Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unknown Virus Help


  • This topic is locked This topic is locked
13 replies to this topic

#1 bugaboomdc

bugaboomdc

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 12 February 2010 - 11:05 PM

My husband was playing Mafia Wars when he recieved an IM for a gift and then he said that as soon as he clicked out of it the computer started going to porn sites and a bogus virus protector popped up. He has/had Avast! on his computer but it is useless and I can't even find it. MalwareBytes finds nothing and we have no other virus scanner on his laptop other than Spydoctor that won't engage a scan at all so I don't know if that one is has been disabled as well or not. I have it in safe mode but no clue as to what has infected his laptop. I have no idea what I'm doing so I do hope that I followed the directions correctly as to what you want done, step by step. Thank you in advance for the help. OH, what looks to be the Internet firewall comes up and states that Bankerfox A is trying to gain access, do you want to block? I don't know if that is the actual Windows firewall or not. There is a little green virus looking icon with a checkmark in it that seems to be running the show now. I tried to reinstall the Avast! to no avail, it's like it's being blocked from doing so. It will down load but when you try to run it an error comes up that there are some missing files. Please note that I am not computer literate.

Thank you,

Charlotte



DDS (Ver_09-12-01.01) - NTFSx86 NETWORK
Run by Administrator at 18:40:53.96 on Fri 02/12/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1270.881 [GMT -6:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrator\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.toshibadirect.com/dpdstart
uSearch Bar = hxxp://www.toshiba.com/search
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = "c:\program files\outlook express\msimn.exe"
mSearchAssistant = hxxp://www.google.com/ie
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol\aol toolbar 2.0\aoltb.dll
TB: Viewpoint Toolbar: {f8ad5aa5-d966-4667-9daf-2561d68b2012} - c:\program files\common files\viewpoint\toolbar runtime\3.9.0\IEViewBar.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
EB: &Yahoo! Messenger: {4528bbe0-4e08-11d5-ad55-00010333d0ad} - c:\progra~1\yahoo!\common\yhexbmesus.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\toscdspd.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [MySpaceIM] c:\program files\myspace\im\MySpaceIM.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [<NO NAME>]
mRun: [IntelWireless] c:\program files\intel\wireless\bin\ifrmewrk.exe /tf Intel PROSet/Wireless
mRun: [EOUApp] c:\program files\intel\wireless\bin\EOUWiz.exe
mRun: [TPNF] c:\program files\toshiba\touchpad\TPTray.exe
mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [HWSetup] c:\program files\toshiba\toshiba applet\HWSetup.exe hwSetUP
mRun: [SVPWUTIL] c:\program files\toshiba\windows utilities\SVPWUTIL.exe SVPwUTIL
mRun: [TOSHIBA Accessibility] c:\program files\toshiba\accessibility\FnKeyHook.exe
mRun: [TMESRV.EXE] c:\program files\toshiba\tme3\TMESRV31.EXE /Logon
mRun: [TMERzCtl.EXE] c:\program files\toshiba\tme3\TMERzCtl.EXE /Service
mRun: [TPSMain] TPSMain.exe
mRun: [ZoomingHook] ZoomingHook.exe
mRun: [SmoothView] c:\program files\toshiba\toshiba zooming utility\SmoothView.exe
mRun: [TCtryIOHook] TCtrlIOHook.exe
mRun: [TFncKy] TFncKy.exe
mRun: [CeEKEY] c:\program files\toshiba\e-key\CeEKey.exe
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
mRun: [CFSServ.exe] CFSServ.exe -NoClient
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Pure Networks Port Magic] "c:\progra~1\purene~1\portma~1\PortAOL.exe" -Run
dRun: [MySpaceIM] c:\program files\myspace\im\MySpaceIM.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ramasst.lnk - c:\windows\system32\RAMASST.exe
IE: &Google Search - c:\program files\google\GoogleToolbar1.dll/cmsearch.html
IE: Backward Links - c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate into English - c:\program files\google\GoogleToolbar1.dll/cmtrans.html
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0\bin\npjpi150.dll
IE: {3369AF0D-62E9-4bda-8103-B4C75499B578} - {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 2.0\aoltb.dll
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - hxxp://activex.camfrogweb.com/advanced/cfweb_activex.camfrogweb.com-advanced_instmodule.exe
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1005.cab
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - hxxp://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} - hxxp://games.myspace.com/Gameshell/GameHost/1.0/OberonGameHost.cab
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} -
Notify: igfxcui - igfxsrvc.dll
Notify: IntelWireless - c:\program files\intel\wireless\bin\LgNotify.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-5-18 130936]
S1 TMEI3E;TMEI3E;c:\windows\system32\drivers\TMEI3E.sys [2005-1-8 5888]
S2 Tmesrv;Tmesrv3;c:\program files\toshiba\tme3\TMESRV31.exe [2005-1-8 126976]
S2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-12-21 24652]
S3 bfastfao;bfastfao;\??\c:\docume~1\student\locals~1\temp\bfastfao.sys --> c:\docume~1\student\locals~1\temp\bfastfao.sys [?]
UnknownUnknown aswFsBlk;aswFsBlk; [x]
UnknownUnknown aswSP;aswSP; [x]

=============== Created Last 30 ================

2010-02-12 23:05:44 0 ----a-w- c:\documents and settings\administrator\defogger_reenable
2010-02-12 20:49:13 0 d-----w- c:\docume~1\alluse~1\applic~1\Alwil Software
2010-02-12 15:17:57 0 d-sh--w- c:\documents and settings\administrator\PrivacIE
2010-02-07 15:58:14 0 ----a-w- c:\windows\iPlayer.INI
2010-02-07 04:54:55 0 d-----w- c:\program files\InterActual
2010-01-22 07:05:24 54156 ---ha-w- c:\windows\QTFont.qfn
2010-01-22 07:05:24 1409 ----a-w- c:\windows\QTFont.for
2010-01-18 17:17:59 0 d-----w- c:\program files\ACW

==================== Find3M ====================

2010-01-07 22:07:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 22:07:04 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-31 16:50:03 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:14:05 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-16 18:43:27 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:08:23 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-08 19:27:51 2189184 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-08 18:43:50 2066048 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-11-27 17:11:44 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 17:11:44 1291776 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 16:07:35 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:07:35 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:07:34 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:07:34 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-27 16:07:34 11264 ----a-w- c:\windows\system32\msrle32.dll
2003-08-27 22:19:18 36963 -c--a-r- c:\program files\common files\SM1updtr.dll
2008-09-28 20:27:16 32768 -csha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008092820080929\index.dat

============= FINISH: 18:41:09.75 ===============






Attached Files



BC AdBot (Login to Remove)

 


#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,770 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:03:11 PM

Posted 18 February 2010 - 09:27 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
We need to create an OTL Report
  1. Please download OTL from one of the following mirrors:
  2. Save it to your desktop.
  3. Double click on the icon on your desktop.
  4. Click the "Scan All Users" checkbox.
  5. In the custom scan box paste the following:
    CODE
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    /md5stop
    %systemroot%\*. /mp /s
  6. Push the button.
  7. Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt<--Will be minimized

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 bugaboomdc

bugaboomdc
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 27 February 2010 - 11:59 PM

Sorry it took so long, hope this is still open. Only one report came up when I ran that program. The Extra.txt didn't show up. Also there is an icon that is called smitfraudfix on the desktop.

OTL logfile created on: 2/27/2010 10:42:22 PM - Run 3
OTL by OldTimer - Version 3.1.30.3 Folder = C:\Documents and Settings\Administrator\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 59.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 81.00% Paging File free
Paging file location(s): C:\pagefile.sys 372 744 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34.29 Gb Total Space | 12.77 Gb Free Space | 37.25% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: STUDENT-0E93EA9
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/02/27 22:42:00 | 000,549,888 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
PRC - [2010/02/26 13:30:03 | 000,815,184 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2010/02/26 13:29:59 | 001,229,232 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010/02/11 12:53:42 | 002,756,488 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/01/15 06:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/03/08 13:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004/10/15 13:27:38 | 000,389,120 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2004/08/04 06:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\unsecapp.exe


========== Modules (SafeList) ==========

MOD - [2010/02/27 22:42:00 | 000,549,888 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
MOD - [2009/11/21 09:51:04 | 000,471,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\aclayers.dll
MOD - [2008/04/13 18:12:05 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (LiveUpdate Notice Ex)
SRV - [2010/02/26 13:29:59 | 001,229,232 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/02/19 19:30:16 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus®
SRV - [2010/02/14 15:32:20 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Stopped] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2010/02/11 12:53:39 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/02/11 12:53:39 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/02/11 12:53:39 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/01/15 06:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/09/08 09:19:23 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Stopped] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2008/04/13 18:11:55 | 000,028,160 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\irmon.dll -- (Irmon)
SRV - [2008/01/29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -- (LiveUpdate Notice Service)
SRV - [2004/11/11 12:43:56 | 000,126,976 | ---- | M] (TOSHIBA) [Auto | Stopped] -- C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe -- (Tmesrv)
SRV - [2004/11/10 13:14:08 | 000,036,864 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2004/10/15 13:30:52 | 000,098,304 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe -- (OwnershipProtocol)
SRV - [2004/10/15 13:24:48 | 000,360,521 | ---- | M] (Intel Corporation ) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor)
SRV - [2004/10/15 13:22:14 | 000,086,016 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng)
SRV - [2004/10/15 13:21:38 | 000,139,264 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc)
SRV - [2004/05/13 15:46:02 | 000,053,248 | ---- | M] () [Auto | Stopped] -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2004/04/07 14:07:32 | 001,135,728 | ---- | M] (America Online, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2003/07/28 14:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/05/23 15:38:26 | 000,106,496 | ---- | M] (Matsubleepa Electric Industrial Co., Ltd.) [Auto | Stopped] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)


========== Driver Services (SafeList) ==========

DRV - [2010/02/11 12:42:34 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/02/11 12:42:13 | 000,162,512 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/02/11 12:39:01 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/02/11 12:38:34 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/02/11 12:38:23 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/02/11 12:38:07 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/02/04 09:53:02 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009/06/30 09:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Stopped] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/05/09 00:14:20 | 000,014,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nuidfltr.sys -- (NuidFltr)
DRV - [2008/01/20 03:00:00 | 000,385,072 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2007/11/13 04:25:53 | 000,020,480 | R--- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2006/11/20 12:15:43 | 000,017,119 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x)
DRV - [2004/12/30 03:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/12/30 03:05:00 | 000,099,098 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/12/30 03:05:00 | 000,087,482 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/12/30 03:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/12/30 03:05:00 | 000,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/12/30 03:05:00 | 000,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/12/30 03:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/12/30 03:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/12/30 03:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/12/23 04:56:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2004/12/14 04:29:28 | 000,016,128 | ---- | M] (TOSHIBA ) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\TPwSav.sys -- (TPwSav)
DRV - [2004/12/11 16:12:00 | 000,006,144 | ---- | M] (TOSHIBA ) [Kernel | System | Stopped] -- C:\Program Files\Toshiba\Windows Utilities\spDispatch.sys -- (SPCtl)
DRV - [2004/12/11 16:12:00 | 000,006,144 | ---- | M] () [Kernel | System | Stopped] -- C:\Program Files\Toshiba\TOSHIBA Applet\HWS_IoDispatch.sys -- (HWSCtrl)
DRV - [2004/12/11 04:52:14 | 000,006,144 | ---- | M] (TOSHIBA ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TCtrlIO.sys -- (TCtrlIO)
DRV - [2004/12/10 16:00:44 | 000,006,144 | ---- | M] (TOSHIBA) [Kernel | System | Stopped] -- C:\Program Files\Toshiba\Accessibility\StickyMesger.sys -- (StickyMesger)
DRV - [2004/12/10 15:49:18 | 000,006,144 | ---- | M] (TOAHIBA, ) [Kernel | System | Stopped] -- C:\Program Files\Toshiba\TouchPad\TPECioCtl.sys -- (TPECioCtl)
DRV - [2004/12/10 10:29:50 | 000,006,144 | ---- | M] (TOAHIBA, ) [Kernel | System | Stopped] -- C:\Program Files\Toshiba\E-KEY\EKECioCtl.sys -- (EKECioCtl)
DRV - [2004/12/02 13:04:20 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/12/02 13:04:10 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2004/11/26 07:29:00 | 000,224,000 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2004/11/17 12:30:00 | 000,147,840 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2004/11/15 18:22:08 | 000,101,874 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2004/11/02 11:27:20 | 000,773,565 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm)
DRV - [2004/10/29 20:48:10 | 003,222,784 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel®
DRV - [2004/10/28 14:37:50 | 001,270,572 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/10/27 15:57:38 | 002,284,864 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/10/15 13:20:04 | 000,011,354 | ---- | M] (Intel Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2004/09/23 02:03:00 | 000,020,576 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2004/08/17 05:21:00 | 000,087,168 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/08/12 10:44:04 | 000,234,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iwca.sys -- (IWCA)
DRV - [2004/08/04 06:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/07/30 17:05:04 | 000,006,400 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\EPIOMngr.sys -- (SerTVOutCtlr)
DRV - [2004/07/30 01:05:08 | 000,006,400 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | System | Stopped] -- C:\Program Files\Toshiba\E-KEY\SSIOMngr.sys -- (SrvcSSIOMngr)
DRV - [2004/07/30 01:05:04 | 000,006,400 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | System | Stopped] -- C:\Program Files\Toshiba\E-KEY\EKIOMngr.sys -- (SrvcEKIOMngr)
DRV - [2004/06/16 13:19:58 | 000,046,080 | ---- | M] (SMSC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
DRV - [2004/06/16 13:08:48 | 000,005,888 | ---- | M] (Toshiba Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\TMEI3E.sys -- (TMEI3E)
DRV - [2004/06/15 14:15:00 | 000,005,888 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\TVALG.SYS -- (TVALG)
DRV - [2004/05/18 09:18:26 | 000,008,573 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosrfec.sys -- (tosrfec)
DRV - [2004/01/30 12:32:32 | 000,090,480 | ---- | M] (Matsubleepa Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2003/10/22 22:15:02 | 000,067,024 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2003/10/22 22:15:02 | 000,024,698 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2003/07/29 01:57:20 | 000,040,448 | ---- | M] (DeviceGuys, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV - [2003/06/11 10:53:22 | 000,006,867 | ---- | M] () [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\tbiosdrv.sys -- (TBiosDrv)
DRV - [2003/01/29 16:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2003/01/10 18:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/08/17 12:56:16 | 000,007,552 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1) Sony USB Filter Driver (SONYPVU1)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.viewpoint.com/landing/v38a.html
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.viewpoint.com/landing/v38a.html
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart

IE - HKU\S-1-5-21-1726409691-1484400983-2210005112-500\S-1-5-21-1726409691-1484400983-2210005112-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

FF - HKLM\software\mozilla\Firefox\Extensions\\Seekmo@Seekmo.com: C:\Program Files\Seekmo\bin\10.0.370.0\firefox\extensions

[2010/01/08 17:11:16 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/01/07 21:21:02 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

O1 HOSTS File: ([2010/02/12 23:27:53 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll File not found
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll File not found
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll File not found
O3 - HKLM\..\Toolbar: (Viewpoint Toolbar) - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.9.0\IEViewBar.dll (Viewpoint Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1726409691-1484400983-2210005112-500\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AGRSMMSG] C:\WINDOWS\agrsmmsg.exe (Agere Systems)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [CeEKEY] C:\Program Files\Toshiba\E-KEY\CeEKey.exe (COMPAL ELECTRONIC INC.)
O4 - HKLM..\Run: [CFSServ.exe] File not found
O4 - HKLM..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe (Sonic Solutions)
O4 - HKLM..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe (Intel Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe (TOSHIBA CO.,LTD.)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [Pinger] C:\TOSHIBA\IVP\ISM\pinger.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Pure Networks Port Magic] C:\Program Files\Pure Networks\Port Magic\PortAOL.exe (Pure Networks, Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [TCtryIOHook] C:\WINDOWS\System32\TCtrlIOHook.exe (TOSHIBA)
O4 - HKLM..\Run: [TFncKy] File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TMERzCtl.EXE] C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE (TOSHIBA)
O4 - HKLM..\Run: [TMESRV.EXE] C:\Program Files\TOSHIBA\TME3\TMESRV31.EXE (TOSHIBA)
O4 - HKLM..\Run: [TOSHIBA Accessibility] C:\Program Files\Toshiba\Accessibility\FnKeyHook.exe (TOSHIBA)
O4 - HKLM..\Run: [TPNF] C:\Program Files\Toshiba\TouchPad\TPTray.exe (COMPAL ELECTRONIC INC.)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ZoomingHook] C:\WINDOWS\System32\ZoomingHook.exe (TOSHIBA)
O4 - HKU\S-1-5-21-1726409691-1484400983-2210005112-500..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-1726409691-1484400983-2210005112-500..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKLM..\RunOnce: [Uninstall Adobe Download Manager] File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsubleepa Electric Industrial Co., Ltd.)
O4 - Startup: C:\Documents and Settings\Student\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1726409691-1484400983-2210005112-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll File not found
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.1...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} http://activex.camfrogweb.com/advanced/cfw..._instmodule.exe (CamfrogWEB Advanced Unicode Control)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1005.cab (MySpace Uploader Control)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdat...b?1266127003765 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab (Reg Error: Key error.)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://games.myspace.com/Gameshell/GameHos...ronGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\IntelWireless: DllName - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2007/12/06 00:06:51 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - C:\WINDOWS\system32\irmon.dll (Microsoft Corporation)
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D} - Microsoft .NET Framework 1.1 Security Update (KB953297)
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax ()
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll ()
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)

========== Files/Folders - Created Within 30 Days ==========

[2010/02/27 21:50:11 | 000,549,888 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/02/27 13:57:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2010/02/27 13:57:10 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2010/02/27 13:57:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Google
[2010/02/27 13:55:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2010/02/27 13:55:03 | 000,000,000 | ---D | C] -- C:\Program Files\NOS
[2010/02/26 13:30:38 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/02/26 13:27:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010/02/21 18:29:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ImageZone
[2010/02/21 18:29:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Image Zone
[2010/02/21 18:27:32 | 000,135,168 | ---- | C] (JEILIN Tech.) -- C:\WINDOWS\System32\jl_jdct.drv
[2010/02/21 18:27:32 | 000,000,000 | ---D | C] -- C:\Program Files\MTA
[2010/02/21 18:27:31 | 000,069,098 | ---- | C] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\drivers\jl2005c.sys
[2010/02/21 18:27:31 | 000,015,360 | ---- | C] (JEILIN Technology Corp.) -- C:\WINDOWS\System32\jl2005c.ax
[2010/02/21 18:27:31 | 000,000,000 | ---D | C] -- C:\Program Files\26693
[2010/02/21 18:26:41 | 000,000,000 | ---D | C] -- C:\Program Files\Haali
[2010/02/21 18:26:33 | 000,060,273 | ---- | C] (Open Source Software community project) -- C:\WINDOWS\System32\pthreadGC2.dll
[2010/02/21 18:26:29 | 000,000,000 | ---D | C] -- C:\Program Files\ffdshow
[2010/02/21 18:25:47 | 000,000,000 | ---D | C] -- C:\Program Files\Image Zone
[2010/02/17 11:31:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9 Installer
[2010/02/17 11:31:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/02/15 11:20:41 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2010/02/15 11:20:41 | 000,016,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2010/02/14 15:32:38 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010/02/14 15:32:38 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/02/14 15:32:38 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/02/14 15:32:38 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/02/14 15:32:38 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/02/14 15:22:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/02/14 15:21:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2010/02/14 14:24:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/02/14 13:45:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\zh-TW
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\zh-HK
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\tr-TR
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\sv-SE
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pt-BR
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\nl-NL
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\nb-NO
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ko-KR
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\it-IT
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\he-IL
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fr-FR
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fi-FI
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\es-ES
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\el-GR
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-DE
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\da-DK
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ar-SA
[2010/02/14 13:20:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010/02/14 13:19:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2010/02/13 20:39:50 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2010/02/13 20:39:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/02/13 20:38:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2010/02/13 20:36:19 | 091,338,304 | ---- | C] (Lavasoft ) -- C:\Documents and Settings\All Users\Documents\Ad-AwareInstallation.exe
[2010/02/13 20:27:50 | 009,732,720 | ---- | C] (PC Tools ) -- C:\Documents and Settings\All Users\Documents\rminstall.exe
[2010/02/13 19:59:23 | 000,162,512 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/02/13 19:59:23 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/02/13 19:59:21 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/02/13 19:59:20 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/02/13 19:59:17 | 000,100,432 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/02/13 19:59:17 | 000,094,800 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/02/13 19:59:17 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/02/13 19:58:50 | 000,153,184 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/02/13 19:58:50 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[2010/02/13 19:47:48 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/02/13 11:36:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe
[2010/02/12 23:35:18 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2010/02/12 23:35:06 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2010/02/12 23:27:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\SmitfraudFix
[2010/02/12 22:48:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/02/12 22:48:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/02/12 22:48:09 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/02/12 22:48:09 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/02/12 22:31:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\AVG8
[2010/02/12 14:49:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/02/12 11:21:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Macromedia
[2010/02/12 10:10:11 | 005,061,512 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2010/02/12 09:17:57 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Administrator\PrivacIE
[2010/02/06 22:54:55 | 000,000,000 | ---D | C] -- C:\Program Files\InterActual
[2009/08/07 19:58:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Viewpoint
[2006/10/08 20:35:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Symantec
[2006/04/28 21:44:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2005/07/09 11:50:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Symantec
[2005/01/08 14:46:10 | 000,036,963 | R--- | C] (Cypress Semiconductor) -- C:\Program Files\Common Files\SM1updtr.dll

========== Files - Modified Within 30 Days ==========

[2010/02/27 22:42:00 | 000,549,888 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
[2010/02/27 13:57:11 | 000,001,619 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2010/02/27 13:57:11 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2010/02/27 11:49:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/02/27 11:47:58 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/02/26 13:34:15 | 000,012,652 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/02/26 13:33:42 | 000,000,458 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/02/26 13:30:36 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/02/26 13:30:32 | 000,015,880 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2010/02/26 13:27:55 | 000,000,875 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/02/26 12:55:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/02/24 11:00:31 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/02/17 11:43:18 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/02/17 11:36:17 | 000,001,737 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/02/17 11:31:58 | 000,000,740 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Acrobat_com.lnk
[2010/02/14 15:32:20 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/02/14 15:32:20 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/02/14 15:32:20 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/02/14 15:32:20 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/02/14 15:32:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010/02/14 15:01:09 | 001,310,720 | -H-- | M] () -- C:\Documents and Settings\Administrator\ntuser.dat
[2010/02/14 14:02:18 | 000,000,950 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/02/14 13:43:41 | 000,258,248 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/02/14 11:15:19 | 000,086,757 | ---- | M] () -- C:\VETlog.dmp
[2010/02/13 20:36:35 | 091,338,304 | ---- | M] (Lavasoft ) -- C:\Documents and Settings\All Users\Documents\Ad-AwareInstallation.exe
[2010/02/13 20:27:51 | 009,732,720 | ---- | M] (PC Tools ) -- C:\Documents and Settings\All Users\Documents\rminstall.exe
[2010/02/13 19:59:24 | 000,001,708 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/02/13 19:59:18 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/02/13 19:28:40 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/02/13 19:28:38 | 002,205,456 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2010/02/13 19:17:18 | 044,518,776 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\setup_av_free.exe
[2010/02/12 23:27:57 | 000,005,196 | ---- | M] () -- C:\WINDOWS\System32\tmp.reg
[2010/02/12 23:26:30 | 001,872,472 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\SmitfraudFix.exe
[2010/02/12 18:40:53 | 000,524,288 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\dds.scr
[2010/02/12 18:25:31 | 000,339,257 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\CleanUp452.exe
[2010/02/12 17:09:06 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\gmer.zip
[2010/02/12 17:05:35 | 000,050,477 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Defogger.exe
[2010/02/12 11:17:42 | 000,066,728 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/02/12 10:15:27 | 000,000,704 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/02/12 10:14:51 | 005,061,512 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Administrator\Desktop\mbam-setup.exe
[2010/02/12 10:08:27 | 000,363,008 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\rkill.com
[2010/02/12 08:37:48 | 000,000,067 | ---- | M] () -- C:\WINDOWS\swupdate.INI
[2010/02/11 17:54:34 | 000,003,643 | ---- | M] () -- C:\WINDOWS\machine.ver
[2010/02/11 12:53:57 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[2010/02/11 12:53:36 | 000,153,184 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/02/11 12:42:34 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/02/11 12:42:13 | 000,162,512 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/02/11 12:39:01 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/02/11 12:38:34 | 000,100,432 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/02/11 12:38:31 | 000,094,800 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/02/11 12:38:23 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/02/11 12:38:07 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/02/07 09:58:14 | 000,000,000 | ---- | M] () -- C:\WINDOWS\iPlayer.INI
[2010/02/06 22:55:07 | 000,000,787 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\InterActual Player.lnk
[2010/02/04 09:53:02 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys

========== Files Created - No Company Name ==========

[2010/02/27 13:57:11 | 000,001,619 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2010/02/27 13:57:11 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2010/02/26 14:20:39 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2010/02/26 13:27:55 | 000,000,875 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/02/23 07:44:04 | 000,000,458 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/02/21 18:26:36 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010/02/21 18:26:34 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/02/17 11:33:11 | 000,001,737 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/02/17 11:31:58 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Acrobat_com.lnk
[2010/02/13 19:59:24 | 000,001,708 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/02/13 19:17:13 | 044,518,776 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\setup_av_free.exe
[2010/02/12 23:27:57 | 000,005,196 | ---- | C] () -- C:\WINDOWS\System32\tmp.reg
[2010/02/12 23:26:30 | 001,872,472 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\SmitfraudFix.exe
[2010/02/12 18:40:50 | 000,524,288 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\dds.scr
[2010/02/12 18:25:28 | 000,339,257 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\CleanUp452.exe
[2010/02/12 17:09:03 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\gmer.zip
[2010/02/12 17:05:29 | 000,050,477 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Defogger.exe
[2010/02/12 10:08:14 | 000,363,008 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\rkill.com
[2010/02/07 09:58:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2010/02/06 22:55:06 | 000,000,787 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\InterActual Player.lnk
[2009/09/27 19:50:51 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2008/05/03 22:28:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CeEKey.INI
[2008/04/06 18:35:09 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2008/04/06 18:35:09 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2007/01/13 23:15:28 | 000,000,067 | ---- | C] () -- C:\WINDOWS\swupdate.INI
[2006/11/20 12:26:11 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/11/20 12:18:47 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/11/20 12:18:47 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/11/20 12:18:47 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/11/20 12:18:47 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/11/20 12:18:47 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/11/20 12:18:46 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/11/20 12:13:32 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2006/06/07 11:26:35 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\SAMMON.DLL
[2006/06/07 11:26:34 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\SamMonNT.dll
[2006/04/12 14:29:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
[2005/12/05 06:00:54 | 000,002,158 | ---- | C] () -- C:\WINDOWS\System32\tmmute.ini
[2005/10/06 08:59:52 | 000,001,140 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005/09/04 02:41:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\TPTray.INI
[2005/01/08 15:42:01 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/01/08 14:42:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2005/01/08 14:27:59 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2005/01/08 14:27:59 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2005/01/08 14:27:59 | 000,010,167 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2005/01/08 14:27:59 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2005/01/08 14:25:34 | 000,006,867 | ---- | C] () -- C:\WINDOWS\System32\drivers\tbiosdrv.sys
[2005/01/08 02:04:14 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/01/08 01:51:36 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/01/08 00:30:05 | 000,000,380 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/01/08 00:28:09 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2005/01/08 00:28:09 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2005/01/08 00:28:09 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2005/01/08 00:28:09 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2005/01/08 00:28:09 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2004/12/29 17:09:52 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\TPeculiarity.dll
[2004/12/14 09:40:16 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\EKECioCtl.dll
[2004/08/12 10:44:10 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\iwca.dll
[2004/08/04 10:58:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/07/21 11:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/06/18 04:54:18 | 001,527,808 | ---- | C] () -- C:\WINDOWS\System32\TosMousePage.dll
[2004/06/18 04:47:48 | 000,770,048 | ---- | C] () -- C:\WINDOWS\System32\TosKeyboardPage.dll
[2004/06/18 04:11:44 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2004/01/16 08:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2004/01/13 20:46:00 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2003/07/30 09:33:26 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\TosHidAPI.dll
[2003/01/07 17:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/06/05 03:58:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll

========== Custom Scans ==========


< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 03:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2009/03/08 03:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll

< %systemroot%\Tasks\*.job /lockedfiles >


< MD5 for: AGP440.SYS >
[2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/09/28 13:43:44 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2008/09/28 13:43:44 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 12:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 12:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/09/28 13:43:44 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008/09/28 13:43:44 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 12:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 12:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/04 06:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 18:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 18:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 06:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/13 18:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 18:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/04 06:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/04 06:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 18:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 18:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 148 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >

Edited by bugaboomdc, 28 February 2010 - 03:08 AM.


#4 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,770 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:03:11 PM

Posted 01 March 2010 - 10:27 AM

Hi,

please run a scan with gmer next:
Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.


  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and re-enable all active protection when done.
-- If you encounter any problems, try running GMER in Safe Mode.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#5 bugaboomdc

bugaboomdc
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 01 March 2010 - 05:17 PM

It keeps giving me an error message when I attach the log results in the reply that it's to long so I had to break it into 2 posts

Thank you,

Charlotte

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-03-01 15:50:52
Windows 5.1.2600 Service Pack 3
Running: tqv2edi6.exe; Driver: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\kgpiaaoc.sys


---- System - GMER 1.0.15 ----

SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwCreateKey [0xF766787E]
SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwSetValueKey [0xF7667BFE]

---- Devices - GMER 1.0.15 ----

Device ACPI.sys (ACPI Driver for NT/Microsoft Corporation)

