Publicité
Publicité
Format du document : text/plain
Prévisualisation
start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
ShortcutTarget: FacebookGamesNotifier.exe.lnk -> C:\Users\patsong\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe (Pas de fichier)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3885057622-3054522135-2263952012-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3885057622-3054522135-2263952012-1000 -> {38732BBC-856A-9753-CC17-746284BA2069} URL =
SearchScopes: HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {38732BBC-856A-9753-CC17-746284BA2069} URL =
SearchScopes: HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {38732BBC-856A-9753-CC17-746284BA2069} URL =
SearchScopes: HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2 -> {38732BBC-856A-9753-CC17-746284BA2069} URL =
SearchScopes: HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3 -> {38732BBC-856A-9753-CC17-746284BA2069} URL =
SearchScopes: HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4 -> {38732BBC-856A-9753-CC17-746284BA2069} URL =
FF Plugin HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: mychic.com/VimGlasses -> C:\Windows\system32\npVimGlasses.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: mychic.com/VimGlasses -> C:\Windows\system32\npVimGlasses.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2: mychic.com/VimGlasses -> C:\Windows\system32\npVimGlasses.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3: mychic.com/VimGlasses -> C:\Windows\system32\npVimGlasses.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4: mychic.com/VimGlasses -> C:\Windows\system32\npVimGlasses.dll [Pas de fichier]
S3 catchme; \??\C:\Users\patsong\AppData\Local\Temp\catchme.sys [X]
S3 PCAMPR4; \??\C:\Windows\system32\PCAMPR4.SYS [X]
S3 PCANDIS4; \??\C:\Windows\system32\PCANDIS4.SYS [X]
2013-12-19 21:40 - 2013-12-19 21:40 - 0000028 _____ () C:\Users\patsong\AppData\Roaming\WB.CFG
Task: {73A7F6F8-C116-4205-B53C-1FC9D1A8C513} - System32\Tasks\Google Software Updater => C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-01-10] (Google) <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:0C01F64E [286]
AlternateDataStreams: C:\ProgramData\Temp:109734F6 [119]
AlternateDataStreams: C:\ProgramData\Temp:1239BE94 [122]
AlternateDataStreams: C:\ProgramData\Temp:14B00291 [144]
AlternateDataStreams: C:\ProgramData\Temp:1604D047 [159]
AlternateDataStreams: C:\ProgramData\Temp:19803016 [268]
AlternateDataStreams: C:\ProgramData\Temp:1A7FC483 [132]
AlternateDataStreams: C:\ProgramData\Temp:1B96CF22 [130]
AlternateDataStreams: C:\ProgramData\Temp:1BD320E3 [146]
AlternateDataStreams: C:\ProgramData\Temp:1CCE0A1A [139]
AlternateDataStreams: C:\ProgramData\Temp:201C0C98 [145]
AlternateDataStreams: C:\ProgramData\Temp:2433F876 [144]
AlternateDataStreams: C:\ProgramData\Temp:28561FD4 [143]
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\Temp:2E5508DE [124]
AlternateDataStreams: C:\ProgramData\Temp:32D2A239 [138]
AlternateDataStreams: C:\ProgramData\Temp:3393A1CA [130]
AlternateDataStreams: C:\ProgramData\Temp:35E5C886 [127]
AlternateDataStreams: C:\ProgramData\Temp:35E8E596 [119]
AlternateDataStreams: C:\ProgramData\Temp:36AAD0E5 [288]
