe
PRC - [2009/01/05 09:25:40 | 000,061,440 | ---- | M] () -- C:\Program Files\Process Manager for Windows 1.6.192\Arif-Process-Manager.exe
PRC - [2008/04/13 20:12:40 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wpabaln.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe
PRC - [2006/02/28 21:10:20 | 000,069,632 | ---- | M] (CrypKey (Canada) Ltd.) -- C:\WINDOWS\system32\Crypserv.exe
PRC - [2005/03/14 12:05:02 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe


========== Modules (SafeList) ==========

MOD - [2011/06/14 13:59:27 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\My Documents\Downloads\OTL.exe
MOD - [2011/01/11 04:27:10 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.5592_x-ww_179798c8\msvcr80.dll
MOD - [2010/09/10 23:41:40 | 000,285,480 | ---- | M] (COMODO) -- C:\WINDOWS\system32\guard32.dll
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2009/01/05 09:25:34 | 000,051,200 | ---- | M] () -- C:\Program Files\Process Manager for Windows 1.6.192\SystemHook.dll
MOD - [2008/04/13 20:12:02 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2008/04/13 20:12:02 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2008/04/13 20:12:02 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2008/04/13 20:12:01 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll
MOD - [2008/04/13 20:11:52 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2008/04/13 20:11:51 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2007/09/02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (GTAOQGI)
SRV - [2011/06/07 13:02:07 | 000,130,368 | ---- | M] (Desura Pty Ltd) [On_Demand | Stopped] -- C:\Program Files\Common Files\Desura\desura_service.exe -- (Desura Install Service)
SRV - [2011/03/24 05:59:34 | 000,199,904 | ---- | M] () [Auto | Running] -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe -- (Toolbar Updater Service)
SRV - [2011/02/23 10:51:20 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.199\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/09/10 23:41:42 | 001,901,056 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2008/04/13 20:11:55 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\iprip.dll -- (Iprip)
SRV - [2006/02/28 21:10:20 | 000,069,632 | ---- | M] (CrypKey (Canada) Ltd.) [Auto | Running] -- C:\windows\System32\Crypserv.exe -- (Crypkey License)
SRV - [2005/03/14 12:05:02 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2010/10/27 12:05:53 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/09/10 23:40:54 | 000,091,560 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\windows\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2010/09/10 23:40:52 | 000,239,240 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2010/09/10 23:40:52 | 000,025,240 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2010/01/04 10:25:51 | 000,180,224 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\WinVd32.sys -- (WinVd32)
DRV - [2010/01/04 10:25:47 | 000,017,984 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\system32\WinFLdrv.sys -- (WinFLdrv)
DRV - [2009/12/21 21:39:14 | 000,016,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdrvio.sys -- (pwdrvio)
DRV - [2009/12/21 21:39:12 | 000,011,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdspio.sys -- (pwdspio)
DRV - [2008/04/13 14:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2006/01/09 22:47:28 | 000,031,846 | ---- | M] () [Kernel | System | Running] -- C:\windows\system32\ckldrv.sys -- (NetworkX)
DRV - [2004/09/17 09:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/08/04 01:31:18 | 000,036,224 | ---- | M] (ADMtek Incorporated.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\an983.sys -- (AN983)
DRV - [2001/08/18 08:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2001/08/18 08:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoo...earchTerms}&f=4

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.startnow....ion=5.1-x86-SP3
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 16 FF 06 8D 77 F8 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://start.facemoods.com/?a=ddrnw
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:0.1.2008d
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: [email protected]:0.1
FF - prefs.js..extensions.enabledItems: [email protected]:2.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:0.9
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.5

FF - HKLM\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\
FF - HKLM\software\mozilla\Firefox\extensions\\{F3422D85-D0AD-4B40-9ED8-88FD6414E1AE}: C:\Documents and Settings\Administrator\Local Settings\Application Data\{F3422D85-D0AD-4B40-9ED8-88FD6414E1AE} [2010/04/12 15:09:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/06 11:45:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/29 11:36:35 | 000,000,000 | ---D | M]

[2010/09/21 11:07:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2010/09/21 11:07:17 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\[email protected]
[2011/06/14 09:33:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kmubldjq.default\extensions
[2010/04/27 10:22:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kmubldjq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/05/16 10:14:59 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kmubldjq.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
[2010/07/07 09:28:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kmubldjq.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2011/01/04 13:00:26 | 000,000,000 | ---D | M] ("MultirowBookmarksToolbar") -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kmubldjq.default\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}
[2011/06/14 09:33:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/09/01 17:45:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/09/21 10:53:25 | 000,000,000 | ---D | M] (Timezone Definitions for Mozilla Calendar) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2010/09/21 10:53:25 | 000,000,000 | ---D | M] (Default Shot Palette) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2010/09/21 10:53:25 | 000,000,000 | ---D | M] (MSN-Smileys) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2010/09/21 10:53:24 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2010/09/21 10:53:24 | 000,000,000 | ---D | M] (Blackened) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2010/09/21 10:53:24 | 000,000,000 | ---D | M] (Depth) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2010/09/21 10:53:24 | 000,000,000 | ---D | M] (Minimal) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\[email protected]
[2010/09/01 17:45:15 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2011/04/20 12:45:19 | 000,002,048 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrch.xml