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Classes\.application@ Application.Manifest
Reg HKLM\SOFTWARE\Classes\.application@Content Type application/x-ms-application
Reg HKLM\SOFTWARE\Classes\.application\bootstrap
Reg HKLM\SOFTWARE\Classes\.application\bootstrap@ bootstrap.application.1
Reg HKLM\SOFTWARE\Classes\.aswcs@ aswsfile
Reg HKLM\SOFTWARE\Classes\.aswcs@Content Type application/avast-aswcs
Reg HKLM\SOFTWARE\Classes\.asws@ aswsfile
Reg HKLM\SOFTWARE\Classes\.asws@Content Type application/avast-asws
Reg HKLM\SOFTWARE\Classes\.AudioCD\PersistentHandler
Reg HKLM\SOFTWARE\Classes\.AudioCD\PersistentHandler@ {098f2470-bae0-11cd-b579-08002b30bfeb}
Reg HKLM\SOFTWARE\Classes\.bwp@ bwpfile
Reg HKLM\SOFTWARE\Classes\.bwp@Content Type application/x-bwpreview
Reg HKLM\SOFTWARE\Classes\.csk@ cskfile
Reg HKLM\SOFTWARE\Classes\.csk@Content Type application/copernic-csk
Reg HKLM\SOFTWARE\Classes\.CTT@ MessengerContactList
Reg HKLM\SOFTWARE\Classes\.dcr@Content Type application/x-director
Reg HKLM\SOFTWARE\Classes\.dir@Content Type application/x-director
Reg HKLM\SOFTWARE\Classes\.docx@ Word.Document.12
Reg HKLM\SOFTWARE\Classes\.docx@Content Type application/vnd.openxmlformats-officedocument.wordprocessingml.document
Reg HKLM\SOFTWARE\Classes\.dvd\PersistentHandler
Reg HKLM\SOFTWARE\Classes\.dvd\PersistentHandler@ {098f2470-bae0-11cd-b579-08002b30bfeb}
Reg HKLM\SOFTWARE\Classes\.dxr@Content Type application/x-director
Reg HKLM\SOFTWARE\Classes\.eta@ Google Earth.etafile
Reg HKLM\SOFTWARE\Classes\.fal@ FormFlow.FormApplicationLocked
Reg HKLM\SOFTWARE\Classes\.fap@ FormFlow.FormApplication
Reg HKLM\SOFTWARE\Classes\.fdr@ FormFlow.Folder
Reg HKLM\SOFTWARE\Classes\.flv@ RealPlayer.FLV.6
Reg HKLM\SOFTWARE\Classes\.flv@PerceivedType video
Reg HKLM\SOFTWARE\Classes\.flv@Content Type video/x-flv
Reg HKLM\SOFTWARE\Classes\.Folder\PersistentHandler
Reg HKLM\SOFTWARE\Classes\.Folder\PersistentHandler@ {098f2470-bae0-11cd-b579-08002b30bfeb}
Reg HKLM\SOFTWARE\Classes\.fpk@ FormFlow.FormPackage
Reg HKLM\SOFTWARE\Classes\.frl@ FormFlow.FormLocked
Reg HKLM\SOFTWARE\Classes\.frm@ PerForm.Form
Reg HKLM\SOFTWARE\Classes\.frp\shell
Reg HKLM\SOFTWARE\Classes\.frp\shell\open
Reg HKLM\SOFTWARE\Classes\.frp\shell\open\command
Reg HKLM\SOFTWARE\Classes\.frp\shell\open\command@ C:\FORMFLOW\dffill.exe %1
Reg HKLM\SOFTWARE\Classes\.frw@ FormFlow.RoutingMap
Reg HKLM\SOFTWARE\Classes\.fs@ PerForm.FormSystem
Reg HKLM\SOFTWARE\Classes\.fsl@ PerForm.FormSystemLocked
Reg HKLM\SOFTWARE\Classes\.fwl@ FormFlow.RoutingMapLocked
Reg HKLM\SOFTWARE\Classes\.gg@ GoogleGadget
Reg HKLM\SOFTWARE\Classes\.gg@Content Type app/gg
Reg HKLM\SOFTWARE\Classes\.gg\GoogleGadget
Reg HKLM\SOFTWARE\Classes\.gg\GoogleGadget\ShellNew
Reg HKLM\SOFTWARE\Classes\.gmanifest@ GoogleGadgetManifest
Reg HKLM\SOFTWARE\Classes\.iad@ iadfile
Reg HKLM\SOFTWARE\Classes\.iad@Content Type application/x-iad
Reg HKLM\SOFTWARE\Classes\.iti@ ITIClient.Document
Reg HKLM\SOFTWARE\Classes\.iti@Content Type application/iti
Reg HKLM\SOFTWARE\Classes\.iti\ShellNew
Reg HKLM\SOFTWARE\Classes\.iti\ShellNew@NullFile
Reg HKLM\SOFTWARE\Classes\.ivr@ RealPlayer.IVR.6
Reg HKLM\SOFTWARE\Classes\.ivr@PerceivedType video
Reg HKLM\SOFTWARE\Classes\.kml@ Google Earth.kmlfile
Reg HKLM\SOFTWARE\Classes\.kmz@ Google Earth.kmzfile
Reg HKLM\SOFTWARE\Classes\.m4v@ RealPlayer.MP4.6
Reg HKLM\SOFTWARE\Classes\.m4v@PerceivedType video
Reg HKLM\SOFTWARE\Classes\.m4v@Content Type video/mpeg4
Reg HKLM\SOFTWARE\Classes\.mbam@ mbam.script
Reg HKLM\SOFTWARE\Classes\.mfp@ MacromediaFlashPaper.MacromediaFlashPaper
Reg HKLM\SOFTWARE\Classes\.mfp@Content Type application/x-shockwave-flash
Reg HKLM\SOFTWARE\Classes\.mka@PerceivedType audio
Reg HKLM\SOFTWARE\Classes\.mka@Content Type audio/x-matroska
Reg HKLM\SOFTWARE\Classes\.mka@ MatroskaVideo
Reg HKLM\SOFTWARE\Classes\.mkv@PerceivedType video
Reg HKLM\SOFTWARE\Classes\.mkv@Content Type video/x-matroska
Reg HKLM\SOFTWARE\Classes\.mkv@ MatroskaVideo
Reg HKLM\SOFTWARE\Classes\.mod@Content Type video/mpeg
Reg HKLM\SOFTWARE\Classes\.mod@PerceivedType video
Reg HKLM\SOFTWARE\Classes\.mod@ mpegfile
Reg HKLM\SOFTWARE\Classes\.mod\OpenWithList
Reg HKLM\SOFTWARE\Classes\.mod\OpenWithList\wmplayer.exe
Reg HKLM\SOFTWARE\Classes\.mod\OpenWithProgIds
Reg HKLM\SOFTWARE\Classes\.mod\OpenWithProgIds@mpegfile
Reg HKLM\SOFTWARE\Classes\.ocm@ MS3.Map
Reg HKLM\SOFTWARE\Classes\.ogg@PerceivedType audio
Reg HKLM\SOFTWARE\Classes\.ogg@Content Type application/ogg
Reg HKLM\SOFTWARE\Classes\.ogg@ ogmfile
Reg HKLM\SOFTWARE\Classes\.ogm@PerceivedType video
Reg HKLM\SOFTWARE\Classes\.ogm@Content Type video/x-ogm
Reg HKLM\SOFTWARE\Classes\.ogm@ ogmfile
Reg HKLM\SOFTWARE\Classes\.pirates_savegame@ pirates_savegame
Reg HKLM\SOFTWARE\Classes\.ps1@ Microsoft.PowerShellScript.1
Reg HKLM\SOFTWARE\Classes\.ps1@PerceivedType Text
Reg HKLM\SOFTWARE\Classes\.ps1xml@ Microsoft.PowerShellXmlData.1
Reg HKLM\SOFTWARE\Classes\.ps1xml@PerceivedType Text
Reg HKLM\SOFTWARE\Classes\.psc1@ Microsoft.PowerShellConsole.1
Reg HKLM\SOFTWARE\Classes\.psc1@Content Type application/PowerShell
Reg HKLM\SOFTWARE\Classes\.rpm@Content Type audio/x-pn-realaudio-plugin
Reg HKLM\SOFTWARE\Classes\.rpm@CLSID {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}
Reg HKLM\SOFTWARE\Classes\.Sims2Pack@ The Sims 2 Package Installer
Reg HKLM\SOFTWARE\Classes\.Sims2Skin@ The Sims 2 Package Installer
Reg HKLM\SOFTWARE\Classes\.sol@Content Type text/plain
Reg HKLM\SOFTWARE\Classes\.sor@Content Type text/plain
Reg HKLM\SOFTWARE\Classes\.spl@ ShockwaveFlash.ShockwaveFlash
Reg HKLM\SOFTWARE\Classes\.spl@Content Type application/futuresplash
Reg HKLM\SOFTWARE\Classes\.wdp@ wdpfile
Reg HKLM\SOFTWARE\Classes\.wdp@Content Type image/vnd.ms-photo
Reg HKLM\SOFTWARE\Classes\.wdp@PerceivedType image
Reg HKLM\SOFTWARE\Classes\.wdp\OpenWithProgids
Reg HKLM\SOFTWARE\Classes\.wdp\OpenWithProgids@wdpfile 0x00 0x00 0x00 0x00
Reg HKLM\SOFTWARE\Classes\.wdp\ShellEx
Reg HKLM\SOFTWARE\Classes\.wdp\ShellEx\{BB2E617C-0920-11d1-9A0B-00C04FC2D6C1}
Reg HKLM\SOFTWARE\Classes\.wdp\ShellEx\{BB2E617C-0920-11d1-9A0B-00C04FC2D6C1}@ {3F30C968-480A-4C6C-862D-EFC0897BB84B}
Reg HKLM\SOFTWARE\Classes\.wdp\ShellEx\{E357FCCD-A995-4576-B01F-234630154E96}
Reg HKLM\SOFTWARE\Classes\.wdp\ShellEx\{E357FCCD-A995-4576-B01F-234630154E96}@ {C7657C4A-9F68-40fa-A4DF-96BC08EB3551}
Reg HKLM\SOFTWARE\Classes\.wpk@ FormFlow.WorkflowPackage
Reg HKLM\SOFTWARE\Classes\.xaml@Content Type application/xaml+xml
Reg HKLM\SOFTWARE\Classes\.xaml@ Windows.XamlDocument
Reg HKLM\SOFTWARE\Classes\.xaml\bootstrap
Reg HKLM\SOFTWARE\Classes\.xaml\bootstrap@ bootstrap.xaml.1
Reg HKLM\SOFTWARE\Classes\.xbap@Content Type application/x-ms-xbap
Reg HKLM\SOFTWARE\Classes\.xbap@ Windows.Xbap
Reg HKLM\SOFTWARE\Classes\.xbap\bootstrap
Reg HKLM\SOFTWARE\Classes\.xbap\bootstrap@ bootstrap.xbap.1
Reg HKLM\SOFTWARE\Classes\.xml@ xmlfile
Reg HKLM\SOFTWARE\Classes\.xml@Content Type text/xml
Reg HKLM\SOFTWARE\Classes\.xml\OpenWithList
Reg HKLM\SOFTWARE\Classes\.xml\OpenWithList\infopath.exe
Reg HKLM\SOFTWARE\Classes\.xml\OpenWithList\infopath.exe@
Reg HKLM\SOFTWARE\Classes\.xml\OpenWithList\winword.exe
Reg HKLM\SOFTWARE\Classes\.xml\OpenWithList\winword.exe@
Reg HKLM\SOFTWARE\Classes\.xml\PersistentHandler
Reg HKLM\SOFTWARE\Classes\.xml\PersistentHandler@ {5e941d80-bf96-11cd-b579-08002b30bfeb}
Reg HKLM\SOFTWARE\Classes\.xps@Content Type application/vnd.ms-xpsdocument
Reg HKLM\SOFTWARE\Classes\.xps@ XPSViewer.Document
Reg HKLM\SOFTWARE\Classes\.xps\bootstrap
Reg HKLM\SOFTWARE\Classes\.xps\bootstrap@ bootstrap.xps.1
Reg HKLM\SOFTWARE\Classes\.xps\OpensWithProgIds
Reg HKLM\SOFTWARE\Classes\.xps\OpensWithProgIds@XPSViewer.Document 0
Reg HKLM\SOFTWARE\Classes\.xps\PersistentHandler
Reg HKLM\SOFTWARE\Classes\.xps\PersistentHandler@ {A9A9AA2F-CAA7-4A6F-95D2-769C556E325B}
Reg HKLM\SOFTWARE\Classes\.xsl@ xslfile
Reg HKLM\SOFTWARE\Classes\.xsl@Content Type text/xml
Reg HKLM\SOFTWARE\Classes\.xsl\PersistentHandler
Reg HKLM\SOFTWARE\Classes\.xsl\PersistentHandler@ {5e941d80-bf96-11cd-b579-08002b30bfeb}
Reg HKLM\SOFTWARE\Classes\A3d@ A3d Object
Reg HKLM\SOFTWARE\Classes\A3d\CLSID
Reg HKLM\SOFTWARE\Classes\A3d\CLSID@ {d8f1eee0-f634-11cf-8700-00a0245d918b}
Reg HKLM\SOFTWARE\Classes\A3dApi@ A3dApi Object
Reg HKLM\SOFTWARE\Classes\A3dApi\CLSID
Reg HKLM\SOFTWARE\Classes\A3dApi\CLSID@ {92FA2C24-253C-11d2-90FB-006008A1F441}
Reg HKLM\SOFTWARE\Classes\A3dDAL@ A3dDAL Object
Reg HKLM\SOFTWARE\Classes\A3dDAL\CLSID
Reg HKLM\SOFTWARE\Classes\A3dDAL\CLSID@ {442D12A1-2641-11d2-90FB-006008A1F441}
Reg HKLM\SOFTWARE\Classes\ActiveSkin4.Skin@ ActiveSkin Control
Reg HKLM\SOFTWARE\Classes\ActiveSkin4.Skin\CLSID
Reg HKLM\SOFTWARE\Classes\ActiveSkin4.Skin\CLSID@ {0944D16C-D0F4-4389-982A-A085595A9EB3}
Reg HKLM\SOFTWARE\Classes\ActiveSkin4.Skin\CurVer
Reg HKLM\SOFTWARE\Classes\ActiveSkin4.Skin\CurVer@ ActiveSkin4.Skin.1
Reg HKLM\SOFTWARE\Classes\ActiveSkin4.Skin.1@ ActiveSkin Control
Reg HKLM\SOFTWARE\Classes\ActiveSkin4.Skin.1\CLSID
Reg HKLM\SOFTWARE\Classes\ActiveSkin4.Skin.1\CLSID@ {0944D16C-D0F4-4389-982A-A085595A9EB3}
Reg HKLM\SOFTWARE\Classes\ActiveSkin4.SkinLabel@ SkinLabel Control
Reg HKLM\SOFTWARE\Classes\ActiveSkin4.SkinLabel\CLSID
Reg HKLM\SOFTWARE\Classes\ActiveSkin4.SkinLabel\CLSID@ {5954EA75-9BFA-461A-BD34-CEA3A861FF19}
Reg HKLM\SOFTWARE\Classes\ActiveSkin4.SkinLabel\CurVer
Reg HKLM\SOFTWARE\Classes\ActiveSkin4.SkinLabel\CurVer@ ActiveSkin4.SkinLabel.1
Reg HKLM\SOFTWARE\Classes\ActiveSkin4.SkinLabel.1@ SkinLabel Control
Reg HKLM\SOFTWARE\Classes\ActiveSkin4.SkinLabel.1\CLSID
Reg HKLM\SOFTWARE\Classes\ActiveSkin4.SkinLabel.1\CLSID@ {5954EA75-9BFA-461A-BD34-CEA3A861FF19}
Reg HKLM\SOFTWARE\Classes\adbanner.adbanner@ adbanner Class
Reg HKLM\SOFTWARE\Classes\adbanner.adbanner\CurVer
Reg HKLM\SOFTWARE\Classes\adbanner.adbanner\CurVer@ adbanner.adbanner.1
Reg HKLM\SOFTWARE\Classes\adbanner.adbanner.1@ adbanner Class
Reg HKLM\SOFTWARE\Classes\adbanner.adbanner.1\CLSID
Reg HKLM\SOFTWARE\Classes\adbanner.adbanner.1\CLSID@ {89643D21-7B2A-11d1-8271-00A0C91F9CA0}
Reg HKLM\SOFTWARE\Classes\aim@ URL: AOL Instant Messenger Protocol
Reg HKLM\SOFTWARE\Classes\aim@URL Protocol
Reg HKLM\SOFTWARE\Classes\aim\shell
Reg HKLM\SOFTWARE\Classes\aim\shell\open
Reg HKLM\SOFTWARE\Classes\aim\shell\open\command
Reg HKLM\SOFTWARE\Classes\aim\shell\open\command@ "C:\Program Files\AIM\aim.exe" %1
Reg HKLM\SOFTWARE\Classes\AMOVIE.ActiveMovie Control@ ActiveMovie Control Object
Reg HKLM\SOFTWARE\Classes\AMOVIE.ActiveMovie Control\CurVer
Reg HKLM\SOFTWARE\Classes\AMOVIE.ActiveMovie Control\CurVer@ AMOVIE.ActiveMovie Control.2
Reg HKLM\SOFTWARE\Classes\AMOVIE.ActiveMovie Control.2@ ActiveMovie Control Object
Reg HKLM\SOFTWARE\Classes\AMOVIE.ActiveMovie Control.2@EditFlags 65536
Reg HKLM\SOFTWARE\Classes\AMOVIE.ActiveMovie Control.2\CLSID
Reg HKLM\SOFTWARE\Classes\AMOVIE.ActiveMovie Control.2\CLSID@ {05589FA1-C356-11CE-BF01-00AA0055595A}
Reg HKLM\SOFTWARE\Classes\AMOVIE.ActiveMovieControl@ ActiveMovie Control Object
Reg HKLM\SOFTWARE\Classes\AMOVIE.ActiveMovieControl\CurVer
Reg HKLM\SOFTWARE\Classes\AMOVIE.ActiveMovieControl\CurVer@ AMOVIE.ActiveMovie Control.2
Reg HKLM\SOFTWARE\Classes\AMOVIE.ActiveMovieControl.2@ ActiveMovie Control Object
Reg HKLM\SOFTWARE\Classes\AMOVIE.ActiveMovieControl.2\CLSID
Reg HKLM\SOFTWARE\Classes\AMOVIE.ActiveMovieControl.2\CLSID@ {05589FA1-C356-11CE-BF01-00AA0055595A}
Reg HKLM\SOFTWARE\Classes\AMtoolbar.AMtoolbar@ AMtoolbar Class
Reg HKLM\SOFTWARE\Classes\AMtoolbar.AMtoolbar\CurVer
Reg HKLM\SOFTWARE\Classes\AMtoolbar.AMtoolbar\CurVer@ AMtoolbar.AMtoolbar.1
Reg HKLM\SOFTWARE\Classes\AMtoolbar.AMtoolbar.1@ AMtoolbar Class
Reg HKLM\SOFTWARE\Classes\AMtoolbar.AMtoolbar.1\CLSID
Reg HKLM\SOFTWARE\Classes\AMtoolbar.AMtoolbar.1\CLSID@ {0368BFF0-9870-11D0-94AB-0080C74C7E95}
Reg HKLM\SOFTWARE\Classes\APIRouter.APIRouter@ APIRouter2 Class
Reg HKLM\SOFTWARE\Classes\APIRouter.APIRouter\CurVer
Reg HKLM\SOFTWARE\Classes\APIRouter.APIRouter\CurVer@ APIRouter.APIRouter.2
Reg HKLM\SOFTWARE\Classes\APIRouter.APIRouter.2@ APIRouter2 Class
Reg HKLM\SOFTWARE\Classes\APIRouter.APIRouter.2\CLSID
Reg HKLM\SOFTWARE\Classes\APIRouter.APIRouter.2\CLSID@ {9CA95537-CD21-4432-95FD-E67A197D4B36}
Reg HKLM\SOFTWARE\Classes\AppLogic.AppLogic@ AppLogic Class
Reg HKLM\SOFTWARE\Classes\AppLogic.AppLogic\CurVer
Reg HKLM\SOFTWARE\Classes\AppLogic.AppLogic\CurVer@ AppLogic.AppLogic.1
Reg HKLM\SOFTWARE\Classes\AppLogic.AppLogic.1@ AppLogic Class
Reg HKLM\SOFTWARE\Classes\AppLogic.AppLogic.1\CLSID
Reg HKLM\SOFTWARE\Classes\AppLogic.AppLogic.1\CLSID@ {F647EB32-072D-435C-86EC-C26847ADE8B6}
Reg HKLM\SOFTWARE\Classes\aswcsfile@ avast! Compressed Skin
Reg HKLM\SOFTWARE\Classes\aswcsfile@EditFlags 65536
Reg HKLM\SOFTWARE\Classes\aswcsfile@BrowserFlags 8
Reg HKLM\SOFTWARE\Classes\aswcsfile\shell
Reg HKLM\SOFTWARE\Classes\aswcsfile\shell@
Reg HKLM\SOFTWARE\Classes\aswcsfile\shell\open
Reg HKLM\SOFTWARE\Classes\aswcsfile\shell\open@
Reg HKLM\SOFTWARE\Classes\aswcsfile\shell\open\command
Reg HKLM\SOFTWARE\Classes\aswcsfile\shell\open\command@ "C:\Program Files\Alwil Software\Avast4\ashSimpl.exe" "%1"
Reg HKLM\SOFTWARE\Classes\aswsfile@ avast! Skin
Reg HKLM\SOFTWARE\Classes\aswsfile@EditFlags 65536
Reg HKLM\SOFTWARE\Classes\aswsfile@BrowserFlags 8
Reg HKLM\SOFTWARE\Classes\aswsfile\shell
Reg HKLM\SOFTWARE\Classes\aswsfile\shell@
Reg HKLM\SOFTWARE\Classes\aswsfile\shell\open
Reg HKLM\SOFTWARE\Classes\aswsfile\shell\open@
Reg HKLM\SOFTWARE\Classes\aswsfile\shell\open\command
Reg HKLM\SOFTWARE\Classes\aswsfile\shell\open\command@ "C:\Program Files\Alwil Software\Avast4\ashSimpl.exe" "%1"
Reg HKLM\SOFTWARE\Classes\AuthorInfo.AuthorInfo@ AuthorInfo Class
Reg HKLM\SOFTWARE\Classes\AuthorInfo.AuthorInfo\CurVer
Reg HKLM\SOFTWARE\Classes\AuthorInfo.AuthorInfo\CurVer@ AuthorInfo.AuthorInfo.1
Reg HKLM\SOFTWARE\Classes\AuthorInfo.AuthorInfo.1@ AuthorInfo Class
Reg HKLM\SOFTWARE\Classes\AuthorInfo.AuthorInfo.1\CLSID
Reg HKLM\SOFTWARE\Classes\AuthorInfo.AuthorInfo.1\CLSID@ {78EE0B33-2D96-45D7-8E13-6FE41B51EE2F}
Reg HKLM\SOFTWARE\Classes\AutoProto.AutoProto@ AutoProto Class
Reg HKLM\SOFTWARE\Classes\AutoProto.AutoProto\CurVer
Reg HKLM\SOFTWARE\Classes\AutoProto.AutoProto\CurVer@ AutoProto.AutoProto.1
Reg HKLM\SOFTWARE\Classes\AutoProto.AutoProto.1@ AutoProto Class
Reg HKLM\SOFTWARE\Classes\AutoProto.AutoProto.1\CLSID
Reg HKLM\SOFTWARE\Classes\AutoProto.AutoProto.1\CLSID@ {D24C7F41-2F44-11D3-92EF-00C0F01F77C1}
Reg HKLM\SOFTWARE\Classes\AutoStream.AutoStream@ AutoStream Class
Reg HKLM\SOFTWARE\Classes\AutoStream.AutoStream\CurVer
Reg HKLM\SOFTWARE\Classes\AutoStream.AutoStream\CurVer@ AutoStream.AutoStream.1
Reg HKLM\SOFTWARE\Classes\AutoStream.AutoStream.1@ AutoStream Class
Reg HKLM\SOFTWARE\Classes\AutoStream.AutoStream.1\CLSID
Reg HKLM\SOFTWARE\Classes\AutoStream.AutoStream.1\CLSID@ {405DE7C0-E7DD-11D2-92C5-00C0F01F77C1}
Reg HKLM\SOFTWARE\Classes\AvAScr.sbScanner@ sbScanner Class
Reg HKLM\SOFTWARE\Classes\AvAScr.sbScanner\CLSID
Reg HKLM\SOFTWARE\Classes\AvAScr.sbScanner\CLSID@ {7BFC2BD7-0937-41EA-8872-CE3B27E08F84}
Reg HKLM\SOFTWARE\Classes\AvAScr.sbScanner\CurVer
Reg HKLM\SOFTWARE\Classes\AvAScr.sbScanner\CurVer@ AvAScr.sbScanner.1
Reg HKLM\SOFTWARE\Classes\AvAScr.sbScanner.1@ sbScanner Class
Reg HKLM\SOFTWARE\Classes\AvAScr.sbScanner.1\CLSID
Reg HKLM\SOFTWARE\Classes\AvAScr.sbScanner.1\CLSID@ {7BFC2BD7-0937-41EA-8872-CE3B27E08F84}
Reg HKLM\SOFTWARE\Classes\avast\ShellEx
Reg HKLM\SOFTWARE\Classes\avast\ShellEx\ContextMenuHandlers
Reg HKLM\SOFTWARE\Classes\avast\ShellEx\ContextMenuHandlers@ {472083B0-C522-11CF-8763-00608CC02F24}
Reg HKLM\SOFTWARE\Classes\BackWeb.Client-7288971@ BackWeb Client
Reg HKLM\SOFTWARE\Classes\BackWeb.Client-7288971\CLSID
Reg HKLM\SOFTWARE\Classes\BackWeb.Client-7288971\CLSID@ {034E43C2-36FC-4BDE-97C5-25E6FC4444B6}
Reg HKLM\SOFTWARE\Classes\BarControl.GoogleBarControl2@ GoogleBarControl2 Class
Reg HKLM\SOFTWARE\Classes\BarControl.GoogleBarControl2\CLSID
Reg HKLM\SOFTWARE\Classes\BarControl.GoogleBarControl2\CLSID@ {3338A2DD-8C8E-4AC8-94E8-FD248849D77F}
Reg HKLM\SOFTWARE\Classes\BarControl.GoogleBarControl2\CurVer
Reg HKLM\SOFTWARE\Classes\BarControl.GoogleBarControl2\CurVer@ BarControl.GoogleBarControl2.1
Reg HKLM\SOFTWARE\Classes\BarControl.GoogleBarControl2.1@ GoogleBarControl2 Class
Reg HKLM\SOFTWARE\Classes\BarControl.GoogleBarControl2.1\CLSID
Reg HKLM\SOFTWARE\Classes\BarControl.GoogleBarControl2.1\CLSID@ {3338A2DD-8C8E-4AC8-94E8-FD248849D77F}
Reg HKLM\SOFTWARE\Classes\BaseObject.BaseObject@ BaseObject Class
Reg HKLM\SOFTWARE\Classes\BaseObject.BaseObject\CurVer
Reg HKLM\SOFTWARE\Classes\BaseObject.BaseObject\CurVer@ BaseObject.BaseObject.1
Reg HKLM\SOFTWARE\Classes\BaseObject.BaseObject.1@ BaseObject Class
Reg HKLM\SOFTWARE\Classes\BaseObject.BaseObject.1\CLSID
Reg HKLM\SOFTWARE\Classes\BaseObject.BaseObject.1\CLSID@ {49724DB4-2E28-4ECE-BD1F-9074F398ECF6}
Reg HKLM\SOFTWARE\Classes\BCA.BCA@ BCA Class
Reg HKLM\SOFTWARE\Classes\BCA.BCA\CurVer
Reg HKLM\SOFTWARE\Classes\BCA.BCA\CurVer@ BCA.BCA.1
Reg HKLM\SOFTWARE\Classes\BCA.BCA.1@ BCA Class
Reg HKLM\SOFTWARE\Classes\BCA.BCA.1\CLSID
Reg HKLM\SOFTWARE\Classes\BCA.BCA.1\CLSID@ {CC1F1428-CC4E-42B1-B857-6C3F742E9F4B}
Reg HKLM\SOFTWARE\Classes\bootstrap.application@ WinFX Bootstrapper for .application
Reg HKLM\SOFTWARE\Classes\bootstrap.application\CLSID
Reg HKLM\SOFTWARE\Classes\bootstrap.application\CLSID@ {0a402d70-1f10-4ae7-bec9-286a98240695}
Reg HKLM\SOFTWARE\Classes\bootstrap.application\CurVer
Reg HKLM\SOFTWARE\Classes\bootstrap.application\CurVer@ bootstrap.application.1
Reg HKLM\SOFTWARE\Classes\bootstrap.application.1@ WinFX Bootstrapper for .application
Reg HKLM\SOFTWARE\Classes\bootstrap.application.1@DocObject 0
Reg HKLM\SOFTWARE\Classes\bootstrap.application.1\CLSID
Reg HKLM\SOFTWARE\Classes\bootstrap.application.1\CLSID@ {0a402d70-1f10-4ae7-bec9-286a98240695}
Reg HKLM\SOFTWARE\Classes\bootstrap.application.1\DocObject
Reg HKLM\SOFTWARE\Classes\bootstrap.application.1\DocObject@ 0
Reg HKLM\SOFTWARE\Classes\bootstrap.xaml@ WinFX Bootstrapper for .xaml
Reg HKLM\SOFTWARE\Classes\bootstrap.xaml\CLSID
Reg HKLM\SOFTWARE\Classes\bootstrap.xaml\CLSID@ {7210ff00-0bcf-4dba-992a-80f60882922b}
Reg HKLM\SOFTWARE\Classes\bootstrap.xaml\CurVer
Reg HKLM\SOFTWARE\Classes\bootstrap.xaml\CurVer@ bootstrap.xaml.1
Reg HKLM\SOFTWARE\Classes\bootstrap.xaml.1@ WinFX Bootstrapper for .xaml
Reg HKLM\SOFTWARE\Classes\bootstrap.xaml.1@DocObject 0
Reg HKLM\SOFTWARE\Classes\bootstrap.xaml.1\CLSID
Reg HKLM\SOFTWARE\Classes\bootstrap.xaml.1\CLSID@ {7210ff00-0bcf-4dba-992a-80f60882922b}
Reg HKLM\SOFTWARE\Classes\bootstrap.xaml.1\DocObject
Reg HKLM\SOFTWARE\Classes\bootstrap.xaml.1\DocObject@ 0
Reg HKLM\SOFTWARE\Classes\bootstrap.xbap@ WinFX Bootstrapper for .xbap
Reg HKLM\SOFTWARE\Classes\bootstrap.xbap\CLSID
Reg HKLM\SOFTWARE\Classes\bootstrap.xbap\CLSID@ {89f11169-844a-4725-b7a5-c342c50431a7}
Reg HKLM\SOFTWARE\Classes\bootstrap.xbap\CurVer
Reg HKLM\SOFTWARE\Classes\bootstrap.xbap\CurVer@ bootstrap.xbap.1
Reg HKLM\SOFTWARE\Classes\bootstrap.xbap.1@ WinFX Bootstrapper for .xbap
Reg HKLM\SOFTWARE\Classes\bootstrap.xbap.1@DocObject 0
Reg HKLM\SOFTWARE\Classes\bootstrap.xbap.1\CLSID
Reg HKLM\SOFTWARE\Classes\bootstrap.xbap.1\CLSID@ {89f11169-844a-4725-b7a5-c342c50431a7}
Reg HKLM\SOFTWARE\Classes\bootstrap.xbap.1\DocObject
Reg HKLM\SOFTWARE\Classes\bootstrap.xbap.1\DocObject@ 0
Reg HKLM\SOFTWARE\Classes\bootstrap.xps@ WinFX Bootstrapper for .xps
Reg HKLM\SOFTWARE\Classes\bootstrap.xps\CLSID
Reg HKLM\SOFTWARE\Classes\bootstrap.xps\CLSID@ {c18d5e87-12b4-46a3-ae40-67cf39bc6758}
Reg HKLM\SOFTWARE\Classes\bootstrap.xps\CurVer
Reg HKLM\SOFTWARE\Classes\bootstrap.xps\CurVer@ bootstrap.xps.1
Reg HKLM\SOFTWARE\Classes\bootstrap.xps.1@ WinFX Bootstrapper for .xps
Reg HKLM\SOFTWARE\Classes\bootstrap.xps.1@DocObject 0
Reg HKLM\SOFTWARE\Classes\bootstrap.xps.1\CLSID
Reg HKLM\SOFTWARE\Classes\bootstrap.xps.1\CLSID@ {c18d5e87-12b4-46a3-ae40-67cf39bc6758}
Reg HKLM\SOFTWARE\Classes\bootstrap.xps.1\DocObject
Reg HKLM\SOFTWARE\Classes\bootstrap.xps.1\DocObject@ 0
Reg HKLM\SOFTWARE\Classes\Browser.Browser@ Browser Class
Reg HKLM\SOFTWARE\Classes\Browser.Browser\CurVer
Reg HKLM\SOFTWARE\Classes\Browser.Browser\CurVer@ Browser.Browser.1
Reg HKLM\SOFTWARE\Classes\Browser.Browser.1@ Browser Class
Reg HKLM\SOFTWARE\Classes\Browser.Browser.1\CLSID
Reg HKLM\SOFTWARE\Classes\Browser.Browser.1\CLSID@ {89F83FC5-4EAF-4E78-B781-6F8C760E4E07}
Reg HKLM\SOFTWARE\Classes\Browser.Browser.1\Insertable
Reg HKLM\SOFTWARE\Classes\bwpfile@ BackWeb InfoPak Preview File
Reg HKLM\SOFTWARE\Classes\bwpfile\Shell
Reg HKLM\SOFTWARE\Classes\bwpfile\Shell\open
Reg HKLM\SOFTWARE\Classes\bwpfile\Shell\open\command
Reg HKLM\SOFTWARE\Classes\bwpfile\Shell\open\command@ C:\Program Files\Kodak\Kodak Software Updater\7288971\6.3.2.62-7288971L\Program\PrvCnt.exe "%1"
Reg HKLM\SOFTWARE\Classes\CabPersist.CabPersist@ CabPersist Class
Reg HKLM\SOFTWARE\Classes\CabPersist.CabPersist\CurVer
Reg HKLM\SOFTWARE\Classes\CabPersist.CabPersist\CurVer@ CabPersist.CabPersist.1
Reg HKLM\SOFTWARE\Classes\CabPersist.CabPersist.1@ CabPersist Class
Reg HKLM\SOFTWARE\Classes\CabPersist.CabPersist.1\CLSID
Reg HKLM\SOFTWARE\Classes\CabPersist.CabPersist.1\CLSID@ {2BCEFE97-B06D-4871-8201-230273EA0966}
Reg HKLM\SOFTWARE\Classes\CmdLineExt.CmdLineContextMenu@ CmdLineContextMenu Class
Reg HKLM\SOFTWARE\Classes\CmdLineExt.CmdLineContextMenu\CLSID
Reg HKLM\SOFTWARE\Classes\CmdLineExt.CmdLineContextMenu\CLSID@ {9869EFB4-18E9-11D3-A837-00104B9E30B5}
Reg HKLM\SOFTWARE\Classes\CmdLineExt.CmdLineContextMenu\CurVer
Reg HKLM\SOFTWARE\Classes\CmdLineExt.CmdLineContextMenu\CurVer@ CmdLineExt.CmdLineContextMenu.1
Reg HKLM\SOFTWARE\Classes\CmdLineExt.CmdLineContextMenu.1@ CmdLineContextMenu Class
Reg HKLM\SOFTWARE\Classes\CmdLineExt.CmdLineContextMenu.1\CLSID
Reg HKLM\SOFTWARE\Classes\CmdLineExt.CmdLineContextMenu.1\CLSID@ {9869EFB4-18E9-11D3-A837-00104B9E30B5}
Reg HKLM\SOFTWARE\Classes\COMBOBOX.ComboboxCtrl.1@ FormFlow ComboBox Control
Reg HKLM\SOFTWARE\Classes\COMBOBOX.ComboboxCtrl.1\CLSID
Reg HKLM\SOFTWARE\Classes\COMBOBOX.ComboboxCtrl.1\CLSID@ {AF2D61E0-0768-11D0-BEAC-00805FE452DA}
Reg HKLM\SOFTWARE\Classes\COMBOBOX.ComboboxCtrl.1\Insertable
Reg HKLM\SOFTWARE\Classes\COMBOBOX.ComboboxCtrl.1\Insertable@
Reg HKLM\SOFTWARE\Classes\CommonServices.EventService@ EventService Class
Reg HKLM\SOFTWARE\Classes\CommonServices.EventService\CLSID
Reg HKLM\SOFTWARE\Classes\CommonServices.EventService\CLSID@ {6D8FBC96-F826-44E4-B184-3EBF72DBDD46}
Reg HKLM\SOFTWARE\Classes\CommonServices.EventService\CurVer
Reg HKLM\SOFTWARE\Classes\CommonServices.EventService\CurVer@ CommonServices.EventService.1
Reg HKLM\SOFTWARE\Classes\CommonServices.EventService.1@ EventService Class
Reg HKLM\SOFTWARE\Classes\CommonServices.EventService.1\CLSID
Reg HKLM\SOFTWARE\Classes\CommonServices.EventService.1\CLSID@ {6D8FBC96-F826-44E4-B184-3EBF72DBDD46}
Reg HKLM\SOFTWARE\Classes\CommonServices.Mediator@ Mediator Class
Reg HKLM\SOFTWARE\Classes\CommonServices.Mediator\CLSID
Reg HKLM\SOFTWARE\Classes\CommonServices.Mediator\CLSID@ {7EA93289-354E-4A54-964C-BD5C24EC4578}
Reg HKLM\SOFTWARE\Classes\CommonServices.Mediator\CurVer
Reg HKLM\SOFTWARE\Classes\CommonServices.Mediator\CurVer@ CommonServices.Mediator.1
Reg HKLM\SOFTWARE\Classes\CommonServices.Mediator.1@ Mediator Class
Reg HKLM\SOFTWARE\Classes\CommonServices.Mediator.1\CLSID
Reg HKLM\SOFTWARE\Classes\CommonServices.Mediator.1\CLSID@ {7EA93289-354E-4A54-964C-BD5C24EC4578}
Reg HKLM\SOFTWARE\Classes\CommonServices.MessageStore@ MessageStore Class
Reg HKLM\SOFTWARE\Classes\CommonServices.MessageStore\CLSID
Reg HKLM\SOFTWARE\Classes\CommonServices.MessageStore\CLSID@ {4E88A42C-8304-4917-955D-4812B1539AF2}
Reg HKLM\SOFTWARE\Classes\CommonServices.MessageStore\CurVer
Reg HKLM\SOFTWARE\Classes\CommonServices.MessageStore\CurVer@ CommonServices.MessageStore.1
Reg HKLM\SOFTWARE\Classes\CommonServices.MessageStore.1@ MessageStore Class
Reg HKLM\SOFTWARE\Classes\CommonServices.MessageStore.1\CLSID
Reg HKLM\SOFTWARE\Classes\CommonServices.MessageStore.1\CLSID@ {4E88A42C-8304-4917-955D-4812B1539AF2}
Reg HKLM\SOFTWARE\Classes\ConnectInfo.ConnectInfo@ ConnectInfo Class
Reg HKLM\SOFTWARE\Classes\ConnectInfo.ConnectInfo\CurVer
Reg HKLM\SOFTWARE\Classes\ConnectInfo.ConnectInfo\CurVer@ ConnectInfo.ConnectInfo.1
Reg HKLM\SOFTWARE\Classes\ConnectInfo.ConnectInfo.1@ ConnectInfo Class
Reg HKLM\SOFTWARE\Classes\ConnectInfo.ConnectInfo.1\CLSID
Reg HKLM\SOFTWARE\Classes\ConnectInfo.ConnectInfo.1\CLSID@ {4C3FE2E6-55EA-43EB-BA51-A0A7D4D9C254}
Reg HKLM\SOFTWARE\Classes\ConnectInfo2.ConnectInfo2@ ConnectInfo2 Class
Reg HKLM\SOFTWARE\Classes\ConnectInfo2.ConnectInfo2\CurVer
Reg HKLM\SOFTWARE\Classes\ConnectInfo2.ConnectInfo2\CurVer@ ConnectInfo2.ConnectInfo2.1
Reg HKLM\SOFTWARE\Classes\ConnectInfo2.ConnectInfo2.1@ ConnectInfo2 Class
Reg HKLM\SOFTWARE\Classes\ConnectInfo2.ConnectInfo2.1\CLSID
Reg HKLM\SOFTWARE\Classes\ConnectInfo2.ConnectInfo2.1\CLSID@ {08647E0B-8098-4979-A2DC-832799BC27E9}
Reg HKLM\SOFTWARE\Classes\ConnectPin.ConnectPin@ ConnectPin Class
Reg HKLM\SOFTWARE\Classes\ConnectPin.ConnectPin\CurVer
Reg HKLM\SOFTWARE\Classes\ConnectPin.ConnectPin\CurVer@ ConnectPin.ConnectPin.1
Reg HKLM\SOFTWARE\Classes\ConnectPin.ConnectPin.1@ ConnectPin Class
Reg HKLM\SOFTWARE\Classes\ConnectPin.ConnectPin.1\CLSID
Reg HKLM\SOFTWARE\Classes\ConnectPin.ConnectPin.1\CLSID@ {6D87D866-76F5-4733-A41F-7ADFF033865B}
Reg HKLM\SOFTWARE\Classes\Control@ Video Class
Reg HKLM\SOFTWARE\Classes\Control\CurVer
Reg HKLM\SOFTWARE\Classes\Control\CurVer@ PCFriendly.PCFriendly Control.1
Reg HKLM\SOFTWARE\Classes\Control.1@ Video Class
Reg HKLM\SOFTWARE\Classes\Control.1\CLSID
Reg HKLM\SOFTWARE\Classes\Control.1\CLSID@ {A0739DE5-571F-11D2-A031-0060977F760C}
Reg HKLM\SOFTWARE\Classes\Control.1\Insertable
Reg HKLM\SOFTWARE\Classes\data-file\Shell
Reg HKLM\SOFTWARE\Classes\data-file\Shell\open
Reg HKLM\SOFTWARE\Classes\data-file\Shell\open\command
Reg HKLM\SOFTWARE\Classes\data-file\Shell\open\command@ C:\WINDOWS\notepad.exe "%1"
Reg HKLM\SOFTWARE\Classes\Delrina.Chameleon.1@ Chameleon Control
Reg HKLM\SOFTWARE\Classes\Delrina.Chameleon.1\CLSID
Reg HKLM\SOFTWARE\Classes\Delrina.Chameleon.1\CLSID@ {A46E6E30-D420-11CE-8CCE-00805FB47ADF}
Reg HKLM\SOFTWARE\Classes\DescriptionData.DescriptionData@ DescriptionData Class
Reg HKLM\SOFTWARE\Classes\DescriptionData.DescriptionData\CurVer
Reg HKLM\SOFTWARE\Classes\DescriptionData.DescriptionData\CurVer@ DescriptionData.DescriptionData.1
Reg HKLM\SOFTWARE\Classes\DescriptionData.DescriptionData.1@ DescriptionData Class
Reg HKLM\SOFTWARE\Classes\DescriptionData.DescriptionData.1\CLSID
Reg HKLM\SOFTWARE\Classes\DescriptionData.DescriptionData.1\CLSID@ {8925CA71-5B2A-45B9-B214-A63C715D15FB}
Reg HKLM\SOFTWARE\Classes\DirectFrame.DirectContainer@ DirectContainer Class
Reg HKLM\SOFTWARE\Classes\DirectFrame.DirectContainer\CLSID
Reg HKLM\SOFTWARE\Classes\DirectFrame.DirectContainer\CLSID@ {39A2C2A9-4778-11D2-9BDB-204C4F4F5020}
Reg HKLM\SOFTWARE\Classes\DirectFrame.DirectContainer\CurVer
Reg HKLM\SOFTWARE\Classes\DirectFrame.DirectContainer\CurVer@ DirectFrame.DirectContainer.1
Reg HKLM\SOFTWARE\Classes\DirectFrame.DirectContainer.1@ DirectContainer Class
Reg HKLM\SOFTWARE\Classes\DirectFrame.DirectContainer.1\CLSID
Reg HKLM\SOFTWARE\Classes\DirectFrame.DirectContainer.1\CLSID@ {39A2C2A9-4778-11D2-9BDB-204C4F4F5020}
Reg HKLM\SOFTWARE\Classes\DirectFrame.DirectControl@ DirectControl Class
Reg HKLM\SOFTWARE\Classes\DirectFrame.DirectControl\CLSID
Reg HKLM\SOFTWARE\Classes\DirectFrame.DirectControl\CLSID@ {39A2C2A6-4778-11D2-9BDB-204C4F4F5020}
Reg HKLM\SOFTWARE\Classes\DirectFrame.DirectControl\CurVer
Reg HKLM\SOFTWARE\Classes\DirectFrame.DirectControl\CurVer@ DirectFrame.DirectControl.1
Reg HKLM\SOFTWARE\Classes\DirectFrame.DirectControl.1@ DirectControl Class
Reg HKLM\SOFTWARE\Classes\DirectFrame.DirectControl.1\CLSID
Reg HKLM\SOFTWARE\Classes\DirectFrame.DirectControl.1\CLSID@ {39A2C2A6-4778-11D2-9BDB-204C4F4F5020}
Reg HKLM\SOFTWARE\Classes\DirectFrame.RadioView@ RadioView Class
Reg HKLM\SOFTWARE\Classes\DirectFrame.RadioView\CLSID
Reg HKLM\SOFTWARE\Classes\DirectFrame.RadioView\CLSID@ {847B4DF5-4B61-11D2-9BDB-204C4F4F5020}
Reg HKLM\SOFTWARE\Classes\DirectFrame.RadioView\CurVer
Reg HKLM\SOFTWARE\Classes\DirectFrame.RadioView\CurVer@ DirectFrame.RadioView.1
Reg HKLM\SOFTWARE\Classes\DirectFrame.RadioView.1@ RadioView Class
Reg HKLM\SOFTWARE\Classes\DirectFrame.RadioView.1\CLSID
Reg HKLM\SOFTWARE\Classes\DirectFrame.RadioView.1\CLSID@ {847B4DF5-4B61-11D2-9BDB-204C4F4F5020}
Reg HKLM\SOFTWARE\Classes\DMO.HXAudioDeviceHook@ CHXAudioDeviceHook Class
Reg HKLM\SOFTWARE\Classes\DMO.HXAudioDeviceHook\CLSID
Reg HKLM\SOFTWARE\Classes\DMO.HXAudioDeviceHook\CLSID@ {2cfa30da-118b-4ca3-aaf3-f474162302e5}
Reg HKLM\SOFTWARE\Classes\DMO.HXAudioDeviceHook\CurVer
Reg HKLM\SOFTWARE\Classes\DMO.HXAudioDeviceHook\CurVer@ DMO.HXAudioDeviceHook.1
Reg HKLM\SOFTWARE\Classes\DMO.HXAudioDeviceHook.1@ CHXAudioDeviceHook Class
Reg HKLM\SOFTWARE\Classes\DMO.HXAudioDeviceHook.1\CLSID
Reg HKLM\SOFTWARE\Classes\DMO.HXAudioDeviceHook.1\CLSID@ {2cfa30da-118b-4ca3-aaf3-f474162302e5}
Reg HKLM\SOFTWARE\Classes\docx_auto_file@
Reg HKLM\SOFTWARE\Classes\docx_auto_file\shell
Reg HKLM\SOFTWARE\Classes\docx_auto_file\shell\edit
Reg HKLM\SOFTWARE\Classes\docx_auto_file\shell\edit@ &Edit
Reg HKLM\SOFTWARE\Classes\docx_auto_file\shell\edit\command
Reg HKLM\SOFTWARE\Classes\docx_auto_file\shell\edit\command@ "C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde
Reg HKLM\SOFTWARE\Classes\docx_auto_file\shell\edit\ddeexec
Reg HKLM\SOFTWARE\Classes\docx_auto_file\shell\edit\ddeexec@ [REM _DDE_Direct][FileOpen("%1")]
Reg HKLM\SOFTWARE\Classes\docx_auto_file\shell\edit\ddeexec\Application
Reg HKLM\SOFTWARE\Classes\docx_auto_file\shell\edit\ddeexec\Application@ WinWord
Reg HKLM\SOFTWARE\Classes\docx_auto_file\shell\edit\ddeexec\Topic
Reg HKLM\SOFTWARE\Classes\docx_auto_file\shell\edit\ddeexec\Topic@ System
Reg HKLM\SOFTWARE\Classes\Download.SwInstaller@ SwInstaller Class
Reg HKLM\SOFTWARE\Classes\Download.SwInstaller\CLSID
Reg HKLM\SOFTWARE\Classes\Download.SwInstaller\CLSID@ {D21ED08F-6B88-45EC-A71C-6BD453B561D0}
Reg HKLM\SOFTWARE\Classes\Download.SwInstaller\CurVer
Reg HKLM\SOFTWARE\Classes\Download.SwInstaller\CurVer@ Download.SwInstaller.1
Reg HKLM\SOFTWARE\Classes\Download.SwInstaller.1@ SwInstaller Class
Reg HKLM\SOFTWARE\Classes\Download.SwInstaller.1\CLSID
Reg HKLM\SOFTWARE\Classes\Download.SwInstaller.1\CLSID@ {D21ED08F-6B88-45EC-A71C-6BD453B561D0}
Reg HKLM\SOFTWARE\Classes\DSDisplayPanel.DSDisplayPanel@ DSDisplayPanel Class
Reg HKLM\SOFTWARE\Classes\DSDisplayPanel.DSDisplayPanel\CurVer
Reg HKLM\SOFTWARE\Classes\DSDisplayPanel.DSDisplayPanel\CurVer@ DSDisplayPanel.DSDisplayPanel.1
Reg HKLM\SOFTWARE\Classes\DSDisplayPanel.DSDisplayPanel.1@ DSDisplayPanel Class
Reg HKLM\SOFTWARE\Classes\DSDisplayPanel.DSDisplayPanel.1\CLSID
Reg HKLM\SOFTWARE\Classes\DSDisplayPanel.DSDisplayPanel.1\CLSID@ {49FC0185-4B32-11d1-A40E-00600831F336}
Reg HKLM\SOFTWARE\Classes\DSStatusBar.DSStatusBar@ DSStatusBar Class
Reg HKLM\SOFTWARE\Classes\DSStatusBar.DSStatusBar\CurVer
Reg HKLM\SOFTWARE\Classes\DSStatusBar.DSStatusBar\CurVer@ DSStatusBar.DSStatusBar.1
Reg HKLM\SOFTWARE\Classes\DSStatusBar.DSStatusBar.1@ DSStatusBar Class
Reg HKLM\SOFTWARE\Classes\DSStatusBar.DSStatusBar.1\CLSID
Reg HKLM\SOFTWARE\Classes\DSStatusBar.DSStatusBar.1\CLSID@ {8A3F59E1-4994-11D1-A40D-00600831F336}
Reg HKLM\SOFTWARE\Classes\DVDProp.DVDProp@ DVDProp Class
Reg HKLM\SOFTWARE\Classes\DVDProp.DVDProp\CurVer
Reg HKLM\SOFTWARE\Classes\DVDProp.DVDProp\CurVer@ DVDProp.DVDProp.1
Reg HKLM\SOFTWARE\Classes\DVDProp.DVDProp.1@ DVDProp Class
Reg HKLM\SOFTWARE\Classes\DVDProp.DVDProp.1\CLSID
Reg HKLM\SOFTWARE\Classes\DVDProp.DVDProp.1\CLSID@ {1E2FB626-16C0-44a9-B623-E3A43CD15585}
Reg HKLM\SOFTWARE\Classes\EasyShare.kdc@ EasyShare kdc
Reg HKLM\SOFTWARE\Classes\EasyShare.kdc\shell
Reg HKLM\SOFTWARE\Classes\EasyShare.kdc\shell\Preview
Reg HKLM\SOFTWARE\Classes\EasyShare.kdc\shell\Preview@ Open With EasyShare
Reg HKLM\SOFTWARE\Classes\EasyShare.kdc\shell\Preview\command
Reg HKLM\SOFTWARE\Classes\EasyShare.kdc\shell\Preview\command@ "C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"
Reg HKLM\SOFTWARE\Classes\EasyShare.kdc\shell\Preview\ddeexec
Reg HKLM\SOFTWARE\Classes\EasyShare.kdc\shell\Preview\ddeexec@ (Open "%1")
Reg HKLM\SOFTWARE\Classes\EasyShare.kdc\shell\Preview\ddeexec\Application
Reg HKLM\SOFTWARE\Classes\EasyShare.kdc\shell\Preview\ddeexec\Application@ EasyShare
Reg HKLM\SOFTWARE\Classes\EasyShare.kdc\shell\Preview\DropTarget
Reg HKLM\SOFTWARE\Classes\EasyShare.kdc\shell\Preview\DropTarget@Clsid {7961D709-B4F2-4017-8F87-5C2B84632080}
Reg HKLM\SOFTWARE\Classes\EnumSkins.EnumSkins@ EnumSkins Class
Reg HKLM\SOFTWARE\Classes\EnumSkins.EnumSkins\CurVer
Reg HKLM\SOFTWARE\Classes\EnumSkins.EnumSkins\CurVer@ EnumSkins.EnumSkins.1
Reg HKLM\SOFTWARE\Classes\EnumSkins.EnumSkins.1@ EnumSkins Class
Reg HKLM\SOFTWARE\Classes\EnumSkins.EnumSkins.1\CLSID
Reg HKLM\SOFTWARE\Classes\EnumSkins.EnumSkins.1\CLSID@ {CC1A9FC7-1EA8-4818-9EB9-2ECE31B69BFE}
Reg HKLM\SOFTWARE\Classes\Facebook.FacebookPhotoUploader5@ Facebook Photo Uploader 5
Reg HKLM\SOFTWARE\Classes\Facebook.FacebookPhotoUploader5\CLSID
Reg HKLM\SOFTWARE\Classes\Facebook.FacebookPhotoUploader5\CLSID@ {0CCA191D-13A6-4E29-B746-314DEE697D83}
Reg HKLM\SOFTWARE\Classes\Facebook.FacebookPhotoUploader5\CurVer
Reg HKLM\SOFTWARE\Classes\Facebook.FacebookPhotoUploader5\CurVer@ Facebook.FacebookPhotoUploader5.1
Reg HKLM\SOFTWARE\Classes\Facebook.FacebookPhotoUploader5.1@ Facebook Photo Uploader 5
Reg HKLM\SOFTWARE\Classes\Facebook.FacebookPhotoUploader5.1\CLSID
Reg HKLM\SOFTWARE\Classes\Facebook.FacebookPhotoUploader5.1\CLSID@ {0CCA191D-13A6-4E29-B746-314DEE697D83}
Reg HKLM\SOFTWARE\Classes\Facebook.FacebookPhotoUploader5.1\Insertable
Reg HKLM\SOFTWARE\Classes\Facebook.ShellCombo.5@ Facebook Photo Uploader 5 Combo Control
Reg HKLM\SOFTWARE\Classes\Facebook.ShellCombo.5\CLSID
Reg HKLM\SOFTWARE\Classes\Facebook.ShellCombo.5\CLSID@ {11C00D9C-F6B0-4470-A4EB-C9927DF57970}
Reg HKLM\SOFTWARE\Classes\Facebook.ShellCombo.5\CurVer
Reg HKLM\SOFTWARE\Classes\Facebook.ShellCombo.5\CurVer@ Facebook.ShellCombo.5.1
Reg HKLM\SOFTWARE\Classes\Facebook.ShellCombo.5.1@ Facebook Photo Uploader 5 Combo Control
Reg HKLM\SOFTWARE\Classes\Facebook.ShellCombo.5.1\CLSID
Reg HKLM\SOFTWARE\Classes\Facebook.ShellCombo.5.1\CLSID@ {11C00D9C-F6B0-4470-A4EB-C9927DF57970}
Reg HKLM\SOFTWARE\Classes\Facebook.Thumbnail.5@ Facebook Photo Uploader 5 Thumbnail Control
Reg HKLM\SOFTWARE\Classes\Facebook.Thumbnail.5\CLSID
Reg HKLM\SOFTWARE\Classes\Facebook.Thumbnail.5\CLSID@ {70A07902-4D50-4D4B-A5D2-914EFE80E94A}
Reg HKLM\SOFTWARE\Classes\Facebook.Thumbnail.5\CurVer
Reg HKLM\SOFTWARE\Classes\Facebook.Thumbnail.5\CurVer@ Facebook.Thumbnail.5.1
Reg HKLM\SOFTWARE\Classes\Facebook.Thumbnail.5.1@ Facebook Photo Uploader 5 Thumbnail Control
Reg HKLM\SOFTWARE\Classes\Facebook.Thumbnail.5.1\CLSID
Reg HKLM\SOFTWARE\Classes\Facebook.Thumbnail.5.1\CLSID@ {70A07902-4D50-4D4B-A5D2-914EFE80E94A}
Reg HKLM\SOFTWARE\Classes\Facebook.UploadPane.5@ Facebook Photo Uploader 5 UploadPane Control
Reg HKLM\SOFTWARE\Classes\Facebook.UploadPane.5\CLSID
Reg HKLM\SOFTWARE\Classes\Facebook.UploadPane.5\CLSID@ {316DC664-0D6A-4505-A282-8C0248C27110}
Reg HKLM\SOFTWARE\Classes\Facebook.UploadPane.5\CurVer
Reg HKLM\SOFTWARE\Classes\Facebook.UploadPane.5\CurVer@ Facebook.UploadPane.5.1
Reg HKLM\SOFTWARE\Classes\Facebook.UploadPane.5.1@ Facebook Photo Uploader 5 UploadPane Control
Reg HKLM\SOFTWARE\Classes\Facebook.UploadPane.5.1\CLSID
Reg HKLM\SOFTWARE\Classes\Facebook.UploadPane.5.1\CLSID@ {316DC664-0D6A-4505-A282-8C0248C27110}
Reg HKLM\SOFTWARE\Classes\FlashFactory.FlashFactory@ Macromedia Flash Factory Object
Reg HKLM\SOFTWARE\Classes\FlashFactory.FlashFactory\CLSID
Reg HKLM\SOFTWARE\Classes\FlashFactory.FlashFactory\CLSID@ {D27CDB70-AE6D-11cf-96B8-444553540000}
Reg HKLM\SOFTWARE\Classes\FlashFactory.FlashFactory\CurVer
Reg HKLM\SOFTWARE\Classes\FlashFactory.FlashFactory\CurVer@ FlashFactory.FlashFactory.1
Reg HKLM\SOFTWARE\Classes\FlashFactory.FlashFactory.1@ Macromedia Flash Factory Object
Reg HKLM\SOFTWARE\Classes\FlashFactory.FlashFactory.1\CLSID
Reg HKLM\SOFTWARE\Classes\FlashFactory.FlashFactory.1\CLSID@ {D27CDB70-AE6D-11cf-96B8-444553540000}
Reg HKLM\SOFTWARE\Classes\FlashProp.FlashProp@ FlashProp Class
Reg HKLM\SOFTWARE\Classes\FlashProp.FlashProp\CurVer
Reg HKLM\SOFTWARE\Classes\FlashProp.FlashProp\CurVer@ FlashProp.FlashProp.1
Reg HKLM\SOFTWARE\Classes\FlashProp.FlashProp.1@ FlashProp Class
Reg HKLM\SOFTWARE\Classes\FlashProp.FlashProp.1\CLSID
Reg HKLM\SOFTWARE\Classes\FlashProp.FlashProp.1\CLSID@ {1171A62F-05D2-11D1-83FC-00A0C9089C5A}
Reg HKLM\SOFTWARE\Classes\FormFlow.Document@ FormFlow Document
Reg HKLM\SOFTWARE\Classes\FormFlow.Document\shell
Reg HKLM\SOFTWARE\Classes\FormFlow.Document\shell\open
Reg HKLM\SOFTWARE\Classes\FormFlow.Document\shell\open\command
Reg HKLM\SOFTWARE\Classes\FormFlow.Document\shell\open\command@ E:\DFFILL.EXE
Reg HKLM\SOFTWARE\Classes\FormFlow.Document\shell\open\ddeexec
Reg HKLM\SOFTWARE\Classes\FormFlow.Document\shell\open\ddeexec@ [open("%1")]