AlternateDataStreams: C:\ProgramData\Temp:4011BFFD [118]
AlternateDataStreams: C:\ProgramData\Temp:4112A0B6 [130]
AlternateDataStreams: C:\ProgramData\Temp:415E77AB [131]
AlternateDataStreams: C:\ProgramData\Temp:469B47D8 [149]
AlternateDataStreams: C:\ProgramData\Temp:46EF121E [147]
AlternateDataStreams: C:\ProgramData\Temp:47676604 [131]
AlternateDataStreams: C:\ProgramData\Temp:490B67EC [276]
AlternateDataStreams: C:\ProgramData\Temp:4C1C1292 [118]
AlternateDataStreams: C:\ProgramData\Temp:4D551822 [140]
AlternateDataStreams: C:\ProgramData\Temp:4D6B6072 [145]
AlternateDataStreams: C:\ProgramData\Temp:4F5DE111 [124]
AlternateDataStreams: C:\ProgramData\Temp:50B79A31 [138]
AlternateDataStreams: C:\ProgramData\Temp:569CEE83 [108]
AlternateDataStreams: C:\ProgramData\Temp:570ED58C [119]
AlternateDataStreams: C:\ProgramData\Temp:59465B40 [147]
AlternateDataStreams: C:\ProgramData\Temp:598BD055 [256]
AlternateDataStreams: C:\ProgramData\Temp:5D057E09 [149]
AlternateDataStreams: C:\ProgramData\Temp:5FEBCE9C [119]
AlternateDataStreams: C:\ProgramData\Temp:609CAC7C [120]
AlternateDataStreams: C:\ProgramData\Temp:612873B2 [143]
AlternateDataStreams: C:\ProgramData\Temp:6684C48E [129]
AlternateDataStreams: C:\ProgramData\Temp:67B6E7FA [133]
AlternateDataStreams: C:\ProgramData\Temp:6CC4F178 [138]
AlternateDataStreams: C:\ProgramData\Temp:6DDBB86B [282]
AlternateDataStreams: C:\ProgramData\Temp:70AD58E0 [147]
AlternateDataStreams: C:\ProgramData\Temp:7247FE29 [130]
AlternateDataStreams: C:\ProgramData\Temp:75CF6AF0 [152]
AlternateDataStreams: C:\ProgramData\Temp:79EAEF54 [276]
AlternateDataStreams: C:\ProgramData\Temp:7B9BB187 [282]
AlternateDataStreams: C:\ProgramData\Temp:7BFAAE70 [128]
AlternateDataStreams: C:\ProgramData\Temp:7C3760E2 [126]
AlternateDataStreams: C:\ProgramData\Temp:7C60A173 [113]
AlternateDataStreams: C:\ProgramData\Temp:7E802BFF [132]
AlternateDataStreams: C:\ProgramData\Temp:8B076EC5 [123]
AlternateDataStreams: C:\ProgramData\Temp:8D565A9B [136]
AlternateDataStreams: C:\ProgramData\Temp:8DC0DCD2 [149]
AlternateDataStreams: C:\ProgramData\Temp:8E761650 [121]
AlternateDataStreams: C:\ProgramData\Temp:8EBAFFA8 [137]
AlternateDataStreams: C:\ProgramData\Temp:900EBAFA [119]
AlternateDataStreams: C:\ProgramData\Temp:94D2A842 [121]
AlternateDataStreams: C:\ProgramData\Temp:956AE390 [125]
AlternateDataStreams: C:\ProgramData\Temp:97741F56 [124]
AlternateDataStreams: C:\ProgramData\Temp:9C3AAD57 [136]
AlternateDataStreams: C:\ProgramData\Temp:9CD7CD43 [286]
AlternateDataStreams: C:\ProgramData\Temp:9FB70D40 [125]
AlternateDataStreams: C:\ProgramData\Temp:A6345BDA [0]
AlternateDataStreams: C:\ProgramData\Temp:ACB38255 [121]
AlternateDataStreams: C:\ProgramData\Temp:AD2DB2F9 [126]
AlternateDataStreams: C:\ProgramData\Temp:ADEBE9CA [140]
AlternateDataStreams: C:\ProgramData\Temp:B0FD1EC3 [133]
AlternateDataStreams: C:\ProgramData\Temp:B37B4664 [126]
AlternateDataStreams: C:\ProgramData\Temp:B4DFBFB7 [137]
AlternateDataStreams: C:\ProgramData\Temp:B57B5F37 [145]
AlternateDataStreams: C:\ProgramData\Temp:BABCFD54 [286]
AlternateDataStreams: C:\ProgramData\Temp:BB71BBA2 [122]
AlternateDataStreams: C:\ProgramData\Temp:BD8C785E [123]
AlternateDataStreams: C:\ProgramData\Temp:BD932D90 [130]