O1 HOSTS File: ([2011/06/13 07:45:04 | 000,000,919 | RH-- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 67.205.118.181 www.google.com
O1 - Hosts: 67.205.118.182 search.yahoo.com
O1 - Hosts: 67.205.118.182 www.bing.com
O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll (Zugo)
O2 - BHO: (Easy Gif Animator Toolbar Helper) - {96372AB6-15EB-4316-B497-71C741BC548C} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.3\EasyGifAnimator_Toolbar.dll ()
O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll (Zugo)
O3 - HKCU\..\Toolbar\WebBrowser: (Easy Gif Animator Toolbar) - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.3\EasyGifAnimator_Toolbar.dll ()
O4 - HKLM..\Run: [cleanddm] File not found
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - HKCU..\RunOnce: [Shockwave Updater] File not found
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Stickies.lnk = C:\Program Files\Stickies\stickies.exe (Zhorn Software)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.199\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Process Manager for Windows 1.6.192.lnk = C:\Program Files\Process Manager for Windows 1.6.192\Arif-Process-Manager.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: alamode.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: almsr.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: appraiserxsites.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: certmail.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: interflood.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: mappoint.net ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: virtualearth.net ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: xsitesnetwork.com ([]* in Trusted sites)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1242164511546 (WUWebControl Class)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O22 - SharedTaskScheduler: {1984D045-52CF-49cd-DB77-08F378FEA4DB} - ObjectDockShellExt - C:\Program Files\Stardock\ObjectDockFree\ODMenu.dll (Stardock)
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{04453bf5-3fe1-11de-b59d-0011115d197b}\Shell - "" = AutoRun
O33 - MountPoints2\{04453bf5-3fe1-11de-b59d-0011115d197b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{04453bf5-3fe1-11de-b59d-0011115d197b}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{1ba98651-aade-11de-b61f-0011115d197b}\Shell - "" = AutoRun
O33 - MountPoints2\{1ba98651-aade-11de-b61f-0011115d197b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1ba98651-aade-11de-b61f-0011115d197b}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (bootdelete) - C:\windows\System32\bootdelete.exe (SurfRight B.V.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/14 13:20:15 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2011/06/14 12:51:48 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\windows\System32\bootdelete.exe
[2011/06/13 15:54:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\tdsskiller
[2011/06/13 15:04:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2011/06/13 15:03:46 | 006,470,464 | ---- | C] (SurfRight B.V.) -- C:\Documents and Settings\Administrator\Desktop\HitmanPro35.exe
[2011/06/13 13:30:57 | 000,000,000 | ---D | C] -- C:\windows\CSC
[2011/06/07 13:02:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Desura
[2011/06/07 13:00:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Desura
[2011/06/07 13:00:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Desura
[2011/06/07 13:00:09 | 000,000,000 | ---D | C] -- C:\Program Files\Desura
[2011/06/02 12:23:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Crazybump
[2011/06/02 12:18:25 | 000,000,000 | ---D | C] -- C:\Program Files\Crazybump
[2011/06/01 10:55:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\particleIllusion 3.0
[2011/06/01 10:55:03 | 000,000,000 | ---D | C] -- C:\Program Files\particleIllusion_3
[2011/06/01 10:53:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\WINDOWS
[2011/05/31 11:16:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Unity
[2011/05/31 11:09:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Unity
[2011/05/26 14:31:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2011/05/16 10:14:53 | 000,000,000 | ---D | C] -- C:\Program Files\StartNow Toolbar
[2008/01/11 13:29:50 | 000,122,880 | ---- | C] ( ) -- C:\windows\System32\alauploader.exe
[2004/07/28 10:46:06 | 000,098,304 | ---- | C] ( ) -- C:\windows\System32\AutoLicense.dll
[2002/07/16 17:12:58 | 000,045,056 | ---- | C] ( ) -- C:\windows\System32\AutoPAX.dll
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Documents and Settings\Administrator\My Documents\*.tmp files -> C:\Documents and Settings\Administrator\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\Administrator\*.tmp files -> C:\Documents and Settings\Administrator\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/14 14:01:01 | 000,000,250 | ---- | M] () -- C:\windows\tasks\Scheduled Update for Ask Toolbar.job
[2011/06/14 13:27:05 | 000,000,900 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/14 13:09:24 | 000,002,971 | ---- | M] () -- C:\windows\alamode.ini
[2011/06/14 13:09:20 | 000,017,480 | ---- | M] () -- C:\windows\System32\drivers\hitmanpro35.sys
[2011/06/14 12:51:48 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\windows\System32\bootdelete.exe
[2011/06/14 12:51:48 | 000,001,714 | ---- | M] () -- C:\windows\System32\bootdelete.lst
[2011/06/14 12:28:29 | 006,470,464 | ---- | M] (SurfRight B.V.) -- C:\Documents and Settings\Administrator\Desktop\HitmanPro35.exe
[2011/06/14 11:18:26 | 000,049,498 | ---- | M] () -- C:\windows\alaredun.ini
[2011/06/14 00:27:00 | 000,000,896 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/13 16:10:47 | 000,462,432 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011/06/13 16:10:47 | 000,079,516 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011/06/13 15:57:18 | 000,001,172 | ---- | M] () -- C:\windows\System32\wpa.dbl
[2011/06/13 15:56:54 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat
[2011/06/13 15:06:53 | 000,089,042 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\var.JPG
[2011/06/13 12:30:12 | 000,017,480 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\y88d20e7l1hq002
[2011/06/13 12:28:25 | 000,000,000 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\waa.exe
[2011/06/13 12:28:25 | 000,000,000 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\nlf.exe
[2011/06/13 12:28:25 | 000,000,000 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\dwg.exe
[2011/06/13 12:28:25 | 000,000,000 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\dsb.exe
[2011/06/13 12:28:25 | 000,000,000 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\coc.exe
[2011/06/13 09:04:35 | 000,000,400 | ---- | M] () -- C:\windows\tasks\SmartDefrag.job
[2011/06/13 07:45:04 | 000,000,919 | RH-- | M] () -- C:\windows\System32\drivers\etc\hosts
[2011/06/10 15:53:08 | 000,008,772 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Friday.dlc
[2011/06/10 10:46:00 | 000,000,284 | ---- | M] () -- C:\windows\tasks\AppleSoftwareUpdate.job
[2011/06/09 10:33:00 | 000,001,626 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Comps.rtf
[2011/06/08 13:37:53 | 000,109,056 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/07 13:00:10 | 000,001,522 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Desura.lnk
[2011/06/06 16:54:09 | 000,861,852 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Donald - Lender Info Packet.pdf
[2011/06/02 12:24:01 | 000,000,712 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Crazybump.lnk
[2011/06/02 12:24:01 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Crazybump.lnk
[2011/06/01 10:55:31 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\particleIllusion 3.0.lnk
[2011/06/01 10:27:02 | 000,343,531 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Linux_tan_vs__XP_kun_II_by_juzo_kun.jpg
[2011/05/31 11:06:58 | 000,068,501 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\PM3D_Sabretooth11.OBJ
[2011/05/27 20:56:09 | 000,010,840 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\hen.dlc
[2011/05/25 15:37:06 | 000,003,080 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Brown Bear.celtx
[2011/05/18 16:26:38 | 000,053,116 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\1000px-SaiGar_2007_Finals.gif
[2011/05/18 12:36:41 | 006,254,281 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Today was A good day.mp3
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Documents and Settings\Administrator\My Documents\*.tmp files -> C:\Documents and Settings\Administrator\My Documents\*.tmp -> ]
[1 C:\Documents and Settings\Administrator\*.tmp files -> C:\Documents and Settings\Administrator\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/14 12:51:47 | 000,001,714 | ---- | C] () -- C:\windows\System32\bootdelete.lst
[2011/06/14 11:18:25 | 000,049,498 | ---- | C] () -- C:\windows\alaredun.ini
[2011/06/13 15:06:53 | 000,089,042 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\var.JPG
[2011/06/13 15:04:43 | 000,017,480 | ---- | C] () -- C:\windows\System32\drivers\hitmanpro35.sys
[2011/06/13 12:28:25 | 000,017,480 | -HS- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\y88d20e7l1hq002
[2011/06/13 12:28:25 | 000,017,480 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\y88d20e7l1hq002
[2011/06/13 12:28:25 | 000,000,000 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\waa.exe
[2011/06/13 12:28:25 | 000,000,000 | -HS- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\pny.exe
[2011/06/13 12:28:25 | 000,000,000 | -HS- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ohc.exe
[2011/06/13 12:28:25 | 000,000,000 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\nlf.exe
[2011/06/13 12:28:25 | 000,000,000 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\dwg.exe
[2011/06/13 12:28:25 | 000,000,000 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\dsb.exe
[2011/06/13 12:28:25 | 000,000,000 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\coc.exe
[2011/06/13 12:28:25 | 000,000,000 | -HS- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\brx.exe
[2011/06/13 12:28:25 | 000,000,000 | -HS- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\asq.exe
[2011/06/13 12:21:18 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\tropeln.dll
[2011/06/10 15:53:08 | 000,008,772 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Friday.dlc
[2011/06/10 15:40:13 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\JDownloader Uninstaller.lnk
[2011/06/07 13:00:10 | 000,001,522 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Desura.lnk
[2011/06/06 16:54:03 | 000,861,852 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Donald - Lender Info Packet.pdf
[2011/06/02 12:24:01 | 000,000,712 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Crazybump.lnk
[2011/06/02 12:24:01 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Crazybump.lnk
[2011/06/01 10:55:31 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\particleIllusion 3.0.lnk
[2011/06/01 10:26:54 | 000,343,531 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Linux_tan_vs__XP_kun_II_by_juzo_kun.jpg
[2011/05/31 11:06:57 | 000,068,501 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\PM3D_Sabretooth11.OBJ
[2011/05/27 20:56:09 | 000,010,840 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\hen.dlc
[2011/05/25 15:37:06 | 000,003,080 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Brown Bear.celtx
[2011/05/18 16:26:29 | 000,053,116 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\1000px-SaiGar_2007_Finals.gif
[2011/05/18 12:36:31 | 006,254,281 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Today was A good day.mp3
[2011/04/21 17:12:12 | 000,107,792 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/04/06 16:45:30 | 000,000,059 | ---- | C] () -- C:\windows\Ltdlgfileu.INI
[2011/04/06 10:31:14 | 000,016,384 | ---- | C] () -- C:\windows\System32\FileOps.exe
[2011/03/09 04:04:17 | 000,000,118 | ---- | C] () -- C:\windows\System32\MRT.INI
[2011/03/07 10:46:01 | 000,000,340 | ---- | C] () -- C:\windows\SoftWriting.ini
[2010/10/29 11:55:10 | 000,092,232 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Uninstal.exe
[2010/10/11 10:18:44 | 001,053,056 | ---- | C] () -- C:\windows\System32\drivers\V2WCDRV.sys
[2010/10/07 21:50:09 | 000,232,159 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Minecraft.exe
[2010/06/03 13:04:25 | 000,000,158 | ---- | C] () -- C:\windows\cavscan.INI
[2010/05/28 15:53:21 | 000,000,056 | RHS- | C] () -- C:\windows\System32\0AC5C160AF.sys
[2010/05/28 15:53:18 | 000,001,682 | -HS- | C] () -- C:\windows\System32\KGyGaAvL.sys
[2010/04/26 17:03:26 | 000,015,496 | -HS- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\2638977761
[2010/04/26 17:03:12 | 000,015,488 | -HS- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\2989865169
[2010/04/26 17:03:12 | 000,015,488 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\2638977761
[2010/04/26 17:02:42 | 000,015,500 | -HS- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IfMqNXfFX84
[2010/04/26 17:02:42 | 000,015,500 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\2989865169
[2010/04/26 15:00:52 | 000,015,504 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\IfMqNXfFX84
[2010/04/12 15:09:33 | 000,000,120 | ---- | C] () -- C:\windows\Iditetakobilo.dat
[2010/04/12 15:09:33 | 000,000,000 | ---- | C] () -- C:\windows\Hqagohapuve.bin
[2010/03/03 14:37:15 | 000,000,024 | ---- | C] () -- C:\windows\Crypkey.ini
[2010/03/03 14:37:09 | 000,031,846 | ---- | C] () -- C:\windows\System32\Ckldrv.sys
[2010/03/03 14:37:09 | 000,018,432 | ---- | C] () -- C:\windows\Setup_ck.dll
[2010/03/03 14:37:09 | 000,011,776 | ---- | C] () -- C:\windows\Ckrfresh.exe
[2010/03/03 14:37:08 | 000,027,648 | R--- | C] () -- C:\windows\Setup_ck.exe
[2010/03/02 23:53:12 | 000,461,368 | ---- | C] () -- C:\windows\System32\pwNative.exe
[2010/03/02 23:53:09 | 000,016,456 | ---- | C] () -- C:\windows\System32\pwdrvio.sys
[2010/03/02 23:53:07 | 000,011,088 | ---- | C] () -- C:\windows\System32\pwdspio.sys
[2010/03/02 15:42:11 | 000,047,124 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\prvlcl.dat
[2010/02/23 19:55:10 | 000,000,130 | ---- | C] () -- C:\windows\cfplogvw.INI
[2010/02/23 19:50:17 | 001,474,832 | ---- | C] () -- C:\windows\System32\drivers\sfi.dat
[2010/01/04 10:25:51 | 000,180,224 | ---- | C] () -- C:\windows\System32\WinVd32.sys
[2010/01/04 10:25:47 | 000,017,984 | ---- | C] () -- C:\windows\System32\WinFLdrv.sys
[2010/01/04 10:25:47 | 000,007,680 | ---- | C] () -- C:\windows\System32\WinFLsrv.exe
[2010/01/04 10:25:47 | 000,000,990 | -HS- | C] () -- C:\Documents and Settings\Administrator\Application Data\systemfl.$dk
[2009/12/30 13:25:01 | 000,168,448 | ---- | C] () -- C:\windows\System32\unrar.dll
[2009/12/30 13:24:42 | 000,051,712 | ---- | C] () -- C:\windows\System32\coodest.dll
[2009/12/16 11:56:00 | 000,000,016 | ---- | C] () -- C:\windows\System32\asdict.dat
[2009/12/16 11:56:00 | 000,000,004 | ---- | C] () -- C:\windows\System32\aspdict-en.dat
[2009/12/15 19:13:47 | 000,000,132 | ---- | C] () -- C:\windows\System32\rezumatenoi.dat
[2009/12/15 16:02:28 | 000,000,054 | ---- | C] () -- C:\windows\rssimx.dll
[2009/06/24 16:36:35 | 000,109,056 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/24 15:09:27 | 000,000,754 | ---- | C] () -- C:\windows\WORDPAD.INI
[2009/05/13 10:25:06 | 000,102,833 | ---- | C] () -- C:\windows\HPFins09.dat
[2009/05/13 10:25:06 | 000,003,732 | ---- | C] () -- C:\windows\hpfmdl09.dat
[2009/05/13 10:24:34 | 000,077,824 | ---- | C] () -- C:\windows\System32\hpzids01.dll
[2009/05/13 10:24:33 | 000,000,000 | ---- | C] () -- C:\windows\nsreg.dat
[2009/05/13 10:10:28 | 000,000,082 | ---- | C] () -- C:\windows\MercuryWT.ini
[2009/05/13 10:10:28 | 000,000,000 | ---- | C] () -- C:\windows\Mercury.ini
[2009/05/13 10:08:52 | 000,002,971 | ---- | C] () -- C:\windows\alamode.ini
[2009/05/12 17:56:38 | 000,004,569 | ---- | C] () -- C:\windows\System32\secupd.dat
[2009/05/12 17:20:52 | 000,012,288 | ---- | C] () -- C:\windows\System32\e100bmsg.dll
[2009/05/12 17:05:40 | 000,002,048 | --S- | C] () -- C:\windows\bootstat.dat
[2009/05/12 17:01:07 | 000,021,640 | ---- | C] () -- C:\windows\System32\emptyregdb.dat
[2009/05/12 12:53:13 | 000,004,161 | ---- | C] () -- C:\windows\ODBCINST.INI
[2009/05/12 12:52:19 | 000,200,936 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009/03/02 09:44:54 | 000,010,630 | ---- | C] () -- C:\windows\TECHHELP5.INI
[2008/03/24 15:01:41 | 000,495,616 | ---- | C] () -- C:\windows\System32\TX32.dll
[2008/03/24 15:01:41 | 000,327,680 | ---- | C] () -- C:\windows\System32\SmaRTEng.dll
[2008/03/24 15:01:41 | 000,034,304 | ---- | C] () -- C:\windows\System32\UnlockFile.exe
[2008/03/24 15:01:40 | 000,053,248 | ---- | C] () -- C:\windows\System32\P2kDesk.dll
[2008/03/24 15:01:38 | 000,338,944 | ---- | C] () -- C:\windows\System32\LFfpx7.dll
[2008/03/24 15:01:38 | 000,118,784 | ---- | C] () -- C:\windows\System32\LFKodak.dll
[2008/03/24 15:01:38 | 000,036,864 | ---- | C] () -- C:\windows\System32\DP2kFrms.dll
[2008/03/24 15:01:38 | 000,024,576 | ---- | C] () -- C:\windows\System32\fmt_jb2.dll
[2008/03/24 15:01:38 | 000,018,944 | ---- | C] () -- C:\windows\System32\fmt_xcx.dll
[2008/03/24 15:01:38 | 000,011,264 | ---- | C] () -- C:\windows\System32\fmt_xmf.dll
[2008/03/24 15:01:38 | 000,000,313 | ---- | C] () -- C:\windows\System32\ic32.ini
[2008/03/24 15:01:37 | 000,220,160 | ---- | C] () -- C:\windows\System32\Carcla30.dll
[2008/03/24 15:01:37 | 000,204,864 | ---- | C] () -- C:\windows\System32\AtxWrap.dll
[2008/03/24 15:01:37 | 000,040,960 | ---- | C] () -- C:\windows\System32\DeskSkt.dll
[2008/03/24 15:01:36 | 001,159,168 | ---- | C] () -- C:\windows\System32\alaMFC2.dll
[2008/03/24 15:01:36 | 000,151,552 | ---- | C] () -- C:\windows\System32\alaMapi.dll
[2008/03/24 15:01:36 | 000,086,016 | ---- | C] () -- C:\windows\System32\alaLaunch2.dll
[2008/03/24 15:01:36 | 000,073,728 | ---- | C] () -- C:\windows\System32\alaLaunch.dll
[2008/03/24 15:01:36 | 000,018,432 | ---- | C] () -- C:\windows\System32\alavistautils.dll
[2008/03/24 15:01:36 | 000,001,597 | ---- | C] () -- C:\windows\System32\alaUploader.exe.config
[2008/03/24 15:01:35 | 000,122,880 | ---- | C] () -- C:\windows\System32\ala32.dll
[2008/01/15 04:31:00 | 000,000,530 | ---- | C] () -- C:\windows\System32\tx14_ic.ini
[2007/10/31 10:56:34 | 000,000,647 | ---- | C] () -- C:\windows\System32\hppapr04.dat
[2006/08/21 15:45:40 | 000,241,664 | ---- | C] () -- C:\windows\System32\hppapr04.dll
[2005/08/30 00:00:00 | 000,781,312 | ---- | C] () -- C:\windows\System32\RGSS102J.dll
[2005/08/30 00:00:00 | 000,778,752 | ---- | C] () -- C:\windows\System32\RGSS102E.dll
[2005/08/30 00:00:00 | 000,771,584 | ---- | C] () -- C:\windows\System32\RGSS100J.dll
[2003/12/11 17:05:40 | 000,401,408 | ---- | C] () -- C:\windows\System32\AXF_AXS.dll
[2002/07/16 17:15:02 | 000,577,536 | ---- | C] () -- C:\windows\System32\PAXMeta.dll
[2001/10/28 17:42:30 | 000,116,224 | ---- | C] () -- C:\windows\System32\pdfcmnnt.dll
[2001/08/18 08:00:00 | 013,107,200 | ---- | C] () -- C:\windows\System32\oembios.bin
[2001/08/18 08:00:00 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[2001/08/18 08:00:00 | 000,462,432 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2001/08/18 08:00:00 | 000,272,128 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2001/08/18 08:00:00 | 000,218,003 | ---- | C] () -- C:\windows\System32\dssec.dat
[2001/08/18 08:00:00 | 000,079,516 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2001/08/18 08:00:00 | 000,046,258 | ---- | C] () -- C:\windows\System32\mib.bin
[2001/08/18 08:00:00 | 000,028,626 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2001/08/18 08:00:00 | 000,004,461 | ---- | C] () -- C:\windows\System32\oembios.dat
[2001/08/18 08:00:00 | 000,001,804 | ---- | C] () -- C:\windows\System32\dcache.bin
[2001/08/18 08:00:00 | 000,000,741 | ---- | C] () -- C:\windows\System32\noise.dat

========== LOP Check ==========

[2010/01/04 11:16:28 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Administrator\Application Data\.#
[2010/10/29 11:55:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\.minecraft
[2010/02/26 12:34:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Autodesk
[2010/08/17 12:32:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\avidemux
[2010/01/26 11:51:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\BitComet
[2010/08/26 14:17:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Bitsoft
[2010/08/26 14:17:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\cidialog32
[2010/11/03 11:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DAEMON Tools Lite
[2010/05/24 11:47:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Dexpot
[2010/03/05 16:25:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DoGA
[2010/07/16 15:35:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Dropbox
[2010/07/07 09:34:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Efficient Sticky Notes
[2011/02/11 10:28:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\egoboo
[2011/02/25 16:25:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\FileZilla
[2011/01/06 13:11:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Foxit Software
[2011/03/28 13:28:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\GHISLER
[2010/06/30 10:18:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\GlarySoft
[2010/09/21 11:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Greyfirst
[2010/07/07 09:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ICQ
[2010/08/19 16:49:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\IObit
[2010/07/20 13:26:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ManyCam
[2010/09/10 10:36:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Miranda
[2009/05/13 13:42:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\OpenOffice.org
[2009/09/29 16:52:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Orbit
[2009/06/05 16:47:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Process Manager
[2010/08/17 13:57:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SecondLife
[2010/07/30 15:32:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Serif
[2011/04/29 11:43:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Stardock
[2011/06/13 15:57:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\stickies
[2011/02/09 13:52:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\SystemRequirementsLab
[2009/05/22 11:47:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Thinstall
[2011/01/04 14:54:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\TopoGun32
[2010/12/02 14:23:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\UDP Software
[2011/05/31 11:16:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Unity
[2010/07/27 15:49:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\URSoft
[2011/06/14 12:59:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\uTorrent
[2010/10/11 10:19:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Video2Webcam
[2010/02/02 17:01:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Vultures
[2011/06/14 12:09:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\alamode
[2010/11/03 15:38:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2010/03/29 12:08:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009/12/16 12:00:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BitDefender
[2010/08/26 16:19:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Blumentals
[2010/03/16 12:35:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CrazyBump
[2010/10/27 12:05:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2011/06/07 13:00:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Desura
[2011/06/14 12:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hitman Pro
[2010/07/06 12:57:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2010/02/22 17:15:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2011/06/06 12:24:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\licensecb
[2009/09/27 17:23:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2010/07/30 15:36:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/10/11 10:19:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Video2Webcam
[2011/04/29 11:43:36 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{5486EA6B-AF91-4B4B-868E-F80AB4BCD83A}
[2001/08/18 08:00:00 | 000,000,004 | -HS- | M] () -- C:\windows\Tasks\FOLDER.TSX
[2011/06/14 14:01:01 | 000,000,250 | ---- | M] () -- C:\windows\Tasks\Scheduled Update for Ask Toolbar.job
[2011/06/13 09:04:35 | 000,000,400 | ---- | M] () -- C:\windows\Tasks\SmartDefrag.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1CE11B51