Reg HKLM\SOFTWARE\Classes\FormFlow.Folder\shell
Reg HKLM\SOFTWARE\Classes\FormFlow.Folder\shell\open
Reg HKLM\SOFTWARE\Classes\FormFlow.Folder\shell\open\command
Reg HKLM\SOFTWARE\Classes\FormFlow.Folder\shell\open\command@ C:\FORMFLOW\dffill.exe %1
Reg HKLM\SOFTWARE\Classes\FormFlow.Folder\shell\open\ddeexec
Reg HKLM\SOFTWARE\Classes\FormFlow.Folder\shell\open\ddeexec@ [open("%1")]
Reg HKLM\SOFTWARE\Classes\FormFlow.Form@ FormFlow Form
Reg HKLM\SOFTWARE\Classes\FormFlow.Form\CLSID
Reg HKLM\SOFTWARE\Classes\FormFlow.Form\CLSID@ {ECD99460-DA0D-101B-95BF-008029E448DF}
Reg HKLM\SOFTWARE\Classes\FormFlow.Form\Insertable
Reg HKLM\SOFTWARE\Classes\FormFlow.Form\Insertable@
Reg HKLM\SOFTWARE\Classes\FormFlow.Form\protocol
Reg HKLM\SOFTWARE\Classes\FormFlow.Form\protocol\StdFileEditing
Reg HKLM\SOFTWARE\Classes\FormFlow.Form\protocol\StdFileEditing\server
Reg HKLM\SOFTWARE\Classes\FormFlow.Form\protocol\StdFileEditing\server@ E:\DFFILL.EXE
Reg HKLM\SOFTWARE\Classes\FormFlow.Form\protocol\StdFileEditing\verb
Reg HKLM\SOFTWARE\Classes\FormFlow.Form\protocol\StdFileEditing\verb\0
Reg HKLM\SOFTWARE\Classes\FormFlow.Form\protocol\StdFileEditing\verb\0@ &Fill
Reg HKLM\SOFTWARE\Classes\FormFlow.Form\shell
Reg HKLM\SOFTWARE\Classes\FormFlow.Form\shell\open
Reg HKLM\SOFTWARE\Classes\FormFlow.Form\shell\open\command
Reg HKLM\SOFTWARE\Classes\FormFlow.Form\shell\open\command@ E:\DFFILL.EXE
Reg HKLM\SOFTWARE\Classes\FormFlow.Form\shell\open\ddeexec
Reg HKLM\SOFTWARE\Classes\FormFlow.Form\shell\open\ddeexec@ [open("%1")]
Reg HKLM\SOFTWARE\Classes\FormFlow.FormApplication\shell
Reg HKLM\SOFTWARE\Classes\FormFlow.FormApplication\shell\open
Reg HKLM\SOFTWARE\Classes\FormFlow.FormApplication\shell\open\command
Reg HKLM\SOFTWARE\Classes\FormFlow.FormApplication\shell\open\command@ C:\FORMFLOW\dffill.exe %1
Reg HKLM\SOFTWARE\Classes\FormFlow.FormApplication\shell\open\ddeexec
Reg HKLM\SOFTWARE\Classes\FormFlow.FormApplication\shell\open\ddeexec@ [open("%1")]
Reg HKLM\SOFTWARE\Classes\FormFlow.FormApplicationLocked\shell
Reg HKLM\SOFTWARE\Classes\FormFlow.FormApplicationLocked\shell\open
Reg HKLM\SOFTWARE\Classes\FormFlow.FormApplicationLocked\shell\open\command
Reg HKLM\SOFTWARE\Classes\FormFlow.FormApplicationLocked\shell\open\command@ C:\FORMFLOW\dffill.exe %1
Reg HKLM\SOFTWARE\Classes\FormFlow.FormApplicationLocked\shell\open\ddeexec
Reg HKLM\SOFTWARE\Classes\FormFlow.FormApplicationLocked\shell\open\ddeexec@ [open("%1")]
Reg HKLM\SOFTWARE\Classes\FormFlow.FormLocked\shell
Reg HKLM\SOFTWARE\Classes\FormFlow.FormLocked\shell\open
Reg HKLM\SOFTWARE\Classes\FormFlow.FormLocked\shell\open\command
Reg HKLM\SOFTWARE\Classes\FormFlow.FormLocked\shell\open\command@ C:\FORMFLOW\dffill.exe %1
Reg HKLM\SOFTWARE\Classes\FormFlow.FormLocked\shell\open\ddeexec
Reg HKLM\SOFTWARE\Classes\FormFlow.FormLocked\shell\open\ddeexec@ [open("%1")]
Reg HKLM\SOFTWARE\Classes\FormFlow.FormPackage\shell
Reg HKLM\SOFTWARE\Classes\FormFlow.FormPackage\shell\open
Reg HKLM\SOFTWARE\Classes\FormFlow.FormPackage\shell\open\command
Reg HKLM\SOFTWARE\Classes\FormFlow.FormPackage\shell\open\command@ C:\FORMFLOW\dffill.exe %1
Reg HKLM\SOFTWARE\Classes\FormFlow.FormPackage\shell\open\ddeexec
Reg HKLM\SOFTWARE\Classes\FormFlow.FormPackage\shell\open\ddeexec@ [open("%1")]
Reg HKLM\SOFTWARE\Classes\FormFlow.GridControl.1@ FormFlow Grid Control
Reg HKLM\SOFTWARE\Classes\FormFlow.GridControl.1\CLSID
Reg HKLM\SOFTWARE\Classes\FormFlow.GridControl.1\CLSID@ {99CD5EC5-F9F5-11CE-AF83-444553540000}
Reg HKLM\SOFTWARE\Classes\FormFlow.GroupButton.1@ FormFlow Radio Button Control
Reg HKLM\SOFTWARE\Classes\FormFlow.GroupButton.1\CLSID
Reg HKLM\SOFTWARE\Classes\FormFlow.GroupButton.1\CLSID@ {C387B1A4-E48A-11CF-BA29-00805FB4B41C}
Reg HKLM\SOFTWARE\Classes\FormFlow.Recorder@ FormFlow.Recorder
Reg HKLM\SOFTWARE\Classes\FormFlow.Recorder\CLSID
Reg HKLM\SOFTWARE\Classes\FormFlow.Recorder\CLSID@ {65C98349-04DA-11CF-8CF8-00805FB47ADF}
Reg HKLM\SOFTWARE\Classes\FormFlow.RoutingMap\shell
Reg HKLM\SOFTWARE\Classes\FormFlow.RoutingMap\shell\open
Reg HKLM\SOFTWARE\Classes\FormFlow.RoutingMap\shell\open\command
Reg HKLM\SOFTWARE\Classes\FormFlow.RoutingMap\shell\open\command@ C:\FORMFLOW\dffill.exe %1
Reg HKLM\SOFTWARE\Classes\FormFlow.RoutingMap\shell\open\ddeexec
Reg HKLM\SOFTWARE\Classes\FormFlow.RoutingMap\shell\open\ddeexec@ [open("%1")]
Reg HKLM\SOFTWARE\Classes\FormFlow.RoutingMapLocked\shell
Reg HKLM\SOFTWARE\Classes\FormFlow.RoutingMapLocked\shell\open
Reg HKLM\SOFTWARE\Classes\FormFlow.RoutingMapLocked\shell\open\command
Reg HKLM\SOFTWARE\Classes\FormFlow.RoutingMapLocked\shell\open\command@ C:\FORMFLOW\dffill.exe %1
Reg HKLM\SOFTWARE\Classes\FormFlow.RoutingMapLocked\shell\open\ddeexec
Reg HKLM\SOFTWARE\Classes\FormFlow.RoutingMapLocked\shell\open\ddeexec@ [open("%1")]
Reg HKLM\SOFTWARE\Classes\FormFlow.SpinTextControl.1@ FormFlow SpinText Control
Reg HKLM\SOFTWARE\Classes\FormFlow.SpinTextControl.1\CLSID
Reg HKLM\SOFTWARE\Classes\FormFlow.SpinTextControl.1\CLSID@ {8C462EFB-7285-11CF-BD8D-00805F78411C}
Reg HKLM\SOFTWARE\Classes\FormFlow.TimerControl.1@ FormFlow Timer Control
Reg HKLM\SOFTWARE\Classes\FormFlow.TimerControl.1\CLSID
Reg HKLM\SOFTWARE\Classes\FormFlow.TimerControl.1\CLSID@ {29F03F95-830B-11CF-BD8E-00805F78411C}
Reg HKLM\SOFTWARE\Classes\FormFlow.TrafficControl.1@ FormFlow Traffic Control
Reg HKLM\SOFTWARE\Classes\FormFlow.TrafficControl.1\CLSID
Reg HKLM\SOFTWARE\Classes\FormFlow.TrafficControl.1\CLSID@ {A3945740-71B7-11CF-BD8D-00805F78411C}
Reg HKLM\SOFTWARE\Classes\FormFlow.WorkflowPackage\shell
Reg HKLM\SOFTWARE\Classes\FormFlow.WorkflowPackage\shell\open
Reg HKLM\SOFTWARE\Classes\FormFlow.WorkflowPackage\shell\open\command
Reg HKLM\SOFTWARE\Classes\FormFlow.WorkflowPackage\shell\open\command@ C:\FORMFLOW\dffill.exe %1
Reg HKLM\SOFTWARE\Classes\FormFlow.WorkflowPackage\shell\open\ddeexec
Reg HKLM\SOFTWARE\Classes\FormFlow.WorkflowPackage\shell\open\ddeexec@ [open("%1")]
Reg HKLM\SOFTWARE\Classes\FormHost.FormHost@ FormHost Class
Reg HKLM\SOFTWARE\Classes\FormHost.FormHost\CLSID
Reg HKLM\SOFTWARE\Classes\FormHost.FormHost\CLSID@ {0B5A7836-4C16-4560-90B2-0F5DAF6D6D1B}
Reg HKLM\SOFTWARE\Classes\FormHost.FormHost\CurVer
Reg HKLM\SOFTWARE\Classes\FormHost.FormHost\CurVer@ FormHost.FormHost.1
Reg HKLM\SOFTWARE\Classes\FormHost.FormHost.1@ FormHost Class
Reg HKLM\SOFTWARE\Classes\FormHost.FormHost.1\CLSID
Reg HKLM\SOFTWARE\Classes\FormHost.FormHost.1\CLSID@ {0B5A7836-4C16-4560-90B2-0F5DAF6D6D1B}
Reg HKLM\SOFTWARE\Classes\GoogleGadget@ Google Gadget
Reg HKLM\SOFTWARE\Classes\GoogleGadget@BrowserFlags 8
Reg HKLM\SOFTWARE\Classes\GoogleGadget@EditFlags 131072
Reg HKLM\SOFTWARE\Classes\GoogleGadget@PreferExecuteOnMismatch 1
Reg HKLM\SOFTWARE\Classes\GoogleGadget\DefaultIcon
Reg HKLM\SOFTWARE\Classes\GoogleGadget\DefaultIcon@ "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe",0
Reg HKLM\SOFTWARE\Classes\GoogleGadget\shell
Reg HKLM\SOFTWARE\Classes\GoogleGadget\shell\open
Reg HKLM\SOFTWARE\Classes\GoogleGadget\shell\open@ &Open with Google Desktop
Reg HKLM\SOFTWARE\Classes\GoogleGadget\shell\open\command
Reg HKLM\SOFTWARE\Classes\GoogleGadget\shell\open\command@ "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /display /load "%1"
Reg HKLM\SOFTWARE\Classes\GoogleGadgetContainer@ Google Gadget
Reg HKLM\SOFTWARE\Classes\GoogleGadgetContainer@BrowserFlags 8
Reg HKLM\SOFTWARE\Classes\GoogleGadgetContainer@EditFlags 131072
Reg HKLM\SOFTWARE\Classes\GoogleGadgetContainer@PreferExecuteOnMismatch 1
Reg HKLM\SOFTWARE\Classes\GoogleGadgetContainer\DefaultIcon
Reg HKLM\SOFTWARE\Classes\GoogleGadgetContainer\DefaultIcon@ "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe",0
Reg HKLM\SOFTWARE\Classes\GoogleGadgetContainer\shell
Reg HKLM\SOFTWARE\Classes\GoogleGadgetContainer\shell\open
Reg HKLM\SOFTWARE\Classes\GoogleGadgetContainer\shell\open@ &Open with Google Desktop
Reg HKLM\SOFTWARE\Classes\GoogleGadgetContainer\shell\open\command
Reg HKLM\SOFTWARE\Classes\GoogleGadgetContainer\shell\open\command@ "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /display /load "%1"
Reg HKLM\SOFTWARE\Classes\GoogleGadgetManifest@ Google Gadget Manifest
Reg HKLM\SOFTWARE\Classes\GoogleGadgetManifest\DefaultIcon
Reg HKLM\SOFTWARE\Classes\GoogleGadgetManifest\DefaultIcon@ "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe",0
Reg HKLM\SOFTWARE\Classes\GoogleGadgetManifest\shell
Reg HKLM\SOFTWARE\Classes\GoogleGadgetManifest\shell\open
Reg HKLM\SOFTWARE\Classes\GoogleGadgetManifest\shell\open\command
Reg HKLM\SOFTWARE\Classes\GoogleGadgetManifest\shell\open\command@ "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /display /load "%1"
Reg HKLM\SOFTWARE\Classes\gotobar.gotobar@ gotobar Class
Reg HKLM\SOFTWARE\Classes\gotobar.gotobar\CurVer
Reg HKLM\SOFTWARE\Classes\gotobar.gotobar\CurVer@ gotobar.gotobar.1
Reg HKLM\SOFTWARE\Classes\gotobar.gotobar.1@ gotobar Class
Reg HKLM\SOFTWARE\Classes\gotobar.gotobar.1\CLSID
Reg HKLM\SOFTWARE\Classes\gotobar.gotobar.1\CLSID@ {9F4D2FA2-54A1-11d1-8267-00A0C91F9CA0}
Reg HKLM\SOFTWARE\Classes\HTTPRequest.HTTPRequest@ HTTPRequest Class
Reg HKLM\SOFTWARE\Classes\HTTPRequest.HTTPRequest\CurVer
Reg HKLM\SOFTWARE\Classes\HTTPRequest.HTTPRequest\CurVer@ HTTPRequest.HTTPRequest.1
Reg HKLM\SOFTWARE\Classes\HTTPRequest.HTTPRequest.1@ HTTPRequest Class
Reg HKLM\SOFTWARE\Classes\HTTPRequest.HTTPRequest.1\CLSID
Reg HKLM\SOFTWARE\Classes\HTTPRequest.HTTPRequest.1\CLSID@ {7D990833-A312-4DF9-9E32-32D4BEF1BE56}
Reg HKLM\SOFTWARE\Classes\iadfile@ BackWeb Channel Registration File
Reg HKLM\SOFTWARE\Classes\iadfile\Shell
Reg HKLM\SOFTWARE\Classes\iadfile\Shell\open
Reg HKLM\SOFTWARE\Classes\iadfile\Shell\open\command
Reg HKLM\SOFTWARE\Classes\iadfile\Shell\open\command@ C:\PROGRA~1\Kodak\KODAKS~1\7288971\632~1.62-\Program\REGISTER.EXE "%1"
Reg HKLM\SOFTWARE\Classes\IControlLogic.IControlLogic@ IControlLogic Class
Reg HKLM\SOFTWARE\Classes\IControlLogic.IControlLogic\CurVer
Reg HKLM\SOFTWARE\Classes\IControlLogic.IControlLogic\CurVer@ IControlLogic.IControlLogic.1
Reg HKLM\SOFTWARE\Classes\IControlLogic.IControlLogic.1@ IControlLogic Class
Reg HKLM\SOFTWARE\Classes\IControlLogic.IControlLogic.1\CLSID
Reg HKLM\SOFTWARE\Classes\IControlLogic.IControlLogic.1\CLSID@ {1609A56F-AEE2-4410-A334-956353F4B50E}
Reg HKLM\SOFTWARE\Classes\IControlLogic.IControlLogic.2@ IControlLogic Class
Reg HKLM\SOFTWARE\Classes\IControlLogic.IControlLogic.2\CLSID
Reg HKLM\SOFTWARE\Classes\IControlLogic.IControlLogic.2\CLSID@ {19613D01-8583-11d4-B328-30584DC10000}
Reg HKLM\SOFTWARE\Classes\IControlLogic.IControlLogic2@ IControlLogic Class
Reg HKLM\SOFTWARE\Classes\IControlLogic.IControlLogic2\CurVer
Reg HKLM\SOFTWARE\Classes\IControlLogic.IControlLogic2\CurVer@ IControlLogic.IControlLogic.2
Reg HKLM\SOFTWARE\Classes\iehistory@ IE History and Feeds Shell Data Source for Windows Search
Reg HKLM\SOFTWARE\Classes\iehistory@ShellFolder {11016101-E366-4D22-BC06-4ADA335C892B}
Reg HKLM\SOFTWARE\Classes\iehistory@URL Protocol
Reg HKLM\SOFTWARE\Classes\IEPH.HistoryHandler@ IE History Search Protocol Handler
Reg HKLM\SOFTWARE\Classes\IEPH.HistoryHandler\CLSID
Reg HKLM\SOFTWARE\Classes\IEPH.HistoryHandler\CLSID@ {EE0BDDFA-8373-4cc4-85D8-0618E453187C}
Reg HKLM\SOFTWARE\Classes\IEPH.RSSHandler@ IE RSS Search Protocol Handler
Reg HKLM\SOFTWARE\Classes\IEPH.RSSHandler\CLSID
Reg HKLM\SOFTWARE\Classes\IEPH.RSSHandler\CLSID@ {8A11B5FA-3C92-4E8B-8382-3C71B757D679}
Reg HKLM\SOFTWARE\Classes\IERJCtl.IERJCtl@ IERJCtl Class
Reg HKLM\SOFTWARE\Classes\IERJCtl.IERJCtl\CurVer
Reg HKLM\SOFTWARE\Classes\IERJCtl.IERJCtl\CurVer@ IERJCtl.IERJCtl.1
Reg HKLM\SOFTWARE\Classes\IERJCtl.IERJCtl.1@ IERJCtl Class
Reg HKLM\SOFTWARE\Classes\IERJCtl.IERJCtl.1\CLSID
Reg HKLM\SOFTWARE\Classes\IERJCtl.IERJCtl.1\CLSID@ {00CEDC01-864D-11D3-908D-00C0F03B3EDC}
Reg HKLM\SOFTWARE\Classes\ierss@ IE History and Feeds Shell Data Source for Windows Search
Reg HKLM\SOFTWARE\Classes\ierss@ShellFolder {11016101-E366-4D22-BC06-4ADA335C892B}
Reg HKLM\SOFTWARE\Classes\ierss@URL Protocol
Reg HKLM\SOFTWARE\Classes\ImageViewer.ImageControl@ ImageControl Class
Reg HKLM\SOFTWARE\Classes\ImageViewer.ImageControl\CLSID
Reg HKLM\SOFTWARE\Classes\ImageViewer.ImageControl\CLSID@ {75565ED2-1560-4F15-B841-20358DE6A0D1}
Reg HKLM\SOFTWARE\Classes\ImageViewer.ImageControl\CurVer
Reg HKLM\SOFTWARE\Classes\ImageViewer.ImageControl\CurVer@ ImageViewer.ImageControl.2
Reg HKLM\SOFTWARE\Classes\ImageViewer.ImageControl.2@ ImageControl Class
Reg HKLM\SOFTWARE\Classes\ImageViewer.ImageControl.2\CLSID
Reg HKLM\SOFTWARE\Classes\ImageViewer.ImageControl.2\CLSID@ {75565ED2-1560-4F15-B841-20358DE6A0D1}
Reg HKLM\SOFTWARE\Classes\ImbeddedCabFile.ImbeddedCabFile@ ImbeddedCabFile Class
Reg HKLM\SOFTWARE\Classes\ImbeddedCabFile.ImbeddedCabFile\CurVer
Reg HKLM\SOFTWARE\Classes\ImbeddedCabFile.ImbeddedCabFile\CurVer@ ImbeddedCabFile.ImbeddedCabFile.1
Reg HKLM\SOFTWARE\Classes\ImbeddedCabFile.ImbeddedCabFile.1@ ImbeddedCabFile Class
Reg HKLM\SOFTWARE\Classes\ImbeddedCabFile.ImbeddedCabFile.1\CLSID
Reg HKLM\SOFTWARE\Classes\ImbeddedCabFile.ImbeddedCabFile.1\CLSID@ {A7C7D43D-BC5F-4069-9E5D-683BD0EC7A99}
Reg HKLM\SOFTWARE\Classes\InetProvider.InetProvider@ InetProvider Class
Reg HKLM\SOFTWARE\Classes\InetProvider.InetProvider\CurVer
Reg HKLM\SOFTWARE\Classes\InetProvider.InetProvider\CurVer@ InetProvider.InetProvider.1
Reg HKLM\SOFTWARE\Classes\InetProvider.InetProvider.1@ InetProvider Class
Reg HKLM\SOFTWARE\Classes\InetProvider.InetProvider.1\CLSID
Reg HKLM\SOFTWARE\Classes\InetProvider.InetProvider.1\CLSID@ {6C3653E2-7AF4-4F27-8741-8AFB1EAEDA37}
Reg HKLM\SOFTWARE\Classes\Installer.Installer@ Installer Class
Reg HKLM\SOFTWARE\Classes\Installer.Installer\CurVer
Reg HKLM\SOFTWARE\Classes\Installer.Installer\CurVer@ Installer.Installer.1
Reg HKLM\SOFTWARE\Classes\Installer.Installer.1@ Installer Class
Reg HKLM\SOFTWARE\Classes\Installer.Installer.1\CLSID
Reg HKLM\SOFTWARE\Classes\Installer.Installer.1\CLSID@ {6068B22B-4597-46E2-850C-BE7EC3AE2238}
Reg HKLM\SOFTWARE\Classes\IQuadrantPlayer.IQuadrantPlayer@ IQuadrantPlayer Class
Reg HKLM\SOFTWARE\Classes\IQuadrantPlayer.IQuadrantPlayer\CurVer
Reg HKLM\SOFTWARE\Classes\IQuadrantPlayer.IQuadrantPlayer\CurVer@ IQuadrantPlayer.IQuadrantPlayer.1
Reg HKLM\SOFTWARE\Classes\IQuadrantPlayer.IQuadrantPlayer.1@ IQuadrantPlayer Class
Reg HKLM\SOFTWARE\Classes\IQuadrantPlayer.IQuadrantPlayer.1\CLSID
Reg HKLM\SOFTWARE\Classes\IQuadrantPlayer.IQuadrantPlayer.1\CLSID@ {75524892-A663-4c7c-94A5-91917098E451}
Reg HKLM\SOFTWARE\Classes\ISigmaPlayer.ISigmaPlayer@ ISigmaPlayer Class
Reg HKLM\SOFTWARE\Classes\ISigmaPlayer.ISigmaPlayer\CurVer
Reg HKLM\SOFTWARE\Classes\ISigmaPlayer.ISigmaPlayer\CurVer@ ISigmaPlayer.ISigmaPlayer.1
Reg HKLM\SOFTWARE\Classes\ISigmaPlayer.ISigmaPlayer.1@ ISigmaPlayer Class
Reg HKLM\SOFTWARE\Classes\ISigmaPlayer.ISigmaPlayer.1\CLSID
Reg HKLM\SOFTWARE\Classes\ISigmaPlayer.ISigmaPlayer.1\CLSID@ {85A58E81-A757-11d4-A67E-504CBDA7E58A}
Reg HKLM\SOFTWARE\Classes\ITIAudioInfoObject.ITIAudioInfoObject@ ITIAudioInfoObject
Reg HKLM\SOFTWARE\Classes\ITIAudioInfoObject.ITIAudioInfoObject\CurVer
Reg HKLM\SOFTWARE\Classes\ITIAudioInfoObject.ITIAudioInfoObject\CurVer@ ITIAudioInfoObject.ITIAudioInfoObject.1
Reg HKLM\SOFTWARE\Classes\ITIAudioInfoObject.ITIAudioInfoObject.1@ ITIAudioInfoObject
Reg HKLM\SOFTWARE\Classes\ITIAudioInfoObject.ITIAudioInfoObject.1\CLSID
Reg HKLM\SOFTWARE\Classes\ITIAudioInfoObject.ITIAudioInfoObject.1\CLSID@ {B727C212-2022-11D4-B2C6-0050DA1BD906}
Reg HKLM\SOFTWARE\Classes\ITIClient.Document@ InterActual Skin
Reg HKLM\SOFTWARE\Classes\ITIClient.Document\CLSID
Reg HKLM\SOFTWARE\Classes\ITIClient.Document\CLSID@ {2524A5A2-6DE6-433B-A067-33AAA8CF1587}
Reg HKLM\SOFTWARE\Classes\ITIClient.Document\DefaultIcon
Reg HKLM\SOFTWARE\Classes\ITIClient.Document\DefaultIcon@ C:\PROGRA~1\INTERA~1\INTERA~1\iPlayer.exe,1
Reg HKLM\SOFTWARE\Classes\ITIClient.Document\Insertable
Reg HKLM\SOFTWARE\Classes\ITIClient.Document\Insertable@
Reg HKLM\SOFTWARE\Classes\ITIClient.Document\protocol
Reg HKLM\SOFTWARE\Classes\ITIClient.Document\protocol\StdFileEditing
Reg HKLM\SOFTWARE\Classes\ITIClient.Document\protocol\StdFileEditing\server
Reg HKLM\SOFTWARE\Classes\ITIClient.Document\protocol\StdFileEditing\server@ C:\PROGRA~1\INTERA~1\INTERA~1\iPlayer.exe
Reg HKLM\SOFTWARE\Classes\ITIClient.Document\protocol\StdFileEditing\verb
Reg HKLM\SOFTWARE\Classes\ITIClient.Document\protocol\StdFileEditing\verb\0
Reg HKLM\SOFTWARE\Classes\ITIClient.Document\protocol\StdFileEditing\verb\0@ &Edit
Reg HKLM\SOFTWARE\Classes\ITIClient.Document\shell
Reg HKLM\SOFTWARE\Classes\ITIClient.Document\shell\open
Reg HKLM\SOFTWARE\Classes\ITIClient.Document\shell\open\command
Reg HKLM\SOFTWARE\Classes\ITIClient.Document\shell\open\command@ C:\PROGRA~1\INTERA~1\INTERA~1\iPlayer.exe "%1"
Reg HKLM\SOFTWARE\Classes\ITIClient.Document\shell\print
Reg HKLM\SOFTWARE\Classes\ITIClient.Document\shell\print\command
Reg HKLM\SOFTWARE\Classes\ITIClient.Document\shell\print\command@ C:\PROGRA~1\INTERA~1\INTERA~1\iPlayer.exe /p "%1"
Reg HKLM\SOFTWARE\Classes\ITIClient.Document\shell\printto
Reg HKLM\SOFTWARE\Classes\ITIClient.Document\shell\printto\command
Reg HKLM\SOFTWARE\Classes\ITIClient.Document\shell\printto\command@ C:\PROGRA~1\INTERA~1\INTERA~1\iPlayer.exe /pt "%1" "%2" "%3" "%4"
Reg HKLM\SOFTWARE\Classes\ITIDisplayInfoObject.ITIDisplayInfoObject@ ITIDisplayInfoObject
Reg HKLM\SOFTWARE\Classes\ITIDisplayInfoObject.ITIDisplayInfoObject\CurVer
Reg HKLM\SOFTWARE\Classes\ITIDisplayInfoObject.ITIDisplayInfoObject\CurVer@ ITIDisplayInfoObject.ITIDisplayInfoObject.1
Reg HKLM\SOFTWARE\Classes\ITIDisplayInfoObject.ITIDisplayInfoObject.1@ ITIDisplayInfoObject
Reg HKLM\SOFTWARE\Classes\ITIDisplayInfoObject.ITIDisplayInfoObject.1\CLSID
Reg HKLM\SOFTWARE\Classes\ITIDisplayInfoObject.ITIDisplayInfoObject.1\CLSID@ {B727C217-2022-11D4-B2C6-0050DA1BD906}
Reg HKLM\SOFTWARE\Classes\ITIDVDInfoObject.ITIDVDInfoObject@ ITIDVDInfoObject
Reg HKLM\SOFTWARE\Classes\ITIDVDInfoObject.ITIDVDInfoObject\CurVer
Reg HKLM\SOFTWARE\Classes\ITIDVDInfoObject.ITIDVDInfoObject\CurVer@ ITIDVDInfoObject.ITIDVDInfoObject.1
Reg HKLM\SOFTWARE\Classes\ITIDVDInfoObject.ITIDVDInfoObject.1@ ITIDVDInfoObject
Reg HKLM\SOFTWARE\Classes\ITIDVDInfoObject.ITIDVDInfoObject.1\CLSID
Reg HKLM\SOFTWARE\Classes\ITIDVDInfoObject.ITIDVDInfoObject.1\CLSID@ {B727C219-2022-11D4-B2C6-0050DA1BD906}
Reg HKLM\SOFTWARE\Classes\ITIGeneralInfoObject.ITIGeneralInfoObject@ ITIGeneralInfoObject
Reg HKLM\SOFTWARE\Classes\ITIGeneralInfoObject.ITIGeneralInfoObject\CurVer
Reg HKLM\SOFTWARE\Classes\ITIGeneralInfoObject.ITIGeneralInfoObject\CurVer@ ITIGeneralInfoObject.ITIGeneralInfoObject.1
Reg HKLM\SOFTWARE\Classes\ITIGeneralInfoObject.ITIGeneralInfoObject.1@ ITIGeneralInfoObject
Reg HKLM\SOFTWARE\Classes\ITIGeneralInfoObject.ITIGeneralInfoObject.1\CLSID
Reg HKLM\SOFTWARE\Classes\ITIGeneralInfoObject.ITIGeneralInfoObject.1\CLSID@ {B727C21B-2022-11D4-B2C6-0050DA1BD906}
Reg HKLM\SOFTWARE\Classes\ITIInternetInfoObject.ITIInternetInfoObject@ ITIInternetInfoObject
Reg HKLM\SOFTWARE\Classes\ITIInternetInfoObject.ITIInternetInfoObject\CurVer
Reg HKLM\SOFTWARE\Classes\ITIInternetInfoObject.ITIInternetInfoObject\CurVer@ ITIInternetInfoObject.ITIInternetInfoObject.1
Reg HKLM\SOFTWARE\Classes\ITIInternetInfoObject.ITIInternetInfoObject.1@ ITIInternetInfoObject
Reg HKLM\SOFTWARE\Classes\ITIInternetInfoObject.ITIInternetInfoObject.1\CLSID
Reg HKLM\SOFTWARE\Classes\ITIInternetInfoObject.ITIInternetInfoObject.1\CLSID@ {B727C21D-2022-11D4-B2C6-0050DA1BD906}
Reg HKLM\SOFTWARE\Classes\itilog.itilog@ itilog Class
Reg HKLM\SOFTWARE\Classes\itilog.itilog\CurVer
Reg HKLM\SOFTWARE\Classes\itilog.itilog\CurVer@ itilog.itilog.1
Reg HKLM\SOFTWARE\Classes\itilog.itilog.1@ itilog Class
Reg HKLM\SOFTWARE\Classes\itilog.itilog.1\CLSID
Reg HKLM\SOFTWARE\Classes\itilog.itilog.1\CLSID@ {F17201B1-0ED1-11D2-8D86-00AA00BDD964}
Reg HKLM\SOFTWARE\Classes\ITIMemoryInfoObject.ITIMemoryInfoObject@ ITIMemoryInfoObject
Reg HKLM\SOFTWARE\Classes\ITIMemoryInfoObject.ITIMemoryInfoObject\CurVer
Reg HKLM\SOFTWARE\Classes\ITIMemoryInfoObject.ITIMemoryInfoObject\CurVer@ ITIMemoryInfoObject.ITIMemoryInfoObject.1
Reg HKLM\SOFTWARE\Classes\ITIMemoryInfoObject.ITIMemoryInfoObject.1@ ITIMemoryInfoObject
Reg HKLM\SOFTWARE\Classes\ITIMemoryInfoObject.ITIMemoryInfoObject.1\CLSID
Reg HKLM\SOFTWARE\Classes\ITIMemoryInfoObject.ITIMemoryInfoObject.1\CLSID@ {B727C220-2022-11D4-B2C6-0050DA1BD906}
Reg HKLM\SOFTWARE\Classes\ITIOtherInfoObject.ITIOtherInfoObject@ ITIOtherInfoObject
Reg HKLM\SOFTWARE\Classes\ITIOtherInfoObject.ITIOtherInfoObject\CurVer
Reg HKLM\SOFTWARE\Classes\ITIOtherInfoObject.ITIOtherInfoObject\CurVer@ ITIOtherInfoObject.ITIOtherInfoObject.1
Reg HKLM\SOFTWARE\Classes\ITIOtherInfoObject.ITIOtherInfoObject.1@ ITIOtherInfoObject
Reg HKLM\SOFTWARE\Classes\ITIOtherInfoObject.ITIOtherInfoObject.1\CLSID
Reg HKLM\SOFTWARE\Classes\ITIOtherInfoObject.ITIOtherInfoObject.1\CLSID@ {B727C222-2022-11D4-B2C6-0050DA1BD906}
Reg HKLM\SOFTWARE\Classes\ITIStorage.ITIStorage@ ITIStorage Class
Reg HKLM\SOFTWARE\Classes\ITIStorage.ITIStorage\CurVer
Reg HKLM\SOFTWARE\Classes\ITIStorage.ITIStorage\CurVer@ ITIStorage.ITIStorage.1
Reg HKLM\SOFTWARE\Classes\ITIStorage.ITIStorage.1@ ITIStorage Class
Reg HKLM\SOFTWARE\Classes\ITIStorage.ITIStorage.1\CLSID
Reg HKLM\SOFTWARE\Classes\ITIStorage.ITIStorage.1\CLSID@ {22ACF82C-5E94-444C-8DCB-D963B0FE0F97}
Reg HKLM\SOFTWARE\Classes\ITISyscheckObject.ITISyscheckObject@ ITISyscheckObject
Reg HKLM\SOFTWARE\Classes\ITISyscheckObject.ITISyscheckObject\CurVer
Reg HKLM\SOFTWARE\Classes\ITISyscheckObject.ITISyscheckObject\CurVer@ ITISyscheckObject.ITISyscheckObject.1
Reg HKLM\SOFTWARE\Classes\ITISyscheckObject.ITISyscheckObject.1@ ITISyscheckObject
Reg HKLM\SOFTWARE\Classes\ITISyscheckObject.ITISyscheckObject.1\CLSID
Reg HKLM\SOFTWARE\Classes\ITISyscheckObject.ITISyscheckObject.1\CLSID@ {B727C210-2022-11D4-B2C6-0050DA1BD906}
Reg HKLM\SOFTWARE\Classes\ITX.ITX@ IA Media Object
Reg HKLM\SOFTWARE\Classes\ITX.ITX\CurVer
Reg HKLM\SOFTWARE\Classes\ITX.ITX\CurVer@ ITX.ITX.1
Reg HKLM\SOFTWARE\Classes\ITX.ITX.1@ IA Media Object
Reg HKLM\SOFTWARE\Classes\ITX.ITX.1\CLSID
Reg HKLM\SOFTWARE\Classes\ITX.ITX.1\CLSID@ {E358A3BE-6E9A-4BD4-93FB-F95FAA72FC01}
Reg HKLM\SOFTWARE\Classes\ITX.ITX.1\Insertable
Reg HKLM\SOFTWARE\Classes\ITXDVDRemote.ITXDVDRemote@ InterActual Remote
Reg HKLM\SOFTWARE\Classes\ITXDVDRemote.ITXDVDRemote\CurVer
Reg HKLM\SOFTWARE\Classes\ITXDVDRemote.ITXDVDRemote\CurVer@ ITXDVDRemote.ITXDVDRemote.1
Reg HKLM\SOFTWARE\Classes\ITXDVDRemote.ITXDVDRemote.1@ InterActual Remote
Reg HKLM\SOFTWARE\Classes\ITXDVDRemote.ITXDVDRemote.1\CLSID
Reg HKLM\SOFTWARE\Classes\ITXDVDRemote.ITXDVDRemote.1\CLSID@ {54D24045-4A5E-4009-9DA5-6EEE0F2D062C}
Reg HKLM\SOFTWARE\Classes\ITXProp.ITXProp@ ITXProp Class
Reg HKLM\SOFTWARE\Classes\ITXProp.ITXProp\CurVer
Reg HKLM\SOFTWARE\Classes\ITXProp.ITXProp\CurVer@ ITXProp.ITXProp.1
Reg HKLM\SOFTWARE\Classes\ITXProp.ITXProp.1@ ITXProp Class
Reg HKLM\SOFTWARE\Classes\ITXProp.ITXProp.1\CLSID
Reg HKLM\SOFTWARE\Classes\ITXProp.ITXProp.1\CLSID@ {117934E9-D55D-4A1C-A95E-EA2CDCDD3552}
Reg HKLM\SOFTWARE\Classes\KmSvc.CKmsCertEnroll@ Cert Enrollment class
Reg HKLM\SOFTWARE\Classes\KmSvc.CKmsCertEnroll\CLSID
Reg HKLM\SOFTWARE\Classes\KmSvc.CKmsCertEnroll\CLSID@ {ff258fc0-99b1-4297-b857-539ad9bc13ed}
Reg HKLM\SOFTWARE\Classes\KodakOneTouch.OneTouchPrinting@ OneTouchPrinting Class
Reg HKLM\SOFTWARE\Classes\KodakOneTouch.OneTouchPrinting\CLSID
Reg HKLM\SOFTWARE\Classes\KodakOneTouch.OneTouchPrinting\CLSID@ {08CE60DE-D425-11D3-891E-00104B9876B8}
Reg HKLM\SOFTWARE\Classes\KodakOneTouch.OneTouchPrinting\CurVer
Reg HKLM\SOFTWARE\Classes\KodakOneTouch.OneTouchPrinting\CurVer@ KodakOneTouch.OneTouchPrinting.1
Reg HKLM\SOFTWARE\Classes\KodakOneTouch.OneTouchPrinting.1@ OneTouchPrinting Class
Reg HKLM\SOFTWARE\Classes\KodakOneTouch.OneTouchPrinting.1\CLSID
Reg HKLM\SOFTWARE\Classes\KodakOneTouch.OneTouchPrinting.1\CLSID@ {08CE60DE-D425-11D3-891E-00104B9876B8}
Reg HKLM\SOFTWARE\Classes\LSSupCtl.LSSupCtl.1@ LSSupCtl Class
Reg HKLM\SOFTWARE\Classes\LSSupCtl.LSSupCtl.1\CLSID
Reg HKLM\SOFTWARE\Classes\LSSupCtl.LSSupCtl.1\CLSID@ {1F2F4C9E-6F09-47BC-970D-3C54734667FE}
Reg HKLM\SOFTWARE\Classes\MacromediaFlashPaper.MacromediaFlashPaper@ Macromedia Flash Paper
Reg HKLM\SOFTWARE\Classes\MacromediaFlashPaper.MacromediaFlashPaper\CLSID
Reg HKLM\SOFTWARE\Classes\MacromediaFlashPaper.MacromediaFlashPaper\CLSID@ {D27CDB6E-AE6D-11cf-96B8-444553540000}
Reg HKLM\SOFTWARE\Classes\MacromediaFlashPaper.MacromediaFlashPaper\DefaultIcon
Reg HKLM\SOFTWARE\Classes\MacromediaFlashPaper.MacromediaFlashPaper\DefaultIcon@ "%1"
Reg HKLM\SOFTWARE\Classes\MacromediaFlashPaper.MacromediaFlashPaper\shell
Reg HKLM\SOFTWARE\Classes\MacromediaFlashPaper.MacromediaFlashPaper\shell\open
Reg HKLM\SOFTWARE\Classes\MacromediaFlashPaper.MacromediaFlashPaper\shell\open\command
Reg HKLM\SOFTWARE\Classes\MacromediaFlashPaper.MacromediaFlashPaper\shell\open\command@ "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome "%1"
Reg HKLM\SOFTWARE\Classes\mailto@ URL:MailTo Protocol
Reg HKLM\SOFTWARE\Classes\mailto@URL Protocol
Reg HKLM\SOFTWARE\Classes\mailto\DefaultIcon
Reg HKLM\SOFTWARE\Classes\mailto\DefaultIcon@ %ProgramFiles%\Outlook Express\msimn.exe,-2
Reg HKLM\SOFTWARE\Classes\mailto\shell
Reg HKLM\SOFTWARE\Classes\mailto\shell\open
Reg HKLM\SOFTWARE\Classes\mailto\shell\open\command
Reg HKLM\SOFTWARE\Classes\mailto\shell\open\command@ "%ProgramFiles%\Outlook Express\msimn.exe" /mailurl:%1
Reg HKLM\SOFTWARE\Classes\MatroskaVideo@ Matroska File
Reg HKLM\SOFTWARE\Classes\MatroskaVideo@InfoTip prop:Type;{f29f85e0-4ff9-1068-ab91-08002b27b3d9}2;{64440490-4c8b-11d1-8b70-080036b11a03}2;{64440490-4c8b-11d1-8b70-080036b11a03}3;{6444048f-4c8b-11d1-8b70-080036b11a03}13;{0628D335-3AEF-4267-BD9F-CB6CD7712C99}2;Size
Reg HKLM\SOFTWARE\Classes\MatroskaVideo@TileInfo prop:{f29f85e0-4ff9-1068-ab91-08002b27b3d9}2;{6444048f-4c8b-11d1-8b70-080036b11a03}13;{0628D335-3AEF-4267-BD9F-CB6CD7712C99}2
Reg HKLM\SOFTWARE\Classes\MatroskaVideo@Details prop:Type;{f29f85e0-4ff9-1068-ab91-08002b27b3d9}2;{64440490-4c8b-11d1-8b70-080036b11a03}2;{64440490-4c8b-11d1-8b70-080036b11a03}3;{6444048f-4c8b-11d1-8b70-080036b11a03}13;{0628D335-3AEF-4267-BD9F-CB6CD7712C99}2;{0628D335-3AEF-4267-BD9F-CB6CD7712C99}1;Size
Reg HKLM\SOFTWARE\Classes\MatroskaVideo\DefaultIcon
Reg HKLM\SOFTWARE\Classes\MatroskaVideo\DefaultIcon@ C:\Program Files\Haali\MatroskaSplitter\splitter.ax
Reg HKLM\SOFTWARE\Classes\MatroskaVideo\shell
Reg HKLM\SOFTWARE\Classes\MatroskaVideo\shell@ open
Reg HKLM\SOFTWARE\Classes\MatroskaVideo\shell\open
Reg HKLM\SOFTWARE\Classes\MatroskaVideo\shell\open@ &Open
Reg HKLM\SOFTWARE\Classes\MatroskaVideo\shell\open\command
Reg HKLM\SOFTWARE\Classes\MatroskaVideo\shell\open\command@ C:\Program Files\Windows Media Player\wmplayer.exe /Open "%L"
Reg HKLM\SOFTWARE\Classes\MatroskaVideo\shell\play
Reg HKLM\SOFTWARE\Classes\MatroskaVideo\shell\play@ &Play
Reg HKLM\SOFTWARE\Classes\MatroskaVideo\shell\play\command
Reg HKLM\SOFTWARE\Classes\MatroskaVideo\shell\play\command@ C:\Program Files\Windows Media Player\wmplayer.exe /Play "%L"
Reg HKLM\SOFTWARE\Classes\MatroskaVideo\shellex
Reg HKLM\SOFTWARE\Classes\MatroskaVideo\shellex\PropertySheetHandlers
Reg HKLM\SOFTWARE\Classes\MatroskaVideo\shellex\PropertySheetHandlers\PropertySheet1
Reg HKLM\SOFTWARE\Classes\MatroskaVideo\shellex\PropertySheetHandlers\PropertySheet1@ {5574006C-28F5-4a65-A28C-74DE6BFBE0BB}
Reg HKLM\SOFTWARE\Classes\MatroskaVideo\shellex\{BB2E617C-0920-11d1-9A0B-00C04FC2D6C1}
Reg HKLM\SOFTWARE\Classes\MatroskaVideo\shellex\{BB2E617C-0920-11d1-9A0B-00C04FC2D6C1}@ {327669A0-59A7-4be9-B99E-1C9F3A57611A}
Reg HKLM\SOFTWARE\Classes\mbam.script@ Malwarebytes' Anti-Malware script
Reg HKLM\SOFTWARE\Classes\mbam.script\shell
Reg HKLM\SOFTWARE\Classes\mbam.script\shell\open
Reg HKLM\SOFTWARE\Classes\mbam.script\shell\open\command
Reg HKLM\SOFTWARE\Classes\mbam.script\shell\open\command@ "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" %1
Reg HKLM\SOFTWARE\Classes\MBAMExt.MBAMShlExt@ MBAMShlExt Class
Reg HKLM\SOFTWARE\Classes\MBAMExt.MBAMShlExt\CLSID
Reg HKLM\SOFTWARE\Classes\MBAMExt.MBAMShlExt\CLSID@ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
Reg HKLM\SOFTWARE\Classes\MBAMExt.MBAMShlExt\CurVer
Reg HKLM\SOFTWARE\Classes\MBAMExt.MBAMShlExt\CurVer@ MBAMExt.MBAMShlExt.1
Reg HKLM\SOFTWARE\Classes\MBAMExt.MBAMShlExt.1@ MBAMShlExt Class
Reg HKLM\SOFTWARE\Classes\MBAMExt.MBAMShlExt.1\CLSID
Reg HKLM\SOFTWARE\Classes\MBAMExt.MBAMShlExt.1\CLSID@ {57CE581A-0CB6-4266-9CA0-19364C90A0B3}
Reg HKLM\SOFTWARE\Classes\MediaPlayer.MediaPlayer@ Windows Media Player
Reg HKLM\SOFTWARE\Classes\MediaPlayer.MediaPlayer\CurVer
Reg HKLM\SOFTWARE\Classes\MediaPlayer.MediaPlayer\CurVer@ MediaPlayer.MediaPlayer.1
Reg HKLM\SOFTWARE\Classes\MediaPlayer.MediaPlayer.1@ Windows Media Player
Reg HKLM\SOFTWARE\Classes\MediaPlayer.MediaPlayer.1@EditFlags 65536
Reg HKLM\SOFTWARE\Classes\MediaPlayer.MediaPlayer.1\CLSID
Reg HKLM\SOFTWARE\Classes\MediaPlayer.MediaPlayer.1\CLSID@ {22D6F312-B0F6-11D0-94AB-0080C74C7E95}
Reg HKLM\SOFTWARE\Classes\Messenger.ExtensionsManager@ Messenger Extensions Manager Object
Reg HKLM\SOFTWARE\Classes\Messenger.ExtensionsManager\CLSID
Reg HKLM\SOFTWARE\Classes\Messenger.ExtensionsManager\CLSID@ {BC20CB75-A981-460e-81D4-F06F61B59247}
Reg HKLM\SOFTWARE\Classes\Messenger.ExtensionsManager\CurVer
Reg HKLM\SOFTWARE\Classes\Messenger.ExtensionsManager\CurVer@ Messenger.MessengerExtensions.1
Reg HKLM\SOFTWARE\Classes\Messenger.ExtensionsManager.1@ Messenger Extensions Manager Object
Reg HKLM\SOFTWARE\Classes\Messenger.ExtensionsManager.1\CLSID
Reg HKLM\SOFTWARE\Classes\Messenger.ExtensionsManager.1\CLSID@ {BC20CB75-A981-460e-81D4-F06F61B59247}
Reg HKLM\SOFTWARE\Classes\Messenger.MessengerApp@ Messenger Application
Reg HKLM\SOFTWARE\Classes\Messenger.MessengerApp\CLSID
Reg HKLM\SOFTWARE\Classes\Messenger.MessengerApp\CLSID@ {FB7199AB-79BF-11d2-8D94-0000F875C541}
Reg HKLM\SOFTWARE\Classes\Messenger.MessengerApp\CurVer
Reg HKLM\SOFTWARE\Classes\Messenger.MessengerApp\CurVer@ Messenger.MessengerApp.1
Reg HKLM\SOFTWARE\Classes\Messenger.MessengerApp.1@ Messenger Application
Reg HKLM\SOFTWARE\Classes\Messenger.MessengerApp.1\CLSID
Reg HKLM\SOFTWARE\Classes\Messenger.MessengerApp.1\CLSID@ {FB7199AB-79BF-11d2-8D94-0000F875C541}
Reg HKLM\SOFTWARE\Classes\Messenger.MsgrObject@ Messenger Object
Reg HKLM\SOFTWARE\Classes\Messenger.MsgrObject\CLSID
Reg HKLM\SOFTWARE\Classes\Messenger.MsgrObject\CLSID@ {F3A614DC-ABE0-11d2-A441-00C04F795683}
Reg HKLM\SOFTWARE\Classes\Messenger.MsgrObject\CurVer
Reg HKLM\SOFTWARE\Classes\Messenger.MsgrObject\CurVer@ Messenger.MsgrObject.1
Reg HKLM\SOFTWARE\Classes\Messenger.MsgrObject.1@ Messenger Object
Reg HKLM\SOFTWARE\Classes\Messenger.MsgrObject.1\CLSID
Reg HKLM\SOFTWARE\Classes\Messenger.MsgrObject.1\CLSID@ {F3A614DC-ABE0-11d2-A441-00C04F795683}
Reg HKLM\SOFTWARE\Classes\Messenger.UIAutomation@ Messenger Object
Reg HKLM\SOFTWARE\Classes\Messenger.UIAutomation\CLSID
Reg HKLM\SOFTWARE\Classes\Messenger.UIAutomation\CLSID@ {B69003B3-C55E-4b48-836C-BC5946FC3B28}
Reg HKLM\SOFTWARE\Classes\Messenger.UIAutomation\CurVer
Reg HKLM\SOFTWARE\Classes\Messenger.UIAutomation\CurVer@ Messenger.UIAutomation.1
Reg HKLM\SOFTWARE\Classes\Messenger.UIAutomation.1@ Messenger Object
Reg HKLM\SOFTWARE\Classes\Messenger.UIAutomation.1\CLSID
Reg HKLM\SOFTWARE\Classes\Messenger.UIAutomation.1\CLSID@ {B69003B3-C55E-4b48-836C-BC5946FC3B28}
Reg HKLM\SOFTWARE\Classes\MessengerContactList@ Messenger Contact List
Reg HKLM\SOFTWARE\Classes\MessengerContactList@NoOpen You cannot open this file directly. You must open Messenger and select "Import Contacts..." from the "File" menu.
Reg HKLM\SOFTWARE\Classes\MessengerContactList\DefaultIcon
Reg HKLM\SOFTWARE\Classes\MessengerContactList\DefaultIcon@ C:\Program Files\Messenger\msmsgs.exe,-1
Reg HKLM\SOFTWARE\Classes\MessengerPrivate.MessengerPriv@ Messenger Private Object
Reg HKLM\SOFTWARE\Classes\MessengerPrivate.MessengerPriv\CLSID
Reg HKLM\SOFTWARE\Classes\MessengerPrivate.MessengerPriv\CLSID@ {AB1D8565-40E9-4616-984D-98465687E82C}
Reg HKLM\SOFTWARE\Classes\MessengerPrivate.MessengerPriv\CurVer
Reg HKLM\SOFTWARE\Classes\MessengerPrivate.MessengerPriv\CurVer@ MessengerPrivate.MessengerPriv.1
Reg HKLM\SOFTWARE\Classes\MessengerPrivate.MessengerPriv.1@ Messenger Private Object
Reg HKLM\SOFTWARE\Classes\MessengerPrivate.MessengerPriv.1\CLSID
Reg HKLM\SOFTWARE\Classes\MessengerPrivate.MessengerPriv.1\CLSID@ {AB1D8565-40E9-4616-984D-98465687E82C}
Reg HKLM\SOFTWARE\Classes\Microsoft.Aspnet.Snapin.AspNetManagementUtility.2\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.Aspnet.Snapin.AspNetManagementUtility.2\CLSID@ {FD5CD8B1-6FE0-44F3-BBFB-65E3655B096E}
Reg HKLM\SOFTWARE\Classes\Microsoft.FeedsManager@ Microsoft Feeds 2.0 Object Library
Reg HKLM\SOFTWARE\Classes\Microsoft.FeedsManager\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.FeedsManager\CLSID@ {faeb54c4-f66f-4806-83a0-805299f5e3ad}
Reg HKLM\SOFTWARE\Classes\Microsoft.FreeThreadedXMLDOM@ Free Threaded XML DOM Document
Reg HKLM\SOFTWARE\Classes\Microsoft.FreeThreadedXMLDOM\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.FreeThreadedXMLDOM\CLSID@ {2933BF91-7B36-11D2-B20E-00C04F983E60}
Reg HKLM\SOFTWARE\Classes\Microsoft.FreeThreadedXMLDOM\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.FreeThreadedXMLDOM\CurVer@ Microsoft.FreeThreadedXMLDOM.1.0
Reg HKLM\SOFTWARE\Classes\Microsoft.FreeThreadedXMLDOM.1.0@ Free Threaded XML DOM Document
Reg HKLM\SOFTWARE\Classes\Microsoft.FreeThreadedXMLDOM.1.0\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.FreeThreadedXMLDOM.1.0\CLSID@ {2933BF91-7B36-11D2-B20E-00C04F983E60}
Reg HKLM\SOFTWARE\Classes\Microsoft.InformationCard.ElementBehaviorFactory.1\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.InformationCard.ElementBehaviorFactory.1\CLSID@ {c2c4f00a-720e-4389-aeb9-e9c4b0d93c6f}
Reg HKLM\SOFTWARE\Classes\Microsoft.MMC.FrameworkSnapInFactory@ Microsoft.ManagementConsole.Advanced.FrameworkSnapInFactory
Reg HKLM\SOFTWARE\Classes\Microsoft.MMC.FrameworkSnapInFactory\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.MMC.FrameworkSnapInFactory\CLSID@ {D5AB5662-131D-453D-88C8-9BBA87502ADE}
Reg HKLM\SOFTWARE\Classes\Microsoft.PowerShellConsole.1@EditFlags 131072
Reg HKLM\SOFTWARE\Classes\Microsoft.PowerShellConsole.1\shell
Reg HKLM\SOFTWARE\Classes\Microsoft.PowerShellConsole.1\shell\open
Reg HKLM\SOFTWARE\Classes\Microsoft.PowerShellConsole.1\shell\open\command
Reg HKLM\SOFTWARE\Classes\Microsoft.PowerShellConsole.1\shell\open\command@ "C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe" -p "%1"
Reg HKLM\SOFTWARE\Classes\Microsoft.PowerShellScript.1@EditFlags 131072
Reg HKLM\SOFTWARE\Classes\Microsoft.PowerShellXmlData.1@EditFlags 131072
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLDOM@ XML DOM Document
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLDOM\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLDOM\CLSID@ {2933BF90-7B36-11D2-B20E-00C04F983E60}
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLDOM\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLDOM\CurVer@ Microsoft.XMLDOM.1.0
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLDOM.1.0@ XML DOM Document
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLDOM.1.0\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLDOM.1.0\CLSID@ {2933BF90-7B36-11D2-B20E-00C04F983E60}
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLDSO@ XML Data Source Object
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLDSO\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLDSO\CLSID@ {550DDA30-0541-11D2-9CA9-0060B0EC3D39}
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLDSO\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLDSO\CurVer@ Microsoft.XMLDSO.1.0
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLDSO.1.0@ XML Data Source Object
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLDSO.1.0\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLDSO.1.0\CLSID@ {550DDA30-0541-11D2-9CA9-0060B0EC3D39}
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLHTTP@ XML HTTP Request
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLHTTP\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLHTTP\CLSID@ {ED8C108E-4349-11D2-91A4-00C04F7969E8}
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLHTTP\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLHTTP\CurVer@ Microsoft.XMLHTTP.1.0
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLHTTP.1.0@ XML HTTP Request
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLHTTP.1.0\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLHTTP.1.0\CLSID@ {ED8C108E-4349-11D2-91A4-00C04F7969E8}
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLParser@ XML Parser
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLParser\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLParser\CLSID@ {D2423620-51A0-11D2-9CAF-0060B0EC3D39}
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLParser\CurVer
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLParser\CurVer@ Microsoft.XMLParser.1.0
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLParser.1.0@ XML Parser