AlternateDataStreams: C:\ProgramData\Temp:C22B6EED [282]
AlternateDataStreams: C:\ProgramData\Temp:C4EBE6D5 [120]
AlternateDataStreams: C:\ProgramData\Temp:C5D38708 [121]
AlternateDataStreams: C:\ProgramData\Temp:C63BE5D0 [286]
AlternateDataStreams: C:\ProgramData\Temp:C7F75BDD [254]
AlternateDataStreams: C:\ProgramData\Temp:CB08ED9D [136]
AlternateDataStreams: C:\ProgramData\Temp:D055FC10 [111]
AlternateDataStreams: C:\ProgramData\Temp:D37B4675 [125]
AlternateDataStreams: C:\ProgramData\Temp:D5E3E8C4 [147]
AlternateDataStreams: C:\ProgramData\Temp:D7740E2A [145]
AlternateDataStreams: C:\ProgramData\Temp:D999FFD5 [125]
AlternateDataStreams: C:\ProgramData\Temp:DA5888A7 [113]
AlternateDataStreams: C:\ProgramData\Temp:DBE046F5 [125]
AlternateDataStreams: C:\ProgramData\Temp:E876B1A8 [127]
AlternateDataStreams: C:\ProgramData\Temp:EA10407C [146]
AlternateDataStreams: C:\ProgramData\Temp:ED0B32CA [119]
AlternateDataStreams: C:\ProgramData\Temp:ED4272E5 [126]
AlternateDataStreams: C:\ProgramData\Temp:F14D1F80 [121]
AlternateDataStreams: C:\ProgramData\Temp:F4B7CBB2 [120]
AlternateDataStreams: C:\ProgramData\Temp:F55F0EF6 [150]
AlternateDataStreams: C:\ProgramData\Temp:F56BE392 [137]
AlternateDataStreams: C:\ProgramData\Temp:F5E8CAE0 [140]
AlternateDataStreams: C:\ProgramData\Temp:F84EC1E0 [128]
AlternateDataStreams: C:\ProgramData\Temp:F8A53745 [298]
AlternateDataStreams: C:\ProgramData\Temp:F8C2E3B9 [127]
AlternateDataStreams: C:\ProgramData\Temp:F92E1E4B [264]
AlternateDataStreams: C:\ProgramData\Temp:F97CB382 [134]
AlternateDataStreams: C:\ProgramData\Temp:FE1665C7 [130]
EmptyTemp:
end
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
ShortcutTarget: FacebookGamesNotifier.exe.lnk -> C:\Users\patsong\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe (Pas de fichier)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3885057622-3054522135-2263952012-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3885057622-3054522135-2263952012-1000 -> {38732BBC-856A-9753-CC17-746284BA2069} URL =
SearchScopes: HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {38732BBC-856A-9753-CC17-746284BA2069} URL =
SearchScopes: HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {38732BBC-856A-9753-CC17-746284BA2069} URL =
SearchScopes: HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2 -> {38732BBC-856A-9753-CC17-746284BA2069} URL =
SearchScopes: HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3 -> {38732BBC-856A-9753-CC17-746284BA2069} URL =
SearchScopes: HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4 -> {38732BBC-856A-9753-CC17-746284BA2069} URL =
FF Plugin HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: mychic.com/VimGlasses -> C:\Windows\system32\npVimGlasses.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: mychic.com/VimGlasses -> C:\Windows\system32\npVimGlasses.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2: mychic.com/VimGlasses -> C:\Windows\system32\npVimGlasses.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3: mychic.com/VimGlasses -> C:\Windows\system32\npVimGlasses.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-3885057622-3054522135-2263952012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4: mychic.com/VimGlasses -> C:\Windows\system32\npVimGlasses.dll [Pas de fichier]