< End of report >
  • 0

Advertisements

#2
Essexboy
Posted 14 June 2011 - 03:40 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there lets see if we can resolve this for you


Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    PRC - [2011/03/24 05:59:34 | 000,199,904 | ---- | M] () -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
    SRV - File not found [On_Demand | Stopped] -- -- (GTAOQGI)
    [2011/05/16 10:14:59 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kmubldjq.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
    [2010/07/07 09:28:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kmubldjq.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
    O4 - HKLM..\Run: [cleanddm] File not found
    [2011/06/13 12:30:12 | 000,017,480 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\y88d20e7l1hq002
    [2011/06/13 12:28:25 | 000,000,000 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\waa.exe
    [2011/06/13 12:28:25 | 000,000,000 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\nlf.exe
    [2011/06/13 12:28:25 | 000,000,000 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\dwg.exe
    [2011/06/13 12:28:25 | 000,000,000 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\dsb.exe
    [2011/06/13 12:28:25 | 000,000,000 | -HS- | M] () -- C:\Documents and Settings\All Users\Application Data\coc.exe
    [2011/06/13 12:28:25 | 000,017,480 | -HS- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\y88d20e7l1hq002
    [2011/06/13 12:28:25 | 000,017,480 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\y88d20e7l1hq002
    [2011/06/13 12:28:25 | 000,000,000 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\waa.exe
    [2011/06/13 12:28:25 | 000,000,000 | -HS- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\pny.exe
    [2011/06/13 12:28:25 | 000,000,000 | -HS- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ohc.exe
    [2011/06/13 12:28:25 | 000,000,000 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\nlf.exe
    [2011/06/13 12:28:25 | 000,000,000 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\dwg.exe
    [2011/06/13 12:28:25 | 000,000,000 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\dsb.exe
    [2011/06/13 12:28:25 | 000,000,000 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\coc.exe
    [2011/06/13 12:28:25 | 000,000,000 | -HS- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\brx.exe
    [2011/06/13 12:28:25 | 000,000,000 | -HS- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\asq.exe
    [2011/06/13 12:21:18 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\tropeln.dll
    [2010/05/28 15:53:21 | 000,000,056 | RHS- | C] () -- C:\windows\System32\0AC5C160AF.sys
    [2010/04/26 17:03:26 | 000,015,496 | -HS- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\2638977761
    [2010/04/26 17:03:12 | 000,015,488 | -HS- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\2989865169
    [2010/04/26 17:03:12 | 000,015,488 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\2638977761
    [2010/04/26 17:02:42 | 000,015,500 | -HS- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IfMqNXfFX84
    [2010/04/26 17:02:42 | 000,015,500 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\2989865169
    [2010/04/26 15:00:52 | 000,015,504 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\IfMqNXfFX84
    [2010/04/12 15:09:33 | 000,000,120 | ---- | C] () -- C:\windows\Iditetakobilo.dat
    [2010/04/12 15:09:33 | 000,000,000 | ---- | C] () -- C:\windows\Hqagohapuve.bin
    [2010/01/04 11:16:28 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\Administrator\Application Data\.#

    :Files
    ipconfig /flushdns /c
    attrib -H c:\*.* /s /d /c
    C:\Program Files\StartNow Toolbar

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image
  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image

  • Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
  • 0

#3
Dangers
Posted 14 June 2011 - 09:46 PM

Dangers

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Thanks for your reply! After these steps, Google runs much faster! I'm seeing no redirects yet, but I can only really be sure they are gone if they don't pop up again tomorrow. I'm including the files you asked for. Not sure if we've killed the virus yet, but thanks again for the help!

Here is the OTL File:




All processes killed
========== OTL ==========
No active process named ToolbarUpdaterService.exe was found!
Service GTAOQGI stopped successfully!
Service GTAOQGI deleted successfully!
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kmubldjq.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\defaults\preferences folder moved successfully.
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kmubldjq.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\defaults folder moved successfully.
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kmubldjq.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\skin folder moved successfully.
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kmubldjq.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\locale\en-US folder moved successfully.
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kmubldjq.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\locale folder moved successfully.
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kmubldjq.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\xml folder moved successfully.
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kmubldjq.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\protect folder moved successfully.
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kmubldjq.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources folder moved successfully.
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kmubldjq.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\img folder moved successfully.
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kmubldjq.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content folder moved successfully.
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kmubldjq.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome folder moved successfully.
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kmubldjq.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F} folder moved successfully.
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kmubldjq.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\searchplugin folder moved successfully.
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kmubldjq.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\META-INF folder moved successfully.
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kmubldjq.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\lib folder moved successfully.
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kmubldjq.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\defaults folder moved successfully.
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kmubldjq.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components folder moved successfully.
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kmubldjq.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\chrome folder moved successfully.
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kmubldjq.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822} folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\cleanddm deleted successfully.
C:\Documents and Settings\All Users\Application Data\y88d20e7l1hq002 moved successfully.
C:\Documents and Settings\All Users\Application Data\waa.exe moved successfully.
C:\Documents and Settings\All Users\Application Data\nlf.exe moved successfully.
C:\Documents and Settings\All Users\Application Data\dwg.exe moved successfully.
C:\Documents and Settings\All Users\Application Data\dsb.exe moved successfully.
C:\Documents and Settings\All Users\Application Data\coc.exe moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\y88d20e7l1hq002 moved successfully.
File C:\Documents and Settings\All Users\Application Data\y88d20e7l1hq002 not found.
File C:\Documents and Settings\All Users\Application Data\waa.exe not found.
C:\Documents and Settings\LocalService\Local Settings\Application Data\pny.exe moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\ohc.exe moved successfully.
File C:\Documents and Settings\All Users\Application Data\nlf.exe not found.
File C:\Documents and Settings\All Users\Application Data\dwg.exe not found.
File C:\Documents and Settings\All Users\Application Data\dsb.exe not found.
File C:\Documents and Settings\All Users\Application Data\coc.exe not found.
C:\Documents and Settings\LocalService\Local Settings\Application Data\brx.exe moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\asq.exe moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Application Data\tropeln.dll moved successfully.
C:\WINDOWS\system32\0AC5C160AF.sys moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\2638977761 moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\2989865169 moved successfully.
C:\Documents and Settings\All Users\Application Data\2638977761 moved successfully.
C:\Documents and Settings\Administrator\Local Settings\Application Data\IfMqNXfFX84 moved successfully.
C:\Documents and Settings\All Users\Application Data\2989865169 moved successfully.
C:\Documents and Settings\All Users\Application Data\IfMqNXfFX84 moved successfully.
C:\WINDOWS\Iditetakobilo.dat moved successfully.
C:\WINDOWS\Hqagohapuve.bin moved successfully.
C:\Documents and Settings\Administrator\Application Data\.# folder moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\Administrator\My Documents\Downloads\cmd.bat deleted successfully.
C:\Documents and Settings\Administrator\My Documents\Downloads\cmd.txt deleted successfully.
< attrib -H c:\*.* /s /d /c >
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\Credentials\S-1-5-21-484763869-651377827-839522115-500
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\00813F57C0CBB9A83349C874FD014078
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\0797C381B2F87EB5A1D5573BD15BA4F4
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\08E382DC40DC2B571439BB7A5449C239
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\0EBB3788D77094423275558212CCE7B1
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\119EFCC56A568F53AA7025356F876799
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\1B9435E949F2B3D267BABDE0C8BC19A6
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\1C4E554353AB278B1DD0E7329C5388D7
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\1CE9F5C74186E7B86A5CC6A85C21C64C
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\23B523C9E7746F715D33C6527C18EB9D
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\2659C1A560AB92C9C29D4B2B25815AE8
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\2BBA88436E92E1ABCED8E68D74DC5B38
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\2BF68F4714092295550497DD56F57004
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\303572DF538EDD8B1D606185F1D559B8
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\3130B1871A126520A8C47861EFE3ED4D
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\32AE19CAEE3F08CBCCD44F39EA8E908F
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\3C83474D61E624A4F9844DF935AFE217
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\486CC6AFD08942336C61FCD401C4A1D1
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\4C1E365F9395E4AD801570C6ABDB1892
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\4DB1DABDF57ED9997FE8DCC77E93C04F
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\526CE89193F110F750D34080932D5D62
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\52FE9FFE4780FF24EC690DB2F1D013CE
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\5553AF14BD4C3B1DE599145FD14950E0
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\55D5B35A7CC768E78826C2935CCC178A
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\5C45AD19E3530EC4218F560AFC04C3F7
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\5C8DDA36D60247082B142836039F4636
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\5F74056C561F814B7771CB2993A44DEB
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\62B5AF9BE9ADC1085C3C56EC07A82BF6
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\6AFA4286D305D35CF857C64AE01F5F72
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\6EE3F4B30DD5A19E5ECECC8051B4EDE0
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\74BFD122C0875EC75DBE5C6DB4C59019
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\79841F8EF00FBA86D33CC5A47696F165
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\7B2238AACCEDC3F1FFE8E7EB5F575EC9
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\8DFDF057024880D7A081AFBF6D26B92F
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\8E4817082536D8AD08C5B04CE63CBC33
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\904590238400AD963F77FAAAADC9BAB5
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\9CD8982C888AB544945893084BD7523A
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\A44F4E7CB3133FF765C39A53AD8FCFDD
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\A8FABA189DB7D25FBA7CAC806625FD30
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\AB132ADD47222782522938B9D92E0324
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\B171751C11ECDD4C0C4BC4BBF7B99FBF
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\B681B8816EE79EAEAA5CA7DA9EC0DC58
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\B69D763EB21649DA26F20618312DEE70
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\C296C614CAC8917D1583EB64F15FE697
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\C554DCF706A5AAB8B360FAD227EAB9C7
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\C85D71887265E283EC5EBF46764A2A28
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\D0F063B6B88A2B8BFE21C3993A613447
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\D725F3459E2275E9EA5871B92AD896D0
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\DC2135CED98D8A4D7C0CEE202BB0B810
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\E02AA40C1EC3D49AD517AF65D64B6DFA
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\E04822AD18D472EA5B582E6E6F8C6B9A
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\E2EF7F0FB7284B9ACFD4F65D02218479
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\E4AED02DCCD7B73DC8965E0D507CE301
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\E6024EAC88E6B6165D49FE3C95ADD735
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\E8974A4669383843486E5AFDB09650F5
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\F063BF7EF604434CBE00FF198F0D9B10
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\F5A17C00E427F919C4A49EEF5AD0EE53
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\F78CAE5D65CB8F387E2E0E15EF7E4AE3
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\FB788E090BC1F3AA2FBC9E8FB2859601
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\FCEA474F228C13CD0DAD678431D0ACFC
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\00813F57C0CBB9A83349C874FD014078
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\0797C381B2F87EB5A1D5573BD15BA4F4
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\08E382DC40DC2B571439BB7A5449C239
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\0EBB3788D77094423275558212CCE7B1
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\119EFCC56A568F53AA7025356F876799
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\1B9435E949F2B3D267BABDE0C8BC19A6
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\1C4E554353AB278B1DD0E7329C5388D7
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\1CE9F5C74186E7B86A5CC6A85C21C64C
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\23B523C9E7746F715D33C6527C18EB9D
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\2659C1A560AB92C9C29D4B2B25815AE8
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\2BBA88436E92E1ABCED8E68D74DC5B38
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\2BF68F4714092295550497DD56F57004
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\303572DF538EDD8B1D606185F1D559B8
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\3130B1871A126520A8C47861EFE3ED4D
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\32AE19CAEE3F08CBCCD44F39EA8E908F
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\3C83474D61E624A4F9844DF935AFE217
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\486CC6AFD08942336C61FCD401C4A1D1
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\4C1E365F9395E4AD801570C6ABDB1892
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\4DB1DABDF57ED9997FE8DCC77E93C04F
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\526CE89193F110F750D34080932D5D62
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\52FE9FFE4780FF24EC690DB2F1D013CE
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\5553AF14BD4C3B1DE599145FD14950E0
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\55D5B35A7CC768E78826C2935CCC178A
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\5C45AD19E3530EC4218F560AFC04C3F7
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\5C8DDA36D60247082B142836039F4636
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\5F74056C561F814B7771CB2993A44DEB
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\62B5AF9BE9ADC1085C3C56EC07A82BF6
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\6AFA4286D305D35CF857C64AE01F5F72
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\6EE3F4B30DD5A19E5ECECC8051B4EDE0
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\74BFD122C0875EC75DBE5C6DB4C59019
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\79841F8EF00FBA86D33CC5A47696F165
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\7B2238AACCEDC3F1FFE8E7EB5F575EC9
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\8DFDF057024880D7A081AFBF6D26B92F
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\8E4817082536D8AD08C5B04CE63CBC33
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\904590238400AD963F77FAAAADC9BAB5
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\9CD8982C888AB544945893084BD7523A
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\A44F4E7CB3133FF765C39A53AD8FCFDD
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\A8FABA189DB7D25FBA7CAC806625FD30
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\AB132ADD47222782522938B9D92E0324
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\B171751C11ECDD4C0C4BC4BBF7B99FBF
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\B681B8816EE79EAEAA5CA7DA9EC0DC58
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\B69D763EB21649DA26F20618312DEE70
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\C296C614CAC8917D1583EB64F15FE697
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\C554DCF706A5AAB8B360FAD227EAB9C7
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\C85D71887265E283EC5EBF46764A2A28
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\D0F063B6B88A2B8BFE21C3993A613447
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\D725F3459E2275E9EA5871B92AD896D0
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\DC2135CED98D8A4D7C0CEE202BB0B810
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\E02AA40C1EC3D49AD517AF65D64B6DFA
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\E04822AD18D472EA5B582E6E6F8C6B9A
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\E2EF7F0FB7284B9ACFD4F65D02218479
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\E4AED02DCCD7B73DC8965E0D507CE301
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\E6024EAC88E6B6165D49FE3C95ADD735
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\E8974A4669383843486E5AFDB09650F5
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\F063BF7EF604434CBE00FF198F0D9B10
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\F5A17C00E427F919C4A49EEF5AD0EE53
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\F78CAE5D65CB8F387E2E0E15EF7E4AE3
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\FB788E090BC1F3AA2FBC9E8FB2859601
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\FCEA474F228C13CD0DAD678431D0ACFC
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\Crypto\RSA\S-1-5-21-484763869-651377827-839522115-500\5550e7cb640347345a345c63aa7a6848_f73f5ea9-38d5-4b7a-96b9-52de5501c9bd
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\Crypto\RSA\S-1-5-21-484763869-651377827-839522115-500\6b29ae44e85efac3c72ff4d1865d73f1_f73f5ea9-38d5-4b7a-96b9-52de5501c9bd
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\Crypto\RSA\S-1-5-21-484763869-651377827-839522115-500\731981fead7fc566d824f5dbd2b4ce2e_f73f5ea9-38d5-4b7a-96b9-52de5501c9bd
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\Crypto\RSA\S-1-5-21-484763869-651377827-839522115-500\83aa4cc77f591dfc2374580bbd95f6ba_f73f5ea9-38d5-4b7a-96b9-52de5501c9bd
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\Crypto\RSA\S-1-5-21-484763869-651377827-839522115-500\a18ca4003deb042bbee7a40f15e1970b_f73f5ea9-38d5-4b7a-96b9-52de5501c9bd
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\Crypto\RSA\S-1-5-21-484763869-651377827-839522115-500
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\Crypto\RSA
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\UserData\0OV3AS9N
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\UserData\8BXSS11C
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\UserData\CDGFNDJG
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\UserData\index.dat
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\UserData\KRTGFC7Q
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Desktop.htt
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\UserData
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\Protect\S-1-5-21-484763869-651377827-839522115-500\2bfab1d7-35da-4dd3-89db-8cbce2a77b26
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\Protect\S-1-5-21-484763869-651377827-839522115-500\3290b1f9-5541-4e32-a315-681bf8e8c5b5
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\Protect\S-1-5-21-484763869-651377827-839522115-500\5a88eb11-d3ab-4539-b451-2c4aabece4a0
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\Protect\S-1-5-21-484763869-651377827-839522115-500\872aef5e-19f3-4ad3-8516-38f0489bdefd
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\Protect\S-1-5-21-484763869-651377827-839522115-500\ae264cf3-22cd-4ab9-b544-2c2bac20d2ae
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\Protect\S-1-5-21-484763869-651377827-839522115-500\b57d79f1-3dde-4263-9492-8e670dc1a5ce
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\Protect\S-1-5-21-484763869-651377827-839522115-500\c066fd77-06b0-4d37-aa7a-cfd32750bd4f
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\Protect\S-1-5-21-484763869-651377827-839522115-500\Preferred
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\Protect\CREDHIST
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\Protect\S-1-5-21-484763869-651377827-839522115-500
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\SystemCertificates\My\Certificates\4DFA3E0E6C159D5531B48EBD0B2C706FF08598C7
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\SystemCertificates\My\Keys\FBAB605F234853EF3DFCCE55A132CBFE299804B5
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\SystemCertificates\My\Certificates
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\SystemCertificates\My\CRLs
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\SystemCertificates\My\CTLs
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\SystemCertificates\My\Keys
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\SystemCertificates\My
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\Credentials
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\Crypto
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft\Protect
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\Microsoft
Not resetting system file - C:\Documents and Settings\Administrator\Application Data\systemfl.$dk
Not resetting system file - C:\Documents and Settings\Administrator\Cookies\desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\desktop\PaySheets\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\desktop\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\Favorites\Links\desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\Favorites\Desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\IECompatCache\index.dat
Not resetting system file - C:\Documents and Settings\Administrator\IETldCache\index.dat
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Credentials\S-1-5-21-484763869-651377827-839522115-500
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache\3KHRPNQC\desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache\6LC1X3OI\desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache\RJ3W2KEO\desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache\YE12Q36K\desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache\3KHRPNQC
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache\6LC1X3OI
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache\desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache\RJ3W2KEO
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache\YE12Q36K
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\0RP4BXWS
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\DR4E58QK
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\E72T4YA2
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\index.dat
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\VS0QGY03
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Credentials
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Feeds Cache
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Application Data\Procaster\cache\index.dat
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\MSHist012011061420110615\index.dat
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\index.dat
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\History\History.IE5\MSHist012011061420110615
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\History\desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\History\History.IE5
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\3UNBQ7FZ\desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C8J419SH\desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OAVEGLJW\desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\YDFTZLI8\desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\Z8HNALA3\desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\3UNBQ7FZ
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\C8J419SH
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\OAVEGLJW
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\YDFTZLI8
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\Z8HNALA3
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\History
Not resetting system file - C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Adlm\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Comics\Marvel Encyclopedia v2 (2009) (bZc-DCP)\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Downloads\Heavy Metal Magazine\Related_Publications\Heavy_Metal-Simon_Bisley-F_A_K_K_2_Album\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Downloads\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\Anim\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\Content_Box\images\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\Content_Box\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\New Folder\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\NSCore\images\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\NSCore\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\PAGES\100670_files\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\PAGES\81878_files\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\PAGES\Sites\35863_files\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\PAGES\Sites\372404_files\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\PAGES\Sites\38714_files\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\PAGES\Sites\43794_files\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\PAGES\Sites\44834_files\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\PAGES\Sites\45031_files\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\PAGES\Sites\45223_files\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\PAGES\Sites\Joan_Of_Arc\3D_files\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\PAGES\Sites\Joan_Of_Arc\50138_files\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\PAGES\Sites\Joan_Of_Arc\body1.php_files\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\PAGES\Sites\Joan_Of_Arc\body2.php_files\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\PAGES\Sites\Joan_Of_Arc\body3.php_files\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\PAGES\Sites\Joan_Of_Arc\body4.php_files\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\PAGES\Sites\Joan_Of_Arc\body5.php_files\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\PAGES\Sites\Joan_Of_Arc\joanpres.php_files\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\PAGES\Sites\Joan_Of_Arc\WS4D1D6629-B6CD-4920-98FD-5003CFB0F599_files\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\PAGES\Sites\Joan_Of_Arc\Zbrush 3 Texturing Tutorial_files\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\PAGES\Sites\Joan_Of_Arc\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\PAGES\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\psp\PSP\SAVEDATA\HHBA111110000\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\psp\PSP\SAVEDATA\ULUS100540000\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\psp\PSP\SAVEDATA\ULUS100549999\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\psp\PSP\SAVEDATA\ULUS10442SGL001\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\FOLDERS\reaction images\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\images\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\143781_files\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\143970_files\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\OLD PSP DATA\Contra Site\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\OLD PSP DATA\NEW Contra Site\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\OLD PSP DATA\NEW NEW Contra Site\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\OLD PSP DATA\pics\Ryan's Crap\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\OLD PSP DATA\pics\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\OLD PSP DATA\PICTURE\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\OLD PSP DATA\PSP\SAVEDATA\ULUS10139GAMEDATA\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\OLD PSP DATA\PSP\SAVEDATA\ULUS10202001\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\OLD PSP DATA\PSP\SAVEDATA\ULUS10266\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\OLD PSP DATA\PSP\SAVEDATA\ULUS10289UID0000\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\OLD PSP DATA\PSP\SAVEDATA\ULUS10297FFT0000\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\OLD PSP DATA\PSP\SAVEDATA\ULUS10391\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\OLD PSP DATA\SAVEDATA\MHBACKUP\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\OLD PSP DATA\SAVEDATA\ULUS10202001\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\OLD PSP DATA\Stuff to turn in\tutorial\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\OLD PSP DATA\UCUS986410000\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\OLD PSP DATA\ULUS10025SAVE000\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\OLD PSP DATA\ULUS10097DATA00\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\OLD PSP DATA\ULUS10134U000\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\OLD PSP DATA\ULUS10134U001\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\OLD PSP DATA\ULUS10139GAMEDATA\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\OLD PSP DATA\ULUS10202001\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\OLD PSP DATA\ULUS10266\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\OLD PSP DATA\VIDEO\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\OLD PSP DATA\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\pictures\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\Pictures2\Index of _pictures_individuals_b_3d_files\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\Pictures2\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Misc\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\My Music\1988 - So Far, So Good...So What!(2)\1988 - So Far, So Good...So What!\AlbumArtSmall.jpg
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\My Music\1988 - So Far, So Good...So What!(2)\1988 - So Far, So Good...So What!\AlbumArt_{0EC1D833-6A76-48E9-8D66-135C8B530E51}_Large.jpg
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\My Music\1988 - So Far, So Good...So What!(2)\1988 - So Far, So Good...So What!\AlbumArt_{0EC1D833-6A76-48E9-8D66-135C8B530E51}_Small.jpg
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\My Music\1988 - So Far, So Good...So What!(2)\1988 - So Far, So Good...So What!\Folder.jpg