Edited by bugaboomdc, 01 March 2010 - 05:30 PM.


#6 bugaboomdc

bugaboomdc
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 01 March 2010 - 05:28 PM

Reg HKLM\SOFTWARE\Classes\Microsoft.XMLParser.1.0\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.XMLParser.1.0\CLSID@ {D2423620-51A0-11D2-9CAF-0060B0EC3D39}
Reg HKLM\SOFTWARE\Classes\Microsoft.XPS.Document@ Windows XPS Document
Reg HKLM\SOFTWARE\Classes\Microsoft.XPS.Document\shellex
Reg HKLM\SOFTWARE\Classes\Microsoft.XPS.Document\shellex\PropertyHandler
Reg HKLM\SOFTWARE\Classes\Microsoft.XPS.Document\shellex\PropertyHandler@ {45670FA8-ED97-4F44-BC93-305082590BFB}
Reg HKLM\SOFTWARE\Classes\Microsoft.XPS.Document\shellex\{BB2E617C-0920-11d1-9A0B-00C04FC2D6C1}
Reg HKLM\SOFTWARE\Classes\Microsoft.XPS.Document\shellex\{BB2E617C-0920-11d1-9A0B-00C04FC2D6C1}@ {44121072-A222-48f2-A58A-6D9AD51EBBE9}
Reg HKLM\SOFTWARE\Classes\Microsoft.XPS.Shell.Metadata@ Windows XPS Document Metadata Handler
Reg HKLM\SOFTWARE\Classes\Microsoft.XPS.Shell.Metadata\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.XPS.Shell.Metadata\CLSID@ {45670FA8-ED97-4F44-BC93-305082590BFB}
Reg HKLM\SOFTWARE\Classes\Microsoft.XPS.Shell.Metadata\Curver
Reg HKLM\SOFTWARE\Classes\Microsoft.XPS.Shell.Metadata\Curver@ Microsoft.XPS.Shell.Metadata.1
Reg HKLM\SOFTWARE\Classes\Microsoft.XPS.Shell.Metadata.1@ Windows XPS Document Metadata Handler
Reg HKLM\SOFTWARE\Classes\Microsoft.XPS.Shell.Metadata.1\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.XPS.Shell.Metadata.1\CLSID@ {45670FA8-ED97-4F44-BC93-305082590BFB}
Reg HKLM\SOFTWARE\Classes\Microsoft.XPS.Shell.Thumbnail@ Windows XPS Document Thumbnail Handler
Reg HKLM\SOFTWARE\Classes\Microsoft.XPS.Shell.Thumbnail\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.XPS.Shell.Thumbnail\CLSID@ {44121072-A222-48f2-A58A-6D9AD51EBBE9}
Reg HKLM\SOFTWARE\Classes\Microsoft.XPS.Shell.Thumbnail\Curver
Reg HKLM\SOFTWARE\Classes\Microsoft.XPS.Shell.Thumbnail\Curver@ Microsoft.XPS.Shell.Thumbnail.1
Reg HKLM\SOFTWARE\Classes\Microsoft.XPS.Shell.Thumbnail.1@ Windows XPS Document Thumbnail Handler
Reg HKLM\SOFTWARE\Classes\Microsoft.XPS.Shell.Thumbnail.1\CLSID
Reg HKLM\SOFTWARE\Classes\Microsoft.XPS.Shell.Thumbnail.1\CLSID@ {44121072-A222-48f2-A58A-6D9AD51EBBE9}
Reg HKLM\SOFTWARE\Classes\MMC.ExecutivePlatform@ ExecutivePlatform
Reg HKLM\SOFTWARE\Classes\MMC.ExecutivePlatform\CLSID
Reg HKLM\SOFTWARE\Classes\MMC.ExecutivePlatform\CLSID@ {B3FD5602-EB0F-415E-9F32-75DA391D6BF9}
Reg HKLM\SOFTWARE\Classes\MMC.ExecutivePlatform\CurVer
Reg HKLM\SOFTWARE\Classes\MMC.ExecutivePlatform\CurVer@ MMC.ExecutivePlatform.1
Reg HKLM\SOFTWARE\Classes\MMC.ExecutivePlatform.1@ ExecutivePlatform
Reg HKLM\SOFTWARE\Classes\MMC.ExecutivePlatform.1\CLSID
Reg HKLM\SOFTWARE\Classes\MMC.ExecutivePlatform.1\CLSID@ {B3FD5602-EB0F-415E-9F32-75DA391D6BF9}
Reg HKLM\SOFTWARE\Classes\MMC.SnapInFailureReporter@ SnapInFailureReporter
Reg HKLM\SOFTWARE\Classes\MMC.SnapInFailureReporter\CLSID
Reg HKLM\SOFTWARE\Classes\MMC.SnapInFailureReporter\CLSID@ {4A65D267-1539-4BD1-921D-1C49B3E58EB7}
Reg HKLM\SOFTWARE\Classes\MMC.SnapInFailureReporter\CurVer
Reg HKLM\SOFTWARE\Classes\MMC.SnapInFailureReporter\CurVer@ MMC.SnapInFailureReporter.1
Reg HKLM\SOFTWARE\Classes\MMC.SnapInFailureReporter.1@ SnapInFailureReporter
Reg HKLM\SOFTWARE\Classes\MMC.SnapInFailureReporter.1\CLSID
Reg HKLM\SOFTWARE\Classes\MMC.SnapInFailureReporter.1\CLSID@ {4A65D267-1539-4BD1-921D-1C49B3E58EB7}
Reg HKLM\SOFTWARE\Classes\MMC.WaitDialog@ WaitDialog
Reg HKLM\SOFTWARE\Classes\MMC.WaitDialog\CLSID
Reg HKLM\SOFTWARE\Classes\MMC.WaitDialog\CLSID@ {2D11CF10-4FE0-45B2-88DF-6FFBF92BE9AB}
Reg HKLM\SOFTWARE\Classes\MMC.WaitDialog\CurVer
Reg HKLM\SOFTWARE\Classes\MMC.WaitDialog\CurVer@ MMC.WaitDialog.1
Reg HKLM\SOFTWARE\Classes\MMC.WaitDialog.1@ WaitDialog
Reg HKLM\SOFTWARE\Classes\MMC.WaitDialog.1\CLSID
Reg HKLM\SOFTWARE\Classes\MMC.WaitDialog.1\CLSID@ {2D11CF10-4FE0-45B2-88DF-6FFBF92BE9AB}
Reg HKLM\SOFTWARE\Classes\Mmedia.RadioBand@ RadioBand Class
Reg HKLM\SOFTWARE\Classes\Mmedia.RadioBand\CLSID
Reg HKLM\SOFTWARE\Classes\Mmedia.RadioBand\CLSID@ {8E718888-423F-11D2-876E-00A0C9082467}
Reg HKLM\SOFTWARE\Classes\Mmedia.RadioBand\CurVer
Reg HKLM\SOFTWARE\Classes\Mmedia.RadioBand\CurVer@ Mmedia.RadioBand.1
Reg HKLM\SOFTWARE\Classes\Mmedia.RadioBand.1@ RadioBand Class
Reg HKLM\SOFTWARE\Classes\Mmedia.RadioBand.1\CLSID
Reg HKLM\SOFTWARE\Classes\Mmedia.RadioBand.1\CLSID@ {8E718888-423F-11D2-876E-00A0C9082467}
Reg HKLM\SOFTWARE\Classes\Mmedia.RadioPlayer@ RadioPlayer Class
Reg HKLM\SOFTWARE\Classes\Mmedia.RadioPlayer\CLSID
Reg HKLM\SOFTWARE\Classes\Mmedia.RadioPlayer\CLSID@ {9C2263B0-3E3C-11D2-9BD3-204C4F4F5020}
Reg HKLM\SOFTWARE\Classes\Mmedia.RadioPlayer\CurVer
Reg HKLM\SOFTWARE\Classes\Mmedia.RadioPlayer\CurVer@ Mmedia.RadioPlayer.1
Reg HKLM\SOFTWARE\Classes\Mmedia.RadioPlayer.1@ RadioPlayer Class
Reg HKLM\SOFTWARE\Classes\Mmedia.RadioPlayer.1\CLSID
Reg HKLM\SOFTWARE\Classes\Mmedia.RadioPlayer.1\CLSID@ {9C2263B0-3E3C-11D2-9BD3-204C4F4F5020}
Reg HKLM\SOFTWARE\Classes\Mmedia.RadioServer@ RadioServer Class
Reg HKLM\SOFTWARE\Classes\Mmedia.RadioServer\CLSID
Reg HKLM\SOFTWARE\Classes\Mmedia.RadioServer\CLSID@ {8E71888A-423F-11D2-876E-00A0C9082467}
Reg HKLM\SOFTWARE\Classes\Mmedia.RadioServer\CurVer
Reg HKLM\SOFTWARE\Classes\Mmedia.RadioServer\CurVer@ Mmedia.RadioServer.1
Reg HKLM\SOFTWARE\Classes\Mmedia.RadioServer.1@ RadioServer Class
Reg HKLM\SOFTWARE\Classes\Mmedia.RadioServer.1\CLSID
Reg HKLM\SOFTWARE\Classes\Mmedia.RadioServer.1\CLSID@ {8E71888A-423F-11D2-876E-00A0C9082467}
Reg HKLM\SOFTWARE\Classes\MS3@ URL:MS3 Protocol
Reg HKLM\SOFTWARE\Classes\MS3@URL Protocol
Reg HKLM\SOFTWARE\Classes\MS3\DefaultIcon
Reg HKLM\SOFTWARE\Classes\MS3\DefaultIcon@ c:\Program Files\Groove Games\Marine Sharpshooter 3\Help\MS3.ico
Reg HKLM\SOFTWARE\Classes\MS3\Shell
Reg HKLM\SOFTWARE\Classes\MS3\Shell@ open
Reg HKLM\SOFTWARE\Classes\MS3\Shell\open
Reg HKLM\SOFTWARE\Classes\MS3\Shell\open@ &Play this MS3 level
Reg HKLM\SOFTWARE\Classes\MS3\Shell\open\command
Reg HKLM\SOFTWARE\Classes\MS3\Shell\open\command@ c:\Program Files\Groove Games\Marine Sharpshooter 3\System\MarineSharpshooter3.exe "%1"
Reg HKLM\SOFTWARE\Classes\MS3.Link@ MS3 Link
Reg HKLM\SOFTWARE\Classes\MS3.Link\DefaultIcon
Reg HKLM\SOFTWARE\Classes\MS3.Link\DefaultIcon@ c:\Program Files\Groove Games\Marine Sharpshooter 3\Help\MS3.ico
Reg HKLM\SOFTWARE\Classes\MS3.Link\Shell
Reg HKLM\SOFTWARE\Classes\MS3.Link\Shell@ open
Reg HKLM\SOFTWARE\Classes\MS3.Link\Shell\open
Reg HKLM\SOFTWARE\Classes\MS3.Link\Shell\open@ &Play this MS3 level
Reg HKLM\SOFTWARE\Classes\MS3.Link\Shell\open\command
Reg HKLM\SOFTWARE\Classes\MS3.Link\Shell\open\command@ c:\Program Files\Groove Games\Marine Sharpshooter 3\System\MarineSharpshooter3.exe "%1"
Reg HKLM\SOFTWARE\Classes\MS3.Map@ MS3 Map
Reg HKLM\SOFTWARE\Classes\MS3.Map\DefaultIcon
Reg HKLM\SOFTWARE\Classes\MS3.Map\DefaultIcon@ c:\Program Files\Groove Games\Marine Sharpshooter 3\Help\MS3.ico
Reg HKLM\SOFTWARE\Classes\MS3.Map\Shell
Reg HKLM\SOFTWARE\Classes\MS3.Map\Shell@ open
Reg HKLM\SOFTWARE\Classes\MS3.Map\Shell\open
Reg HKLM\SOFTWARE\Classes\MS3.Map\Shell\open@ &Play this MS3 level
Reg HKLM\SOFTWARE\Classes\MS3.Map\Shell\open\command
Reg HKLM\SOFTWARE\Classes\MS3.Map\Shell\open\command@ c:\Program Files\Groove Games\Marine Sharpshooter 3\System\MarineSharpshooter3.exe "%1"
Reg HKLM\SOFTWARE\Classes\MS3.Module@ MS3 Module
Reg HKLM\SOFTWARE\Classes\MS3.Module\DefaultIcon
Reg HKLM\SOFTWARE\Classes\MS3.Module\DefaultIcon@ c:\Program Files\Groove Games\Marine Sharpshooter 3\Help\MS3.ico
Reg HKLM\SOFTWARE\Classes\MS3.Module\Shell
Reg HKLM\SOFTWARE\Classes\MS3.Module\Shell@ open
Reg HKLM\SOFTWARE\Classes\MS3.Module\Shell\open
Reg HKLM\SOFTWARE\Classes\MS3.Module\Shell\open@ &Install this MS3 module
Reg HKLM\SOFTWARE\Classes\MS3.Module\Shell\open\command
Reg HKLM\SOFTWARE\Classes\MS3.Module\Shell\open\command@ c:\Program Files\Groove Games\Marine Sharpshooter 3\System\Setup.exe install "%1"
Reg HKLM\SOFTWARE\Classes\MSIDXS@ Microsoft OLE DB Provider for Indexing Service
Reg HKLM\SOFTWARE\Classes\MSIDXS\Clsid
Reg HKLM\SOFTWARE\Classes\MSIDXS\Clsid@ {F9AE8980-7E52-11d0-8964-00C04FD611D7}
Reg HKLM\SOFTWARE\Classes\MSIDXS ErrorLookup@ Microsoft OLE DB Error Lookup for Indexing Service
Reg HKLM\SOFTWARE\Classes\MSIDXS ErrorLookup\Clsid
Reg HKLM\SOFTWARE\Classes\MSIDXS ErrorLookup\Clsid@ {F9AE8981-7E52-11d0-8964-00C04FD611D7}
Reg HKLM\SOFTWARE\Classes\MsRDP.MsRDP@ MsRDP Class v7
Reg HKLM\SOFTWARE\Classes\MsRDP.MsRDP\CurVer
Reg HKLM\SOFTWARE\Classes\MsRDP.MsRDP\CurVer@ MsRDP.MsRDP.6
Reg HKLM\SOFTWARE\Classes\MsRDP.MsRDP.2@ MsRDP Class v3
Reg HKLM\SOFTWARE\Classes\MsRDP.MsRDP.2\CLSID
Reg HKLM\SOFTWARE\Classes\MsRDP.MsRDP.2\CLSID@ {971127BB-259F-48c2-BD75-5F97A3331551}
Reg HKLM\SOFTWARE\Classes\MsRDP.MsRDP.3@ MsRDP Class v4
Reg HKLM\SOFTWARE\Classes\MsRDP.MsRDP.3\CLSID
Reg HKLM\SOFTWARE\Classes\MsRDP.MsRDP.3\CLSID@ {6A6F4B83-45C5-4ca9-BDD9-0D81C12295E4}
Reg HKLM\SOFTWARE\Classes\MsRDP.MsRDP.4@ MsRDP Class v5
Reg HKLM\SOFTWARE\Classes\MsRDP.MsRDP.4\CLSID
Reg HKLM\SOFTWARE\Classes\MsRDP.MsRDP.4\CLSID@ {54CE37E0-9834-41ae-9896-4DAB69DC022B}
Reg HKLM\SOFTWARE\Classes\MsRDP.MsRDP.5@ MsRDP Class v6
Reg HKLM\SOFTWARE\Classes\MsRDP.MsRDP.5\CLSID
Reg HKLM\SOFTWARE\Classes\MsRDP.MsRDP.5\CLSID@ {4eb89ff4-7f78-4a0f-8b8d-2bf02e94e4b2}
Reg HKLM\SOFTWARE\Classes\MsRDP.MsRDP.6@ MsRDP Class v7
Reg HKLM\SOFTWARE\Classes\MsRDP.MsRDP.6\CLSID
Reg HKLM\SOFTWARE\Classes\MsRDP.MsRDP.6\CLSID@ {7390f3d8-0439-4c05-91e3-cf5cb290c3d0}
Reg HKLM\SOFTWARE\Classes\MsTscAx.MsTscAx.4@ MsTscAx Class v4
Reg HKLM\SOFTWARE\Classes\MsTscAx.MsTscAx.4\CLSID
Reg HKLM\SOFTWARE\Classes\MsTscAx.MsTscAx.4\CLSID@ {ace575fd-1fcf-4074-9401-ebab990fa9de}
Reg HKLM\SOFTWARE\Classes\MsTscAx.MsTscAx.5@ MsTscAx Class v5
Reg HKLM\SOFTWARE\Classes\MsTscAx.MsTscAx.5\CLSID
Reg HKLM\SOFTWARE\Classes\MsTscAx.MsTscAx.5\CLSID@ {6AE29350-321B-42be-BBE5-12FB5270C0DE}
Reg HKLM\SOFTWARE\Classes\MsTscAx.MsTscAx.6@ MsTscAx Class v6
Reg HKLM\SOFTWARE\Classes\MsTscAx.MsTscAx.6\CLSID
Reg HKLM\SOFTWARE\Classes\MsTscAx.MsTscAx.6\CLSID@ {4eb2f086-c818-447e-b32c-c51ce2b30d31}
Reg HKLM\SOFTWARE\Classes\MsTscAx.MsTscAx.7@ MsTscAx Class v7
Reg HKLM\SOFTWARE\Classes\MsTscAx.MsTscAx.7\CLSID
Reg HKLM\SOFTWARE\Classes\MsTscAx.MsTscAx.7\CLSID@ {d2ea46a7-c2bf-426b-af24-e19c44456399}
Reg HKLM\SOFTWARE\Classes\Msxml@ Msxml
Reg HKLM\SOFTWARE\Classes\Msxml\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml\CLSID@ {CFC399AF-D876-11D0-9C10-00C04FC99C8E}
Reg HKLM\SOFTWARE\Classes\MSXML.DOMDocument@ XML DOM Document
Reg HKLM\SOFTWARE\Classes\MSXML.DOMDocument\CLSID
Reg HKLM\SOFTWARE\Classes\MSXML.DOMDocument\CLSID@ {2933BF90-7B36-11D2-B20E-00C04F983E60}
Reg HKLM\SOFTWARE\Classes\MSXML.DOMDocument\CurVer
Reg HKLM\SOFTWARE\Classes\MSXML.DOMDocument\CurVer@ Microsoft.XMLDOM.1.0
Reg HKLM\SOFTWARE\Classes\MSXML.FreeThreadedDOMDocument@ Free Threaded XML DOM Document
Reg HKLM\SOFTWARE\Classes\MSXML.FreeThreadedDOMDocument\CLSID
Reg HKLM\SOFTWARE\Classes\MSXML.FreeThreadedDOMDocument\CLSID@ {2933BF91-7B36-11D2-B20E-00C04F983E60}
Reg HKLM\SOFTWARE\Classes\MSXML.FreeThreadedDOMDocument\CurVer
Reg HKLM\SOFTWARE\Classes\MSXML.FreeThreadedDOMDocument\CurVer@ Microsoft.FreeThreadedXMLDOM.1.0
Reg HKLM\SOFTWARE\Classes\Msxml2.DOMDocument@ XML DOM Document
Reg HKLM\SOFTWARE\Classes\Msxml2.DOMDocument\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.DOMDocument\CLSID@ {F6D90F11-9C73-11D3-B32E-00C04F990BB4}
Reg HKLM\SOFTWARE\Classes\Msxml2.DOMDocument\CurVer
Reg HKLM\SOFTWARE\Classes\Msxml2.DOMDocument\CurVer@ Msxml2.DOMDocument.3.0
Reg HKLM\SOFTWARE\Classes\Msxml2.DOMDocument.3.0@ XML DOM Document 3.0
Reg HKLM\SOFTWARE\Classes\Msxml2.DOMDocument.3.0\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.DOMDocument.3.0\CLSID@ {F5078F32-C551-11D3-89B9-0000F81FE221}
Reg HKLM\SOFTWARE\Classes\Msxml2.DOMDocument.6.0@ XML DOM Document 6.0
Reg HKLM\SOFTWARE\Classes\Msxml2.DOMDocument.6.0\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.DOMDocument.6.0\CLSID@ {88d96a05-f192-11d4-a65f-0040963251e5}
Reg HKLM\SOFTWARE\Classes\Msxml2.DSOControl@ XML Data Source Object
Reg HKLM\SOFTWARE\Classes\Msxml2.DSOControl\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.DSOControl\CLSID@ {F6D90F14-9C73-11D3-B32E-00C04F990BB4}
Reg HKLM\SOFTWARE\Classes\Msxml2.DSOControl\CurVer
Reg HKLM\SOFTWARE\Classes\Msxml2.DSOControl\CurVer@ Msxml2.DSOControl.3.0
Reg HKLM\SOFTWARE\Classes\Msxml2.DSOControl.3.0@ XML Data Source Object 3.0
Reg HKLM\SOFTWARE\Classes\Msxml2.DSOControl.3.0\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.DSOControl.3.0\CLSID@ {F5078F39-C551-11D3-89B9-0000F81FE221}
Reg HKLM\SOFTWARE\Classes\Msxml2.FreeThreadedDOMDocument@ Free Threaded XML DOM Document
Reg HKLM\SOFTWARE\Classes\Msxml2.FreeThreadedDOMDocument\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.FreeThreadedDOMDocument\CLSID@ {F6D90F12-9C73-11D3-B32E-00C04F990BB4}
Reg HKLM\SOFTWARE\Classes\Msxml2.FreeThreadedDOMDocument\CurVer
Reg HKLM\SOFTWARE\Classes\Msxml2.FreeThreadedDOMDocument\CurVer@ Msxml2.FreeThreadedDOMDocument.3.0
Reg HKLM\SOFTWARE\Classes\Msxml2.FreeThreadedDOMDocument.3.0@ Free Threaded XML DOM Document 3.0
Reg HKLM\SOFTWARE\Classes\Msxml2.FreeThreadedDOMDocument.3.0\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.FreeThreadedDOMDocument.3.0\CLSID@ {F5078F33-C551-11D3-89B9-0000F81FE221}
Reg HKLM\SOFTWARE\Classes\Msxml2.FreeThreadedDOMDocument.6.0@ Free Threaded XML DOM Document 6.0
Reg HKLM\SOFTWARE\Classes\Msxml2.FreeThreadedDOMDocument.6.0\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.FreeThreadedDOMDocument.6.0\CLSID@ {88d96a06-f192-11d4-a65f-0040963251e5}
Reg HKLM\SOFTWARE\Classes\Msxml2.MXHTMLWriter.6.0@ MXHTMLWriter 6.0
Reg HKLM\SOFTWARE\Classes\Msxml2.MXHTMLWriter.6.0\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.MXHTMLWriter.6.0\CLSID@ {88d96a10-f192-11d4-a65f-0040963251e5}
Reg HKLM\SOFTWARE\Classes\Msxml2.MXNamespaceManager.6.0@ MXNamespaceManager 6.0
Reg HKLM\SOFTWARE\Classes\Msxml2.MXNamespaceManager.6.0\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.MXNamespaceManager.6.0\CLSID@ {88d96a11-f192-11d4-a65f-0040963251e5}
Reg HKLM\SOFTWARE\Classes\Msxml2.MXXMLWriter@ MXXMLWriter
Reg HKLM\SOFTWARE\Classes\Msxml2.MXXMLWriter\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.MXXMLWriter\CLSID@ {FC220AD8-A72A-4EE8-926E-0B7AD152A020}
Reg HKLM\SOFTWARE\Classes\Msxml2.MXXMLWriter\CurVer
Reg HKLM\SOFTWARE\Classes\Msxml2.MXXMLWriter\CurVer@ Msxml2.MXXMLWriter.3.0
Reg HKLM\SOFTWARE\Classes\Msxml2.MXXMLWriter.3.0@ MXXMLWriter 3.0
Reg HKLM\SOFTWARE\Classes\Msxml2.MXXMLWriter.3.0\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.MXXMLWriter.3.0\CLSID@ {3D813DFE-6C91-4A4E-8F41-04346A841D9C}
Reg HKLM\SOFTWARE\Classes\Msxml2.MXXMLWriter.6.0@ MXXMLWriter 6.0
Reg HKLM\SOFTWARE\Classes\Msxml2.MXXMLWriter.6.0\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.MXXMLWriter.6.0\CLSID@ {88d96a0f-f192-11d4-a65f-0040963251e5}
Reg HKLM\SOFTWARE\Classes\Msxml2.SAXAttributes@ SAXAttributes
Reg HKLM\SOFTWARE\Classes\Msxml2.SAXAttributes\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.SAXAttributes\CLSID@ {4DD441AD-526D-4A77-9F1B-9841ED802FB0}
Reg HKLM\SOFTWARE\Classes\Msxml2.SAXAttributes\CurVer
Reg HKLM\SOFTWARE\Classes\Msxml2.SAXAttributes\CurVer@ Msxml2.SAXAttributes.3.0
Reg HKLM\SOFTWARE\Classes\Msxml2.SAXAttributes.3.0@ SAXAttributes 3.0
Reg HKLM\SOFTWARE\Classes\Msxml2.SAXAttributes.3.0\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.SAXAttributes.3.0\CLSID@ {3E784A01-F3AE-4DC0-9354-9526B9370EBA}
Reg HKLM\SOFTWARE\Classes\Msxml2.SAXAttributes.6.0@ SAXAttributes 6.0
Reg HKLM\SOFTWARE\Classes\Msxml2.SAXAttributes.6.0\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.SAXAttributes.6.0\CLSID@ {88d96a0e-f192-11d4-a65f-0040963251e5}
Reg HKLM\SOFTWARE\Classes\Msxml2.SAXXMLReader@ SAX XML Reader
Reg HKLM\SOFTWARE\Classes\Msxml2.SAXXMLReader\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.SAXXMLReader\CLSID@ {079AA557-4A18-424A-8EEE-E39F0A8D41B9}
Reg HKLM\SOFTWARE\Classes\Msxml2.SAXXMLReader\CurVer
Reg HKLM\SOFTWARE\Classes\Msxml2.SAXXMLReader\CurVer@ Msxml2.SAXXMLReader.3.0
Reg HKLM\SOFTWARE\Classes\Msxml2.SAXXMLReader.3.0@ SAX XML Reader 3.0
Reg HKLM\SOFTWARE\Classes\Msxml2.SAXXMLReader.3.0\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.SAXXMLReader.3.0\CLSID@ {3124C396-FB13-4836-A6AD-1317F1713688}
Reg HKLM\SOFTWARE\Classes\Msxml2.SAXXMLReader.6.0@ SAX XML Reader 6.0
Reg HKLM\SOFTWARE\Classes\Msxml2.SAXXMLReader.6.0\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.SAXXMLReader.6.0\CLSID@ {88d96a0c-f192-11d4-a65f-0040963251e5}
Reg HKLM\SOFTWARE\Classes\Msxml2.ServerXMLHTTP@ Server XML HTTP
Reg HKLM\SOFTWARE\Classes\Msxml2.ServerXMLHTTP\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.ServerXMLHTTP\CLSID@ {AFBA6B42-5692-48EA-8141-DC517DCF0EF1}
Reg HKLM\SOFTWARE\Classes\Msxml2.ServerXMLHTTP\CurVer
Reg HKLM\SOFTWARE\Classes\Msxml2.ServerXMLHTTP\CurVer@ Msxml2.ServerXMLHTTP.3.0
Reg HKLM\SOFTWARE\Classes\Msxml2.ServerXMLHTTP.3.0@ Server XML HTTP 3.0
Reg HKLM\SOFTWARE\Classes\Msxml2.ServerXMLHTTP.3.0\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.ServerXMLHTTP.3.0\CLSID@ {AFB40FFD-B609-40A3-9828-F88BBE11E4E3}
Reg HKLM\SOFTWARE\Classes\Msxml2.ServerXMLHTTP.6.0@ Server XML HTTP 6.0
Reg HKLM\SOFTWARE\Classes\Msxml2.ServerXMLHTTP.6.0\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.ServerXMLHTTP.6.0\CLSID@ {88d96a0b-f192-11d4-a65f-0040963251e5}
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLHTTP@ XML HTTP
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLHTTP\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLHTTP\CLSID@ {F6D90F16-9C73-11D3-B32E-00C04F990BB4}
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLHTTP\CurVer
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLHTTP\CurVer@ Msxml2.XMLHTTP.3.0
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLHTTP.3.0@ XML HTTP 3.0
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLHTTP.3.0\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLHTTP.3.0\CLSID@ {F5078F35-C551-11D3-89B9-0000F81FE221}
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLHTTP.6.0@ XML HTTP 6.0
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLHTTP.6.0\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLHTTP.6.0\CLSID@ {88d96a0a-f192-11d4-a65f-0040963251e5}
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLParser@ XML Parser
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLParser\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLParser\CLSID@ {F5078F19-C551-11D3-89B9-0000F81FE221}
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLParser\CurVer
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLParser\CurVer@ Msxml2.XMLParser.3.0
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLParser.3.0@ XML Parser 3.0
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLParser.3.0\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLParser.3.0\CLSID@ {F5078F31-C551-11D3-89B9-0000F81FE221}
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLSchemaCache@ XML Schema Cache
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLSchemaCache\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLSchemaCache\CLSID@ {373984C9-B845-449B-91E7-45AC83036ADE}
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLSchemaCache\CurVer
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLSchemaCache\CurVer@ Msxml2.XMLSchemaCache.3.0
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLSchemaCache.3.0@ XML Schema Cache 3.0
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLSchemaCache.3.0\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLSchemaCache.3.0\CLSID@ {F5078F34-C551-11D3-89B9-0000F81FE221}
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLSchemaCache.6.0@ XML Schema Cache 6.0
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLSchemaCache.6.0\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.XMLSchemaCache.6.0\CLSID@ {88d96a07-f192-11d4-a65f-0040963251e5}
Reg HKLM\SOFTWARE\Classes\Msxml2.XSLTemplate@ XSL Template
Reg HKLM\SOFTWARE\Classes\Msxml2.XSLTemplate\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.XSLTemplate\CLSID@ {2933BF94-7B36-11D2-B20E-00C04F983E60}
Reg HKLM\SOFTWARE\Classes\Msxml2.XSLTemplate\CurVer
Reg HKLM\SOFTWARE\Classes\Msxml2.XSLTemplate\CurVer@ Msxml2.XSLTemplate.3.0
Reg HKLM\SOFTWARE\Classes\Msxml2.XSLTemplate.3.0@ XSL Template 3.0
Reg HKLM\SOFTWARE\Classes\Msxml2.XSLTemplate.3.0\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.XSLTemplate.3.0\CLSID@ {F5078F36-C551-11D3-89B9-0000F81FE221}
Reg HKLM\SOFTWARE\Classes\Msxml2.XSLTemplate.6.0@ XSL Template 6.0
Reg HKLM\SOFTWARE\Classes\Msxml2.XSLTemplate.6.0\CLSID
Reg HKLM\SOFTWARE\Classes\Msxml2.XSLTemplate.6.0\CLSID@ {88d96a08-f192-11d4-a65f-0040963251e5}
Reg HKLM\SOFTWARE\Classes\MySpace.PaneItems.4@ MySpace Uploader PaneItems Control
Reg HKLM\SOFTWARE\Classes\MySpace.PaneItems.4\CLSID
Reg HKLM\SOFTWARE\Classes\MySpace.PaneItems.4\CLSID@ {7746874F-26C2-4E52-A26A-F22A15DD42B3}
Reg HKLM\SOFTWARE\Classes\MySpace.PaneItems.4\CurVer
Reg HKLM\SOFTWARE\Classes\MySpace.PaneItems.4\CurVer@ MySpace.PaneItems.4.1
Reg HKLM\SOFTWARE\Classes\MySpace.PaneItems.4.1@ MySpace Uploader PaneItems Control
Reg HKLM\SOFTWARE\Classes\MySpace.PaneItems.4.1\CLSID
Reg HKLM\SOFTWARE\Classes\MySpace.PaneItems.4.1\CLSID@ {7746874F-26C2-4E52-A26A-F22A15DD42B3}
Reg HKLM\SOFTWARE\Classes\MySpace.ShellCombo.4@ MySpace Uploader Combo Control
Reg HKLM\SOFTWARE\Classes\MySpace.ShellCombo.4\CLSID
Reg HKLM\SOFTWARE\Classes\MySpace.ShellCombo.4\CLSID@ {69D797FE-62A0-4A86-9027-5C79634BA7F6}
Reg HKLM\SOFTWARE\Classes\MySpace.ShellCombo.4\CurVer
Reg HKLM\SOFTWARE\Classes\MySpace.ShellCombo.4\CurVer@ MySpace.ShellCombo.4.1
Reg HKLM\SOFTWARE\Classes\MySpace.ShellCombo.4.1@ MySpace Uploader Combo Control
Reg HKLM\SOFTWARE\Classes\MySpace.ShellCombo.4.1\CLSID
Reg HKLM\SOFTWARE\Classes\MySpace.ShellCombo.4.1\CLSID@ {69D797FE-62A0-4A86-9027-5C79634BA7F6}
Reg HKLM\SOFTWARE\Classes\MySpace.Thumbnail.4@ MySpace Uploader Thumbnail Control
Reg HKLM\SOFTWARE\Classes\MySpace.Thumbnail.4\CLSID
Reg HKLM\SOFTWARE\Classes\MySpace.Thumbnail.4\CLSID@ {CB5AB6FE-43E4-4C12-86F1-8F9444C6DA34}
Reg HKLM\SOFTWARE\Classes\MySpace.Thumbnail.4\CurVer
Reg HKLM\SOFTWARE\Classes\MySpace.Thumbnail.4\CurVer@ MySpace.Thumbnail.4.1
Reg HKLM\SOFTWARE\Classes\MySpace.Thumbnail.4.1@ MySpace Uploader Thumbnail Control
Reg HKLM\SOFTWARE\Classes\MySpace.Thumbnail.4.1\CLSID
Reg HKLM\SOFTWARE\Classes\MySpace.Thumbnail.4.1\CLSID@ {CB5AB6FE-43E4-4C12-86F1-8F9444C6DA34}
Reg HKLM\SOFTWARE\Classes\MySpace.Uploader.4@ MySpace Uploader Control
Reg HKLM\SOFTWARE\Classes\MySpace.Uploader.4\CLSID
Reg HKLM\SOFTWARE\Classes\MySpace.Uploader.4\CLSID@ {48DD0448-9209-4F81-9F6D-D83562940134}
Reg HKLM\SOFTWARE\Classes\MySpace.Uploader.4\CurVer
Reg HKLM\SOFTWARE\Classes\MySpace.Uploader.4\CurVer@ MySpace.Uploader.4.1
Reg HKLM\SOFTWARE\Classes\MySpace.Uploader.4.1@ MySpace Uploader Control
Reg HKLM\SOFTWARE\Classes\MySpace.Uploader.4.1\CLSID
Reg HKLM\SOFTWARE\Classes\MySpace.Uploader.4.1\CLSID@ {48DD0448-9209-4F81-9F6D-D83562940134}
Reg HKLM\SOFTWARE\Classes\MySpace.Uploader.4.1\Insertable
Reg HKLM\SOFTWARE\Classes\MySpace.UploadItems.4@ MySpace Uploader UploadItems Control
Reg HKLM\SOFTWARE\Classes\MySpace.UploadItems.4\CLSID
Reg HKLM\SOFTWARE\Classes\MySpace.UploadItems.4\CLSID@ {84BD32BE-61DC-45EF-997B-71127537D330}
Reg HKLM\SOFTWARE\Classes\MySpace.UploadItems.4\CurVer
Reg HKLM\SOFTWARE\Classes\MySpace.UploadItems.4\CurVer@ MySpace.UploadItems.4.1
Reg HKLM\SOFTWARE\Classes\MySpace.UploadItems.4.1@ MySpace Uploader UploadItems Control
Reg HKLM\SOFTWARE\Classes\MySpace.UploadItems.4.1\CLSID
Reg HKLM\SOFTWARE\Classes\MySpace.UploadItems.4.1\CLSID@ {84BD32BE-61DC-45EF-997B-71127537D330}
Reg HKLM\SOFTWARE\Classes\MySpace.UploadPane.4@ MySpace Uploader UploadPane Control
Reg HKLM\SOFTWARE\Classes\MySpace.UploadPane.4\CLSID
Reg HKLM\SOFTWARE\Classes\MySpace.UploadPane.4\CLSID@ {33F9C869-A43A-4138-B7A1-1E9598466EC5}
Reg HKLM\SOFTWARE\Classes\MySpace.UploadPane.4\CurVer
Reg HKLM\SOFTWARE\Classes\MySpace.UploadPane.4\CurVer@ MySpace.UploadPane.4.1
Reg HKLM\SOFTWARE\Classes\MySpace.UploadPane.4.1@ MySpace Uploader UploadPane Control
Reg HKLM\SOFTWARE\Classes\MySpace.UploadPane.4.1\CLSID
Reg HKLM\SOFTWARE\Classes\MySpace.UploadPane.4.1\CLSID@ {33F9C869-A43A-4138-B7A1-1E9598466EC5}
Reg HKLM\SOFTWARE\Classes\NSPlay.NSPlayCtl@ Microsoft NetShow Player
Reg HKLM\SOFTWARE\Classes\NSPlay.NSPlayCtl\CurVer
Reg HKLM\SOFTWARE\Classes\NSPlay.NSPlayCtl\CurVer@ NSPlay.NSPlayCtl.1
Reg HKLM\SOFTWARE\Classes\NSPlay.NSPlayCtl.1@ Microsoft NetShow Player
Reg HKLM\SOFTWARE\Classes\NSPlay.NSPlayCtl.1@EditFlags 65536
Reg HKLM\SOFTWARE\Classes\NSPlay.NSPlayCtl.1\CLSID
Reg HKLM\SOFTWARE\Classes\NSPlay.NSPlayCtl.1\CLSID@ {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}
Reg HKLM\SOFTWARE\Classes\OberonGameHost.FlashGameHost@ Oberon Flash Game Host
Reg HKLM\SOFTWARE\Classes\OberonGameHost.FlashGameHost\CLSID
Reg HKLM\SOFTWARE\Classes\OberonGameHost.FlashGameHost\CLSID@ {D0C0F75C-683A-4390-A791-1ACFD5599AB8}
Reg HKLM\SOFTWARE\Classes\OberonGameHost.FlashGameHost\CurVer
Reg HKLM\SOFTWARE\Classes\OberonGameHost.FlashGameHost\CurVer@ OberonGameHost.FlashGameHost.1
Reg HKLM\SOFTWARE\Classes\OberonGameHost.FlashGameHost.1@ Oberon Flash Game Host
Reg HKLM\SOFTWARE\Classes\OberonGameHost.FlashGameHost.1\CLSID
Reg HKLM\SOFTWARE\Classes\OberonGameHost.FlashGameHost.1\CLSID@ {D0C0F75C-683A-4390-A791-1ACFD5599AB8}
Reg HKLM\SOFTWARE\Classes\OberonGameHost_IE.ActiveXGameHost@ Oberon ActiveX Game Host
Reg HKLM\SOFTWARE\Classes\OberonGameHost_IE.ActiveXGameHost\CLSID
Reg HKLM\SOFTWARE\Classes\OberonGameHost_IE.ActiveXGameHost\CLSID@ {1D6E056F-D1BB-40F6-88E4-11EE98056FD2}
Reg HKLM\SOFTWARE\Classes\OberonGameHost_IE.ActiveXGameHost\CurVer
Reg HKLM\SOFTWARE\Classes\OberonGameHost_IE.ActiveXGameHost\CurVer@ OberonGameHost_IE.ActiveXGameHost.1
Reg HKLM\SOFTWARE\Classes\OberonGameHost_IE.ActiveXGameHost.1@ Oberon ActiveX Game Host
Reg HKLM\SOFTWARE\Classes\OberonGameHost_IE.ActiveXGameHost.1\CLSID
Reg HKLM\SOFTWARE\Classes\OberonGameHost_IE.ActiveXGameHost.1\CLSID@ {1D6E056F-D1BB-40F6-88E4-11EE98056FD2}
Reg HKLM\SOFTWARE\Classes\ObjVw.ObjVw@ IAKey Class
Reg HKLM\SOFTWARE\Classes\ObjVw.ObjVw\CurVer
Reg HKLM\SOFTWARE\Classes\ObjVw.ObjVw\CurVer@ ObjVw.ObjVw.1
Reg HKLM\SOFTWARE\Classes\ObjVw.ObjVw.1@ IAKey Class
Reg HKLM\SOFTWARE\Classes\ObjVw.ObjVw.1\CLSID
Reg HKLM\SOFTWARE\Classes\ObjVw.ObjVw.1\CLSID@ {D8C67FF7-548E-45fd-9B87-0F77758B6B26}
Reg HKLM\SOFTWARE\Classes\ogmfile@ OGM File