S3 catchme; \??\C:\Users\patsong\AppData\Local\Temp\catchme.sys [X]
S3 PCAMPR4; \??\C:\Windows\system32\PCAMPR4.SYS [X]
S3 PCANDIS4; \??\C:\Windows\system32\PCANDIS4.SYS [X]
2013-12-19 21:40 - 2013-12-19 21:40 - 0000028 _____ () C:\Users\patsong\AppData\Roaming\WB.CFG
Task: {73A7F6F8-C116-4205-B53C-1FC9D1A8C513} - System32\Tasks\Google Software Updater => C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-01-10] (Google) <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:0C01F64E [286]
AlternateDataStreams: C:\ProgramData\Temp:109734F6 [119]
AlternateDataStreams: C:\ProgramData\Temp:1239BE94 [122]
AlternateDataStreams: C:\ProgramData\Temp:14B00291 [144]
AlternateDataStreams: C:\ProgramData\Temp:1604D047 [159]
AlternateDataStreams: C:\ProgramData\Temp:19803016 [268]
AlternateDataStreams: C:\ProgramData\Temp:1A7FC483 [132]
AlternateDataStreams: C:\ProgramData\Temp:1B96CF22 [130]
AlternateDataStreams: C:\ProgramData\Temp:1BD320E3 [146]
AlternateDataStreams: C:\ProgramData\Temp:1CCE0A1A [139]
AlternateDataStreams: C:\ProgramData\Temp:201C0C98 [145]
AlternateDataStreams: C:\ProgramData\Temp:2433F876 [144]
AlternateDataStreams: C:\ProgramData\Temp:28561FD4 [143]
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\Temp:2E5508DE [124]
AlternateDataStreams: C:\ProgramData\Temp:32D2A239 [138]
AlternateDataStreams: C:\ProgramData\Temp:3393A1CA [130]
AlternateDataStreams: C:\ProgramData\Temp:35E5C886 [127]
AlternateDataStreams: C:\ProgramData\Temp:35E8E596 [119]
AlternateDataStreams: C:\ProgramData\Temp:36AAD0E5 [288]
AlternateDataStreams: C:\ProgramData\Temp:4011BFFD [118]
AlternateDataStreams: C:\ProgramData\Temp:4112A0B6 [130]
AlternateDataStreams: C:\ProgramData\Temp:415E77AB [131]
AlternateDataStreams: C:\ProgramData\Temp:469B47D8 [149]
AlternateDataStreams: C:\ProgramData\Temp:46EF121E [147]
AlternateDataStreams: C:\ProgramData\Temp:47676604 [131]
AlternateDataStreams: C:\ProgramData\Temp:490B67EC [276]
AlternateDataStreams: C:\ProgramData\Temp:4C1C1292 [118]
AlternateDataStreams: C:\ProgramData\Temp:4D551822 [140]
AlternateDataStreams: C:\ProgramData\Temp:4D6B6072 [145]
AlternateDataStreams: C:\ProgramData\Temp:4F5DE111 [124]
AlternateDataStreams: C:\ProgramData\Temp:50B79A31 [138]
AlternateDataStreams: C:\ProgramData\Temp:569CEE83 [108]
AlternateDataStreams: C:\ProgramData\Temp:570ED58C [119]
AlternateDataStreams: C:\ProgramData\Temp:59465B40 [147]
AlternateDataStreams: C:\ProgramData\Temp:598BD055 [256]
AlternateDataStreams: C:\ProgramData\Temp:5D057E09 [149]
AlternateDataStreams: C:\ProgramData\Temp:5FEBCE9C [119]
AlternateDataStreams: C:\ProgramData\Temp:609CAC7C [120]
AlternateDataStreams: C:\ProgramData\Temp:612873B2 [143]
AlternateDataStreams: C:\ProgramData\Temp:6684C48E [129]
AlternateDataStreams: C:\ProgramData\Temp:67B6E7FA [133]
AlternateDataStreams: C:\ProgramData\Temp:6CC4F178 [138]
AlternateDataStreams: C:\ProgramData\Temp:6DDBB86B [282]
AlternateDataStreams: C:\ProgramData\Temp:70AD58E0 [147]
AlternateDataStreams: C:\ProgramData\Temp:7247FE29 [130]
AlternateDataStreams: C:\ProgramData\Temp:75CF6AF0 [152]
AlternateDataStreams: C:\ProgramData\Temp:79EAEF54 [276]
AlternateDataStreams: C:\ProgramData\Temp:7B9BB187 [282]