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\My Music\1988 - So Far, So Good...So What!(2)\1988 - So Far, So Good...So What!\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\My Music\1988 - So Far, So Good...So What!(2)\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\My Music\Creedence Clearwater Revival - Chronicle, Vol. 1\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\My Music\Heavy Metal - OST (2000)\Heavy Metal - OST (2000)\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\My Music\Heavy Metal - OST (2000)\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\My Music\Megadeth - Hidden Treasures_by_anthrax101\Megadeth - Hidden Treasures (1995) (Heavy Metal)\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\My Music\Megadeth - Hidden Treasures_by_anthrax101\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\My Music\Past Present and Future the Greatest Hits\AlbumArtSmall.jpg
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\My Music\Past Present and Future the Greatest Hits\AlbumArt_{35628733-FC29-42C8-8E29-D75B97D33336}_Large.jpg
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\My Music\Past Present and Future the Greatest Hits\AlbumArt_{35628733-FC29-42C8-8E29-D75B97D33336}_Small.jpg
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\My Music\Past Present and Future the Greatest Hits\Folder.jpg
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\My Music\Past Present and Future the Greatest Hits\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\My Music\The Dark Side of the Moon 1973 - [MP3 @ 320](oan)\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\My Music\The Piano Tribute to Iron Maiden\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\My Music\The Rocky Horror Picture Show [Original Soundtrack]\The Rocky Horror Picture Show [Original Soundtrack]\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\My Music\The Rocky Horror Picture Show [Original Soundtrack]\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\My Music\Desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\My Pictures\R\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\My Pictures\Desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\My Pictures\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\My Received Files\[email protected]\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\My Received Files\[email protected]\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\My Videos\Desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\New Folder (2)\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Stardock\ObjectDock Library\Desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\My Documents\Thumbs.db
Not resetting system file - C:\Documents and Settings\Administrator\NetHood\a la mode on Back Office (Backoffice)\Desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\NetHood\Document Store on Back Office (Backoffice)\Desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\NetHood\Shared Files on Back Office (Backoffice)\Desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\NetHood\SharedDocs on Back Office (Backoffice)\Desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\NetHood\SharedDocs on Christine Mobley (Cmobley)\Desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\NetHood\SharedDocs on Pat Foster's Office (Pfoster)\Desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\NetHood\SharedDocs on Ryan Boyce (Rboyce)\Desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\PrivacIE\index.dat
Not resetting system file - C:\Documents and Settings\Administrator\SendTo\desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Accessibility\desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\Entertainment\desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories\desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\Start Menu\Programs\Administrative Tools\desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\Start Menu\Programs\Games\Shortcut to Dwarf Fortress\Desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\Start Menu\Programs\desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\Start Menu\desktop.ini
Not resetting system file - C:\Documents and Settings\Administrator\Templates\2638977761
Not resetting system file - C:\Documents and Settings\Administrator\Templates\2989865169
Not resetting system file - C:\Documents and Settings\Administrator\Templates\IfMqNXfFX84
Not resetting system file - C:\Documents and Settings\Administrator\UserData\CVGNEVIV
Not resetting system file - C:\Documents and Settings\Administrator\UserData\E96X2NMH
Not resetting system file - C:\Documents and Settings\Administrator\UserData\MV2RKH83
Not resetting system file - C:\Documents and Settings\Administrator\UserData\UPKDGNMF
Not resetting system file - C:\Documents and Settings\Administrator\Cookies
Not resetting system file - C:\Documents and Settings\Administrator\IECompatCache
Not resetting system file - C:\Documents and Settings\Administrator\IETldCache
Not resetting system file - C:\Documents and Settings\Administrator\ntuser.ini
Not resetting system file - C:\Documents and Settings\Administrator\PrivacIE
Not resetting system file - C:\Documents and Settings\Administrator\UserData
Not resetting system file - C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\DSS\MachineKeys
Not resetting system file - C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\S-1-5-18\83aa4cc77f591dfc2374580bbd95f6ba_f73f5ea9-38d5-4b7a-96b9-52de5501c9bd
Not resetting system file - C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\S-1-5-18\d42cc0c3858a58db2db37658219e6400_f73f5ea9-38d5-4b7a-96b9-52de5501c9bd
Not resetting system file - C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys
Not resetting system file - C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\S-1-5-18
Not resetting system file - C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\DSS
Not resetting system file - C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA
Not resetting system file - C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto
Not resetting system file - C:\Documents and Settings\All Users\Application Data\desktop.ini
Not resetting system file - C:\Documents and Settings\All Users\Application Data\Microsoft
Not resetting system file - C:\Documents and Settings\All Users\Documents\My Music\Sample Music\desktop.ini
Not resetting system file - C:\Documents and Settings\All Users\Documents\My Music\Desktop.ini
Not resetting system file - C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures\desktop.ini
Not resetting system file - C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures\Thumbs.db
Not resetting system file - C:\Documents and Settings\All Users\Documents\My Pictures\Desktop.ini
Not resetting system file - C:\Documents and Settings\All Users\Documents\My Videos\Desktop.ini
Not resetting system file - C:\Documents and Settings\All Users\Documents\desktop.ini
Not resetting system file - C:\Documents and Settings\All Users\DRM\drmv2.lic
Not resetting system file - C:\Documents and Settings\All Users\DRM\drmv2.sst
Not resetting system file - C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\Accessibility\desktop.ini
Not resetting system file - C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\Communications\desktop.ini
Not resetting system file - C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\Entertainment\desktop.ini
Not resetting system file - C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\System Tools\desktop.ini
Not resetting system file - C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\desktop.ini
Not resetting system file - C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools\desktop.ini
Not resetting system file - C:\Documents and Settings\All Users\Start Menu\Programs\Games\desktop.ini
Not resetting system file - C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
Not resetting system file - C:\Documents and Settings\All Users\Start Menu\Programs\desktop.ini
Not resetting system file - C:\Documents and Settings\All Users\Start Menu\Programs\OpenOffice.org 3.1
Not resetting system file - C:\Documents and Settings\All Users\Start Menu\desktop.ini
Not resetting system file - C:\Documents and Settings\All Users\DRM
Not resetting system file - C:\Documents and Settings\Default User\Application Data\Microsoft\SystemCertificates\My\Certificates
Not resetting system file - C:\Documents and Settings\Default User\Application Data\Microsoft\SystemCertificates\My\CRLs
Not resetting system file - C:\Documents and Settings\Default User\Application Data\Microsoft\SystemCertificates\My\CTLs
Not resetting system file - C:\Documents and Settings\Default User\Application Data\Microsoft\SystemCertificates\My
Not resetting system file - C:\Documents and Settings\Default User\Application Data\Microsoft\SystemCertificates
Not resetting system file - C:\Documents and Settings\Default User\Application Data\desktop.ini
Not resetting system file - C:\Documents and Settings\Default User\Application Data\Microsoft
Not resetting system file - C:\Documents and Settings\Default User\Local Settings\History\History.IE5\desktop.ini
Not resetting system file - C:\Documents and Settings\Default User\Local Settings\History\desktop.ini
Not resetting system file - C:\Documents and Settings\Default User\Local Settings\History\History.IE5
Not resetting system file - C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\0ETLKFOK\desktop.ini
Not resetting system file - C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\6PPD50S2\desktop.ini
Not resetting system file - C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\EZXXBKNS\desktop.ini
Not resetting system file - C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\UMZOW78N\desktop.ini
Not resetting system file - C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\0ETLKFOK
Not resetting system file - C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\6PPD50S2
Not resetting system file - C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini
Not resetting system file - C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\EZXXBKNS
Not resetting system file - C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\UMZOW78N
Not resetting system file - C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5
Not resetting system file - C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\desktop.ini
Not resetting system file - C:\Documents and Settings\Default User\Local Settings\desktop.ini
Not resetting system file - C:\Documents and Settings\Default User\Local Settings\History
Not resetting system file - C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files
Not resetting system file - C:\Documents and Settings\Default User\SendTo\desktop.ini
Not resetting system file - C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Accessibility\desktop.ini
Not resetting system file - C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\Entertainment\desktop.ini
Not resetting system file - C:\Documents and Settings\Default User\Start Menu\Programs\Accessories\desktop.ini
Not resetting system file - C:\Documents and Settings\Default User\Start Menu\Programs\Startup\desktop.ini
Not resetting system file - C:\Documents and Settings\Default User\Start Menu\Programs\desktop.ini
Not resetting system file - C:\Documents and Settings\Default User\Start Menu\desktop.ini
Not resetting system file - C:\Documents and Settings\Default User\Cookies
Not resetting system file - C:\Documents and Settings\LocalService\Application Data\Microsoft\Credentials\S-1-5-19
Not resetting system file - C:\Documents and Settings\LocalService\Application Data\Microsoft\SystemCertificates\My\Certificates
Not resetting system file - C:\Documents and Settings\LocalService\Application Data\Microsoft\SystemCertificates\My\CRLs
Not resetting system file - C:\Documents and Settings\LocalService\Application Data\Microsoft\SystemCertificates\My\CTLs
Not resetting system file - C:\Documents and Settings\LocalService\Application Data\Microsoft\SystemCertificates\My
Not resetting system file - C:\Documents and Settings\LocalService\Application Data\Microsoft\Credentials
Not resetting system file - C:\Documents and Settings\LocalService\Application Data\Microsoft\SystemCertificates
Not resetting system file - C:\Documents and Settings\LocalService\Application Data\Microsoft
Not resetting system file - C:\Documents and Settings\LocalService\Favorites\Desktop.ini
Not resetting system file - C:\Documents and Settings\LocalService\IETldCache\index.dat
Not resetting system file - C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Credentials\S-1-5-19
Not resetting system file - C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\3U62AWQM
Not resetting system file - C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\83TPIY21
Not resetting system file - C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\index.dat
Not resetting system file - C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\U6BC4IO2
Not resetting system file - C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\UCMKPVW0
Not resetting system file - C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore
Not resetting system file - C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Credentials
Not resetting system file - C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\MSHist012011061320110614\index.dat
Not resetting system file - C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\desktop.ini
Not resetting system file - C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\MSHist012011061320110614
Not resetting system file - C:\Documents and Settings\LocalService\Local Settings\History\desktop.ini
Not resetting system file - C:\Documents and Settings\LocalService\Local Settings\History\History.IE5
Not resetting system file - C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\I147KF6J\desktop.ini
Not resetting system file - C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\ML6VQN8P\desktop.ini
Not resetting system file - C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\S5GD6FQF\desktop.ini
Not resetting system file - C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\WX8VET41\desktop.ini
Not resetting system file - C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini
Not resetting system file - C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\I147KF6J
Not resetting system file - C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\ML6VQN8P
Not resetting system file - C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\S5GD6FQF
Not resetting system file - C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\WX8VET41
Not resetting system file - C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5
Not resetting system file - C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\desktop.ini
Not resetting system file - C:\Documents and Settings\LocalService\Local Settings\desktop.ini
Not resetting system file - C:\Documents and Settings\LocalService\Local Settings\History
Not resetting system file - C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files
Not resetting system file - C:\Documents and Settings\LocalService\Cookies
Not resetting system file - C:\Documents and Settings\LocalService\IETldCache
Not resetting system file - C:\Documents and Settings\LocalService\ntuser.ini
Not resetting system file - C:\Documents and Settings\NetworkService\Application Data\Microsoft\Credentials\S-1-5-20
Not resetting system file - C:\Documents and Settings\NetworkService\Application Data\Microsoft\SystemCertificates\My\Certificates
Not resetting system file - C:\Documents and Settings\NetworkService\Application Data\Microsoft\SystemCertificates\My\CRLs
Not resetting system file - C:\Documents and Settings\NetworkService\Application Data\Microsoft\SystemCertificates\My\CTLs
Not resetting system file - C:\Documents and Settings\NetworkService\Application Data\Microsoft\SystemCertificates\My
Not resetting system file - C:\Documents and Settings\NetworkService\Application Data\Microsoft\Credentials
Not resetting system file - C:\Documents and Settings\NetworkService\Application Data\Microsoft\SystemCertificates
Not resetting system file - C:\Documents and Settings\NetworkService\Application Data\Microsoft
Not resetting system file - C:\Documents and Settings\NetworkService\Cookies\index.dat
Not resetting system file - C:\Documents and Settings\NetworkService\IETldCache\index.dat
Not resetting system file - C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Credentials\S-1-5-20
Not resetting system file - C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Credentials
Not resetting system file - C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\desktop.ini
Not resetting system file - C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat
Not resetting system file - C:\Documents and Settings\NetworkService\Local Settings\History\desktop.ini
Not resetting system file - C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5
Not resetting system file - C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\05W0UBTJ\desktop.ini
Not resetting system file - C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2AL94MGR\desktop.ini
Not resetting system file - C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\32YDWD14\desktop.ini
Not resetting system file - C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\T16VJQI8\desktop.ini
Not resetting system file - C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\05W0UBTJ
Not resetting system file - C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\2AL94MGR
Not resetting system file - C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\32YDWD14
Not resetting system file - C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini
Not resetting system file - C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat
Not resetting system file - C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\T16VJQI8
Not resetting system file - C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5
Not resetting system file - C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\desktop.ini
Not resetting system file - C:\Documents and Settings\NetworkService\Local Settings\desktop.ini
Not resetting system file - C:\Documents and Settings\NetworkService\Local Settings\History
Not resetting system file - C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files
Not resetting system file - C:\Documents and Settings\NetworkService\Cookies
Not resetting system file - C:\Documents and Settings\NetworkService\IETldCache
Not resetting system file - C:\Documents and Settings\NetworkService\ntuser.ini
Not resetting system file - C:\Documents and Settings\LocalService
Not resetting system file - C:\Documents and Settings\NetworkService
Not resetting system file - C:\Games\Desktop Dungeons\tilesets\default\Thumbs.db
Not resetting system file - C:\Games\Dwarf Fortress\Dwarf Fortress 31.16\LNP FILES\Graphics\Mayday 31.16\raw\graphics\mayday\Thumbs.db
Not resetting system file - C:\Games\Shoot First\Thumbs.db
Not resetting system file - C:\Games\Trans101\Thumbs.db
Access denied - C:\Program Files\Adobe\Reader 9.0\Resource\CMap\Identity-H
Access denied - C:\Program Files\Adobe\Reader 9.0\Resource\CMap\Identity-V
Access denied - C:\Program Files\Adobe\Reader 9.0\Resource\CMap
Access denied - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
Access denied - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
Access denied - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll
Access denied - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.dll
Access denied - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX
Not resetting system file - C:\Program Files\Easy Gif Animator Extension\v3.3.0.3\resources\Thumbs.db
Not resetting system file - C:\Program Files\Easy Gif Animator Extension\v3.3.0.3\Thumbs.db
Not resetting system file - C:\Program Files\JDownloader\captchas\Thumbs.db
Not resetting system file - C:\Program Files\JDownloader\downloads\Blue_Eyes\Thumbs.db
Not resetting system file - C:\Program Files\ManyCam\uninstall.log
Not resetting system file - C:\Program Files\Mozilla Firefox\res\html\Thumbs.db
Not resetting system file - C:\Program Files\Mozilla Firefox\res\Thumbs.db
Not resetting system file - C:\Program Files\MSN\MSNCoreFiles
Not resetting system file - C:\Program Files\particleIllusion_3\Preview Images\Thumbs.db
Not resetting system file - C:\Program Files\RocketDock\Icons\Thumbs.db
Not resetting system file - C:\RECYCLER\S-1-5-21-484763869-651377827-839522115-500\desktop.ini
Not resetting system file - C:\RECYCLER\S-1-5-21-484763869-651377827-839522115-500
Not resetting system file - C:\Wallpapers\Thumbs.db
Not resetting system file - C:\WINDOWS\assembly\Desktop.ini
Not resetting system file - C:\WINDOWS\CSC\00000001
Not resetting system file - C:\WINDOWS\CSC\00000002
Not resetting system file - C:\WINDOWS\Downloaded Program Files\DPF.LST
Not resetting system file - C:\WINDOWS\Fonts\ARIAL.TCX
Not resetting system file - C:\WINDOWS\Fonts\desktop.ini
Not resetting system file - C:\WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729
Not resetting system file - C:\WINDOWS\Installer\$PatchCache$\Managed\26DDC2EC4210AC63483DF9D4FCC5B59D\3.5.30729
Not resetting system file - C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0100000010\9.1.0
Not resetting system file - C:\WINDOWS\Installer\$PatchCache$\Managed\D04BB691875110D32B98EBCF771AA1E1\10.0.30319
Not resetting system file - C:\WINDOWS\Installer\$PatchCache$\Managed\D7314F9862C648A4DB8BE2A5B47BE100\1.0.0
Not resetting system file - C:\WINDOWS\Installer\$PatchCache$\Managed\DC3BF90CC0D3D2F398A9A6D1762F70F3\2.2.30729
Not resetting system file - C:\WINDOWS\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C
Not resetting system file - C:\WINDOWS\Installer\$PatchCache$\Managed\26DDC2EC4210AC63483DF9D4FCC5B59D
Not resetting system file - C:\WINDOWS\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0100000010
Not resetting system file - C:\WINDOWS\Installer\$PatchCache$\Managed\D04BB691875110D32B98EBCF771AA1E1
Not resetting system file - C:\WINDOWS\Installer\$PatchCache$\Managed\D7314F9862C648A4DB8BE2A5B47BE100
Not resetting system file - C:\WINDOWS\Installer\$PatchCache$\Managed\DC3BF90CC0D3D2F398A9A6D1762F70F3
Not resetting system file - C:\WINDOWS\Installer\$PatchCache$\Managed
Not resetting system file - C:\WINDOWS\Installer\$PatchCache$
Not resetting system file - C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\instance_Professional_32_1033.cab
Not resetting system file - C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_1.cab
Not resetting system file - C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_2.cab
Not resetting system file - C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_3.cab
Not resetting system file - C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_4.cab
Not resetting system file - C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_5.cab
Not resetting system file - C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_6.cab
Not resetting system file - C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_7.cab
Not resetting system file - C:\WINDOWS\PCHEALTH\HELPCTR\PackageStore\package_8.cab
Access denied - C:\WINDOWS\Prefetch\ACRORD32INFO.EXE-242CE4AA.pf
Access denied - C:\WINDOWS\Prefetch\ALAMODE.MAPWIZ.EXE-08C476AE.pf
Access denied - C:\WINDOWS\Prefetch\APPDESKSHELL.EXE-0A02C695.pf
Access denied - C:\WINDOWS\Prefetch\ATTRIB.EXE-39EAFB02.pf
Access denied - C:\WINDOWS\Prefetch\CALC.EXE-02CD573A.pf
Access denied - C:\WINDOWS\Prefetch\CFPUPDAT.EXE-02A11C92.pf
Access denied - C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf
Access denied - C:\WINDOWS\Prefetch\CMDINSTALL.EXE-2FE0C2B4.pf
Access denied - C:\WINDOWS\Prefetch\CSC.EXE-01730C27.pf
Access denied - C:\WINDOWS\Prefetch\CVTRES.EXE-2329DCD5.pf
Access denied - C:\WINDOWS\Prefetch\DEFRAG.EXE-273F131E.pf
Access denied - C:\WINDOWS\Prefetch\DFRGNTFS.EXE-269967DF.pf
Access denied - C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf
Access denied - C:\WINDOWS\Prefetch\FCHELPER.EXE-00AA12E7.pf
Access denied - C:\WINDOWS\Prefetch\FIREFOX.EXE-28641590.pf
Access denied - C:\WINDOWS\Prefetch\FOXIT READER.EXE-35492E0C.pf
Access denied - C:\WINDOWS\Prefetch\GETCONTENT.EXE-2356EA64.pf
Access denied - C:\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-1E123D86.pf
Access denied - C:\WINDOWS\Prefetch\HELPSVC.EXE-2878DDA2.pf
Access denied - C:\WINDOWS\Prefetch\HITMANPRO35.EXE-1FE4F7A7.pf
Access denied - C:\WINDOWS\Prefetch\IPCONFIG.EXE-2395F30B.pf
Access denied - C:\WINDOWS\Prefetch\JAVA.EXE-0C263507.pf
Access denied - C:\WINDOWS\Prefetch\JAVAW.EXE-2DC32ABC.pf
Access denied - C:\WINDOWS\Prefetch\JQSNOTIFY.EXE-24AE4A36.pf
Access denied - C:\WINDOWS\Prefetch\Layout.ini
Access denied - C:\WINDOWS\Prefetch\LOGON.SCR-151EFAEA.pf
Access denied - C:\WINDOWS\Prefetch\MRT.EXE-1B4A8D49.pf
Access denied - C:\WINDOWS\Prefetch\MRTSTUB.EXE-04CE505C.pf
Access denied - C:\WINDOWS\Prefetch\MRTSTUB.EXE-2A145D71.pf
Access denied - C:\WINDOWS\Prefetch\MSIMN.EXE-38BA891D.pf
Access denied - C:\WINDOWS\Prefetch\MSOOBE.EXE-30411B02.pf
Access denied - C:\WINDOWS\Prefetch\MSPAINT.EXE-11CBB631.pf
Access denied - C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf
Access denied - C:\WINDOWS\Prefetch\OTL.EXE-2BB12441.pf
Access denied - C:\WINDOWS\Prefetch\PLUGIN-CONTAINER.EXE-15EDC9DD.pf
Access denied - C:\WINDOWS\Prefetch\PRINTSVR5.EXE-1FF33391.pf
Access denied - C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf
Access denied - C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf
Access denied - C:\WINDOWS\Prefetch\UTORRENT.EXE-3888D1B0.pf
Access denied - C:\WINDOWS\Prefetch\VERCLSID.EXE-3667BD89.pf
Access denied - C:\WINDOWS\Prefetch\VLC.EXE-22DF01AA.pf
Access denied - C:\WINDOWS\Prefetch\WGATRAY.EXE-0ED38BED.pf
Access denied - C:\WINDOWS\Prefetch\WINDOWS-KB890830-V3.19.EXE-0EB38189.pf
Access denied - C:\WINDOWS\Prefetch\WINFORM.EXE-331724AB.pf
Access denied - C:\WINDOWS\Prefetch\WINRAR.EXE-39C6DAD9.pf
Access denied - C:\WINDOWS\Prefetch\WINTOTAL.EXE-237D4892.pf
Access denied - C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf
Access denied - C:\WINDOWS\Prefetch\WORDPAD.EXE-24533991.pf
Access denied - C:\WINDOWS\Prefetch\WPABALN.EXE-18F87702.pf
Access denied - C:\WINDOWS\Prefetch\WTAPI.EXE-33DDEB37.pf
Access denied - C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf
Not resetting system file - C:\WINDOWS\system32\appmgmt\MACHINE
Not resetting system file - C:\WINDOWS\system32\appmgmt\S-1-5-21-484763869-651377827-839522115-500