Reg HKLM\SOFTWARE\Classes\ogmfile@InfoTip prop:Type;{f29f85e0-4ff9-1068-ab91-08002b27b3d9}2;{64440490-4c8b-11d1-8b70-080036b11a03}2;{64440490-4c8b-11d1-8b70-080036b11a03}3;{6444048f-4c8b-11d1-8b70-080036b11a03}13;{0628D335-3AEF-4267-BD9F-CB6CD7712C99}2;Size
Reg HKLM\SOFTWARE\Classes\ogmfile@TileInfo prop:{f29f85e0-4ff9-1068-ab91-08002b27b3d9}2;{6444048f-4c8b-11d1-8b70-080036b11a03}13;{0628D335-3AEF-4267-BD9F-CB6CD7712C99}2
Reg HKLM\SOFTWARE\Classes\ogmfile@Details prop:Type;{f29f85e0-4ff9-1068-ab91-08002b27b3d9}2;{64440490-4c8b-11d1-8b70-080036b11a03}2;{64440490-4c8b-11d1-8b70-080036b11a03}3;{6444048f-4c8b-11d1-8b70-080036b11a03}13;{0628D335-3AEF-4267-BD9F-CB6CD7712C99}2;{0628D335-3AEF-4267-BD9F-CB6CD7712C99}1;Size
Reg HKLM\SOFTWARE\Classes\ogmfile\DefaultIcon
Reg HKLM\SOFTWARE\Classes\ogmfile\DefaultIcon@ C:\Program Files\Haali\MatroskaSplitter\splitter.ax
Reg HKLM\SOFTWARE\Classes\ogmfile\shellex
Reg HKLM\SOFTWARE\Classes\ogmfile\shellex\PropertySheetHandlers
Reg HKLM\SOFTWARE\Classes\ogmfile\shellex\PropertySheetHandlers\HaaliMediaSplitter
Reg HKLM\SOFTWARE\Classes\ogmfile\shellex\PropertySheetHandlers\HaaliMediaSplitter@ {5574006C-28F5-4a65-A28C-74DE6BFBE0BB}
Reg HKLM\SOFTWARE\Classes\Parser.Parser@ Parser Class
Reg HKLM\SOFTWARE\Classes\Parser.Parser\CurVer
Reg HKLM\SOFTWARE\Classes\Parser.Parser\CurVer@ Parser.Parser.1
Reg HKLM\SOFTWARE\Classes\Parser.Parser.1@ Parser Class
Reg HKLM\SOFTWARE\Classes\Parser.Parser.1\CLSID
Reg HKLM\SOFTWARE\Classes\Parser.Parser.1\CLSID@ {0ECF4A24-3179-41C8-B8E4-A44E16B87D48}
Reg HKLM\SOFTWARE\Classes\PCFriendlyx.PCFriendly Control.1@ PCFriendly ActiveX Control
Reg HKLM\SOFTWARE\Classes\PCFriendlyx.PCFriendly Control.1\CLSID
Reg HKLM\SOFTWARE\Classes\PCFriendlyx.PCFriendly Control.1\CLSID@ {45F6ACC3-6304-11D4-A0AB-444553540000}
Reg HKLM\SOFTWARE\Classes\PCFriendlyx.PCFriendly Control.1\Insertable
Reg HKLM\SOFTWARE\Classes\PCFriendlyx.PCFriendly Control.1\Insertable@
Reg HKLM\SOFTWARE\Classes\PerForm.Document@ PerForm Document
Reg HKLM\SOFTWARE\Classes\PerForm.Document\shell
Reg HKLM\SOFTWARE\Classes\PerForm.Document\shell\open
Reg HKLM\SOFTWARE\Classes\PerForm.Document\shell\open\command
Reg HKLM\SOFTWARE\Classes\PerForm.Document\shell\open\command@ E:\DFFILL.EXE
Reg HKLM\SOFTWARE\Classes\PerForm.Document\shell\open\ddeexec
Reg HKLM\SOFTWARE\Classes\PerForm.Document\shell\open\ddeexec@ [open("%1")]
Reg HKLM\SOFTWARE\Classes\PerForm.Form\shell
Reg HKLM\SOFTWARE\Classes\PerForm.Form\shell\open
Reg HKLM\SOFTWARE\Classes\PerForm.Form\shell\open\command
Reg HKLM\SOFTWARE\Classes\PerForm.Form\shell\open\command@ C:\FORMFLOW\dffill.exe %1
Reg HKLM\SOFTWARE\Classes\PerForm.Form\shell\open\ddeexec
Reg HKLM\SOFTWARE\Classes\PerForm.Form\shell\open\ddeexec@ [open("%1")]
Reg HKLM\SOFTWARE\Classes\PerForm.FormSystem\shell
Reg HKLM\SOFTWARE\Classes\PerForm.FormSystem\shell\open
Reg HKLM\SOFTWARE\Classes\PerForm.FormSystem\shell\open\command
Reg HKLM\SOFTWARE\Classes\PerForm.FormSystem\shell\open\command@ C:\FORMFLOW\dffill.exe %1
Reg HKLM\SOFTWARE\Classes\PerForm.FormSystem\shell\open\ddeexec
Reg HKLM\SOFTWARE\Classes\PerForm.FormSystem\shell\open\ddeexec@ [open("%1")]
Reg HKLM\SOFTWARE\Classes\PerForm.FormSystemLocked\shell
Reg HKLM\SOFTWARE\Classes\PerForm.FormSystemLocked\shell\open
Reg HKLM\SOFTWARE\Classes\PerForm.FormSystemLocked\shell\open\command
Reg HKLM\SOFTWARE\Classes\PerForm.FormSystemLocked\shell\open\command@ C:\FORMFLOW\dffill.exe %1
Reg HKLM\SOFTWARE\Classes\PerForm.FormSystemLocked\shell\open\ddeexec
Reg HKLM\SOFTWARE\Classes\PerForm.FormSystemLocked\shell\open\ddeexec@ [open("%1")]
Reg HKLM\SOFTWARE\Classes\pirates_savegame@ Saved Game
Reg HKLM\SOFTWARE\Classes\pirates_savegame\shell
Reg HKLM\SOFTWARE\Classes\pirates_savegame\shell\open
Reg HKLM\SOFTWARE\Classes\pirates_savegame\shell\open\command
Reg HKLM\SOFTWARE\Classes\pirates_savegame\shell\open\command@ C:\Program Files\Firaxis Games\Sid Meier's Pirates!\Pirates!.exe /FXSLOAD="%1"
Reg HKLM\SOFTWARE\Classes\Player.Player@ MM Player
Reg HKLM\SOFTWARE\Classes\Player.Player\CurVer
Reg HKLM\SOFTWARE\Classes\Player.Player\CurVer@ ITI.MMPlayer.1
Reg HKLM\SOFTWARE\Classes\Player.Player.1@ MM Player
Reg HKLM\SOFTWARE\Classes\Player.Player.1\CLSID
Reg HKLM\SOFTWARE\Classes\Player.Player.1\CLSID@ {8A964910-8580-11d4-B328-30584DC10000}
Reg HKLM\SOFTWARE\Classes\Player.Player.2@ Player 2 Class
Reg HKLM\SOFTWARE\Classes\Player.Player.2\CLSID
Reg HKLM\SOFTWARE\Classes\Player.Player.2\CLSID@ {617BBD67-3049-4bb3-89EB-9B3F6EB6A2D5}
Reg HKLM\SOFTWARE\Classes\Player.Player2@ Player 2 Class
Reg HKLM\SOFTWARE\Classes\Player.Player2\CurVer
Reg HKLM\SOFTWARE\Classes\Player.Player2\CurVer@ Player.Player.2
Reg HKLM\SOFTWARE\Classes\ppDSApp.ppDSApp@ ppDSApp Class
Reg HKLM\SOFTWARE\Classes\ppDSApp.ppDSApp\CurVer
Reg HKLM\SOFTWARE\Classes\ppDSApp.ppDSApp\CurVer@ ppDSApp.ppDSApp.1
Reg HKLM\SOFTWARE\Classes\ppDSApp.ppDSApp.1@ ppDSApp Class
Reg HKLM\SOFTWARE\Classes\ppDSApp.ppDSApp.1\CLSID
Reg HKLM\SOFTWARE\Classes\ppDSApp.ppDSApp.1\CLSID@ {2AFA62E2-5548-11D1-A6E1-006097C4E476}
Reg HKLM\SOFTWARE\Classes\ppDSClip.ppDSClip@ ppDSClip Class
Reg HKLM\SOFTWARE\Classes\ppDSClip.ppDSClip\CurVer
Reg HKLM\SOFTWARE\Classes\ppDSClip.ppDSClip\CurVer@ ppDSClip.ppDSClip.1
Reg HKLM\SOFTWARE\Classes\ppDSClip.ppDSClip.1@ ppDSClip Class
Reg HKLM\SOFTWARE\Classes\ppDSClip.ppDSClip.1\CLSID
Reg HKLM\SOFTWARE\Classes\ppDSClip.ppDSClip.1\CLSID@ {31C48C31-70B0-11d1-A708-006097C4E476}
Reg HKLM\SOFTWARE\Classes\ppDSDetl.ppDSDetl@ ppDSDetl Class
Reg HKLM\SOFTWARE\Classes\ppDSDetl.ppDSDetl\CurVer
Reg HKLM\SOFTWARE\Classes\ppDSDetl.ppDSDetl\CurVer@ ppDSDetl.ppDSDetl.1
Reg HKLM\SOFTWARE\Classes\ppDSDetl.ppDSDetl.1@ ppDSDetl Class
Reg HKLM\SOFTWARE\Classes\ppDSDetl.ppDSDetl.1\CLSID
Reg HKLM\SOFTWARE\Classes\ppDSDetl.ppDSDetl.1\CLSID@ {31C48C32-70B0-11d1-A708-006097C4E476}
Reg HKLM\SOFTWARE\Classes\ppDSFile.ppDSFile@ ppDSFile Class
Reg HKLM\SOFTWARE\Classes\ppDSFile.ppDSFile\CurVer
Reg HKLM\SOFTWARE\Classes\ppDSFile.ppDSFile\CurVer@ ppDSFile.ppDSFile.1
Reg HKLM\SOFTWARE\Classes\ppDSFile.ppDSFile.1@ ppDSFile Class
Reg HKLM\SOFTWARE\Classes\ppDSFile.ppDSFile.1\CLSID
Reg HKLM\SOFTWARE\Classes\ppDSFile.ppDSFile.1\CLSID@ {1D1237A0-6CD6-11d2-96BA-00104B242E64}
Reg HKLM\SOFTWARE\Classes\ppDShowNet.ppDShowNet@ ppDShowNet Class
Reg HKLM\SOFTWARE\Classes\ppDShowNet.ppDShowNet\CurVer
Reg HKLM\SOFTWARE\Classes\ppDShowNet.ppDShowNet\CurVer@ ppDShowNet.ppDShowNet.1
Reg HKLM\SOFTWARE\Classes\ppDShowNet.ppDShowNet.1@ ppDShowNet Class
Reg HKLM\SOFTWARE\Classes\ppDShowNet.ppDShowNet.1\CLSID
Reg HKLM\SOFTWARE\Classes\ppDShowNet.ppDShowNet.1\CLSID@ {5C85DCB0-F967-11D0-81ED-00C04FC99D4C}
Reg HKLM\SOFTWARE\Classes\ppDShowPlay.ppDShowPlay@ ppDShowPlay Class
Reg HKLM\SOFTWARE\Classes\ppDShowPlay.ppDShowPlay\CurVer
Reg HKLM\SOFTWARE\Classes\ppDShowPlay.ppDShowPlay\CurVer@ ppDShowPlay.ppDShowPlay.1
Reg HKLM\SOFTWARE\Classes\ppDShowPlay.ppDShowPlay.1@ ppDShowPlay Class
Reg HKLM\SOFTWARE\Classes\ppDShowPlay.ppDShowPlay.1\CLSID
Reg HKLM\SOFTWARE\Classes\ppDShowPlay.ppDShowPlay.1\CLSID@ {C0CD59AE-020D-11d1-81F2-00C04FC99D4C}
Reg HKLM\SOFTWARE\Classes\ppDSMeta.ppDSMeta@ ppDSMeta Class
Reg HKLM\SOFTWARE\Classes\ppDSMeta.ppDSMeta\CurVer
Reg HKLM\SOFTWARE\Classes\ppDSMeta.ppDSMeta\CurVer@ ppDSMeta.ppDSMeta.1
Reg HKLM\SOFTWARE\Classes\ppDSMeta.ppDSMeta.1@ ppDSMeta Class
Reg HKLM\SOFTWARE\Classes\ppDSMeta.ppDSMeta.1\CLSID
Reg HKLM\SOFTWARE\Classes\ppDSMeta.ppDSMeta.1\CLSID@ {BB314F91-A010-11d1-A75A-006097C4E476}
Reg HKLM\SOFTWARE\Classes\ppDSOAdv.ppDSOAdv@ ppDSOAdv Class
Reg HKLM\SOFTWARE\Classes\ppDSOAdv.ppDSOAdv\CurVer
Reg HKLM\SOFTWARE\Classes\ppDSOAdv.ppDSOAdv\CurVer@ ppDSOAdv.ppDSOAdv.1
Reg HKLM\SOFTWARE\Classes\ppDSOAdv.ppDSOAdv.1@ ppDSOAdv Class
Reg HKLM\SOFTWARE\Classes\ppDSOAdv.ppDSOAdv.1\CLSID
Reg HKLM\SOFTWARE\Classes\ppDSOAdv.ppDSOAdv.1\CLSID@ {AE1A5813-5230-11D1-A6E0-006097C4E476}
Reg HKLM\SOFTWARE\Classes\ppDSPropAdv.ppDSPropAdv@ ppDSPropAdv Class
Reg HKLM\SOFTWARE\Classes\ppDSPropAdv.ppDSPropAdv\CurVer
Reg HKLM\SOFTWARE\Classes\ppDSPropAdv.ppDSPropAdv\CurVer@ ppDSPropAdv.ppDSPropAdv.1
Reg HKLM\SOFTWARE\Classes\ppDSPropAdv.ppDSPropAdv.1@ ppDSPropAdv Class
Reg HKLM\SOFTWARE\Classes\ppDSPropAdv.ppDSPropAdv.1\CLSID
Reg HKLM\SOFTWARE\Classes\ppDSPropAdv.ppDSPropAdv.1\CLSID@ {8C4EB103-516F-11D1-A6DF-006097C4E476}
Reg HKLM\SOFTWARE\Classes\ppDSView.ppDSView@ ppDSView Class
Reg HKLM\SOFTWARE\Classes\ppDSView.ppDSView\CurVer
Reg HKLM\SOFTWARE\Classes\ppDSView.ppDSView\CurVer@ ppDSView.ppDSView.1
Reg HKLM\SOFTWARE\Classes\ppDSView.ppDSView.1@ ppDSView Class
Reg HKLM\SOFTWARE\Classes\ppDSView.ppDSView.1\CLSID
Reg HKLM\SOFTWARE\Classes\ppDSView.ppDSView.1\CLSID@ {AE1A5812-5230-11D1-A6E0-006097C4E476}
Reg HKLM\SOFTWARE\Classes\ppifile@ Microsoft Passport configuration file
Reg HKLM\SOFTWARE\Classes\ppifile\DefaultIcon
Reg HKLM\SOFTWARE\Classes\ppifile\DefaultIcon@ %SystemRoot%\system32\msppcnfg.exe,1
Reg HKLM\SOFTWARE\Classes\ppifile\shell
Reg HKLM\SOFTWARE\Classes\ppifile\shell\open
Reg HKLM\SOFTWARE\Classes\ppifile\shell\open\command
Reg HKLM\SOFTWARE\Classes\ppifile\shell\open\command@ %SystemRoot%\System32\msppcnfg.exe /Config %1
Reg HKLM\SOFTWARE\Classes\PrintSys.CoFilterPipeline@ CoFilterPipeline Class
Reg HKLM\SOFTWARE\Classes\PrintSys.CoFilterPipeline\CLSID
Reg HKLM\SOFTWARE\Classes\PrintSys.CoFilterPipeline\CLSID@ {d54378cd-91d8-4e10-a00b-819f9a9efcb1}
Reg HKLM\SOFTWARE\Classes\PrintSys.CoFilterPipeline\CurVer
Reg HKLM\SOFTWARE\Classes\PrintSys.CoFilterPipeline\CurVer@ PrintSys.CoFilterPipeline.1
Reg HKLM\SOFTWARE\Classes\PrintSys.CoFilterPipeline.1@ CoFilterPipeline Class
Reg HKLM\SOFTWARE\Classes\PrintSys.CoFilterPipeline.1\CLSID
Reg HKLM\SOFTWARE\Classes\PrintSys.CoFilterPipeline.1\CLSID@ {d54378cd-91d8-4e10-a00b-819f9a9efcb1}
Reg HKLM\SOFTWARE\Classes\RAManager.RAManager@ RAManager Class
Reg HKLM\SOFTWARE\Classes\RAManager.RAManager\CurVer
Reg HKLM\SOFTWARE\Classes\RAManager.RAManager\CurVer@ RAManager.RAManager.1
Reg HKLM\SOFTWARE\Classes\RAManager.RAManager.1@ RAManager Class
Reg HKLM\SOFTWARE\Classes\RAManager.RAManager.1\CLSID
Reg HKLM\SOFTWARE\Classes\RAManager.RAManager.1\CLSID@ {EAC4B42B-0BF1-4FAE-A95E-B2F4ABDF0DAA}
Reg HKLM\SOFTWARE\Classes\RealPlayer.FLV.6@ Flash Video
Reg HKLM\SOFTWARE\Classes\RealPlayer.FLV.6\DefaultIcon
Reg HKLM\SOFTWARE\Classes\RealPlayer.FLV.6\DefaultIcon@ C:\Program Files\Real\RealPlayer\RealPlay.exe,1
Reg HKLM\SOFTWARE\Classes\RealPlayer.FLV.6\shell
Reg HKLM\SOFTWARE\Classes\RealPlayer.FLV.6\shell\open
Reg HKLM\SOFTWARE\Classes\RealPlayer.FLV.6\shell\open\command
Reg HKLM\SOFTWARE\Classes\RealPlayer.FLV.6\shell\open\command@ "C:\Program Files\Real\RealPlayer\RealPlay.exe" "%1"
Reg HKLM\SOFTWARE\Classes\RealPlayer.FLV.6\shellex
Reg HKLM\SOFTWARE\Classes\RealPlayer.FLV.6\shellex\ContextMenuHandlers
Reg HKLM\SOFTWARE\Classes\RealPlayer.FLV.6\shellex\ContextMenuHandlers\RealPlayerHandler
Reg HKLM\SOFTWARE\Classes\RealPlayer.FLV.6\shellex\ContextMenuHandlers\RealPlayerHandler@ {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}
Reg HKLM\SOFTWARE\Classes\RealPlayer.FLV.6\shellex\{BB2E617C-0920-11d1-9A0B-00C04FC2D6C1}
Reg HKLM\SOFTWARE\Classes\RealPlayer.FLV.6\shellex\{BB2E617C-0920-11d1-9A0B-00C04FC2D6C1}@ {F2DE7395-2AE7-4b40-A159-F7EF3C266D9C}
Reg HKLM\SOFTWARE\Classes\RealPlayer.HWEventHandler@ RealNetworks Scheduler
Reg HKLM\SOFTWARE\Classes\RealPlayer.HWEventHandler\CLSID
Reg HKLM\SOFTWARE\Classes\RealPlayer.HWEventHandler\CLSID@ {67E76F1D-BDE2-4052-913C-2752366192D2}
Reg HKLM\SOFTWARE\Classes\RealPlayer.HWEventHandler\CurVer
Reg HKLM\SOFTWARE\Classes\RealPlayer.HWEventHandler\CurVer@ RealPlayer.HWEventHandler.1
Reg HKLM\SOFTWARE\Classes\RealPlayer.HWEventHandler.1@ RealNetworks Scheduler
Reg HKLM\SOFTWARE\Classes\RealPlayer.HWEventHandler.1\CLSID
Reg HKLM\SOFTWARE\Classes\RealPlayer.HWEventHandler.1\CLSID@ {67E76F1D-BDE2-4052-913C-2752366192D2}
Reg HKLM\SOFTWARE\Classes\RealPlayer.IVR.6@ Internet Video Recording
Reg HKLM\SOFTWARE\Classes\RealPlayer.IVR.6\DefaultIcon
Reg HKLM\SOFTWARE\Classes\RealPlayer.IVR.6\DefaultIcon@ C:\Program Files\Real\RealPlayer\RealPlay.exe,1
Reg HKLM\SOFTWARE\Classes\RealPlayer.IVR.6\shell
Reg HKLM\SOFTWARE\Classes\RealPlayer.IVR.6\shell\open
Reg HKLM\SOFTWARE\Classes\RealPlayer.IVR.6\shell\open\command
Reg HKLM\SOFTWARE\Classes\RealPlayer.IVR.6\shell\open\command@ "C:\Program Files\Real\RealPlayer\RealPlay.exe" "%1"
Reg HKLM\SOFTWARE\Classes\RealPlayer.IVR.6\shellex
Reg HKLM\SOFTWARE\Classes\RealPlayer.IVR.6\shellex\ContextMenuHandlers
Reg HKLM\SOFTWARE\Classes\RealPlayer.IVR.6\shellex\ContextMenuHandlers\RealPlayerHandler
Reg HKLM\SOFTWARE\Classes\RealPlayer.IVR.6\shellex\ContextMenuHandlers\RealPlayerHandler@ {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}
Reg HKLM\SOFTWARE\Classes\RealPlayer.IVR.6\shellex\{BB2E617C-0920-11d1-9A0B-00C04FC2D6C1}
Reg HKLM\SOFTWARE\Classes\RealPlayer.IVR.6\shellex\{BB2E617C-0920-11d1-9A0B-00C04FC2D6C1}@ {F2DE7395-2AE7-4b40-A159-F7EF3C266D9C}
Reg HKLM\SOFTWARE\Classes\Redemption.AddressLists@
Reg HKLM\SOFTWARE\Classes\Redemption.AddressLists\Clsid
Reg HKLM\SOFTWARE\Classes\Redemption.AddressLists\Clsid@ {37587889-FC28-4507-B6D3-8557305F7511}
Reg HKLM\SOFTWARE\Classes\Redemption.MAPIFolder@
Reg HKLM\SOFTWARE\Classes\Redemption.MAPIFolder\Clsid
Reg HKLM\SOFTWARE\Classes\Redemption.MAPIFolder\Clsid@ {03C4C5F4-1893-444C-B8D8-002F0034DA92}
Reg HKLM\SOFTWARE\Classes\Redemption.MAPITable@
Reg HKLM\SOFTWARE\Classes\Redemption.MAPITable\Clsid
Reg HKLM\SOFTWARE\Classes\Redemption.MAPITable\Clsid@ {A6931B16-90FA-4D69-A49F-3ABFA2C04060}
Reg HKLM\SOFTWARE\Classes\Redemption.MAPIUtils@
Reg HKLM\SOFTWARE\Classes\Redemption.MAPIUtils\Clsid
Reg HKLM\SOFTWARE\Classes\Redemption.MAPIUtils\Clsid@ {4A5E947E-C407-4DCC-A0B5-5658E457153B}
Reg HKLM\SOFTWARE\Classes\Redemption.RDOSession@
Reg HKLM\SOFTWARE\Classes\Redemption.RDOSession\Clsid
Reg HKLM\SOFTWARE\Classes\Redemption.RDOSession\Clsid@ {29AB7A12-B531-450E-8F7A-EA94C2F3C05F}
Reg HKLM\SOFTWARE\Classes\Redemption.SafeAppointmentItem@
Reg HKLM\SOFTWARE\Classes\Redemption.SafeAppointmentItem\Clsid
Reg HKLM\SOFTWARE\Classes\Redemption.SafeAppointmentItem\Clsid@ {620D55B0-F2FB-464E-A278-B4308DB1DB2B}
Reg HKLM\SOFTWARE\Classes\Redemption.SafeContactItem@
Reg HKLM\SOFTWARE\Classes\Redemption.SafeContactItem\Clsid
Reg HKLM\SOFTWARE\Classes\Redemption.SafeContactItem\Clsid@ {4FD5C4D3-6C15-4EA0-9EB9-EEE8FC74A91B}
Reg HKLM\SOFTWARE\Classes\Redemption.SafeCurrentUser@
Reg HKLM\SOFTWARE\Classes\Redemption.SafeCurrentUser\Clsid
Reg HKLM\SOFTWARE\Classes\Redemption.SafeCurrentUser\Clsid@ {7ED1E9B1-CB57-4FA0-84E8-FAE653FE8E6B}
Reg HKLM\SOFTWARE\Classes\Redemption.SafeDistList@
Reg HKLM\SOFTWARE\Classes\Redemption.SafeDistList\Clsid
Reg HKLM\SOFTWARE\Classes\Redemption.SafeDistList\Clsid@ {7C4A630A-DE98-4E3E-8093-E8F5E159BB72}
Reg HKLM\SOFTWARE\Classes\Redemption.SafeInspector@
Reg HKLM\SOFTWARE\Classes\Redemption.SafeInspector\Clsid
Reg HKLM\SOFTWARE\Classes\Redemption.SafeInspector\Clsid@ {ED323630-B4FD-4628-BC6A-D4CC44AE3F00}
Reg HKLM\SOFTWARE\Classes\Redemption.SafeJournalItem@
Reg HKLM\SOFTWARE\Classes\Redemption.SafeJournalItem\Clsid
Reg HKLM\SOFTWARE\Classes\Redemption.SafeJournalItem\Clsid@ {C5AA36A1-8BD1-47E0-90F8-47E7239C6EA1}
Reg HKLM\SOFTWARE\Classes\Redemption.SafeMailItem@
Reg HKLM\SOFTWARE\Classes\Redemption.SafeMailItem\Clsid
Reg HKLM\SOFTWARE\Classes\Redemption.SafeMailItem\Clsid@ {741BEEFD-AEC0-4AFF-84AF-4F61D15F5526}
Reg HKLM\SOFTWARE\Classes\Redemption.SafeMeetingItem@
Reg HKLM\SOFTWARE\Classes\Redemption.SafeMeetingItem\Clsid
Reg HKLM\SOFTWARE\Classes\Redemption.SafeMeetingItem\Clsid@ {FA2CBAFB-F7B1-4F41-9B7A-73329A6C1CB7}
Reg HKLM\SOFTWARE\Classes\Redemption.SafePostItem@
Reg HKLM\SOFTWARE\Classes\Redemption.SafePostItem\Clsid
Reg HKLM\SOFTWARE\Classes\Redemption.SafePostItem\Clsid@ {11E2BC0C-5D4F-4E0C-B438-501FFE05A382}
Reg HKLM\SOFTWARE\Classes\Redemption.SafeReportItem@
Reg HKLM\SOFTWARE\Classes\Redemption.SafeReportItem\Clsid
Reg HKLM\SOFTWARE\Classes\Redemption.SafeReportItem\Clsid@ {D46BA7B2-899F-4F60-85C7-4DF5713F6F18}
Reg HKLM\SOFTWARE\Classes\Redemption.SafeTaskItem@
Reg HKLM\SOFTWARE\Classes\Redemption.SafeTaskItem\Clsid
Reg HKLM\SOFTWARE\Classes\Redemption.SafeTaskItem\Clsid@ {7A41359E-0407-470F-B3F7-7C6A0F7C449A}
Reg HKLM\SOFTWARE\Classes\RestartInfo.RestartInfo@ RestartInfo Class
Reg HKLM\SOFTWARE\Classes\RestartInfo.RestartInfo\CurVer
Reg HKLM\SOFTWARE\Classes\RestartInfo.RestartInfo\CurVer@ RestartInfo.RestartInfo.1
Reg HKLM\SOFTWARE\Classes\RestartInfo.RestartInfo.1@ RestartInfo Class
Reg HKLM\SOFTWARE\Classes\RestartInfo.RestartInfo.1\CLSID
Reg HKLM\SOFTWARE\Classes\RestartInfo.RestartInfo.1\CLSID@ {ACAF13E0-A162-413B-823E-5E56C49797C6}
Reg HKLM\SOFTWARE\Classes\RFXInstMgr.RFXInstMgr@ RFXInstMgr Class
Reg HKLM\SOFTWARE\Classes\RFXInstMgr.RFXInstMgr\CurVer
Reg HKLM\SOFTWARE\Classes\RFXInstMgr.RFXInstMgr\CurVer@ RFXInstMgr.RFXInstMgr.1
Reg HKLM\SOFTWARE\Classes\RFXInstMgr.RFXInstMgr.1@ RFXInstMgr Class
Reg HKLM\SOFTWARE\Classes\RFXInstMgr.RFXInstMgr.1\CLSID
Reg HKLM\SOFTWARE\Classes\RFXInstMgr.RFXInstMgr.1\CLSID@ {47f59200-8783-11d2-8343-00a0c945a819}
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer Download Handler@ RealPlayer Download Handler
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer Download Handler\CLSID
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer Download Handler\CLSID@ {0FDF6D6B-D672-463B-846E-C6FF49109662}
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer Download Handler\CurVer
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer Download Handler\CurVer@ rmocx.RealPlayer Download Handler.1
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer Download Handler.1@ RealPlayer Download Handler
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer Download Handler.1\CLSID
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer Download Handler.1\CLSID@ {0FDF6D6B-D672-463B-846E-C6FF49109662}
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer G2 Control@ RealPlayer G2 Control
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer G2 Control\CLSID
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer G2 Control\CLSID@ {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer G2 Control\CurVer
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer G2 Control\CurVer@ rmocx.RealPlayer G2 Control.1
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer G2 Control\Insertable
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer G2 Control.1@ RealPlayer G2 Control
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer G2 Control.1\CLSID
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer G2 Control.1\CLSID@ {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer Playback Handler@ RealPlayer Playback Handler
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer Playback Handler\CLSID
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer Playback Handler\CLSID@ {3B46067C-FD87-49B6-8DDD-12F0D687035F}
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer Playback Handler\CurVer
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer Playback Handler\CurVer@ rmocx.RealPlayer Playback Handler.1
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer Playback Handler.1@ RealPlayer Playback Handler
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer Playback Handler.1\CLSID
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer Playback Handler.1\CLSID@ {3B46067C-FD87-49B6-8DDD-12F0D687035F}
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer RAM Download Handler@ RealPlayer RAM Download Handler
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer RAM Download Handler\CLSID
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer RAM Download Handler\CLSID@ {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93}
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer RAM Download Handler\CurVer
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer RAM Download Handler\CurVer@ rmocx.RealPlayer RAM Download Handler.1
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer RAM Download Handler.1@ RealPlayer RAM Download Handler
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer RAM Download Handler.1\CLSID
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer RAM Download Handler.1\CLSID@ {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93}
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer RMP Download Handler@ RealPlayer RMP Download Handler
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer RMP Download Handler\CLSID
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer RMP Download Handler\CLSID@ {44CCBCEB-BA7E-4C99-A078-9F683832D493}
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer RMP Download Handler\CurVer
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer RMP Download Handler\CurVer@ rmocx.RealPlayer RMP Download Handler.1
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer RMP Download Handler.1@ RealPlayer RMP Download Handler
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer RMP Download Handler.1\CLSID
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer RMP Download Handler.1\CLSID@ {44CCBCEB-BA7E-4C99-A078-9F683832D493}
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer RNX Download Handler@ RealPlayer RNX Download Handler
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer RNX Download Handler\CLSID
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer RNX Download Handler\CLSID@ {3B5E0503-DE28-4BE8-919C-76E0E894A3C2}
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer RNX Download Handler\CurVer
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer RNX Download Handler\CurVer@ rmocx.RealPlayer RNX Download Handler.1
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer RNX Download Handler.1@ RealPlayer RNX Download Handler
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer RNX Download Handler.1\CLSID
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer RNX Download Handler.1\CLSID@ {3B5E0503-DE28-4BE8-919C-76E0E894A3C2}
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer SMIL Download Handler@ RealPlayer SMIL Download Handler
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer SMIL Download Handler\CLSID
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer SMIL Download Handler\CLSID@ {224E833B-2CC6-42D9-AE39-90B6A38A4FA2}
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer SMIL Download Handler\CurVer
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer SMIL Download Handler\CurVer@ rmocx.RealPlayer SMIL Download Handler.1
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer SMIL Download Handler.1@ RealPlayer SMIL Download Handler
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer SMIL Download Handler.1\CLSID
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer SMIL Download Handler.1\CLSID@ {224E833B-2CC6-42D9-AE39-90B6A38A4FA2}
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer Stream Handler@ RealPlayer Stream Handler
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer Stream Handler\CLSID
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer Stream Handler\CLSID@ {A1A41E11-91DB-4461-95CD-0C02327FD934}
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer Stream Handler\CurVer
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer Stream Handler\CurVer@ rmocx.RealPlayer Stream Handler.1
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer Stream Handler.1@ RealPlayer Stream Handler
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer Stream Handler.1\CLSID
Reg HKLM\SOFTWARE\Classes\rmocx.RealPlayer Stream Handler.1\CLSID@ {A1A41E11-91DB-4461-95CD-0C02327FD934}
Reg HKLM\SOFTWARE\Classes\Rpplugprot.RPHttpPlugProt@ RPHttpPlugProt Class
Reg HKLM\SOFTWARE\Classes\Rpplugprot.RPHttpPlugProt\CLSID
Reg HKLM\SOFTWARE\Classes\Rpplugprot.RPHttpPlugProt\CLSID@ {4D50EBC1-F054-4110-8D92-700E630361A6}
Reg HKLM\SOFTWARE\Classes\Rpplugprot.RPHttpPlugProt\CurVer
Reg HKLM\SOFTWARE\Classes\Rpplugprot.RPHttpPlugProt\CurVer@ Rpplugprot.RPHttpPlugProt.1
Reg HKLM\SOFTWARE\Classes\Rpplugprot.RPHttpPlugProt.1@ RPHttpPlugProt Class
Reg HKLM\SOFTWARE\Classes\Rpplugprot.RPHttpPlugProt.1\CLSID
Reg HKLM\SOFTWARE\Classes\Rpplugprot.RPHttpPlugProt.1\CLSID@ {4D50EBC1-F054-4110-8D92-700E630361A6}
Reg HKLM\SOFTWARE\Classes\Rpplugprot.RPMimeFilter@ RPMimeFilter Class
Reg HKLM\SOFTWARE\Classes\Rpplugprot.RPMimeFilter\CLSID
Reg HKLM\SOFTWARE\Classes\Rpplugprot.RPMimeFilter\CLSID@ {C5838ED9-78F2-4c47-8B6B-2ACF9FA16F44}
Reg HKLM\SOFTWARE\Classes\Rpplugprot.RPMimeFilter\CurVer
Reg HKLM\SOFTWARE\Classes\Rpplugprot.RPMimeFilter\CurVer@ Rpplugprot.RPMimeFilter.1
Reg HKLM\SOFTWARE\Classes\Rpplugprot.RPMimeFilter.1@ RPMimeFilter Class
Reg HKLM\SOFTWARE\Classes\Rpplugprot.RPMimeFilter.1\CLSID
Reg HKLM\SOFTWARE\Classes\Rpplugprot.RPMimeFilter.1\CLSID@ {C5838ED9-78F2-4c47-8B6B-2ACF9FA16F44}
Reg HKLM\SOFTWARE\Classes\RPShellExtension.QTExtractImage@ CQTExtractImage Object
Reg HKLM\SOFTWARE\Classes\RPShellExtension.QTExtractImage\CLSID
Reg HKLM\SOFTWARE\Classes\RPShellExtension.QTExtractImage\CLSID@ {9BAF2374-771E-437b-A752-2B584A5B9200}
Reg HKLM\SOFTWARE\Classes\RPShellExtension.QTExtractImage\CurVer
Reg HKLM\SOFTWARE\Classes\RPShellExtension.QTExtractImage\CurVer@ RPShellExtension.QTExtractImage.1
Reg HKLM\SOFTWARE\Classes\RPShellExtension.QTExtractImage.1@ CQTExtractImage Object
Reg HKLM\SOFTWARE\Classes\RPShellExtension.QTExtractImage.1\CLSID
Reg HKLM\SOFTWARE\Classes\RPShellExtension.QTExtractImage.1\CLSID@ {9BAF2374-771E-437b-A752-2B584A5B9200}
Reg HKLM\SOFTWARE\Classes\RPShellExtension.RPExtractImage@ CRPExtractImage Object
Reg HKLM\SOFTWARE\Classes\RPShellExtension.RPExtractImage\CLSID
Reg HKLM\SOFTWARE\Classes\RPShellExtension.RPExtractImage\CLSID@ {F2DE7395-2AE7-4b40-A159-F7EF3C266D9C}
Reg HKLM\SOFTWARE\Classes\RPShellExtension.RPExtractImage\CurVer
Reg HKLM\SOFTWARE\Classes\RPShellExtension.RPExtractImage\CurVer@ RPShellExtension.RPExtractImage.1
Reg HKLM\SOFTWARE\Classes\RPShellExtension.RPExtractImage.1@ CRPExtractImage Object
Reg HKLM\SOFTWARE\Classes\RPShellExtension.RPExtractImage.1\CLSID
Reg HKLM\SOFTWARE\Classes\RPShellExtension.RPExtractImage.1\CLSID@ {F2DE7395-2AE7-4b40-A159-F7EF3C266D9C}
Reg HKLM\SOFTWARE\Classes\RstrCC.RstrProgress@ RstrProgress Class
Reg HKLM\SOFTWARE\Classes\RstrCC.RstrProgress\CLSID
Reg HKLM\SOFTWARE\Classes\RstrCC.RstrProgress\CLSID@ {bf404da2-7d3b-11d3-b9e5-00c04f79e399}
Reg HKLM\SOFTWARE\Classes\RstrCC.RstrProgress\CurVer
Reg HKLM\SOFTWARE\Classes\RstrCC.RstrProgress\CurVer@ RstrCC.RstrProgress.1
Reg HKLM\SOFTWARE\Classes\RstrCC.RstrProgress.1@ RstrProgress Class
Reg HKLM\SOFTWARE\Classes\RstrCC.RstrProgress.1\CLSID