AlternateDataStreams: C:\ProgramData\Temp:7BFAAE70 [128]
AlternateDataStreams: C:\ProgramData\Temp:7C3760E2 [126]
AlternateDataStreams: C:\ProgramData\Temp:7C60A173 [113]
AlternateDataStreams: C:\ProgramData\Temp:7E802BFF [132]
AlternateDataStreams: C:\ProgramData\Temp:8B076EC5 [123]
AlternateDataStreams: C:\ProgramData\Temp:8D565A9B [136]
AlternateDataStreams: C:\ProgramData\Temp:8DC0DCD2 [149]
AlternateDataStreams: C:\ProgramData\Temp:8E761650 [121]
AlternateDataStreams: C:\ProgramData\Temp:8EBAFFA8 [137]
AlternateDataStreams: C:\ProgramData\Temp:900EBAFA [119]
AlternateDataStreams: C:\ProgramData\Temp:94D2A842 [121]
AlternateDataStreams: C:\ProgramData\Temp:956AE390 [125]
AlternateDataStreams: C:\ProgramData\Temp:97741F56 [124]
AlternateDataStreams: C:\ProgramData\Temp:9C3AAD57 [136]
AlternateDataStreams: C:\ProgramData\Temp:9CD7CD43 [286]
AlternateDataStreams: C:\ProgramData\Temp:9FB70D40 [125]
AlternateDataStreams: C:\ProgramData\Temp:A6345BDA [0]
AlternateDataStreams: C:\ProgramData\Temp:ACB38255 [121]
AlternateDataStreams: C:\ProgramData\Temp:AD2DB2F9 [126]
AlternateDataStreams: C:\ProgramData\Temp:ADEBE9CA [140]
AlternateDataStreams: C:\ProgramData\Temp:B0FD1EC3 [133]
AlternateDataStreams: C:\ProgramData\Temp:B37B4664 [126]
AlternateDataStreams: C:\ProgramData\Temp:B4DFBFB7 [137]
AlternateDataStreams: C:\ProgramData\Temp:B57B5F37 [145]
AlternateDataStreams: C:\ProgramData\Temp:BABCFD54 [286]
AlternateDataStreams: C:\ProgramData\Temp:BB71BBA2 [122]
AlternateDataStreams: C:\ProgramData\Temp:BD8C785E [123]
AlternateDataStreams: C:\ProgramData\Temp:BD932D90 [130]
AlternateDataStreams: C:\ProgramData\Temp:C22B6EED [282]
AlternateDataStreams: C:\ProgramData\Temp:C4EBE6D5 [120]
AlternateDataStreams: C:\ProgramData\Temp:C5D38708 [121]
AlternateDataStreams: C:\ProgramData\Temp:C63BE5D0 [286]
AlternateDataStreams: C:\ProgramData\Temp:C7F75BDD [254]
AlternateDataStreams: C:\ProgramData\Temp:CB08ED9D [136]
AlternateDataStreams: C:\ProgramData\Temp:D055FC10 [111]
AlternateDataStreams: C:\ProgramData\Temp:D37B4675 [125]
AlternateDataStreams: C:\ProgramData\Temp:D5E3E8C4 [147]
AlternateDataStreams: C:\ProgramData\Temp:D7740E2A [145]
AlternateDataStreams: C:\ProgramData\Temp:D999FFD5 [125]
AlternateDataStreams: C:\ProgramData\Temp:DA5888A7 [113]
AlternateDataStreams: C:\ProgramData\Temp:DBE046F5 [125]
AlternateDataStreams: C:\ProgramData\Temp:E876B1A8 [127]
AlternateDataStreams: C:\ProgramData\Temp:EA10407C [146]
AlternateDataStreams: C:\ProgramData\Temp:ED0B32CA [119]
AlternateDataStreams: C:\ProgramData\Temp:ED4272E5 [126]
AlternateDataStreams: C:\ProgramData\Temp:F14D1F80 [121]
AlternateDataStreams: C:\ProgramData\Temp:F4B7CBB2 [120]
AlternateDataStreams: C:\ProgramData\Temp:F55F0EF6 [150]
AlternateDataStreams: C:\ProgramData\Temp:F56BE392 [137]
AlternateDataStreams: C:\ProgramData\Temp:F5E8CAE0 [140]
AlternateDataStreams: C:\ProgramData\Temp:F84EC1E0 [128]
AlternateDataStreams: C:\ProgramData\Temp:F8A53745 [298]
AlternateDataStreams: C:\ProgramData\Temp:F8C2E3B9 [127]
AlternateDataStreams: C:\ProgramData\Temp:F92E1E4B [264]
AlternateDataStreams: C:\ProgramData\Temp:F97CB382 [134]
AlternateDataStreams: C:\ProgramData\Temp:FE1665C7 [130]
EmptyTemp:
end