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\d3dx9_24_x86.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\d3dx9_25_x86.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\d3dx9_26_x86.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\d3dx9_27_x86.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\d3dx9_28_x86.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\d3dx9_29_x86.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\d3dx9_30_x86.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\d3dx9_31_x86.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\d3dx9_32_x86.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\drm.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\fp4.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\HPCRDP.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\IASNT4.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ie8.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ims.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2079403.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2115168.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2121546.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2141007.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2158563.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2160329.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2183461-IE8.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2229593.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2259922.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2279986.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2286198.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2296011.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2296199.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2345886.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2347290.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2360131-IE8.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2360937.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2378111.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2387149.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2393802.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2412687.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2416400-IE8.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2419632.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2423089.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2436673.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2440591.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2443105.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2443685.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2467659.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2476687.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2478960.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2478971.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2479628.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2479943.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2481109.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2482017-IE8.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2483185.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2485376.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2485663.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2497640-IE8.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2503658.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2506212.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2506223.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2507618.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2508272.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2508429.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2509553.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2510531-IE8.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2511455.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2524375.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB892130.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB923561.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB938464-v2.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB946648.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB950760.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB950762.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB950974.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB951066.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB951376-v2.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB951748.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB951978.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB952004.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB952069.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB952287.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB952954.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB954155.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB954459.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB954550-v5.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB954600.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB955069.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB955759.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB955839.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB956572.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB956744.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB956802.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB956803.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB956844.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB957097.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB958644.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB958687.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB958690.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB958869.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB959426.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB960225.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB960715.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB960803.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB960859.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB961118.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB961371.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB961373.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB961501.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB963027.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB967715.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB968389.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB968537.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB968816.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB969059.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB969497-IE8.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB969897-IE8.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB969898.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB969947.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB970238.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB970430.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB970653-v3.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB971029.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB971468.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB971486.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB971557.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB971633.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB971657.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB971737.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB971961-IE8.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB972260-IE8.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB972270.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB973346.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB973354.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB973507.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB973525.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB973540.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB973687.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB973815.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB973869.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB973904.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB974112.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB974318.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB974392.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB974455-IE8.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB974571.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB975025.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB975467.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB975558.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB975560.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB975561.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB975562.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB975713.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB976098-v2.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB976325-IE8.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB976662-IE8.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB976749-IE8.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB977165.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB977816.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB977914.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB978037.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB978207-IE8.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB978251.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB978262.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB978338.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB978542.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB978601.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB978695.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB978706.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB979306.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB979309.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB979402.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB979482.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB979559.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB979683.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB979687.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB980182-IE8.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB980195.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB980218.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB980232.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB980436.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB981322.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB981332-IE8.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB981793.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB981852.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB981957.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB981997.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB982132.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB982214.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB982381-IE8.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB982665.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB982802.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MAPIMIG.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\mediactr.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\msmsgs.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\msn7.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\msn9.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\mstsweb.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\msxpsdrv.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MW770.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\netfx.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5IIS.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5inf.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntprint.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem0.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem1.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem10.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem11.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem13.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem14.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem15.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem16.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem17.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem18.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem2.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem21.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem23.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem3.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem4.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem5.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem6.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem7.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem8.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem9.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\OEMBIOS.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\sp2.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\sp3.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\spdelta.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\tabletpc.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WgaNotify.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\wmerrenu.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WMFSDK.cat
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\xact2_1_x86.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\xact2_2_x86.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\xact2_3_x86.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\xact2_4_x86.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\xact2_5_x86.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\xact2_6_x86.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\xact_x86.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\xinput1_1_x86.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\xinput1_2_x86.CAT
Not resetting system file - C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\xinput9_1_0_x86.CAT
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\0797C381B2F87EB5A1D5573BD15BA4F4
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\08E382DC40DC2B571439BB7A5449C239
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\0DF1B22D933757B75C16140A39F9B558
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\119EFCC56A568F53AA7025356F876799
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\2659C1A560AB92C9C29D4B2B25815AE8
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\2BF68F4714092295550497DD56F57004
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\303572DF538EDD8B1D606185F1D559B8
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\330EA6CB47CAD94CC6EBEE46BF9C3A69
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\33C6C29AF2AC6A11ED7E7C6A84B7EFA5
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\486CC6AFD08942336C61FCD401C4A1D1
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\4DB1DABDF57ED9997FE8DCC77E93C04F
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\5C8DDA36D60247082B142836039F4636
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\62B5AF9BE9ADC1085C3C56EC07A82BF6
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\696F3DE637E6DE85B458996D49D759AD
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\6B6DAD4DCE1114319B35038842B46A01
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\74BFD122C0875EC75DBE5C6DB4C59019
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\7735880A01E3F94F763761958A7A8191
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\79841F8EF00FBA86D33CC5A47696F165
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\7B2238AACCEDC3F1FFE8E7EB5F575EC9
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\8DFDF057024880D7A081AFBF6D26B92F
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\904590238400AD963F77FAAAADC9BAB5
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\96D7A99548C36B10D2E8035A3E0DCA1A
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\A1377F7115F1F126A15360369B165211
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\A44F4E7CB3133FF765C39A53AD8FCFDD
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\A8FABA189DB7D25FBA7CAC806625FD30
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\B1389E492D455618638EACED3DB5F2E2
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\B19981F752EAE5208DDB063EF96A5DD9
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\C554DCF706A5AAB8B360FAD227EAB9C7
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\D725F3459E2275E9EA5871B92AD896D0
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\DC2135CED98D8A4D7C0CEE202BB0B810
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\DEEA0BD81CC3B68E08E92D12B0916963
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\E04822AD18D472EA5B582E6E6F8C6B9A
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\E8974A4669383843486E5AFDB09650F5
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\F5A17C00E427F919C4A49EEF5AD0EE53
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\FB788E090BC1F3AA2FBC9E8FB2859601
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\FCEA474F228C13CD0DAD678431D0ACFC
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\0797C381B2F87EB5A1D5573BD15BA4F4
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\08E382DC40DC2B571439BB7A5449C239
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\0DF1B22D933757B75C16140A39F9B558
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\119EFCC56A568F53AA7025356F876799
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\2659C1A560AB92C9C29D4B2B25815AE8
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\2BF68F4714092295550497DD56F57004
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\303572DF538EDD8B1D606185F1D559B8
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\330EA6CB47CAD94CC6EBEE46BF9C3A69
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\33C6C29AF2AC6A11ED7E7C6A84B7EFA5
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\486CC6AFD08942336C61FCD401C4A1D1
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\4DB1DABDF57ED9997FE8DCC77E93C04F
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\5C8DDA36D60247082B142836039F4636
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\62B5AF9BE9ADC1085C3C56EC07A82BF6
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\696F3DE637E6DE85B458996D49D759AD
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\6B6DAD4DCE1114319B35038842B46A01
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\74BFD122C0875EC75DBE5C6DB4C59019
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\7735880A01E3F94F763761958A7A8191
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\79841F8EF00FBA86D33CC5A47696F165
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\7B2238AACCEDC3F1FFE8E7EB5F575EC9
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\8DFDF057024880D7A081AFBF6D26B92F
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\904590238400AD963F77FAAAADC9BAB5
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\96D7A99548C36B10D2E8035A3E0DCA1A
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\A1377F7115F1F126A15360369B165211
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\A44F4E7CB3133FF765C39A53AD8FCFDD
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\A8FABA189DB7D25FBA7CAC806625FD30
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\B1389E492D455618638EACED3DB5F2E2
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\B19981F752EAE5208DDB063EF96A5DD9
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\C554DCF706A5AAB8B360FAD227EAB9C7
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\D725F3459E2275E9EA5871B92AD896D0
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\DC2135CED98D8A4D7C0CEE202BB0B810
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\DEEA0BD81CC3B68E08E92D12B0916963
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\E04822AD18D472EA5B582E6E6F8C6B9A
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\E8974A4669383843486E5AFDB09650F5
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\F5A17C00E427F919C4A49EEF5AD0EE53
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\FB788E090BC1F3AA2FBC9E8FB2859601
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\FCEA474F228C13CD0DAD678431D0ACFC
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\Certificates
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CRLs
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CTLs
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\IfMqNXfFX84
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\desktop.ini
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012009051320090514
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Local Settings\History\desktop.ini
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\0ETLKFOK\desktop.ini
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\6PPD50S2\desktop.ini
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\EZXXBKNS\desktop.ini
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\UMZOW78N\desktop.ini
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\0ETLKFOK
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\6PPD50S2
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\EZXXBKNS
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\UMZOW78N
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\desktop.ini
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Local Settings\desktop.ini
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Local Settings\History
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\SendTo\desktop.ini
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\desktop.ini
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Entertainment\desktop.ini
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\desktop.ini
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\desktop.ini
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Start Menu\desktop.ini
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Templates\IfMqNXfFX84
Not resetting system file - C:\WINDOWS\system32\config\systemprofile\Cookies
Access denied - C:\WINDOWS\system32\Macromed\Flash\Flash6.ocx
Not resetting system file - C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\015dacb5-78ba-4676-96eb-2c60657c7eb3
Not resetting system file - C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\2a2fb10e-9f13-473e-aac4-ca5f337a6790
Not resetting system file - C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\4c038039-97fc-4085-bef9-ead20af62c9e
Not resetting system file - C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\4d4b8e6a-1c98-49c0-aaa8-bc16774c24b6
Not resetting system file - C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\86d5324c-ea11-4d56-aa9f-4e68a86bf7b2
Not resetting system file - C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\b3e388b0-9656-4c33-96db-36314702338b
Not resetting system file - C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\c3738a87-b931-4b12-a00c-b11f0010a141
Not resetting system file - C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\ea58d1db-8451-4b87-a86b-1d87ef8b8266
Not resetting system file - C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\fcc1bfaf-e762-42ef-8528-6515b64b4eb8
Not resetting system file - C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\Preferred
Not resetting system file - C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\0ad34db6-4064-49a9-93d2-6a079c106859
Not resetting system file - C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\59f947e6-9fe2-4812-b1ee-c5532b98a07c
Not resetting system file - C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\5b192d83-abca-495c-85ef-15ff572e46d3
Not resetting system file - C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\616f98d3-ddca-421c-b367-af1b22254d1a
Not resetting system file - C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\75e8ac75-8cf0-4cbb-b785-68eb798931be
Not resetting system file - C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\8f93b2b3-5350-4144-8410-87844fb692c6
Not resetting system file - C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\c871f615-f46b-46a8-aebf-3ebf87092b50
Not resetting system file - C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\f3b68fe9-1826-4feb-a843-b19ab75c59b3
Not resetting system file - C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\fb86ea2b-a0d3-497e-87c8-84e14f55f37d
Not resetting system file - C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\Preferred
Not resetting system file - C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User
Not resetting system file - C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18
Not resetting system file - C:\WINDOWS\system32\Microsoft\Protect
Not resetting system file - C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\igfxnt5.cat
Not resetting system file - C:\WINDOWS\system32\Restore\filelist.xml
Not resetting system file - C:\WINDOWS\system32\dllcache
Not resetting system file - C:\WINDOWS\system32\KGyGaAvL.sys
Not resetting system file - C:\WINDOWS\system32\Microsoft
Not resetting system file - C:\WINDOWS\Tasks\FOLDER.TSX
Not resetting system file - C:\WINDOWS\Temp\Cookies\index.dat
Not resetting system file - C:\WINDOWS\Temp\History\History.IE5\index.dat
Not resetting system file - C:\WINDOWS\Temp\History\History.IE5
Not resetting system file - C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\index.dat
Not resetting system file - C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5
Not resetting system file - C:\WINDOWS\Temp\Cookies
Not resetting system file - C:\WINDOWS\Temp\History
Not resetting system file - C:\WINDOWS\Temp\Temporary Internet Files
Not resetting system file - C:\WINDOWS\assembly
Not resetting system file - C:\WINDOWS\bootstat.dat
Not resetting system file - C:\WINDOWS\Downloaded Program Files
Not resetting system file - C:\WINDOWS\Fonts
Not resetting system file - C:\WINDOWS\Installer
Not resetting system file - C:\WINDOWS\Tasks
Not resetting system file - C:\WINDOWS\Thumbs.db
Not resetting system file - C:\WINDOWS\winnt.bmp
Not resetting system file - C:\WINDOWS\winnt256.bmp
Not resetting system file - C:\_OTL\MovedFiles\06142011_180448\C_Documents and Settings\Administrator\Application Data\.#
Not resetting system file - C:\_OTL\MovedFiles\06142011_180448\C_Documents and Settings\Administrator\Local Settings\Application Data\2638977761
Not resetting system file - C:\_OTL\MovedFiles\06142011_180448\C_Documents and Settings\Administrator\Local Settings\Application Data\2989865169
Not resetting system file - C:\_OTL\MovedFiles\06142011_180448\C_Documents and Settings\Administrator\Local Settings\Application Data\IfMqNXfFX84
Not resetting system file - C:\_OTL\MovedFiles\06142011_180448\C_Documents and Settings\All Users\Application Data\2638977761
Not resetting system file - C:\_OTL\MovedFiles\06142011_180448\C_Documents and Settings\All Users\Application Data\2989865169
Not resetting system file - C:\_OTL\MovedFiles\06142011_180448\C_Documents and Settings\All Users\Application Data\coc.exe
Not resetting system file - C:\_OTL\MovedFiles\06142011_180448\C_Documents and Settings\All Users\Application Data\dsb.exe
Not resetting system file - C:\_OTL\MovedFiles\06142011_180448\C_Documents and Settings\All Users\Application Data\dwg.exe
Not resetting system file - C:\_OTL\MovedFiles\06142011_180448\C_Documents and Settings\All Users\Application Data\IfMqNXfFX84
Not resetting system file - C:\_OTL\MovedFiles\06142011_180448\C_Documents and Settings\All Users\Application Data\nlf.exe
Not resetting system file - C:\_OTL\MovedFiles\06142011_180448\C_Documents and Settings\All Users\Application Data\waa.exe
Not resetting system file - C:\_OTL\MovedFiles\06142011_180448\C_Documents and Settings\All Users\Application Data\y88d20e7l1hq002
Not resetting system file - C:\_OTL\MovedFiles\06142011_180448\C_Documents and Settings\LocalService\Local Settings\Application Data\asq.exe
Not resetting system file - C:\_OTL\MovedFiles\06142011_180448\C_Documents and Settings\LocalService\Local Settings\Application Data\brx.exe
Not resetting system file - C:\_OTL\MovedFiles\06142011_180448\C_Documents and Settings\LocalService\Local Settings\Application Data\ohc.exe
Not resetting system file - C:\_OTL\MovedFiles\06142011_180448\C_Documents and Settings\LocalService\Local Settings\Application Data\pny.exe
Not resetting system file - C:\_OTL\MovedFiles\06142011_180448\C_Documents and Settings\LocalService\Local Settings\Application Data\y88d20e7l1hq002
Not resetting system file - C:\_OTL\MovedFiles\06142011_180448\C_WINDOWS\system32\0AC5C160AF.sys
Not resetting system file - C:\IO.SYS
Not resetting system file - C:\MSDOS.SYS
Not resetting system file - C:\NTDETECT.COM
Not resetting system file - C:\ntldr
Not resetting system file - C:\pagefile.sys
Not resetting system file - C:\RECYCLER
Not resetting system file - C:\System Volume Information
C:\Documents and Settings\Administrator\My Documents\Downloads\cmd.bat deleted successfully.
C:\Documents and Settings\Administrator\My Documents\Downloads\cmd.txt deleted successfully.
C:\Program Files\StartNow Toolbar\Resources\toolbarbutton folder moved successfully.
C:\Program Files\StartNow Toolbar\Resources\searchbox folder moved successfully.
C:\Program Files\StartNow Toolbar\Resources\reactivate folder moved successfully.
C:\Program Files\StartNow Toolbar\Resources\protect folder moved successfully.
C:\Program Files\StartNow Toolbar\Resources\images folder moved successfully.
C:\Program Files\StartNow Toolbar\Resources folder moved successfully.
C:\Program Files\StartNow Toolbar folder moved successfully.
========== COMMANDS ==========
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 32469580 bytes
->Temporary Internet Files folder emptied: 40790802 bytes
->Java cache emptied: 143026 bytes
->FireFox cache emptied: 219953331 bytes
->Flash cache emptied: 4593 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 51395893 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 23904274 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 618445 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 145700613 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 78137 bytes
RecycleBin emptied: 7925534 bytes