Reg HKLM\SOFTWARE\Classes\RstrCC.RstrProgress.1\CLSID@ {bf404da2-7d3b-11d3-b9e5-00c04f79e399}
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash@ Shockwave Flash Object
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash\CLSID
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash\CLSID@ {D27CDB6E-AE6D-11cf-96B8-444553540000}
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash\CurVer
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash\CurVer@ ShockwaveFlash.ShockwaveFlash.10
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash.1@ Shockwave Flash Object
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash.1\CLSID
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash.1\CLSID@ {D27CDB6E-AE6D-11cf-96B8-444553540000}
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash.10@ Shockwave Flash Object
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash.10\CLSID
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash.10\CLSID@ {D27CDB6E-AE6D-11cf-96B8-444553540000}
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash.3@ Shockwave Flash Object
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash.3\CLSID
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash.3\CLSID@ {D27CDB6E-AE6D-11cf-96B8-444553540000}
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash.4@ Shockwave Flash Object
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash.4\CLSID
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash.4\CLSID@ {D27CDB6E-AE6D-11cf-96B8-444553540000}
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash.5@ Shockwave Flash Object
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash.5\CLSID
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash.5\CLSID@ {D27CDB6E-AE6D-11cf-96B8-444553540000}
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash.6@ Shockwave Flash Object
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash.6\CLSID
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash.6\CLSID@ {D27CDB6E-AE6D-11cf-96B8-444553540000}
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash.7@ Shockwave Flash Object
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash.7\CLSID
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash.7\CLSID@ {D27CDB6E-AE6D-11cf-96B8-444553540000}
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash.8@ Shockwave Flash Object
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash.8\CLSID
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash.8\CLSID@ {D27CDB6E-AE6D-11cf-96B8-444553540000}
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash.9@ Shockwave Flash Object
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash.9\CLSID
Reg HKLM\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash.9\CLSID@ {D27CDB6E-AE6D-11cf-96B8-444553540000}
Reg HKLM\SOFTWARE\Classes\SkinsReader.SkinsReader@ InterActual Skin
Reg HKLM\SOFTWARE\Classes\SkinsReader.SkinsReader\CLSID
Reg HKLM\SOFTWARE\Classes\SkinsReader.SkinsReader\CLSID@ {B1BA31F0-5EFA-47A7-AC1F-626C4054DB70}
Reg HKLM\SOFTWARE\Classes\SkinsReader.SkinsReader\CurVer
Reg HKLM\SOFTWARE\Classes\SkinsReader.SkinsReader\CurVer@ SkinsReader.SkinsReader.1
Reg HKLM\SOFTWARE\Classes\SkinsReader.SkinsReader.1@ InterActual Skin
Reg HKLM\SOFTWARE\Classes\SkinsReader.SkinsReader.1\CLSID
Reg HKLM\SOFTWARE\Classes\SkinsReader.SkinsReader.1\CLSID@ {B1BA31F0-5EFA-47A7-AC1F-626C4054DB70}
Reg HKLM\SOFTWARE\Classes\SkinzManager.SkinzManager@ SkinzManager Class
Reg HKLM\SOFTWARE\Classes\SkinzManager.SkinzManager\CurVer
Reg HKLM\SOFTWARE\Classes\SkinzManager.SkinzManager\CurVer@ SkinzManager.SkinzManager.1
Reg HKLM\SOFTWARE\Classes\SkinzManager.SkinzManager.1@ SkinzManager Class
Reg HKLM\SOFTWARE\Classes\SkinzManager.SkinzManager.1\CLSID
Reg HKLM\SOFTWARE\Classes\SkinzManager.SkinzManager.1\CLSID@ {D2BFD91A-B9C6-434E-8E06-0D79E6C9BADE}
Reg HKLM\SOFTWARE\Classes\SkinzPersist.SkinzPersist@ SkinzPersist Class
Reg HKLM\SOFTWARE\Classes\SkinzPersist.SkinzPersist\CurVer
Reg HKLM\SOFTWARE\Classes\SkinzPersist.SkinzPersist\CurVer@ SkinzPersist.SkinzPersist.1
Reg HKLM\SOFTWARE\Classes\SkinzPersist.SkinzPersist.1@ SkinzPersist Class
Reg HKLM\SOFTWARE\Classes\SkinzPersist.SkinzPersist.1\CLSID
Reg HKLM\SOFTWARE\Classes\SkinzPersist.SkinzPersist.1\CLSID@ {1C5B3F5D-5AE0-4062-AFDA-1D28CF97AD95}
Reg HKLM\SOFTWARE\Classes\SLIDER.SliderCtrl.1@ FormFlow Slider Control
Reg HKLM\SOFTWARE\Classes\SLIDER.SliderCtrl.1\CLSID
Reg HKLM\SOFTWARE\Classes\SLIDER.SliderCtrl.1\CLSID@ {1C9709F2-F43B-11CF-BA34-00805FB4B41C}
Reg HKLM\SOFTWARE\Classes\SoftwareDistribution.MicrosoftUpdateWebControl@ MUWebControl Class
Reg HKLM\SOFTWARE\Classes\SoftwareDistribution.MicrosoftUpdateWebControl\CLSID
Reg HKLM\SOFTWARE\Classes\SoftwareDistribution.MicrosoftUpdateWebControl\CLSID@ {6e32070a-766d-4ee6-879c-dc1fa91d2fc3}
Reg HKLM\SOFTWARE\Classes\SoftwareDistribution.MicrosoftUpdateWebControl\CurVer
Reg HKLM\SOFTWARE\Classes\SoftwareDistribution.MicrosoftUpdateWebControl\CurVer@ SoftwareDistribution.MicrosoftUpdateWebControl.1
Reg HKLM\SOFTWARE\Classes\SoftwareDistribution.MicrosoftUpdateWebControl.1@ MUWebControl Class
Reg HKLM\SOFTWARE\Classes\SoftwareDistribution.MicrosoftUpdateWebControl.1\CLSID
Reg HKLM\SOFTWARE\Classes\SoftwareDistribution.MicrosoftUpdateWebControl.1\CLSID@ {6e32070a-766d-4ee6-879c-dc1fa91d2fc3}
Reg HKLM\SOFTWARE\Classes\SPRT.ScriptRunner.1@ SupportSoft Script Runner Class
Reg HKLM\SOFTWARE\Classes\SPRT.ScriptRunner.1\CLSID
Reg HKLM\SOFTWARE\Classes\SPRT.ScriptRunner.1\CLSID@ {01012101-5e80-11d8-9e86-0007e96c65ae}
Reg HKLM\SOFTWARE\Classes\SPRT.SmartIssue.1@ SupportSoft SmartIssue
Reg HKLM\SOFTWARE\Classes\SPRT.SmartIssue.1\CLSID
Reg HKLM\SOFTWARE\Classes\SPRT.SmartIssue.1\CLSID@ {01010e00-5e80-11d8-9e86-0007e96c65ae}
Reg HKLM\SOFTWARE\Classes\SSubTimer6.CTimer@ SSubTimer6.CTimer
Reg HKLM\SOFTWARE\Classes\SSubTimer6.CTimer\Clsid
Reg HKLM\SOFTWARE\Classes\SSubTimer6.CTimer\Clsid@ {71A27034-C7D8-11D2-BEF8-525400DFB47A}
Reg HKLM\SOFTWARE\Classes\SSubTimer6.GSubclass@ SSubTimer6.GSubclass
Reg HKLM\SOFTWARE\Classes\SSubTimer6.GSubclass\Clsid
Reg HKLM\SOFTWARE\Classes\SSubTimer6.GSubclass\Clsid@ {71A27032-C7D8-11D2-BEF8-525400DFB47A}
Reg HKLM\SOFTWARE\Classes\SSubTimer6.ISubclass@ SSubTimer6.ISubclass
Reg HKLM\SOFTWARE\Classes\SSubTimer6.ISubclass\Clsid
Reg HKLM\SOFTWARE\Classes\SSubTimer6.ISubclass\Clsid@ {71A2702F-C7D8-11D2-BEF8-525400DFB47A}
Reg HKLM\SOFTWARE\Classes\steam@ URL:steam protocol
Reg HKLM\SOFTWARE\Classes\steam@URL Protocol
Reg HKLM\SOFTWARE\Classes\steam\DefaultIcon
Reg HKLM\SOFTWARE\Classes\steam\DefaultIcon@ steam.exe
Reg HKLM\SOFTWARE\Classes\steam\Shell
Reg HKLM\SOFTWARE\Classes\steam\Shell\Open
Reg HKLM\SOFTWARE\Classes\steam\Shell\Open\Command
Reg HKLM\SOFTWARE\Classes\steam\Shell\Open\Command@ "C:\program files\steam\steam.exe" "%1"
Reg HKLM\SOFTWARE\Classes\SwBroker.SwHelper@ SwHelper Class
Reg HKLM\SOFTWARE\Classes\SwBroker.SwHelper\CLSID
Reg HKLM\SOFTWARE\Classes\SwBroker.SwHelper\CLSID@ {1F3CB77D-D339-49e0-B8E4-FECD6D6F8CB8}
Reg HKLM\SOFTWARE\Classes\SwBroker.SwHelper\CurVer
Reg HKLM\SOFTWARE\Classes\SwBroker.SwHelper\CurVer@ SwBroker.SwHelper.1
Reg HKLM\SOFTWARE\Classes\SwBroker.SwHelper.1@ SwHelper Class
Reg HKLM\SOFTWARE\Classes\SwBroker.SwHelper.1\CLSID
Reg HKLM\SOFTWARE\Classes\SwBroker.SwHelper.1\CLSID@ {1F3CB77D-D339-49e0-B8E4-FECD6D6F8CB8}
Reg HKLM\SOFTWARE\Classes\SWCtl.SWCtl@ Shockwave ActiveX Control
Reg HKLM\SOFTWARE\Classes\SWCtl.SWCtl\CLSID
Reg HKLM\SOFTWARE\Classes\SWCtl.SWCtl\CLSID@ {233C1507-6A77-46A4-9443-F871F945D258}
Reg HKLM\SOFTWARE\Classes\SWCtl.SWCtl\CurVer
Reg HKLM\SOFTWARE\Classes\SWCtl.SWCtl\CurVer@ SWCtl.SWCtl.11
Reg HKLM\SOFTWARE\Classes\SWCtl.SWCtl.1@ Shockwave ActiveX Control
Reg HKLM\SOFTWARE\Classes\SWCtl.SWCtl.1\CLSID
Reg HKLM\SOFTWARE\Classes\SWCtl.SWCtl.1\CLSID@ {166B1BCA-3F9C-11CF-8075-444553540000}
Reg HKLM\SOFTWARE\Classes\SWCtl.SWCtl.10.1.1@ Shockwave ActiveX Control
Reg HKLM\SOFTWARE\Classes\SWCtl.SWCtl.10.1.1\CLSID
Reg HKLM\SOFTWARE\Classes\SWCtl.SWCtl.10.1.1\CLSID@ {233C1507-6A77-46A4-9443-F871F945D258}
Reg HKLM\SOFTWARE\Classes\SWCtl.SWCtl.11@ Shockwave ActiveX Control
Reg HKLM\SOFTWARE\Classes\SWCtl.SWCtl.11\CLSID
Reg HKLM\SOFTWARE\Classes\SWCtl.SWCtl.11\CLSID@ {233C1507-6A77-46A4-9443-F871F945D258}
Reg HKLM\SOFTWARE\Classes\SWCtl.SWCtl.7@ Shockwave ActiveX Control
Reg HKLM\SOFTWARE\Classes\SWCtl.SWCtl.7\CLSID
Reg HKLM\SOFTWARE\Classes\SWCtl.SWCtl.7\CLSID@ {166B1BCA-3F9C-11CF-8075-444553540000}
Reg HKLM\SOFTWARE\Classes\SWCtl.SWCtl.8@ Shockwave ActiveX Control
Reg HKLM\SOFTWARE\Classes\SWCtl.SWCtl.8\CLSID
Reg HKLM\SOFTWARE\Classes\SWCtl.SWCtl.8\CLSID@ {166B1BCA-3F9C-11CF-8075-444553540000}
Reg HKLM\SOFTWARE\Classes\SWCtl.SWCtl.8.5@ Shockwave ActiveX Control
Reg HKLM\SOFTWARE\Classes\SWCtl.SWCtl.8.5\CLSID
Reg HKLM\SOFTWARE\Classes\SWCtl.SWCtl.8.5\CLSID@ {166B1BCA-3F9C-11CF-8075-444553540000}
Reg HKLM\SOFTWARE\Classes\SWCtl.SWCtl.8.5.1@ Shockwave ActiveX Control
Reg HKLM\SOFTWARE\Classes\SWCtl.SWCtl.8.5.1\CLSID
Reg HKLM\SOFTWARE\Classes\SWCtl.SWCtl.8.5.1\CLSID@ {166B1BCA-3F9C-11CF-8075-444553540000}
Reg HKLM\SOFTWARE\Classes\Swdir.SwInstallerCtl@ SwInstallerCtl Class
Reg HKLM\SOFTWARE\Classes\Swdir.SwInstallerCtl\CLSID
Reg HKLM\SOFTWARE\Classes\Swdir.SwInstallerCtl\CLSID@ {4DB2E429-B905-479A-9EFF-F7CBD9FD52DE}
Reg HKLM\SOFTWARE\Classes\Swdir.SwInstallerCtl\CurVer
Reg HKLM\SOFTWARE\Classes\Swdir.SwInstallerCtl\CurVer@ Swdir.SwInstallerCtl.1
Reg HKLM\SOFTWARE\Classes\Swdir.SwInstallerCtl.1@ SwInstallerCtl Class
Reg HKLM\SOFTWARE\Classes\Swdir.SwInstallerCtl.1\CLSID
Reg HKLM\SOFTWARE\Classes\Swdir.SwInstallerCtl.1\CLSID@ {4DB2E429-B905-479A-9EFF-F7CBD9FD52DE}
Reg HKLM\SOFTWARE\Classes\SwHelper.SwHelperAttributes@ SwHelperAttributes Class
Reg HKLM\SOFTWARE\Classes\SwHelper.SwHelperAttributes\CLSID
Reg HKLM\SOFTWARE\Classes\SwHelper.SwHelperAttributes\CLSID@ {0103A448-2934-4B3D-A54E-FED761D472E0}
Reg HKLM\SOFTWARE\Classes\SwHelper.SwHelperAttributes\CurVer
Reg HKLM\SOFTWARE\Classes\SwHelper.SwHelperAttributes\CurVer@ SwHelper.SwHelperAttributes.1
Reg HKLM\SOFTWARE\Classes\SwHelper.SwHelperAttributes.1@ SwHelperAttributes Class
Reg HKLM\SOFTWARE\Classes\SwHelper.SwHelperAttributes.1\CLSID
Reg HKLM\SOFTWARE\Classes\SwHelper.SwHelperAttributes.1\CLSID@ {0103A448-2934-4B3D-A54E-FED761D472E0}
Reg HKLM\SOFTWARE\Classes\SymAData.ActiveDataInfo@ ActiveDataInfo Class
Reg HKLM\SOFTWARE\Classes\SymAData.ActiveDataInfo\CLSID
Reg HKLM\SOFTWARE\Classes\SymAData.ActiveDataInfo\CLSID@ {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078}
Reg HKLM\SOFTWARE\Classes\SymAData.ActiveDataInfo\CurVer
Reg HKLM\SOFTWARE\Classes\SymAData.ActiveDataInfo\CurVer@ SymAData.ActiveDataInfo.1
Reg HKLM\SOFTWARE\Classes\SymAData.ActiveDataInfo.1@ ActiveDataInfo Class
Reg HKLM\SOFTWARE\Classes\SymAData.ActiveDataInfo.1\CLSID
Reg HKLM\SOFTWARE\Classes\SymAData.ActiveDataInfo.1\CLSID@ {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078}
Reg HKLM\SOFTWARE\Classes\Symantec.DownloadManager@ Symantec Download Manager
Reg HKLM\SOFTWARE\Classes\Symantec.DownloadManager\CLSID
Reg HKLM\SOFTWARE\Classes\Symantec.DownloadManager\CLSID@ {6A344D34-5231-452A-8A57-D064AC9B7862}
Reg HKLM\SOFTWARE\Classes\Symantec.DownloadManager\CurVer
Reg HKLM\SOFTWARE\Classes\Symantec.DownloadManager\CurVer@ Symantec.DownloadManager.1
Reg HKLM\SOFTWARE\Classes\Symantec.DownloadManager.1@ Symantec Download Manager
Reg HKLM\SOFTWARE\Classes\Symantec.DownloadManager.1\CLSID
Reg HKLM\SOFTWARE\Classes\Symantec.DownloadManager.1\CLSID@ {6A344D34-5231-452A-8A57-D064AC9B7862}
Reg HKLM\SOFTWARE\Classes\The Sims 2 Package Installer\DefaultIcon
Reg HKLM\SOFTWARE\Classes\The Sims 2 Package Installer\DefaultIcon@ C:\Program Files\EA GAMES\The Sims 2 Double Deluxe\SP4\CSBin\PackageInstaller.exe,1
Reg HKLM\SOFTWARE\Classes\The Sims 2 Package Installer\Shell
Reg HKLM\SOFTWARE\Classes\The Sims 2 Package Installer\Shell\Open
Reg HKLM\SOFTWARE\Classes\The Sims 2 Package Installer\Shell\Open\Command
Reg HKLM\SOFTWARE\Classes\The Sims 2 Package Installer\Shell\Open\Command@ C:\Program Files\EA GAMES\The Sims 2 Double Deluxe\SP4\CSBin\PackageInstaller.exe "%1"
Reg HKLM\SOFTWARE\Classes\TheFacebook.FacebookPhotoUploader5.5@ Facebook Photo Uploader 5 Control
Reg HKLM\SOFTWARE\Classes\TheFacebook.FacebookPhotoUploader5.5\CLSID
Reg HKLM\SOFTWARE\Classes\TheFacebook.FacebookPhotoUploader5.5\CLSID@ {0CCA191D-13A6-4E29-B746-314DEE697D83}
Reg HKLM\SOFTWARE\Classes\TheFacebook.FacebookPhotoUploader5.5\CurVer
Reg HKLM\SOFTWARE\Classes\TheFacebook.FacebookPhotoUploader5.5\CurVer@ TheFacebook.FacebookPhotoUploader5.5.1
Reg HKLM\SOFTWARE\Classes\TheFacebook.FacebookPhotoUploader5.5.1@ Facebook Photo Uploader 5 Control
Reg HKLM\SOFTWARE\Classes\TheFacebook.FacebookPhotoUploader5.5.1\CLSID
Reg HKLM\SOFTWARE\Classes\TheFacebook.FacebookPhotoUploader5.5.1\CLSID@ {0CCA191D-13A6-4E29-B746-314DEE697D83}
Reg HKLM\SOFTWARE\Classes\TheFacebook.FacebookPhotoUploader5.5.1\Insertable
Reg HKLM\SOFTWARE\Classes\TheFacebook.ShellCombo.5@ Facebook Photo Uploader 5 Combo Control
Reg HKLM\SOFTWARE\Classes\TheFacebook.ShellCombo.5\CLSID
Reg HKLM\SOFTWARE\Classes\TheFacebook.ShellCombo.5\CLSID@ {11C00D9C-F6B0-4470-A4EB-C9927DF57970}
Reg HKLM\SOFTWARE\Classes\TheFacebook.ShellCombo.5\CurVer
Reg HKLM\SOFTWARE\Classes\TheFacebook.ShellCombo.5\CurVer@ TheFacebook.ShellCombo.5.1
Reg HKLM\SOFTWARE\Classes\TheFacebook.ShellCombo.5.1@ Facebook Photo Uploader 5 Combo Control
Reg HKLM\SOFTWARE\Classes\TheFacebook.ShellCombo.5.1\CLSID
Reg HKLM\SOFTWARE\Classes\TheFacebook.ShellCombo.5.1\CLSID@ {11C00D9C-F6B0-4470-A4EB-C9927DF57970}
Reg HKLM\SOFTWARE\Classes\TheFacebook.Thumbnail.5@ Facebook Photo Uploader 5 Thumbnail Control
Reg HKLM\SOFTWARE\Classes\TheFacebook.Thumbnail.5\CLSID
Reg HKLM\SOFTWARE\Classes\TheFacebook.Thumbnail.5\CLSID@ {70A07902-4D50-4D4B-A5D2-914EFE80E94A}
Reg HKLM\SOFTWARE\Classes\TheFacebook.Thumbnail.5\CurVer
Reg HKLM\SOFTWARE\Classes\TheFacebook.Thumbnail.5\CurVer@ TheFacebook.Thumbnail.5.1
Reg HKLM\SOFTWARE\Classes\TheFacebook.Thumbnail.5.1@ Facebook Photo Uploader 5 Thumbnail Control
Reg HKLM\SOFTWARE\Classes\TheFacebook.Thumbnail.5.1\CLSID
Reg HKLM\SOFTWARE\Classes\TheFacebook.Thumbnail.5.1\CLSID@ {70A07902-4D50-4D4B-A5D2-914EFE80E94A}
Reg HKLM\SOFTWARE\Classes\TheFacebook.UploadPane.5@ Facebook Photo Uploader 5 UploadPane Control
Reg HKLM\SOFTWARE\Classes\TheFacebook.UploadPane.5\CLSID
Reg HKLM\SOFTWARE\Classes\TheFacebook.UploadPane.5\CLSID@ {316DC664-0D6A-4505-A282-8C0248C27110}
Reg HKLM\SOFTWARE\Classes\TheFacebook.UploadPane.5\CurVer
Reg HKLM\SOFTWARE\Classes\TheFacebook.UploadPane.5\CurVer@ TheFacebook.UploadPane.5.1
Reg HKLM\SOFTWARE\Classes\TheFacebook.UploadPane.5.1@ Facebook Photo Uploader 5 UploadPane Control
Reg HKLM\SOFTWARE\Classes\TheFacebook.UploadPane.5.1\CLSID
Reg HKLM\SOFTWARE\Classes\TheFacebook.UploadPane.5.1\CLSID@ {316DC664-0D6A-4505-A282-8C0248C27110}
Reg HKLM\SOFTWARE\Classes\TMAS_OEApi.OEAPIObj@ OEAPIObj
Reg HKLM\SOFTWARE\Classes\TMAS_OEApi.OEAPIObj\CLSID
Reg HKLM\SOFTWARE\Classes\TMAS_OEApi.OEAPIObj\CLSID@ {12BAF038-264C-464B-9D58-C83B3781DD4C}
Reg HKLM\SOFTWARE\Classes\TMAS_OEApi.OEButton@ OEButton
Reg HKLM\SOFTWARE\Classes\TMAS_OEApi.OEButton\CLSID
Reg HKLM\SOFTWARE\Classes\TMAS_OEApi.OEButton\CLSID@ {12BAF048-264C-464B-9D58-C83B3781DD4C}
Reg HKLM\SOFTWARE\Classes\TMAS_OEApi.OEMenu@ OEMenu
Reg HKLM\SOFTWARE\Classes\TMAS_OEApi.OEMenu\CLSID
Reg HKLM\SOFTWARE\Classes\TMAS_OEApi.OEMenu\CLSID@ {12BAF069-264C-464B-9D58-C83B3781DD4C}
Reg HKLM\SOFTWARE\Classes\TMAS_OEApi.OEMenuItem@ OEMenuItem
Reg HKLM\SOFTWARE\Classes\TMAS_OEApi.OEMenuItem\CLSID
Reg HKLM\SOFTWARE\Classes\TMAS_OEApi.OEMenuItem\CLSID@ {12BAF059-264C-464B-9D58-C83B3781DD4C}
Reg HKLM\SOFTWARE\Classes\TMAS_OEApi.OEMsgWnd@ OEMsgWnd
Reg HKLM\SOFTWARE\Classes\TMAS_OEApi.OEMsgWnd\CLSID
Reg HKLM\SOFTWARE\Classes\TMAS_OEApi.OEMsgWnd\CLSID@ {12BAF05C-264C-464B-9D58-C83B3781DD4C}
Reg HKLM\SOFTWARE\Classes\TMAS_OEApi.OEToolbar@ OEToolbar
Reg HKLM\SOFTWARE\Classes\TMAS_OEApi.OEToolbar\CLSID
Reg HKLM\SOFTWARE\Classes\TMAS_OEApi.OEToolbar\CLSID@ {12BAF045-264C-464B-9D58-C83B3781DD4C}
Reg HKLM\SOFTWARE\Classes\TMAS_OEApiInit.OEAPIInit@ OEAPIInit
Reg HKLM\SOFTWARE\Classes\TMAS_OEApiInit.OEAPIInit\CLSID
Reg HKLM\SOFTWARE\Classes\TMAS_OEApiInit.OEAPIInit\CLSID@ {12BAF052-264C-464B-9D58-C83B3781DD4B}
Reg HKLM\SOFTWARE\Classes\TMAS_OEApiInit.OEAPIInitState@ OEAPIInitState
Reg HKLM\SOFTWARE\Classes\TMAS_OEApiInit.OEAPIInitState\CLSID
Reg HKLM\SOFTWARE\Classes\TMAS_OEApiInit.OEAPIInitState\CLSID@ {12BAF052-264C-464B-9D58-C83B3781DD4C}
Reg HKLM\SOFTWARE\Classes\TMAS_OEStore.OEFolder@ OEFolder
Reg HKLM\SOFTWARE\Classes\TMAS_OEStore.OEFolder\CLSID
Reg HKLM\SOFTWARE\Classes\TMAS_OEStore.OEFolder\CLSID@ {12BAF070-264C-464B-9D58-C83B3781DD4B}
Reg HKLM\SOFTWARE\Classes\TMAS_OEStore.OEFolderManager@ OEFolderManager
Reg HKLM\SOFTWARE\Classes\TMAS_OEStore.OEFolderManager\CLSID
Reg HKLM\SOFTWARE\Classes\TMAS_OEStore.OEFolderManager\CLSID@ {12BAF0A5-264C-464B-9D58-C83B3781DD4B}
Reg HKLM\SOFTWARE\Classes\TMAS_OEStore.OEMessage@ OEMessage
Reg HKLM\SOFTWARE\Classes\TMAS_OEStore.OEMessage\CLSID
Reg HKLM\SOFTWARE\Classes\TMAS_OEStore.OEMessage\CLSID@ {12BAF0B1-264C-464B-9D58-C83B3781DD4B}
Reg HKLM\SOFTWARE\Classes\TMAS_OLA.OLAgent@ TMAS_OLA Class
Reg HKLM\SOFTWARE\Classes\TMAS_OLA.OLAgent\CLSID
Reg HKLM\SOFTWARE\Classes\TMAS_OLA.OLAgent\CLSID@ {EFA2E970-BA63-4607-AB47-76CA6B83BD1B}
Reg HKLM\SOFTWARE\Classes\TMAS_OLA.OLAgent\CurVer
Reg HKLM\SOFTWARE\Classes\TMAS_OLA.OLAgent\CurVer@ TMAS_OLA.OLAgent.1
Reg HKLM\SOFTWARE\Classes\TMAS_OLA.OLAgent.1@ TMAS_OLA Class
Reg HKLM\SOFTWARE\Classes\TMAS_OLA.OLAgent.1\CLSID
Reg HKLM\SOFTWARE\Classes\TMAS_OLA.OLAgent.1\CLSID@ {EFA2E970-BA63-4607-AB47-76CA6B83BD1B}
Reg HKLM\SOFTWARE\Classes\Valve.SteamP2P\shell
Reg HKLM\SOFTWARE\Classes\Valve.SteamP2P\shell\open
Reg HKLM\SOFTWARE\Classes\Valve.SteamP2P\shell\open\command
Reg HKLM\SOFTWARE\Classes\Valve.SteamP2P\shell\open\command@ "c:\program files\steam\steam.exe" "%1"
Reg HKLM\SOFTWARE\Classes\vbAcceleratorSGrid6.cGridCell@ vbAcceleratorSGrid6.cGridCell
Reg HKLM\SOFTWARE\Classes\vbAcceleratorSGrid6.cGridCell\Clsid
Reg HKLM\SOFTWARE\Classes\vbAcceleratorSGrid6.cGridCell\Clsid@ {9BD3A001-42A2-491E-AACA-9512F6CF4CDB}
Reg HKLM\SOFTWARE\Classes\vbAcceleratorSGrid6.cGridSortObject@ vbAcceleratorSGrid6.cGridSortObject
Reg HKLM\SOFTWARE\Classes\vbAcceleratorSGrid6.cGridSortObject\Clsid
Reg HKLM\SOFTWARE\Classes\vbAcceleratorSGrid6.cGridSortObject\Clsid@ {D2129738-6A78-4BCB-915A-412982CAA23D}
Reg HKLM\SOFTWARE\Classes\vbAcceleratorSGrid6.IGridCellOwnerDraw@ vbAcceleratorSGrid6.IGridCellOwnerDraw
Reg HKLM\SOFTWARE\Classes\vbAcceleratorSGrid6.IGridCellOwnerDraw\Clsid
Reg HKLM\SOFTWARE\Classes\vbAcceleratorSGrid6.IGridCellOwnerDraw\Clsid@ {DC90EAA6-69B8-4DE4-9A7B-5B2C5B3FEACD}
Reg HKLM\SOFTWARE\Classes\vbAcceleratorSGrid6.vbalGrid@ vbAccelerator Grid Control
Reg HKLM\SOFTWARE\Classes\vbAcceleratorSGrid6.vbalGrid\Clsid
Reg HKLM\SOFTWARE\Classes\vbAcceleratorSGrid6.vbalGrid\Clsid@ {C5DA1F2B-B2BF-4DFC-BC9A-439133543A67}
Reg HKLM\SOFTWARE\Classes\wdpfile@ Windows Media Photo
Reg HKLM\SOFTWARE\Classes\wdpfile@FriendlyTypeName @wmphoto.dll,-500
Reg HKLM\SOFTWARE\Classes\wdpfile\CLSID
Reg HKLM\SOFTWARE\Classes\wdpfile\CLSID@ {25336920-03F9-11cf-8FD0-00AA00686F13}
Reg HKLM\SOFTWARE\Classes\wdpfile\shell
Reg HKLM\SOFTWARE\Classes\wdpfile\shell\print
Reg HKLM\SOFTWARE\Classes\wdpfile\shell\print\command
Reg HKLM\SOFTWARE\Classes\wdpfile\shell\print\command@ rundll32.exe %SystemRoot%\system32\shimgvw.dll,ImageView_Fullscreen %1
Reg HKLM\SOFTWARE\Classes\wdpfile\shell\print\DropTarget
Reg HKLM\SOFTWARE\Classes\wdpfile\shell\print\DropTarget@Clsid {60FD46DE-F830-4894-A628-6FA81BC0190D}
Reg HKLM\SOFTWARE\Classes\wdpfile\shell\printto
Reg HKLM\SOFTWARE\Classes\wdpfile\shell\printto\command
Reg HKLM\SOFTWARE\Classes\wdpfile\shell\printto\command@ rundll32.exe %SystemRoot%\system32\shimgvw.dll,ImageView_PrintTo /pt "%1" "%2" "%3" "%4"
Reg HKLM\SOFTWARE\Classes\WMPNSSCI.NSSManager@ NSSManager Class
Reg HKLM\SOFTWARE\Classes\WMPNSSCI.NSSManager\CLSID
Reg HKLM\SOFTWARE\Classes\WMPNSSCI.NSSManager\CLSID@ {92498132-4d1a-4297-9b78-9e2e4ba99c07}
Reg HKLM\SOFTWARE\Classes\WMPNSSCI.NSSManager\CurVer
Reg HKLM\SOFTWARE\Classes\WMPNSSCI.NSSManager\CurVer@ WMPNSSCI.NSSManager.1
Reg HKLM\SOFTWARE\Classes\WMPNSSCI.NSSManager.1@ NSSManager Class
Reg HKLM\SOFTWARE\Classes\WMPNSSCI.NSSManager.1\CLSID
Reg HKLM\SOFTWARE\Classes\WMPNSSCI.NSSManager.1\CLSID@ {92498132-4d1a-4297-9b78-9e2e4ba99c07}
Reg HKLM\SOFTWARE\Classes\Xmencmp3.EncodeMP3File2@ EncodeMP3File2 Class
Reg HKLM\SOFTWARE\Classes\Xmencmp3.EncodeMP3File2\CLSID
Reg HKLM\SOFTWARE\Classes\Xmencmp3.EncodeMP3File2\CLSID@ {A97BBEB0-2D4C-11D3-B244-444553540000}
Reg HKLM\SOFTWARE\Classes\Xmencmp3.EncodeMP3File2\CurVer
Reg HKLM\SOFTWARE\Classes\Xmencmp3.EncodeMP3File2\CurVer@ Xmencmp3.EncodeMP3File2.1
Reg HKLM\SOFTWARE\Classes\Xmencmp3.EncodeMP3File2.1@ EncodeMP3File2 Class
Reg HKLM\SOFTWARE\Classes\Xmencmp3.EncodeMP3File2.1\CLSID
Reg HKLM\SOFTWARE\Classes\Xmencmp3.EncodeMP3File2.1\CLSID@ {A97BBEB0-2D4C-11D3-B244-444553540000}
Reg HKLM\SOFTWARE\Classes\Xmencmp3.EncodeMP3Mem2@ EncodeMP3Mem2 Class
Reg HKLM\SOFTWARE\Classes\Xmencmp3.EncodeMP3Mem2\CLSID
Reg HKLM\SOFTWARE\Classes\Xmencmp3.EncodeMP3Mem2\CLSID@ {477A3783-2D4D-11D3-B244-444553540000}
Reg HKLM\SOFTWARE\Classes\Xmencmp3.EncodeMP3Mem2\CurVer
Reg HKLM\SOFTWARE\Classes\Xmencmp3.EncodeMP3Mem2\CurVer@ Xmencmp3.EncodeMP3Mem2.1
Reg HKLM\SOFTWARE\Classes\Xmencmp3.EncodeMP3Mem2.1@ EncodeMP3Mem2 Class
Reg HKLM\SOFTWARE\Classes\Xmencmp3.EncodeMP3Mem2.1\CLSID
Reg HKLM\SOFTWARE\Classes\Xmencmp3.EncodeMP3Mem2.1\CLSID@ {477A3783-2D4D-11D3-B244-444553540000}
Reg HKLM\SOFTWARE\Classes\Xmencmp3.MP3Encoder3@ MP3Encoder3 Class
Reg HKLM\SOFTWARE\Classes\Xmencmp3.MP3Encoder3\CLSID
Reg HKLM\SOFTWARE\Classes\Xmencmp3.MP3Encoder3\CLSID@ {477A3789-2D4D-11D3-B244-444553540000}
Reg HKLM\SOFTWARE\Classes\Xmencmp3.MP3Encoder3\CurVer
Reg HKLM\SOFTWARE\Classes\Xmencmp3.MP3Encoder3\CurVer@ Xmencmp3.MP3Encoder3.1
Reg HKLM\SOFTWARE\Classes\Xmencmp3.MP3Encoder3.1@ MP3Encoder3 Class
Reg HKLM\SOFTWARE\Classes\Xmencmp3.MP3Encoder3.1\CLSID
Reg HKLM\SOFTWARE\Classes\Xmencmp3.MP3Encoder3.1\CLSID@ {477A3789-2D4D-11D3-B244-444553540000}
Reg HKLM\SOFTWARE\Classes\Xmencmp3.QueryMPEGAudioFile2@ QueryMPEGAudioFile2 Class
Reg HKLM\SOFTWARE\Classes\Xmencmp3.QueryMPEGAudioFile2\CLSID
Reg HKLM\SOFTWARE\Classes\Xmencmp3.QueryMPEGAudioFile2\CLSID@ {477A3787-2D4D-11D3-B244-444553540000}
Reg HKLM\SOFTWARE\Classes\Xmencmp3.QueryMPEGAudioFile2\CurVer
Reg HKLM\SOFTWARE\Classes\Xmencmp3.QueryMPEGAudioFile2\CurVer@ Xmencmp3.QueryMPEGAudioFile2.1
Reg HKLM\SOFTWARE\Classes\Xmencmp3.QueryMPEGAudioFile2.1@ QueryMPEGAudioFile2 Class
Reg HKLM\SOFTWARE\Classes\Xmencmp3.QueryMPEGAudioFile2.1\CLSID
Reg HKLM\SOFTWARE\Classes\Xmencmp3.QueryMPEGAudioFile2.1\CLSID@ {477A3787-2D4D-11D3-B244-444553540000}
Reg HKLM\SOFTWARE\Classes\Xmencmp3.QueryWavFile2@ QueryWavFile2 Class
Reg HKLM\SOFTWARE\Classes\Xmencmp3.QueryWavFile2\CLSID
Reg HKLM\SOFTWARE\Classes\Xmencmp3.QueryWavFile2\CLSID@ {477A3785-2D4D-11D3-B244-444553540000}
Reg HKLM\SOFTWARE\Classes\Xmencmp3.QueryWavFile2\CurVer
Reg HKLM\SOFTWARE\Classes\Xmencmp3.QueryWavFile2\CurVer@ Xmencmp3.QueryWavFile2.1
Reg HKLM\SOFTWARE\Classes\Xmencmp3.QueryWavFile2.1@ QueryWavFile2 Class
Reg HKLM\SOFTWARE\Classes\Xmencmp3.QueryWavFile2.1\CLSID
Reg HKLM\SOFTWARE\Classes\Xmencmp3.QueryWavFile2.1\CLSID@ {477A3785-2D4D-11D3-B244-444553540000}
Reg HKLM\SOFTWARE\Classes\XML@ XML Script Engine
Reg HKLM\SOFTWARE\Classes\XML\CLSID
Reg HKLM\SOFTWARE\Classes\XML\CLSID@ {989D1DC0-B162-11D1-B6EC-D27DDCF9A923}
Reg HKLM\SOFTWARE\Classes\XML\OLEScript
Reg HKLM\SOFTWARE\Classes\XML\OLEScript@
Reg HKLM\SOFTWARE\Classes\xmlfile@ XML Document
Reg HKLM\SOFTWARE\Classes\xmlfile@FriendlyTypeName @C:\WINDOWS\system32\msxml3r.dll,-1
Reg HKLM\SOFTWARE\Classes\xmlfile\BrowseInPlace
Reg HKLM\SOFTWARE\Classes\xmlfile\BrowseInPlace@
Reg HKLM\SOFTWARE\Classes\xmlfile\CLSID
Reg HKLM\SOFTWARE\Classes\xmlfile\CLSID@ {48123BC4-99D9-11D1-A6B3-00C04FD91555}
Reg HKLM\SOFTWARE\Classes\xmlfile\DefaultIcon
Reg HKLM\SOFTWARE\Classes\xmlfile\DefaultIcon@ "%1"
Reg HKLM\SOFTWARE\Classes\xmlfile\shell
Reg HKLM\SOFTWARE\Classes\xmlfile\shell@ open
Reg HKLM\SOFTWARE\Classes\xmlfile\shell\edit
Reg HKLM\SOFTWARE\Classes\xmlfile\shell\edit\command
Reg HKLM\SOFTWARE\Classes\xmlfile\shell\edit\command@ "C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLED.EXE" /verb edit "%1"
Reg HKLM\SOFTWARE\Classes\xmlfile\shell\open
Reg HKLM\SOFTWARE\Classes\xmlfile\shell\open\command
Reg HKLM\SOFTWARE\Classes\xmlfile\shell\open\command@ "C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLED.EXE" /verb open "%1"
Reg HKLM\SOFTWARE\Classes\xmlfile\ShellEx
Reg HKLM\SOFTWARE\Classes\xmlfile\ShellEx\IconHandler
Reg HKLM\SOFTWARE\Classes\xmlfile\ShellEx\IconHandler@ {AB968F1E-E20B-403A-9EB8-72EB0EB6797E}
Reg HKLM\SOFTWARE\Classes\xslfile@ XSL Stylesheet
Reg HKLM\SOFTWARE\Classes\xslfile@FriendlyTypeName @C:\WINDOWS\system32\msxml3r.dll,-2
Reg HKLM\SOFTWARE\Classes\xslfile\BrowseInPlace
Reg HKLM\SOFTWARE\Classes\xslfile\BrowseInPlace@
Reg HKLM\SOFTWARE\Classes\xslfile\CLSID
Reg HKLM\SOFTWARE\Classes\xslfile\CLSID@ {48123BC4-99D9-11D1-A6B3-00C04FD91555}
Reg HKLM\SOFTWARE\Classes\xslfile\DefaultIcon
Reg HKLM\SOFTWARE\Classes\xslfile\DefaultIcon@ C:\WINDOWS\system32\msxml3.dll,1
Reg HKLM\SOFTWARE\Classes\xslfile\shell
Reg HKLM\SOFTWARE\Classes\xslfile\shell\Open
Reg HKLM\SOFTWARE\Classes\xslfile\shell\Open\command
Reg HKLM\SOFTWARE\Classes\xslfile\shell\Open\command@ "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome
Reg HKLM\SOFTWARE\Classes\xslfile\shell\Open\ddeexec
Reg HKLM\SOFTWARE\Classes\xslfile\shell\Open\ddeexec@ "file:%1",,-1,,,,,
Reg HKLM\SOFTWARE\Classes\xslfile\shell\Open\ddeexec\application
Reg HKLM\SOFTWARE\Classes\xslfile\shell\Open\ddeexec\application@ IExplore
Reg HKLM\SOFTWARE\Classes\xslfile\shell\Open\ddeexec\topic
Reg HKLM\SOFTWARE\Classes\xslfile\shell\Open\ddeexec\topic@ WWW_OpenURL
Reg HKLM\SOFTWARE\Classes\Yahoo.Messenger@ Messenger Class
Reg HKLM\SOFTWARE\Classes\Yahoo.Messenger\CLSID
Reg HKLM\SOFTWARE\Classes\Yahoo.Messenger\CLSID@ {96F8C0C7-F106-437D-90DC-6C92793246C4}
Reg HKLM\SOFTWARE\Classes\Yahoo.Messenger\CurVer
Reg HKLM\SOFTWARE\Classes\Yahoo.Messenger\CurVer@ Yahoo.Messenger.1
Reg HKLM\SOFTWARE\Classes\Yahoo.Messenger.1@ Messenger Class
Reg HKLM\SOFTWARE\Classes\Yahoo.Messenger.1\CLSID
Reg HKLM\SOFTWARE\Classes\Yahoo.Messenger.1\CLSID@ {96F8C0C7-F106-437D-90DC-6C92793246C4}
Reg HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar@ Yahoo! Toolbar
Reg HKLM\SOFTWARE\Classes\YBrowserToolbar.YBrowserToolbar.1@ Yahoo! Toolbar