Total Files Cleaned = 499.00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point (0)

OTL by OldTimer - Version 3.2.24.0 log created on 06142011_180448

Files\Folders moved on Reboot...
C:\windows\temp\Perflib_Perfdata_39c.dat moved successfully.

Registry entries deleted on Reboot...












Here is the Combofix File, however when it tried to install the Recovery console it came up with a window and said something about not being enumerated (?) However it did produce a file. I'm going to paste the file below




ComboFix 11-06-14.03 - Administrator 06/14/2011 23:21:43.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.510.201 [GMT -4:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator\Application Data\Minecraft.exe
c:\documents and settings\Administrator\Application Data\Uninstal.exe
c:\documents and settings\Administrator\Local Settings\Application Data\{F3422D85-D0AD-4B40-9ED8-88FD6414E1AE}
c:\documents and settings\Administrator\Local Settings\Application Data\{F3422D85-D0AD-4B40-9ED8-88FD6414E1AE}\chrome.manifest
c:\documents and settings\Administrator\Local Settings\Application Data\{F3422D85-D0AD-4B40-9ED8-88FD6414E1AE}\chrome\content\_cfg.js
c:\documents and settings\Administrator\Local Settings\Application Data\{F3422D85-D0AD-4B40-9ED8-88FD6414E1AE}\chrome\content\overlay.xul
c:\documents and settings\Administrator\Local Settings\Application Data\{F3422D85-D0AD-4B40-9ED8-88FD6414E1AE}\install.rdf
c:\documents and settings\Administrator\My Documents\about.html
c:\documents and settings\Administrator\WINDOWS
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\jdownloader\JDownloader.exe
c:\windows\AppPatch\Custom\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb
c:\windows\system32\twain.dll
.
----- BITS: Possible infected sites -----
.
hxxp://crj+|Cv+@J:NGD_DQ{zcxLJS@qbAIbWU Client DownloadS-1-5-18`HT4?? 6VwoQZCDHMs
.
((((((((((((((((((((((((( Files Created from 2011-05-15 to 2011-06-15 )))))))))))))))))))))))))))))))
.
.
2011-06-14 22:04 . 2011-06-14 22:04 -------- d-----w- C:\_OTL
2011-06-14 17:20 . 2011-06-14 17:20 -------- d-----w- C:\TDSSKiller_Quarantine
2011-06-14 16:51 . 2011-06-14 16:51 12872 ----a-w- c:\windows\system32\bootdelete.exe
2011-06-13 19:04 . 2011-06-14 17:09 17480 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-06-13 19:04 . 2011-06-14 16:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Hitman Pro
2011-06-07 17:02 . 2011-06-07 17:02 -------- d-----w- c:\program files\Common Files\Desura
2011-06-07 17:00 . 2011-06-07 17:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Desura
2011-06-07 17:00 . 2011-06-07 17:08 -------- d-----w- c:\program files\Desura
2011-06-02 16:21 . 2007-03-15 20:57 443752 ----a-w- c:\windows\system32\d3dx10_33.dll
2011-06-02 16:18 . 2011-06-02 16:18 -------- d-----w- c:\program files\Crazybump
2011-06-01 14:55 . 2011-06-01 15:56 -------- d-----w- c:\program files\particleIllusion_3
2011-05-31 15:16 . 2011-05-31 15:16 -------- d-----w- c:\documents and settings\Administrator\Application Data\Unity
2011-05-31 15:09 . 2011-05-31 15:09 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Unity
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-28 19:48 . 2011-03-28 19:48 596 ----a-w- c:\windows\uninstallstickies.bat
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-09-11 2500552]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-09-08 421888]
.
c:\documents and settings\Administrator\Start Menu\Programs\Startup\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-4-16 384000]
Stickies.lnk - c:\program files\Stickies\stickies.exe [2011-3-28 1122304]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-1-25 113664]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.199\SSScheduler.exe [2011-2-23 272528]
Process Manager for Windows 1.6.192.lnk - c:\program files\Process Manager for Windows 1.6.192\Arif-Process-Manager.exe [2009-1-5 61440]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984D045-52CF-49cd-DB77-08F378FEA4DB}"= "c:\program files\Stardock\ObjectDockFree\ODMenu.dll" [2010-10-04 511344]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\a la mode\\Sched\\eSched.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"10690:TCP"= 10690:TCP:*:Disabled:BitComet 10690 TCP
"10690:UDP"= 10690:UDP:*:Disabled:BitComet 10690 UDP
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [10/27/2010 12:05 PM 691696]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [9/10/2010 11:40 PM 239240]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [9/10/2010 11:40 PM 25240]
R2 Iprip;RIP Listener;c:\windows\System32\svchost.exe -k netsvcs [8/18/2001 8:00 AM 14336]
R2 WinFLdrv;WinFLdrv;c:\windows\system32\WinFLdrv.sys [1/4/2010 10:25 AM 17984]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10/28/2010 1:12 PM 136176]
S2 Toolbar Updater Service;Toolbar Updater Service;c:\program files\StartNow Toolbar\ToolbarUpdaterService.exe --> c:\program files\StartNow Toolbar\ToolbarUpdaterService.exe [?]
S3 88240845;88240845; [x]
S3 A24fdisqpis;A24fdisqpis; [x]
S3 Desura Install Service;Desura Install Service;c:\program files\Common Files\Desura\desura_service.exe [6/7/2011 1:02 PM 130368]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [10/28/2010 1:12 PM 136176]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys --> c:\windows\system32\DRIVERS\ManyCam.sys [?]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.199\McCHSvc.exe [2/23/2011 10:51 AM 237008]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\6B.tmp --> c:\windows\system32\6B.tmp [?]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [3/2/2010 11:53 PM 16456]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [3/2/2010 11:53 PM 11088]
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-10 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]
.
2011-06-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-28 17:12]
.
2011-06-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-28 17:12]
.
2011-06-13 c:\windows\Tasks\SmartDefrag.job
- c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2010-08-19 22:08]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.startnow.com/?src=startpage&provider=Bing&provider_code=Z059&partner_id=308&product_id=435&affiliate_id=&channel=rjddr&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110516&user_guid=8A2C854E52474909869AB878387FEB4E&machine_id=ebaa5e612b727e09fa99ff26ecf095e9&browser=IE&os=win&os_version=5.1-x86-SP3
Trusted Zone: alamode.com
Trusted Zone: almsr.com
Trusted Zone: appraiserxsites.com
Trusted Zone: certmail.com
Trusted Zone: interflood.com
Trusted Zone: mappoint.net
Trusted Zone: virtualearth.net
Trusted Zone: xsitesnetwork.com
TCP: Interfaces\{78B1A176-C2F3-4D21-9CB1-D5202681C37B}: NameServer = 216.166.216.20,64.40.67.37
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kmubldjq.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - dukgo.com
FF - prefs.js: keyword.URL - hxxp://www.startnow.com/s/?src=addrbar&provider=Bing&provider_code=Z059&partner_id=308&product_id=435&affiliate_id=&channel=rjddr&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110516&user_guid=8A2C854E52474909869AB878387FEB4E&machine_id=ebaa5e612b727e09fa99ff26ecf095e9&browser=FF&os=win&os_version=5.1-x86-SP3&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: MultirowBookmarksToolbar: {FBF6D7FB-F305-4445-BB3D-FEF66579A033} - %profile%\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: [email protected] - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
.
------- File Associations -------
.
.reg=Regedit.Document
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-help - c:\program files\Blitz3D\help\uninstall.exe
AddRemove-StartNow Toolbar - c:\program files\StartNow Toolbar\StartNowToolbarUninstall.exe
AddRemove-KingAgnostic's Minecraft 1.1.2_01 - c:\documents and settings\Administrator\Application Data\Uninstal.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-14 23:30
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose, ZwOpenFile
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\6B.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-484763869-651377827-839522115-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f9,b1,90,32,41,55,32,4e,a3,15,68,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,11,eb,88,5a,ab,d3,39,45,b4,51,2c,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d7,b1,fa,2b,da,35,d3,4d,89,db,8c,\
.
[HKEY_USERS\S-1-5-21-484763869-651377827-839522115-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BEB4067D-6434-C794-BA15-1F82A6B224C3}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"abkdfophfghgfhkbcdilnmchlbmjjlcppp"=hex:65,62,6b,64,6d,6d,65,61,6d,63,6f,67,
65,65,68,62,63,68,63,70,6a,63,69,6e,6d,6a,6e,65,6d,6f,67,70,6f,6e,6f,67,66,\
"bbkdfophfghgfhkbcdbkknoiinmmdboipmee"=hex:61,62,6c,62,65,69,63,61,70,64,67,63,
64,68,6a,63,64,70,70,68,6f,6d,6a,6c,6c,65,70,70,6a,69,63,6b,70,67,00,67
.
[HKEY_USERS\S-1-5-21-484763869-651377827-839522115-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E30A00C5-39CE-CB3C-BF4A-C0A866EBDD53}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"ialcamammlamhjfede"=hex:6a,61,68,61,6a,6f,6d,6a,66,6f,68,6d,64,6d,69,68,6e,6a,
61,67,00,00
"haboghphemghcfof"=hex:6a,61,68,61,6a,6f,6d,6a,66,6f,68,6d,64,6d,69,68,6e,6a,
61,67,00,63
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d7,b1,fa,2b,da,35,d3,4d,89,db,8c,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d7,b1,fa,2b,da,35,d3,4d,89,db,8c,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(668)
c:\windows\system32\guard32.dll
.
Completion time: 2011-06-14 23:36:22
ComboFix-quarantined-files.txt 2011-06-15 03:36
.
Pre-Run: 12,151,320,576 bytes free
Post-Run: 12,102,352,896 bytes free
.
- - End Of File - - B1EA64D3B1E9182E4B7B67A2422A5021
  • 0

#4
Essexboy
Posted 15 June 2011 - 10:52 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I believe that is to do with the boot ini - but I will check it out first. How is your computer behaving now ?