---- EOF - GMER 1.0.15 ----


#7 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,770 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:03:11 PM

Posted 01 March 2010 - 06:01 PM

Hi,

it looks as if something disturbed the run from gmer, please try running rootrepeal instead, but it looks as if you weren't infected by a rootkit. smile.gif
  • Download RootRepeal from the following location and save it to your desktop.
  • Extract the contents of RootRepeal.zip, to your desktop.
  • Double click on your desktop.
  • Click on the report tab, then click scan
  • Check all seven boxes:
    Drivers
    Files
    Processes
    SSDT
    Stealth Objects
    Hidden Services
    Shadow SSDT
  • Click Ok
  • Check the box for your main system drive (Usually C:), and press Ok.
  • Allow RootRepeal to run a scan of your system. This may take some time.
  • Once the scan completes, Click the Save Report button. Save the log as RootRepeal.txt and post it in your next reply.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#8 bugaboomdc

bugaboomdc
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 02 March 2010 - 12:35 AM

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2010/03/01 23:11
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xBA6BB000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF79BB000 Size: 8192 File Visible: No Signed: -
Status: -

Name: kgpiaaoc.sys
Image Path: C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\kgpiaaoc.sys
Address: 0xB9A96000 Size: 93056 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xBA1AD000 Size: 49152 File Visible: No Signed: -
Status: -

Hidden/Locked Files
-------------------
Path: C:\Program Files\Yahoo! Games\Luxor3\Luxor3.exe:{E356961D-1A11-DA98-9BA4-CDA7A77FC388}
Status: Visible to the Windows API, but not on disk.

Path: C:\System Volume Information\_restore{4BF778CD-32BC-4A44-B4E6-ACF6CE50B957}\RP380\A0138445.exe:{E356961D-1A11-DA98-9BA4-CDA7A77FC388}
Status: Visible to the Windows API, but not on disk.

Path: C:\System Volume Information\_restore{4BF778CD-32BC-4A44-B4E6-ACF6CE50B957}\RP382\A0138478.exe:{E356961D-1A11-DA98-9BA4-CDA7A77FC388}
Status: Visible to the Windows API, but not on disk.

Path: C:\System Volume Information\_restore{4BF778CD-32BC-4A44-B4E6-ACF6CE50B957}\RP382\A0138500.exe:{E356961D-1A11-DA98-9BA4-CDA7A77FC388}
Status: Visible to the Windows API, but not on disk.

Path: C:\System Volume Information\_restore{4BF778CD-32BC-4A44-B4E6-ACF6CE50B957}\RP403\A0143233.exe:{E356961D-1A11-DA98-9BA4-CDA7A77FC388}
Status: Visible to the Windows API, but not on disk.

Path: C:\System Volume Information\_restore{4BF778CD-32BC-4A44-B4E6-ACF6CE50B957}\RP403\A0143289.exe:{E356961D-1A11-DA98-9BA4-CDA7A77FC388}
Status: Visible to the Windows API, but not on disk.

Path: C:\System Volume Information\_restore{4BF778CD-32BC-4A44-B4E6-ACF6CE50B957}\RP405\A0143588.exe:{E356961D-1A11-DA98-9BA4-CDA7A77FC388}
Status: Visible to the Windows API, but not on disk.

Path: c:\documents and settings\administrator\local settings\temp\~dfcd9e.tmp
Status: Allocation size mismatch (API: 16384, Raw: 0)

Path: c:\documents and settings\administrator\local settings\temp\~dfd5d4.tmp
Status: Allocation size mismatch (API: 114688, Raw: 16384)

SSDT
-------------------
#: 041 Function Name: NtCreateKey
Status: Hooked by "Lbd.sys" at address 0xf766787e

#: 247 Function Name: NtSetValueKey
Status: Hooked by "Lbd.sys" at address 0xf7667bfe

==EOF==

#9 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,770 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:03:11 PM

Posted 02 March 2010 - 08:04 AM

Hi,

smitfraudfix is a removal tool for a certain type of malware, that is known to produce popups and or redirect your searches to unwanted site. Could it be that you downloaded it to get rid fo the infection?

It seems you have leftovers from Symantec on your PC, please remove them:
Please click HERE and follow the instructions in STEP 3 to download and run the norton removal tool.

Are you currently still getting the Popups?

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#10 bugaboomdc

bugaboomdc
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 02 March 2010 - 08:57 PM

I was finally able to run malware bytes and it seems like the popups stopped. I also did the norton removal.

Do you think it's fixed now?

Here's the malware bytes log

Malwarebytes' Anti-Malware 1.44
Database version: 3814
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

3/2/2010 2:34:49 PM
mbam-log-2010-03-02 (14-34-49).txt

Scan type: Full Scan (C:\|)
Objects scanned: 225162
Time elapsed: 1 hour(s), 13 minute(s), 0 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\xjdsends (Trojan.FakeAlert.Gen) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#11 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,770 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:03:11 PM

Posted 03 March 2010 - 09:44 AM

Hi,

please provide a new log from OTL. How's the PC doing? It is looking much better from the logs.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#12 bugaboomdc

bugaboomdc
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:11 AM

Posted 03 March 2010 - 12:48 PM

The extra text file didn't come up again but here's the report that did . I'm also having to leave out for a week but can't take that laptop. I'll try to check this post to see if all looks well while I'm gone. Thank you, Charlotte

OTL logfile created on: 3/3/2010 11:06:09 AM - Run 4
OTL by OldTimer - Version 3.1.32.0 Folder = C:\Documents and Settings\Student\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 50.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): C:\pagefile.sys 372 744 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34.29 Gb Total Space | 11.55 Gb Free Space | 33.69% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: STUDENT-0E93EA9
Current User Name: Student
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/03/03 11:02:57 | 000,551,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Student\Desktop\OTL.exe
PRC - [2010/02/14 15:32:21 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2010/02/11 12:53:42 | 002,756,488 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/02/11 12:53:39 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/01/15 06:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/06/19 19:05:46 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2008/09/08 09:21:05 | 000,112,072 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
PRC - [2008/09/08 09:19:23 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/01/03 19:37:36 | 000,028,672 | ---- | M] (TOSHIBA) -- C:\WINDOWS\system32\TCtrlIOHook.exe
PRC - [2004/12/07 07:24:38 | 000,024,576 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\Accessibility\FnKeyHook.exe
PRC - [2004/12/06 23:54:28 | 000,081,920 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TME3\TMERzCtl.exe
PRC - [2004/12/06 23:52:46 | 000,077,824 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TME3\TMEEJME.exe
PRC - [2004/11/29 11:10:22 | 000,667,648 | ---- | M] (COMPAL ELECTRONIC INC.) -- C:\Program Files\Toshiba\E-KEY\CeEKey.exe
PRC - [2004/11/12 23:54:56 | 000,929,792 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
PRC - [2004/11/11 20:25:54 | 000,819,200 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFXFER.exe
PRC - [2004/11/11 12:43:56 | 000,126,976 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TME3\TMESRV31.exe
PRC - [2004/11/11 09:30:56 | 000,544,768 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSServ.exe
PRC - [2004/11/10 13:14:08 | 000,036,864 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2004/11/02 11:03:44 | 000,155,648 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxtray.exe
PRC - [2004/10/25 17:23:10 | 000,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA Controls\TFncKy.exe
PRC - [2004/10/15 13:31:32 | 000,356,352 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
PRC - [2004/10/15 13:30:52 | 000,098,304 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
PRC - [2004/10/15 13:27:56 | 000,385,024 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2004/10/15 13:27:38 | 000,389,120 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2004/10/15 13:24:48 | 000,360,521 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2004/10/15 13:23:12 | 000,245,760 | ---- | M] (Intel) -- C:\Program Files\Intel\Wireless\Bin\1XConfig.exe
PRC - [2004/10/15 13:22:14 | 000,086,016 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2004/10/15 13:21:38 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2004/09/15 17:03:08 | 000,135,168 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe
PRC - [2004/08/27 11:34:20 | 000,278,528 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSMain.exe
PRC - [2004/07/14 18:07:32 | 000,024,576 | ---- | M] (TOSHIBA) -- C:\WINDOWS\system32\ZoomingHook.exe
PRC - [2004/06/01 22:43:10 | 000,045,056 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe
PRC - [2004/05/13 15:46:02 | 000,053,248 | ---- | M] () -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
PRC - [2004/04/07 14:07:32 | 001,135,728 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2004/03/24 00:40:42 | 000,196,608 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint2K\Apoint.exe
PRC - [2003/09/05 17:16:30 | 000,184,320 | ---- | M] (Agere Systems) -- C:\Program Files\ltmoh\ltmoh.exe
PRC - [2003/09/05 05:24:46 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
PRC - [2003/05/23 15:38:26 | 000,106,496 | ---- | M] (Matsubleepa Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe
PRC - [2003/03/14 13:38:12 | 000,155,648 | ---- | M] (Matsubleepa Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMASST.exe
PRC - [2003/02/26 13:08:42 | 000,045,056 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint2K\ApntEx.exe


========== Modules (SafeList) ==========

MOD - [2010/03/03 11:02:57 | 000,551,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Student\Desktop\OTL.exe
MOD - [2009/11/21 09:51:04 | 000,471,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\aclayers.dll
MOD - [2008/04/13 18:12:05 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/02/26 13:29:59 | 001,229,232 | ---- | M] (Lavasoft) [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/02/11 12:53:39 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/02/11 12:53:39 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/02/11 12:53:39 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/01/15 06:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/09/08 09:19:23 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2004/11/11 12:43:56 | 000,126,976 | ---- | M] (TOSHIBA) [Auto | Running] -- C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe -- (Tmesrv)
SRV - [2004/11/10 13:14:08 | 000,036,864 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2004/10/15 13:30:52 | 000,098,304 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe -- (OwnershipProtocol)
SRV - [2004/10/15 13:24:48 | 000,360,521 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor)
SRV - [2004/10/15 13:22:14 | 000,086,016 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng)
SRV - [2004/10/15 13:21:38 | 000,139,264 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc)
SRV - [2004/05/13 15:46:02 | 000,053,248 | ---- | M] () [Auto | Running] -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2004/04/07 14:07:32 | 001,135,728 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2003/05/23 15:38:26 | 000,106,496 | ---- | M] (Matsubleepa Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)


========== Driver Services (SafeList) ==========

DRV - [2010/02/11 12:42:34 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/02/11 12:42:13 | 000,162,512 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/02/11 12:39:01 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/02/11 12:38:34 | 000,100,432 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010/02/11 12:38:23 | 000,019,024 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/02/11 12:38:07 | 000,028,880 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010/02/04 09:53:02 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009/06/30 09:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/05/09 00:14:20 | 000,014,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nuidfltr.sys -- (NuidFltr)
DRV - [2007/11/13 04:25:53 | 000,020,480 | R--- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2006/11/20 12:15:43 | 000,017,119 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\AegisP.sys -- (AegisP) AEGIS Protocol (IEEE 802.1x)
DRV - [2004/12/30 03:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/12/30 03:05:00 | 000,099,098 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/12/30 03:05:00 | 000,087,482 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/12/30 03:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/12/30 03:05:00 | 000,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/12/30 03:05:00 | 000,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/12/30 03:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/12/30 03:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/12/30 03:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/12/23 04:56:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2004/12/14 04:29:28 | 000,016,128 | ---- | M] (TOSHIBA ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPwSav.sys -- (TPwSav)
DRV - [2004/12/11 16:12:00 | 000,006,144 | ---- | M] (TOSHIBA ) [Kernel | System | Running] -- C:\Program Files\Toshiba\Windows Utilities\spDispatch.sys -- (SPCtl)
DRV - [2004/12/11 16:12:00 | 000,006,144 | ---- | M] () [Kernel | System | Running] -- C:\Program Files\Toshiba\TOSHIBA Applet\HWS_IoDispatch.sys -- (HWSCtrl)
DRV - [2004/12/11 04:52:14 | 000,006,144 | ---- | M] (TOSHIBA ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TCtrlIO.sys -- (TCtrlIO)
DRV - [2004/12/10 16:00:44 | 000,006,144 | ---- | M] (TOSHIBA) [Kernel | System | Running] -- C:\Program Files\Toshiba\Accessibility\StickyMesger.sys -- (StickyMesger)
DRV - [2004/12/10 15:49:18 | 000,006,144 | ---- | M] (TOAHIBA, ) [Kernel | System | Running] -- C:\Program Files\Toshiba\TouchPad\TPECioCtl.sys -- (TPECioCtl)
DRV - [2004/12/10 10:29:50 | 000,006,144 | ---- | M] (TOAHIBA, ) [Kernel | System | Running] -- C:\Program Files\Toshiba\E-KEY\EKECioCtl.sys -- (EKECioCtl)
DRV - [2004/12/02 13:04:20 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/12/02 13:04:10 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2004/11/26 07:29:00 | 000,224,000 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2004/11/17 12:30:00 | 000,147,840 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2004/11/15 18:22:08 | 000,101,874 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2004/11/02 11:27:20 | 000,773,565 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ialmnt5.sys -- (ialm)
DRV - [2004/10/29 20:48:10 | 003,222,784 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel®
DRV - [2004/10/28 14:37:50 | 001,270,572 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2004/10/27 15:57:38 | 002,284,864 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2004/10/15 13:20:04 | 000,011,354 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2004/09/23 02:03:00 | 000,020,576 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2004/08/17 05:21:00 | 000,087,168 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/08/12 10:44:04 | 000,234,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iwca.sys -- (IWCA)
DRV - [2004/08/04 06:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/07/30 17:05:04 | 000,006,400 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EPIOMngr.sys -- (SerTVOutCtlr)
DRV - [2004/07/30 01:05:08 | 000,006,400 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | System | Running] -- C:\Program Files\Toshiba\E-KEY\SSIOMngr.sys -- (SrvcSSIOMngr)
DRV - [2004/07/30 01:05:04 | 000,006,400 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | System | Running] -- C:\Program Files\Toshiba\E-KEY\EKIOMngr.sys -- (SrvcEKIOMngr)
DRV - [2004/06/16 13:19:58 | 000,046,080 | ---- | M] (SMSC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
DRV - [2004/06/16 13:08:48 | 000,005,888 | ---- | M] (Toshiba Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TMEI3E.sys -- (TMEI3E)
DRV - [2004/06/15 14:15:00 | 000,005,888 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\TVALG.SYS -- (TVALG)
DRV - [2004/05/18 09:18:26 | 000,008,573 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosrfec.sys -- (tosrfec)
DRV - [2004/01/30 12:32:32 | 000,090,480 | ---- | M] (Matsubleepa Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2003/10/22 22:15:02 | 000,067,024 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2003/10/22 22:15:02 | 000,024,698 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2003/07/29 01:57:20 | 000,040,448 | ---- | M] (DeviceGuys, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV - [2003/06/11 10:53:22 | 000,006,867 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tbiosdrv.sys -- (TBiosDrv)
DRV - [2003/01/29 16:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2003/01/10 18:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2001/08/17 12:56:16 | 000,007,552 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SONYPVU1.SYS -- (SONYPVU1) Sony USB Filter Driver (SONYPVU1)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.viewpoint.com/landing/v38a.html
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://www.viewpoint.com/landing/v38a.html
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart

IE - HKU\S-1-5-21-1726409691-1484400983-2210005112-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-1726409691-1484400983-2210005112-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8
IE - HKU\S-1-5-21-1726409691-1484400983-2210005112-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-1726409691-1484400983-2210005112-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1726409691-1484400983-2210005112-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 78 80 89 6F 14 BA CA 01 [binary data]
IE - HKU\S-1-5-21-1726409691-1484400983-2210005112-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1726409691-1484400983-2210005112-1005\S-1-5-21-1726409691-1484400983-2210005112-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1726409691-1484400983-2210005112-1005\S-1-5-21-1726409691-1484400983-2210005112-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-1726409691-1484400983-2210005112-1005\S-1-5-21-1726409691-1484400983-2210005112-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"

FF - HKLM\software\mozilla\Firefox\Extensions\\Seekmo@Seekmo.com: C:\Program Files\Seekmo\bin\10.0.370.0\firefox\extensions

[2010/01/08 17:11:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Student\Application Data\Mozilla\Firefox\Profiles\4u46u5m9.default\extensions
[2010/01/08 17:11:15 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Student\Application Data\Mozilla\Firefox\Profiles\4u46u5m9.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}(2)
[2009/12/01 12:50:20 | 000,002,160 | ---- | M] () -- C:\Documents and Settings\Student\Application Data\Mozilla\Firefox\Profiles\wf9bcut6.default\searchplugins\MySpace.xml
[2010/01/08 17:11:16 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/01/07 21:21:02 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

O1 HOSTS File: ([2010/02/12 23:27:53 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll File not found
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll File not found
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll File not found
O3 - HKLM\..\Toolbar: (Viewpoint Toolbar) - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.9.0\IEViewBar.dll (Viewpoint Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1726409691-1484400983-2210005112-1005\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-1726409691-1484400983-2210005112-1005\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AGRSMMSG] C:\WINDOWS\agrsmmsg.exe (Agere Systems)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [CeEKEY] C:\Program Files\Toshiba\E-KEY\CeEKey.exe (COMPAL ELECTRONIC INC.)
O4 - HKLM..\Run: [CFSServ.exe] File not found
O4 - HKLM..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe (Sonic Solutions)
O4 - HKLM..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe (Intel Corporation)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe (TOSHIBA CO.,LTD.)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [Pinger] C:\TOSHIBA\IVP\ISM\pinger.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Pure Networks Port Magic] C:\Program Files\Pure Networks\Port Magic\PortAOL.exe (Pure Networks, Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\TOSHIBA Zooming Utility\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [TCtryIOHook] C:\WINDOWS\System32\TCtrlIOHook.exe (TOSHIBA)
O4 - HKLM..\Run: [TFncKy] File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TMERzCtl.EXE] C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE (TOSHIBA)
O4 - HKLM..\Run: [TMESRV.EXE] C:\Program Files\TOSHIBA\TME3\TMESRV31.EXE (TOSHIBA)
O4 - HKLM..\Run: [TOSHIBA Accessibility] C:\Program Files\Toshiba\Accessibility\FnKeyHook.exe (TOSHIBA)
O4 - HKLM..\Run: [TPNF] C:\Program Files\Toshiba\TouchPad\TPTray.exe (COMPAL ELECTRONIC INC.)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ZoomingHook] C:\WINDOWS\System32\ZoomingHook.exe (TOSHIBA)
O4 - HKU\S-1-5-21-1726409691-1484400983-2210005112-1005..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsubleepa Electric Industrial Co., Ltd.)
O4 - Startup: C:\Documents and Settings\Student\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1726409691-1484400983-2210005112-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll File not found
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O15 - HKU\S-1-5-21-1726409691-1484400983-2210005112-1005\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.1...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} http://activex.camfrogweb.com/advanced/cfw..._instmodule.exe (CamfrogWEB Advanced Unicode Control)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1005.cab (MySpace Uploader Control)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdat...b?1266127003765 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab (Reg Error: Key error.)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://games.myspace.com/Gameshell/GameHos...ronGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\IntelWireless: DllName - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2007/12/06 00:06:51 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rootrepeal.sys - Reg Error: Value error.
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D} - Microsoft .NET Framework 1.1 Security Update (KB953297)
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: Microsoft Base Smart Card Crypto Provider Package -

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax ()
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll ()
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)

========== Files/Folders - Created Within 30 Days ==========

[2010/03/03 11:02:55 | 000,551,424 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Student\Desktop\OTL.exe
[2010/03/02 08:29:54 | 000,854,064 | ---- | C] (Symantec Corporation) -- C:\Documents and Settings\Student\Desktop\Norton_Removal_Tool.exe
[2010/02/27 13:57:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
[2010/02/27 13:57:10 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2010/02/27 13:55:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google
[2010/02/26 13:30:38 | 000,095,024 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/02/26 13:27:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010/02/21 18:29:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Student\Local Settings\Application Data\Image Zone
[2010/02/21 18:29:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ImageZone
[2010/02/21 18:29:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Image Zone
[2010/02/21 18:27:32 | 000,135,168 | ---- | C] (JEILIN Tech.) -- C:\WINDOWS\System32\jl_jdct.drv
[2010/02/21 18:27:32 | 000,000,000 | ---D | C] -- C:\Program Files\MTA
[2010/02/21 18:27:31 | 000,069,098 | ---- | C] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\drivers\jl2005c.sys
[2010/02/21 18:27:31 | 000,015,360 | ---- | C] (JEILIN Technology Corp.) -- C:\WINDOWS\System32\jl2005c.ax
[2010/02/21 18:27:31 | 000,000,000 | ---D | C] -- C:\Program Files\26693
[2010/02/21 18:26:41 | 000,000,000 | ---D | C] -- C:\Program Files\Haali
[2010/02/21 18:26:33 | 000,060,273 | ---- | C] (Open Source Software community project) -- C:\WINDOWS\System32\pthreadGC2.dll
[2010/02/21 18:26:29 | 000,000,000 | ---D | C] -- C:\Program Files\ffdshow
[2010/02/21 18:25:47 | 000,000,000 | ---D | C] -- C:\Program Files\Image Zone
[2010/02/17 11:31:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9 Installer
[2010/02/17 11:31:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/02/17 10:20:58 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Student\My Documents\My Data Sources
[2010/02/15 11:20:41 | 000,274,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2010/02/15 11:20:41 | 000,016,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2010/02/14 15:32:38 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010/02/14 15:32:38 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/02/14 15:32:38 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/02/14 15:32:38 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/02/14 15:32:38 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/02/14 15:22:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2010/02/14 15:21:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS
[2010/02/14 14:24:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/02/14 13:45:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\zh-TW
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\zh-HK
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\tr-TR
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\sv-SE
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pt-BR
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\nl-NL
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\nb-NO
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ko-KR
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\it-IT
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\he-IL
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fr-FR
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fi-FI
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\es-ES
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\el-GR
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-DE
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\da-DK
[2010/02/14 13:26:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ar-SA
[2010/02/14 13:20:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2010/02/14 13:19:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2010/02/14 11:55:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Student\My Documents\Toby'spics001
[2010/02/14 11:53:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Student\My Documents\100_1945
[2010/02/13 20:39:50 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2010/02/13 20:39:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010/02/13 20:38:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2010/02/13 20:36:19 | 091,338,304 | ---- | C] (Lavasoft ) -- C:\Documents and Settings\All Users\Documents\Ad-AwareInstallation.exe
[2010/02/13 20:27:50 | 009,732,720 | ---- | C] (PC Tools ) -- C:\Documents and Settings\All Users\Documents\rminstall.exe
[2010/02/13 19:59:23 | 000,162,512 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/02/13 19:59:23 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/02/13 19:59:21 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/02/13 19:59:20 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/02/13 19:59:17 | 000,100,432 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/02/13 19:59:17 | 000,094,800 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/02/13 19:59:17 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/02/13 19:58:50 | 000,153,184 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/02/13 19:58:50 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[2010/02/13 19:47:48 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2010/02/12 23:35:18 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2010/02/12 23:35:06 | 000,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2010/02/12 22:48:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2010/02/12 22:48:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2010/02/12 22:48:09 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2010/02/12 22:48:09 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2010/02/12 14:49:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2010/02/12 08:09:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Student\Local Settings\Application Data\avqbqr
[2010/02/06 22:54:55 | 000,000,000 | ---D | C] -- C:\Program Files\InterActual
[2009/08/07 19:58:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Viewpoint
[2006/10/08 20:35:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Symantec
[2006/04/28 21:44:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2005/07/09 11:50:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data\Symantec
[2005/01/08 14:46:10 | 000,036,963 | R--- | C] (Cypress Semiconductor) -- C:\Program Files\Common Files\SM1updtr.dll

========== Files - Modified Within 30 Days ==========

[2010/03/03 11:02:57 | 000,551,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Student\Desktop\OTL.exe
[2010/03/02 12:55:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/03/02 08:34:46 | 000,012,652 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/03/02 08:34:23 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/02 08:34:12 | 1332,203,520 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/02 08:34:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/02 08:33:04 | 007,331,840 | ---- | M] () -- C:\Documents and Settings\Student\ntuser.dat
[2010/03/02 08:33:04 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Student\ntuser.ini
[2010/03/02 08:29:56 | 000,854,064 | ---- | M] (Symantec Corporation) -- C:\Documents and Settings\Student\Desktop\Norton_Removal_Tool.exe
[2010/02/27 13:57:11 | 000,001,619 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2010/02/27 13:57:11 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2010/02/26 13:33:42 | 000,000,458 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/02/26 13:30:36 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/02/26 13:30:32 | 000,015,880 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2010/02/26 13:27:55 | 000,000,875 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/02/24 11:00:31 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/02/21 18:29:34 | 000,001,581 | ---- | M] () -- C:\Documents and Settings\Student\Desktop\Image Zone.lnk
[2010/02/20 14:23:34 | 000,011,776 | ---- | M] () -- C:\Documents and Settings\Student\My Documents\david.wps
[2010/02/20 14:23:34 | 000,000,776 | ---- | M] () -- C:\Documents and Settings\Student\Application Data\wklnhst.dat
[2010/02/17 11:43:18 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/02/17 11:36:17 | 000,001,737 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/02/17 11:31:58 | 000,000,740 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Acrobat_com.lnk
[2010/02/16 00:41:57 | 000,026,624 | ---- | M] () -- C:\Documents and Settings\Student\My Documents\Cemetery (version 1).xls
[2010/02/14 15:32:20 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/02/14 15:32:20 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/02/14 15:32:20 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/02/14 15:32:20 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/02/14 15:32:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll
[2010/02/14 14:26:24 | 000,066,728 | ---- | M] () -- C:\Documents and Settings\Student\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/02/14 14:02:18 | 000,000,950 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/02/14 13:43:41 | 000,258,248 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/02/14 11:55:37 | 010,385,142 | ---- | M] () -- C:\Documents and Settings\Student\My Documents\Toby'spics001.zip
[2010/02/14 11:53:34 | 008,077,143 | ---- | M] () -- C:\Documents and Settings\Student\My Documents\100_1945.zip
[2010/02/14 11:15:19 | 000,086,757 | ---- | M] () -- C:\VETlog.dmp
[2010/02/13 20:36:35 | 091,338,304 | ---- | M] (Lavasoft ) -- C:\Documents and Settings\All Users\Documents\Ad-AwareInstallation.exe
[2010/02/13 20:27:51 | 009,732,720 | ---- | M] (PC Tools ) -- C:\Documents and Settings\All Users\Documents\rminstall.exe
[2010/02/13 19:59:24 | 000,001,708 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/02/13 19:59:18 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010/02/13 19:52:59 | 044,518,776 | ---- | M] () -- C:\Documents and Settings\Student\My Documents\setup_av_free.exe
[2010/02/12 23:27:57 | 000,005,196 | ---- | M] () -- C:\WINDOWS\System32\tmp.reg
[2010/02/12 10:15:27 | 000,000,704 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/02/12 08:37:48 | 000,000,067 | ---- | M] () -- C:\WINDOWS\swupdate.INI
[2010/02/11 17:54:34 | 000,003,643 | ---- | M] () -- C:\WINDOWS\machine.ver
[2010/02/11 12:53:57 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[2010/02/11 12:53:36 | 000,153,184 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010/02/11 12:42:34 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010/02/11 12:42:13 | 000,162,512 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010/02/11 12:39:01 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010/02/11 12:38:34 | 000,100,432 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010/02/11 12:38:31 | 000,094,800 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010/02/11 12:38:23 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010/02/11 12:38:07 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010/02/07 09:58:14 | 000,000,000 | ---- | M] () -- C:\WINDOWS\iPlayer.INI
[2010/02/06 22:55:07 | 000,000,787 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\InterActual Player.lnk
[2010/02/04 09:53:02 | 000,064,288 | ---- | M] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys

========== Files Created - No Company Name ==========

[2010/03/02 08:21:08 | 1332,203,520 | -HS- | C] () -- C:\hiberfil.sys
[2010/02/27 13:57:11 | 000,001,619 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk
[2010/02/27 13:57:11 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2010/02/26 14:20:39 | 000,015,880 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2010/02/26 13:27:55 | 000,000,875 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/02/23 07:44:04 | 000,000,458 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/02/21 18:29:34 | 000,001,581 | ---- | C] () -- C:\Documents and Settings\Student\Desktop\Image Zone.lnk
[2010/02/21 18:26:36 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2010/02/21 18:26:34 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/02/20 14:23:33 | 000,011,776 | ---- | C] () -- C:\Documents and Settings\Student\My Documents\david.wps
[2010/02/17 11:33:11 | 000,001,737 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2010/02/17 11:31:58 | 000,000,740 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Acrobat_com.lnk
[2010/02/17 11:28:15 | 000,073,728 | R--- | C] () -- C:\Documents and Settings\Student\My Documents\usa8603.lex
[2010/02/17 11:27:59 | 000,000,936 | R--- | C] () -- C:\Documents and Settings\Student\My Documents\Forms.html
[2010/02/16 00:41:57 | 000,026,624 | ---- | C] () -- C:\Documents and Settings\Student\My Documents\Cemetery (version 1).xls
[2010/02/14 15:42:44 | 044,518,776 | ---- | C] () -- C:\Documents and Settings\Student\My Documents\setup_av_free.exe
[2010/02/14 11:54:59 | 010,385,142 | ---- | C] () -- C:\Documents and Settings\Student\My Documents\Toby'spics001.zip
[2010/02/14 11:53:03 | 008,077,143 | ---- | C] () -- C:\Documents and Settings\Student\My Documents\100_1945.zip
[2010/02/13 19:59:24 | 000,001,708 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2010/02/13 12:46:01 | 007,331,840 | ---- | C] () -- C:\Documents and Settings\Student\ntuser.dat
[2010/02/12 23:27:57 | 000,005,196 | ---- | C] () -- C:\WINDOWS\System32\tmp.reg
[2010/02/07 09:58:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2010/02/06 22:55:06 | 000,000,787 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\InterActual Player.lnk
[2009/09/27 19:50:51 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2008/05/03 22:28:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CeEKey.INI
[2008/04/06 18:35:09 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2008/04/06 18:35:09 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2007/01/13 23:15:28 | 000,000,067 | ---- | C] () -- C:\WINDOWS\swupdate.INI
[2006/11/20 12:26:11 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/11/20 12:18:47 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2006/11/20 12:18:47 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2006/11/20 12:18:47 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2006/11/20 12:18:47 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2006/11/20 12:18:47 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2006/11/20 12:18:46 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2006/11/20 12:13:32 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2006/06/07 11:26:35 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\SAMMON.DLL
[2006/06/07 11:26:34 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\SamMonNT.dll
[2006/04/12 14:29:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\vpc32.INI
[2005/12/05 06:00:54 | 000,002,158 | ---- | C] () -- C:\WINDOWS\System32\tmmute.ini
[2005/10/06 08:59:52 | 000,001,140 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005/09/22 17:53:28 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Student\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/09/04 02:41:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\TPTray.INI
[2005/08/17 12:23:44 | 000,000,776 | ---- | C] () -- C:\Documents and Settings\Student\Application Data\wklnhst.dat
[2005/01/08 15:42:01 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/01/08 14:42:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2005/01/08 14:27:59 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2005/01/08 14:27:59 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2005/01/08 14:27:59 | 000,010,167 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2005/01/08 14:27:59 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2005/01/08 14:25:34 | 000,006,867 | ---- | C] () -- C:\WINDOWS\System32\drivers\tbiosdrv.sys
[2005/01/08 02:04:14 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/01/08 01:51:36 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/01/08 00:30:05 | 000,000,380 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/01/08 00:28:09 | 000,755,200 | ---- | C] () -- C:\WINDOWS\System32\ir50_32.dll
[2005/01/08 00:28:09 | 000,338,432 | ---- | C] () -- C:\WINDOWS\System32\ir41_qcx.dll
[2005/01/08 00:28:09 | 000,200,192 | ---- | C] () -- C:\WINDOWS\System32\ir50_qc.dll
[2005/01/08 00:28:09 | 000,183,808 | ---- | C] () -- C:\WINDOWS\System32\ir50_qcx.dll
[2005/01/08 00:28:09 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\ir41_qc.dll
[2004/12/29 17:09:52 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\TPeculiarity.dll
[2004/12/14 09:40:16 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\EKECioCtl.dll
[2004/08/12 10:44:10 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\iwca.dll
[2004/08/04 10:58:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/07/21 11:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/06/18 04:54:18 | 001,527,808 | ---- | C] () -- C:\WINDOWS\System32\TosMousePage.dll
[2004/06/18 04:47:48 | 000,770,048 | ---- | C] () -- C:\WINDOWS\System32\TosKeyboardPage.dll
[2004/06/18 04:11:44 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2004/01/16 08:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2004/01/13 20:46:00 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2003/07/30 09:33:26 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\TosHidAPI.dll
[2003/01/07 17:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/06/05 03:58:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll

========== Custom Scans ==========


< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 03:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2009/03/08 03:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll

< %systemroot%\Tasks\*.job /lockedfiles >


< MD5 for: AGP440.SYS >
[2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/09/28 13:43:44 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2008/09/28 13:43:44 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 12:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 12:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/09/28 13:43:44 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004/08/04 06:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008/09/28 13:43:44 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 12:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 12:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/04 06:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 18:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 18:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 06:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: NETLOGON.DLL >
[2008/04/13 18:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 18:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/04 06:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/04 06:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 18:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 18:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 148 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
< End of report >

Edited by bugaboomdc, 03 March 2010 - 11:53 PM.


#13 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,770 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:03:11 PM

Posted 05 March 2010 - 08:43 AM

Hi,

your log is looking good! smile.gif

Viewpoint Manager is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad". This changed from what we know in 2006 read this article:

http://www.clickz.com/news/article.php/3561546

I suggest you remove the program now. Click on start > run > and then paste the following into the "open" field: appwiz.cpl and press OK. From within Add or Remove Programs uninstall the following if they exist: Viewpoint, Viewpoint Manager, Viewpoint Media Player.

Please also run a scan with Eset next:
  1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  2. Click the button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    1. Click on to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the icon on your desktop.
  4. Check
  5. Click the button.
  6. Accept any security warnings from your browser.
  7. Check
  8. Push the Start button.
  9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  10. When the scan completes, push
  11. Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  12. Push the button.
  13. Push
regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#14 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,770 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:03:11 PM

Posted 10 March 2010 - 06:09 PM

Due to lack of feedback, this topic is now Closed

If you need this topic reopened, please send me a PM.
Please include the address of this thread in your request.
This applies only to the original topic starter.

Everyone else please start a new topic.

With Regards,
myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users