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

Driver::
88240845
A24fdisqpis



Save this as CFScript.txt, in the same location as ComboFix.exe


Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply along with a fresh OTL scan .
  • 0

#5
Dangers
Posted 16 June 2011 - 08:54 AM

Dangers

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
It's working okay now, it deleted my file associations yesterday out of nowhere, so that was kind of weird, but I fixed them and everything is running smooth at the moment.

Here's the log!



ComboFix 11-06-15.01 - Administrator 06/15/2011 17:07:24.2.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.510.353 [GMT -4:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Administrator\Desktop\CFScript.txt
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator\Templates\o88h5orxwc3m8d58wrdd8235mn88ckxv18i
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_88240845
-------\Service_88240845
-------\Service_A24fdisqpis
.
.
((((((((((((((((((((((((( Files Created from 2011-05-16 to 2011-06-16 )))))))))))))))))))))))))))))))
.
.
2011-06-16 03:20 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2011-06-14 22:04 . 2011-06-14 22:04 -------- d-----w- C:\_OTL
2011-06-14 17:20 . 2011-06-14 17:20 -------- d-----w- C:\TDSSKiller_Quarantine
2011-06-14 16:51 . 2011-06-14 16:51 12872 ----a-w- c:\windows\system32\bootdelete.exe
2011-06-13 19:04 . 2011-06-14 17:09 17480 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-06-13 19:04 . 2011-06-14 16:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Hitman Pro
2011-06-07 17:02 . 2011-06-07 17:02 -------- d-----w- c:\program files\Common Files\Desura
2011-06-07 17:00 . 2011-06-07 17:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Desura
2011-06-07 17:00 . 2011-06-07 17:08 -------- d-----w- c:\program files\Desura
2011-06-02 16:21 . 2007-03-15 20:57 443752 ----a-w- c:\windows\system32\d3dx10_33.dll
2011-06-02 16:18 . 2011-06-02 16:18 -------- d-----w- c:\program files\Crazybump
2011-06-01 14:55 . 2011-06-01 15:56 -------- d-----w- c:\program files\particleIllusion_3
2011-05-31 15:16 . 2011-05-31 15:16 -------- d-----w- c:\documents and settings\Administrator\Application Data\Unity
2011-05-31 15:09 . 2011-05-31 15:09 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Unity
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-02 15:31 . 2009-05-12 21:01 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 16:19 . 2001-08-18 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 16:11 . 2001-08-18 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 16:11 . 2001-08-18 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-25 16:11 . 2001-08-18 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-25 12:01 . 2004-08-04 05:59 385024 ----a-w- c:\windows\system32\html.iec
2011-04-21 13:37 . 2001-08-18 12:00 105472 ----a-w- c:\windows\system32\drivers\mup.sys
2011-03-28 19:48 . 2011-03-28 19:48 596 ----a-w- c:\windows\uninstallstickies.bat
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-09-11 2500552]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-09-08 421888]
.
c:\documents and settings\Administrator\Start Menu\Programs\Startup\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-4-16 384000]
Stickies.lnk - c:\program files\Stickies\stickies.exe [2011-3-28 1122304]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-1-25 113664]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.199\SSScheduler.exe [2011-2-23 272528]
Process Manager for Windows 1.6.192.lnk - c:\program files\Process Manager for Windows 1.6.192\Arif-Process-Manager.exe [2009-1-5 61440]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984D045-52CF-49cd-DB77-08F378FEA4DB}"= "c:\program files\Stardock\ObjectDockFree\ODMenu.dll" [2010-10-04 511344]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\a la mode\\Sched\\eSched.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"10690:TCP"= 10690:TCP:*:Disabled:BitComet 10690 TCP
"10690:UDP"= 10690:UDP:*:Disabled:BitComet 10690 UDP
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [10/27/2010 12:05 PM 691696]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [9/10/2010 11:40 PM 239240]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [9/10/2010 11:40 PM 25240]
R2 Iprip;RIP Listener;c:\windows\System32\svchost.exe -k netsvcs [8/18/2001 8:00 AM 14336]
R2 WinFLdrv;WinFLdrv;c:\windows\system32\WinFLdrv.sys [1/4/2010 10:25 AM 17984]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10/28/2010 1:12 PM 136176]
S2 Toolbar Updater Service;Toolbar Updater Service;c:\program files\StartNow Toolbar\ToolbarUpdaterService.exe --> c:\program files\StartNow Toolbar\ToolbarUpdaterService.exe [?]
S3 Desura Install Service;Desura Install Service;c:\program files\Common Files\Desura\desura_service.exe [6/7/2011 1:02 PM 130368]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [10/28/2010 1:12 PM 136176]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys --> c:\windows\system32\DRIVERS\ManyCam.sys [?]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.199\McCHSvc.exe [2/23/2011 10:51 AM 237008]
S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\6B.tmp --> c:\windows\system32\6B.tmp [?]
S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [3/2/2010 11:53 PM 16456]
S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [3/2/2010 11:53 PM 11088]
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-10 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]
.
2011-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-28 17:12]
.
2011-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-28 17:12]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.startnow.com/?src=startpage&provider=Bing&provider_code=Z059&partner_id=308&product_id=435&affiliate_id=&channel=rjddr&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110516&user_guid=8A2C854E52474909869AB878387FEB4E&machine_id=ebaa5e612b727e09fa99ff26ecf095e9&browser=IE&os=win&os_version=5.1-x86-SP3
Trusted Zone: alamode.com
Trusted Zone: almsr.com
Trusted Zone: appraiserxsites.com
Trusted Zone: certmail.com
Trusted Zone: interflood.com
Trusted Zone: mappoint.net
Trusted Zone: virtualearth.net
Trusted Zone: xsitesnetwork.com
TCP: Interfaces\{78B1A176-C2F3-4D21-9CB1-D5202681C37B}: NameServer = 216.166.216.20,64.40.67.37
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kmubldjq.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - dukgo.com
FF - prefs.js: keyword.URL - hxxp://www.startnow.com/s/?src=addrbar&provider=Bing&provider_code=Z059&partner_id=308&product_id=435&affiliate_id=&channel=rjddr&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110516&user_guid=8A2C854E52474909869AB878387FEB4E&machine_id=ebaa5e612b727e09fa99ff26ecf095e9&browser=FF&os=win&os_version=5.1-x86-SP3&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: MultirowBookmarksToolbar: {FBF6D7FB-F305-4445-BB3D-FEF66579A033} - %profile%\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: [email protected] - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-16 09:10
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose, ZwOpenFile
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\6B.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-484763869-651377827-839522115-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f9,b1,90,32,41,55,32,4e,a3,15,68,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,11,eb,88,5a,ab,d3,39,45,b4,51,2c,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d7,b1,fa,2b,da,35,d3,4d,89,db,8c,\
.
[HKEY_USERS\S-1-5-21-484763869-651377827-839522115-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BEB4067D-6434-C794-BA15-1F82A6B224C3}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"abkdfophfghgfhkbcdilnmchlbmjjlcppp"=hex:65,62,6b,64,6d,6d,65,61,6d,63,6f,67,
65,65,68,62,63,68,63,70,6a,63,69,6e,6d,6a,6e,65,6d,6f,67,70,6f,6e,6f,67,66,\
"bbkdfophfghgfhkbcdbkknoiinmmdboipmee"=hex:61,62,6c,62,65,69,63,61,70,64,67,63,
64,68,6a,63,64,70,70,68,6f,6d,6a,6c,6c,65,70,70,6a,69,63,6b,70,67,00,67
.
[HKEY_USERS\S-1-5-21-484763869-651377827-839522115-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E30A00C5-39CE-CB3C-BF4A-C0A866EBDD53}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"ialcamammlamhjfede"=hex:6a,61,68,61,6a,6f,6d,6a,66,6f,68,6d,64,6d,69,68,6e,6a,
61,67,00,00
"haboghphemghcfof"=hex:6a,61,68,61,6a,6f,6d,6a,66,6f,68,6d,64,6d,69,68,6e,6a,
61,67,00,63
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d7,b1,fa,2b,da,35,d3,4d,89,db,8c,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d7,b1,fa,2b,da,35,d3,4d,89,db,8c,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(660)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'explorer.exe'(3996)
c:\windows\system32\WININET.dll
c:\windows\system32\guard32.dll
c:\program files\RocketDock\RocketDock.dll
c:\program files\Process Manager for Windows 1.6.192\SystemHook.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\program files\Stardock\ObjectDockFree\ODMenu.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\COMODO\COMODO Internet Security\cmdagent.exe
c:\windows\system32\crypserv.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\HPZipm12.exe
c:\windows\System32\tcpsvcs.exe
c:\windows\system32\WgaTray.exe
c:\windows\System32\snmp.exe
c:\windows\system32\wpabaln.exe
w:\wintotal\winform.exe
w:\wintotal\AppDeskShell.exe
.
**************************************************************************
.
Completion time: 2011-06-16 09:19:20 - machine was rebooted
ComboFix-quarantined-files.txt 2011-06-16 13:19
ComboFix2.txt 2011-06-15 03:36
.
Pre-Run: 11,805,208,576 bytes free
Post-Run: 11,685,122,048 bytes free
.
- - End Of File - - 92529A174F0186D297BB3CC6E9CD40EA

Attached Thumbnails

  • 2.jpg

  • 0

#6
Essexboy
Posted 16 June 2011 - 10:46 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Lets now check for orphans - once run could you let me know of any outstanding problems

Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
  • 0

#7
Dangers
Posted 17 June 2011 - 07:08 AM

Dangers

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Looks like we got five of them all seem to have deleted successfully.





Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6873

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

6/17/2011 9:07:00 AM
mbam-log-2011-06-17 (09-07-00).txt

Scan type: Full scan (C:\|)
Objects scanned: 228613
Time elapsed: 1 hour(s), 1 minute(s), 4 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Documents and Settings\Administrator\Local Settings\Application Data\tqj.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode) Good: (firefox.exe -safe-mode) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\administrator\application data\Sun\Java\deployment\cache\6.0\30\1aaa78de-1554bf76 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\thinstall\CSDATA\1000000600002i\svchost.exe (Rootkit.Dropper) -> Quarantined and deleted successfully.
c:\documents and settings\administrator\application data\thinstall\CSDATA\1000000b00002i\rundll32.exe (Rootkit.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{8e39cca9-42b7-4cbb-8a2c-acef578c20bc}\RP692\A0123104.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
  • 0

#8
Essexboy
Posted 17 June 2011 - 09:47 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Any further problems ?
  • 0

#9
Dangers
Posted 20 June 2011 - 01:15 PM

Dangers

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Seems to be working fine, Comodo just caught something coming in but everything looks to be normal! Thank you for your assistance! When I get some spare cash I'll send it your way!
  • 0

#10
Essexboy
Posted 20 June 2011 - 01:55 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :yes:

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :)

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [CLEARALLRESTOREPOINTS]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Uninstall ComboFix

Remove Combofix now that we're done with it.
  • Please press the Windows Key and R on your keyboard. This will bring up the Run... command.
  • Now copy/paste this: ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the /Uninstall, it needs to be there.

    Posted Image

  • Please follow the prompts to uninstall Combofix.
  • This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again.
  • You will then recieve a message saying Combofix was uninstalled successfully once it's done uninstalling itself.

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

Posted Image Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:
  • Go to this site and click Do I have Java
  • It will check your current version and then offer to update to the latest version

SPRING CLEAN

Download and run Puran Disc Defragmenter
For the first run I would recommend a boot defrag and disk check

Posted Image


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Posted Image Malwarebytes. Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?
Keep safe :unsure:
  • 0

#11
Dangers
Posted 20 June 2011 - 02:12 PM

Dangers

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Sorry, immediately after I posted that, all of the symptoms just came back. SVCHOST.exe is hogging system ram again, also I just started getting Google redirects again. This virus is incredibly persistent.

Sorry to bother you again, but do you think there's anything I can do, or should I just reinstall Windows fresh?
  • 0

#12
Essexboy
Posted 20 June 2011 - 03:04 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
First thing to do I feel is change your AV as it definately has a weak spot. Lets see if we can nip it in the bud

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.


    Posted Image

  • If an infected file is detected, the default action will be Cure, click on Continue.


    Posted Image

  • If a suspicious file is detected, the default action will be Skip, click on Continue.


    Posted Image

  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.


    Posted Image

  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

THEN

Download ComboFix from one of these locations:


Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop


  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  • Double click on ComboFix.exe & follow the prompts.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
  • 0

#13
Essexboy
Posted 24 June 2011 - 11:20 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP