Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Uninstall Programs wont open


  • This topic is locked This topic is locked
35 replies to this topic

#1 Aceshigh24

Aceshigh24

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:26 PM

Posted 12 October 2012 - 10:06 AM

I've been talking with "InadequateInfirmity" in another post about my issue with not being able to open the "Uninstall programs" in the control panel and he has referred me to you guys to see if there is something else that I can do or try with my computer. Below is the link to what we have done so far.



http://www.bleepingcomputer.com/forums/topic471224.html/page__st__15


Any more help would be great.

BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:26 PM

Posted 14 October 2012 - 10:33 AM

Please download and run this DDS Scanning Tool. Nothing will be deleted. It will just give me some additional information about your system.

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
    • DDS.scr <- not recommended if you use Chrome to download this .scr file. Use the other options.
    • DDS.pif
    • DDS.COM
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
Please note: You may have to disable any script protection running if the scan fails to run.

Please just paste the contents of the DDS.txt log in your next post. DO NOT attach the log.


The scan will also create this Attach.txt log I would also like to see the content.
Please post it in a other post for my review, do not attach the file.

#3 Aceshigh24

Aceshigh24
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:26 PM

Posted 15 October 2012 - 12:35 AM

Here is the DDS.txt from the DDS scan:


DDS (Ver_2012-10-14.05) - NTFS_x86
Internet Explorer: 9.0.8112.16421
Run by Mike at 22:29:56 on 2012-10-14
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3069.1533 [GMT -7:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\SLsvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\rundll32.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Windows\runservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Program Files\Fighters\FighterSuiteService.exe
C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
c:\program files\teamviewer\version7\TeamViewer.exe
C:\Program Files\TeamViewer\Version7\tv_w32.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\sttray.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
C:\Windows\WindowsMobile\wmdcBase.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fighters\Tray\FightersTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe
C:\Program Files\Zoom Downloader\DownloadManager.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k WindowsMobile
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uWindow Title = Internet Explorer, optimized for Bing and MSN
mStart Page = hxxp://www.google.com
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: avast! EasyPass Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\bae\BAE.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: avast! EasyPass Toolbar: {724D43A0-0D85-11D4-9908-00400523E39A} - c:\program files\siber systems\ai roboform\roboform.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: avast! EasyPass Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
uRun: [LDM] c:\program files\logitech\desktop messenger\8876480\program\LogitechDesktopMessenger.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [DownloadManager] "c:\program files\zoom downloader\DownloadManager.exe" /as
uRun: [FDPRO-516] c:\program files\fighters\FighterLauncher.exe FDPRO
uRun: [RoboForm] "c:\program files\siber systems\ai roboform\RoboTaskBarIcon.exe"
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [CCUTRAYICON] c:\program files\intel\inteldh\ccu\CCU_TrayIcon.exe
mRun: [ECenter] c:\dell\e-center\EULALauncher.exe
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [SetPoint] c:\program files\logitech\setpoint\SetPoint.EXE
mRun: [Blubster] c:\program files\blubster\Blubster.exe SILENT
mRun: [SigmatelSysTrayApp] sttray.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [AmazonGSDownloaderTray] c:\program files\amazon\amazon games & software downloader\AmazonGSDownloaderTray.exe
mRun: [Windows Mobile-based device management] c:\windows\windowsmobile\wmdcBase.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [CommonToolkitTray] c:\program files\fighters\tray\FightersTray.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\logite~2.lnk - c:\program files\logitech\desktop messenger\8876480\program\LDMConf.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Customize Menu - c:\program files\siber systems\ai roboform\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Fill Forms - c:\program files\siber systems\ai roboform\RoboFormComFillForms.html
IE: Save Forms - c:\program files\siber systems\ai roboform\RoboFormComSavePass.html
IE: Show avast! EasyPass Toolbar - c:\program files\siber systems\ai roboform\RoboFormComShowToolbar.html
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0\bin\npjpi160.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - c:\program files\siber systems\ai roboform\roboform.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{9A696AE3-7989-4ACC-8802-69EE24D96BBD} : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{F9BDA046-3DE5-4751-8489-54FE68A9AF82} : DHCPNameServer = 192.168.1.1
Handler: bw+0 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw+0s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw-0 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw-0s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw00 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw00s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw10 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw10s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw20 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw20s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw30 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw30s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw40 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw40s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw50 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw50s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw60 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw60s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw70 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw70s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw80 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw80s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw90 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw90s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwa0 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwa0s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwb0 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwb0s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwc0 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwc0s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwd0 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwd0s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwe0 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwe0s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwf0 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwf0s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: bwg0 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwg0s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwh0 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwh0s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwi0 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwi0s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwj0 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwj0s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwk0 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwk0s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwl0 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwl0s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwm0 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwm0s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwn0 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwn0s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwo0 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwo0s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwp0 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwp0s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwq0 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwq0s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwr0 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwr0s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bws0 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bws0s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwt0 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwt0s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwu0 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwu0s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwv0 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwv0s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bww0 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bww0s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwx0 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwx0s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwy0 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwy0s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwz0 - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwz0s - {beb796b9-0aa8-427d-94ff-22a1d1930b07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: offline-8876480 - {BEB796B9-0AA8-427D-94FF-22A1D1930B07} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
SecurityProviders: SecurityProviders = credssp.dll, msansspc.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\mike\appdata\roaming\mozilla\firefox\profiles\xcku28mm.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
FF - plugin: c:\users\mike\appdata\roaming\move networks\plugins\npqmp071701000002.dll
FF - plugin: c:\users\mike\appdata\roaming\mozilla\firefox\profiles\xcku28mm.default\extensions\widevinemediatransformer@widevine\plugins\npwidevinemediatransformer.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll
FF - ExtSQL: 2012-09-25 11:20; pricepeep@getpricepeep.com; c:\users\mike\appdata\roaming\mozilla\firefox\profiles\xcku28mm.default\extensions\pricepeep@getpricepeep.com.xpi
FF - ExtSQL: 2012-10-10 16:29; plugin@selectionlinks.com; c:\users\mike\appdata\roaming\mozilla\firefox\profiles\xcku28mm.default\extensions\plugin@selectionlinks.com
FF - ExtSQL: 2012-10-10 16:30; downloadmanager@zoomdownloader.com; c:\users\mike\appdata\roaming\mozilla\firefox\profiles\xcku28mm.default\extensions\downloadmanager@zoomdownloader.com
FF - ExtSQL: 2012-10-10 17:12; wrc@avast.com; c:\program files\avast software\avast\webrep\FF
FF - ExtSQL: !HIDDEN! 2009-06-24 03:01; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-10-10 729752]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-10-10 355632]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-7-27 63960]
R2 Amazon Download Agent;Amazon Download Agent;c:\program files\amazon\amazon games & software downloader\AmazonGSDownloaderService.exe [2011-6-29 401920]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-10-10 21256]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-10 58680]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-10-10 44808]
R2 DQLWinService;DQLWinService;c:\program files\common files\intel\inteldh\nms\adpplugins\DQLWinService.exe [2006-10-29 208896]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-9-19 21504]
R2 LicCtrlService;LicCtrl Service;c:\windows\Runservice.exe [2007-2-27 2560]
R2 nmsgopro;GoProto Protocol Driver for NMS;c:\windows\system32\drivers\nmsgopro.sys [2006-9-27 28672]
R2 nmsunidr;UniDriver for NMS;c:\windows\system32\drivers\nmsunidr.sys [2006-10-19 7424]
R2 Suite Service;Suite Service;c:\program files\fighters\FighterSuiteService.exe [2012-5-10 1267264]
R2 TeamViewer7;TeamViewer 7;c:\program files\teamviewer\version7\TeamViewer_Service.exe [2012-8-31 2754984]
R3 Common Toolkit Tools;Common Toolkit Tools;c:\program files\fighters\full-diskfighter\Common Toolkit Tools.exe [2012-6-5 217200]
R3 IntelDH;IntelDH Driver;c:\windows\system32\drivers\IntelDH.sys [2007-2-19 5504]
R3 MonitorFunction;Driver for Monitor;c:\windows\system32\drivers\TVMonitor.sys [2012-3-4 13304]
R3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\drivers\wg111v2.sys [2007-12-26 288768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-1 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-11 250808]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-1 135664]
S3 MCLServiceATL;Intel® Application Tracker;c:\program files\intel\inteldh\intel media server\shells\MCLServiceATL.exe [2006-11-18 174552]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-13 114144]
S3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;c:\windows\system32\drivers\wg111v2.sys [2007-12-26 288768]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-10-11 20:40:14 303616 ----a-w- C:\SetACL.exe
2012-10-11 20:39:27 290304 ----a-w- C:\subinacl.exe
2012-10-11 20:36:49 -------- d-----w- C:\RegBackup
2012-10-11 20:26:17 -------- d-----w- c:\program files\Tweaking.com
2012-10-11 02:05:19 -------- d-----w- c:\program files\HitmanPro
2012-10-11 02:03:41 -------- d-----w- c:\programdata\HitmanPro
2012-10-11 01:37:25 -------- d-----w- C:\JRT
2012-10-11 00:16:03 -------- d-----w- c:\users\mike\appdata\roaming\RoboForm
2012-10-11 00:13:14 -------- d-----w- c:\program files\Siber Systems
2012-10-11 00:12:53 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-11 00:12:51 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-11 00:12:10 41224 ----a-w- c:\windows\avastSS.scr
2012-10-11 00:11:37 -------- d-----w- c:\programdata\AVAST Software
2012-10-11 00:11:37 -------- d-----w- c:\program files\AVAST Software
2012-10-10 23:39:20 -------- d-----w- c:\users\mike\appdata\roaming\Fighters
2012-10-10 23:39:20 -------- d-----w- c:\program files\Fighters
2012-10-10 23:37:59 -------- d-----w- c:\programdata\Fighters
2012-10-10 23:30:25 -------- d-----w- c:\users\mike\appdata\local\Zoom_Downloader
2012-10-10 23:30:13 -------- d-----w- c:\program files\Zoom Downloader
2012-10-10 23:29:46 -------- d-----w- c:\program files\OApps
2012-10-10 23:29:31 -------- d-----w- c:\program files\common files\Software Update Utility
2012-10-10 05:53:17 985088 ----a-w- c:\windows\system32\crypt32.dll
2012-10-10 05:53:17 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-10 05:53:17 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-10 05:53:14 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-10-10 05:53:11 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-10 05:53:07 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-10-10 05:53:07 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-09 09:47:02 10220472 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2012-10-09 07:17:14 -------- d-----w- c:\program files\ESET
2012-10-09 06:56:59 -------- d-----w- c:\users\mike\appdata\roaming\SUPERAntiSpyware.com
2012-10-09 06:56:48 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-10-09 06:56:48 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-10-01 21:14:49 8942 ----a-w- c:\windows\system32\drivers\nav\1309000.009\symvtcer.dat
2012-10-01 21:14:49 -------- d-----w- c:\windows\system32\drivers\nav\1309000.009
.
==================== Find3M ====================
.
2012-10-11 23:17:42 22489 ----a-w- c:\windows\system32\mmf.sys
2012-10-09 09:47:13 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-09 09:47:13 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-08 00:04:46 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-24 06:59:17 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb
.
============= FINISH: 22:30:29.43 ===============

Edited by Aceshigh24, 15 October 2012 - 12:37 AM.


#4 Aceshigh24

Aceshigh24
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:26 PM

Posted 15 October 2012 - 12:37 AM

Here is the Attach.txt log from the same DDS scan:



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-10-14.05)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 2/19/2007 12:36:20 AM
System Uptime: 10/11/2012 4:16:57 PM (78 hours ago)
.
Motherboard: Dell Inc. | | 0WG855
Processor: Intel® Core™2 CPU 6600 @ 2.40GHz | Microprocessor | 2394/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 223 GiB total, 114.736 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 5.862 GiB free.
E: is CDROM (CDFS)
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1966: 9/28/2012 12:00:05 AM - Scheduled Checkpoint
RP1967: 9/30/2012 11:00:44 PM - Scheduled Checkpoint
RP1968: 10/2/2012 12:01:58 AM - Scheduled Checkpoint
RP1969: 10/3/2012 12:00:03 AM - Scheduled Checkpoint
RP1970: 10/4/2012 12:15:34 AM - Scheduled Checkpoint
RP1971: 10/5/2012 12:00:02 AM - Scheduled Checkpoint
RP1972: 10/6/2012 12:38:05 AM - Scheduled Checkpoint
RP1973: 10/7/2012 12:00:03 AM - Scheduled Checkpoint
RP1974: 10/8/2012 12:00:03 AM - Scheduled Checkpoint
RP1975: 10/10/2012 3:00:17 AM - Windows Update
RP1976: 10/10/2012 5:11:19 PM - avast! Free Antivirus Setup
RP1977: 10/10/2012 7:56:47 PM - Windows Update
RP1978: 10/11/2012 1:36:31 PM - Tweaking.com - Windows Repair
RP1979: 10/12/2012 2:48:11 AM - Scheduled Checkpoint
RP1980: 10/13/2012 12:00:02 AM - Scheduled Checkpoint
RP1981: 10/14/2012 12:43:21 AM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
3ivx MPEG-4 5.0.3 (remove only)
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4)
AIM for Windows
Amazon Games & Software Downloader
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Auslogics Disk Defrag
avast! EasyPass
avast! Free Antivirus
Bejeweled 2 Deluxe 1.0
Bonjour
Bowl Bound College Football
Bowl Bound College Football Update 1.11
Caribbean Explorer 1.0.0.9
CCleaner
CDDRV_Installer
Chuzzle Deluxe 1.0
Conexant D850 PCI V.92 Modem
Dell System Customization Wizard
DellSupport
Digital Line Detect
DivX Content Uploader
DivX Web Player
Documentation & Support Launcher
Download Updater (AOL Inc.)
Draft Day Sports: College Basketball 2
Draft Day Sports: College Basketball 2 1.6
Draft Day Sports: Pro Basketball 2
EarthLink Setup Files
ESET Online Scanner v3
Fast Break Basketball
Fast Break College Basketball 2010
FlipShare
Football Manager 2011
Front Office Football 2007
FULL-DISKfighter
Full Tilt Poker
Games, Music, & Photos Launcher
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel® Matrix Storage Manager
Intel® Viiv™ Software
Internet Service Offers Launcher
iPod for Windows 2005-06-26
iTunes
J2SE Runtime Environment 5.0 Update 4
J2SE Runtime Environment 5.0 Update 6
Java™ SE Runtime Environment 6
Jump Shot Basketball version 5.7
KhalInstallWrapper
Logitech Desktop Messenger
Logitech SetPoint
Malwarebytes Anti-Malware version 1.65.0.1400
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office File Validation Add-In
Microsoft Office Small Business Edition 2003
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Modem Diagnostic Tool
Move Media Player
Mozilla Firefox 15.0.1 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NCAA 2011 MOD
NCAA 2011 Update 1
NetWaiting
NHL Eastside Hockey Manager 2007
NVIDIA Drivers
OGA Notifier 2.0.0048.0
Out of the Park Baseball 13
Out of the Park Baseball 6
Out of the Park Baseball 6.51a
Professional Football Simulator
QuickTime
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Drag-to-Disc
Roxio Express Labeler
Roxio MyDVD DE
Roxio Update Manager
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
SelectionLinks
SigmaTel Audio
Sonic Activation Module
SUPERAntiSpyware
TeamViewer 7
The College Years
Total Pro Golf 2
Tweaking.com - Windows Repair (All in One)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
URL Assistant
User's Guides
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WinRAR archiver
WMMA3
Zoom Downloader
.
==== Event Viewer Messages From Past Week ========
.
10/12/2012 10:34:29 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
10/12/2012 10:34:14 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.103 for the Network Card with network address 00146C662CE9 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
10/11/2012 4:17:46 PM, Error: Service Control Manager [7000] - The SupportSoft Sprocket Service (dellsupportcenter) service failed to start due to the following error: The system cannot find the file specified.
10/11/2012 4:17:06 PM, Error: Application Popup [876] - Driver DLACDBHM.SYS has been blocked from loading.
10/10/2012 7:37:48 PM, Error: Service Control Manager [7024] - The HitmanPro 3.6 Crusader (Boot) service terminated with service-specific error 0 (0x0).
.
==== End Of File ===========================

#5 nasdaq

nasdaq

  • Malware Response Team
  • 38,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:26 PM

Posted 15 October 2012 - 10:14 AM

The Logitech messenger is considered AdWare or BackWeb technologie. It's not required
I suggest you remove it.

http://forums.logitech.com/pe/redirect.jsp...mentID=10149139
So, as the links suggest, go to "Start," "Programs," "Logitech," and click on "Desktop Messenger."
Then disable either or both check boxes.
If that doesn't work go to your Add/Remove Programs
(Click Start, click Control Panel, and then double-click Add or Remove Programs "Change or Remove Programs")
and Remove BackWeb-8876480.exe (if it's there).

I see in your extra.txt log that you can remove this application using the Add/Remove Programs list under
Logitech Desktop Messenger

Since you presently are unable to run the uninstall application I will see what I can do with the ComboFix tool.
===


Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Link 1
Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

IMPORTANT....

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Do not install any other programs until this if fixed.


How to : Disable Anti-virus and Firewall...
http://www.bleepingcomputer.com/forums/topic114351.html

Double click on ComboFix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note:
Do not mouse click ComboFix's window while it's running. That may cause it to stall


Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html


Note: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.
===

Third party programs if not up to date can be the cause infiltration of an infection.

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[Rn].txt (n is a number).

Please post the logs for my review.

#6 Aceshigh24

Aceshigh24
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:26 PM

Posted 16 October 2012 - 02:08 PM

Here is the Combofix log:


ComboFix 12-10-16.02 - Mike 10/16/2012 10:23:51.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3069.1699 [GMT -7:00]
Running from: c:\users\Mike\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\smp.bat
c:\windows\SwSys1.bmp
c:\windows\SwSys2.bmp
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\FlashPlayerInstaller.exe
c:\windows\system32\msstdfmt.dll
c:\windows\system32\temp.094
.
Infected copy of c:\windows\system32\Drivers\atapi.sys was found and disinfected
Restored copy from - c:\windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_nvsvc
.
.
((((((((((((((((((((((((( Files Created from 2012-09-16 to 2012-10-16 )))))))))))))))))))))))))))))))
.
.
2012-10-16 17:33 . 2012-10-16 18:02 -------- d-----w- c:\users\Mike\AppData\Local\temp
2012-10-16 17:33 . 2012-10-16 17:33 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp
2012-10-16 17:33 . 2012-10-16 17:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-16 17:14 . 2012-10-16 17:14 96224 ----a-w- c:\program files\Mozilla Firefox\updated\webapprt-stub.exe
2012-10-16 17:14 . 2012-10-16 17:14 157272 ----a-w- c:\program files\Mozilla Firefox\updated\webapp-uninstaller.exe
2012-10-11 20:40 . 2008-05-08 05:03 303616 ----a-w- C:\SetACL.exe
2012-10-11 20:39 . 2012-10-11 21:24 181064 ----a-w- c:\windows\PSEXESVC.EXE
2012-10-11 20:39 . 2004-06-11 23:33 290304 ----a-w- C:\subinacl.exe
2012-10-11 20:36 . 2012-10-11 20:36 -------- d-----w- C:\RegBackup
2012-10-11 20:26 . 2012-10-11 20:26 -------- d-----w- c:\program files\Tweaking.com
2012-10-11 02:05 . 2012-10-11 02:05 -------- d-----w- c:\program files\HitmanPro
2012-10-11 02:03 . 2012-10-11 02:35 -------- d-----w- c:\programdata\HitmanPro
2012-10-11 01:37 . 2012-10-11 01:49 -------- d-----w- C:\JRT
2012-10-11 00:16 . 2012-10-11 00:16 -------- d-----w- c:\users\Mike\AppData\Roaming\RoboForm
2012-10-11 00:13 . 2012-10-11 00:13 -------- d-----w- c:\programdata\RoboForm
2012-10-11 00:13 . 2012-10-11 00:13 -------- d-----w- c:\program files\Siber Systems
2012-10-11 00:12 . 2012-08-21 09:13 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-11 00:12 . 2012-08-21 09:13 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-11 00:12 . 2012-08-21 09:13 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-11 00:12 . 2012-08-21 09:13 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-11 00:12 . 2012-08-21 09:13 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-10-11 00:12 . 2012-08-21 09:13 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-11 00:12 . 2012-08-21 09:12 41224 ----a-w- c:\windows\avastSS.scr
2012-10-11 00:12 . 2012-08-21 09:12 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-11 00:11 . 2012-10-11 00:11 -------- d-----w- c:\programdata\AVAST Software
2012-10-11 00:11 . 2012-10-11 00:11 -------- d-----w- c:\program files\AVAST Software
2012-10-10 23:39 . 2012-10-10 23:45 -------- d-----w- c:\users\Mike\AppData\Roaming\Fighters
2012-10-10 23:39 . 2012-10-10 23:44 -------- d-----w- c:\program files\Fighters
2012-10-10 23:37 . 2012-10-10 23:44 -------- d-----w- c:\programdata\Fighters
2012-10-10 23:30 . 2012-10-10 23:30 -------- d-----w- c:\users\Mike\AppData\Local\Zoom_Downloader
2012-10-10 23:30 . 2012-10-11 02:35 -------- d-----w- c:\program files\Zoom Downloader
2012-10-10 23:29 . 2012-10-11 02:35 -------- d-----w- c:\program files\OApps
2012-10-10 23:29 . 2012-10-10 23:29 -------- d-----w- c:\program files\Common Files\Software Update Utility
2012-10-10 05:53 . 2012-06-02 00:02 985088 ----a-w- c:\windows\system32\crypt32.dll
2012-10-10 05:53 . 2012-06-02 00:02 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-10 05:53 . 2012-06-02 00:02 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-10 05:53 . 2012-08-24 15:53 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-10-10 05:53 . 2012-09-13 13:28 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-10 05:53 . 2012-08-29 11:27 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-10-10 05:53 . 2012-08-29 11:27 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-09 07:17 . 2012-10-09 07:17 -------- d-----w- c:\program files\ESET
2012-10-09 06:56 . 2012-10-09 06:56 -------- d-----w- c:\users\Mike\AppData\Roaming\SUPERAntiSpyware.com
2012-10-09 06:56 . 2012-10-09 06:56 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-10-09 06:56 . 2012-10-09 06:56 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-10-01 21:14 . 2012-10-01 21:14 -------- d-----w- c:\windows\system32\drivers\NAV\1309000.009
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-09 09:47 . 2012-04-12 02:14 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-09 09:47 . 2011-05-16 16:10 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-08 00:04 . 2009-09-08 23:31 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-07 22:15 . 2012-09-07 22:15 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2006-11-12 446976]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2009-01-20 32768]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-19 39408]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-10-08 4762496]
"DownloadManager"="c:\program files\Zoom Downloader\DownloadManager.exe" [2012-10-10 1644544]
"FDPRO-516"="c:\program files\Fighters\FighterLauncher.exe" [2012-05-10 832576]
"RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2012-10-11 96056]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-09-29 151552]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 81920]
"CCUTRAYICON"="c:\program files\Intel\IntelDH\CCU\CCU_TrayIcon.exe" [2006-11-18 182744]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2006-11-17 17920]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 221184]
"SetPoint"="c:\program files\Logitech\SetPoint\SetPoint.EXE" [2009-07-20 813584]
"SigmatelSysTrayApp"="sttray.exe" [2006-11-22 303104]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-04-14 13687328]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-04-14 92704]
"AmazonGSDownloaderTray"="c:\program files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe" [2009-10-23 326144]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 648072]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-08 421776]
"CommonToolkitTray"="c:\program files\Fighters\Tray\FightersTray.exe" [2012-01-19 1452680]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-2-19 45056]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2009-1-19 450560]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-1-19 813584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders credssp.dll, msansspc.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 09:47]
.
2012-10-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 05:44]
.
2012-10-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 05:44]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
IE: Customize Menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Fill Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Save Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Show avast! EasyPass Toolbar - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\xcku28mm.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-09-25 11:20; pricepeep@getpricepeep.com; c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\xcku28mm.default\extensions\pricepeep@getpricepeep.com.xpi
FF - ExtSQL: 2012-10-10 16:29; plugin@selectionlinks.com; c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\xcku28mm.default\extensions\plugin@selectionlinks.com
FF - ExtSQL: 2012-10-10 16:30; downloadmanager@zoomdownloader.com; c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\xcku28mm.default\extensions\downloadmanager@zoomdownloader.com
FF - ExtSQL: 2012-10-10 17:12; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: !HIDDEN! 2009-06-24 03:01; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-DellSupportCenter - c:\program files\Dell Support Center\bin\sprtcmd.exe
HKCU-Run-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
HKLM-Run-DellSupportCenter - c:\program files\Dell Support Center\bin\sprtcmd.exe
HKLM-Run-Blubster - c:\program files\Blubster\Blubster.exe
AddRemove-Zoom Downloader - c:\program files\Zoom Downloader\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-16 11:01
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PCDSRVC{E9D79540-57D5953E-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e2,a7,f9,05,18,fc,3b,4e,a8,ea,2f,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e2,a7,f9,05,18,fc,3b,4e,a8,ea,2f,\
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \103076C71E8172E2]
"1"=hex:f3,63,02,17,10,0f,8c,72,44,b1,bf,31,22,25,c4,7d,41,89,c7,a7,5f,90,bb,
a2
"2"=hex:05,42,30,42,a7,15,e9,31,44,4c,e8,ce,26,93,4c,ff,dc,fd,7a,28,38,0d,79,
b8
"3"=hex:f3,63,02,17,10,0f,8c,72,44,b1,bf,31,22,25,c4,7d,38,a8,bc,ca,16,d6,08,
eb,9c,8b,9c,0d,35,8b,99,e4,25,24,80,ac,1f,d3,6a,72
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \103076C71E8172E2\103076C71E8172E2]
"1"=hex:33,08,da,55,f6,12,dc,ab,f4,e9,74,73,21,3e,6a,85,2f,ad,11,35,1e,74,d2,
f6,85,c6,80,d5,b6,ed,0d,87
"2"=hex:56,f3,50,11,98,55,25,42
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \103076C71E8172E2\81B8EBE4B3EADF39]
"1"=hex:ff,54,77,e8,ed,1b,3c,9f,5d,ea,3e,d4,ab,0a,f9,95,08,ec,0b,a5,12,35,40,
8f
"2"=hex:3b,ec,52,ae,03,c1,6c,47
"3"=hex:61,7a,3b,a2,1d,e4,e1,30,a0,4b,44,3f,2d,42,e3,5f,e8,91,cb,dd,64,98,8a,
4e,47,e8,16,25,37,05,b5,52,06,1f,98,c6,66,1c,f4,53,22,3d,c1,f5,0f,26,76,d3,\
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:ff,54,77,e8,ed,1b,3c,9f,5d,ea,3e,d4,ab,0a,f9,95,30,e2,b8,b9,2b,a6,64,
ea,fa,8f,25,49,70,33,08,3d,04,17,e7,07,e3,67,20,68,eb,21,5e,76,47,c3,16,e0,\
"7"=hex:ff,54,77,e8,ed,1b,3c,9f,5d,ea,3e,d4,ab,0a,f9,95,d2,45,cf,99,11,98,fa,
46,a4,f6,07,e1,38,8e,05,57,57,0b,2c,39,df,50,f1,3b,ec,af,7b,78,2e,50,67,d6,\
"8"=hex:9d,9e,b2,b9,a7,a5,f4,ae,4d,29,c2,a3,c0,78,c4,c5,86,15,ba,ba,a8,7c,30,
6e,e7,be,f3,4e,5c,b8,67,18,78,3c,24,95,ee,55,28,a8,1d,3e,ed,e7,a1,3b,b2,53,\
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:4b,72,8f,bc,6c,3f,e4,15
"10"=hex:81,20,8f,ab,28,6a,52,9c
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:d4,7c,8b,77,86,cc,5f,21,35,fb,eb,39,7d,b4,83,10,35,48,9a,2e,84,da,e7,
8d,5f,66,10,67,b3,47,39,b5,49,8c,b5,4a,a0,a5,af,f4,54,96,22,2e,c7,2a,40,de,\
"13"=hex:ef,ef,e9,be,32,52,4d,20,b2,9a,5a,26,dc,a0,bf,a9,95,ee,3a,e6,56,80,0b,
03
"14"=hex:cc,1e,df,0f,ee,ea,6a,d9,af,5b,33,30,eb,73,e0,84,63,3c,c6,d3,a9,48,49,
25
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:b8,da,ca,f0,ed,5a,0f,b7,2a,67,fb,6a,62,7d,b1,9e
"22"=hex:81,20,8f,ab,28,6a,52,9c
"15"=hex:83,6a,9f,da,7b,fc,6d,71,c0,ff,12,5d,12,21,1e,97,56,23,3f,83,01,3e,43,
d7,ba,ef,ee,1b,38,d9,17,f6,12,c6,eb,82,04,72,31,86,bd,d0,82,37,04,45,82,46,\
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \103076C71E8172E2\AAEBAA674720777F98D3CB19E52B3725]
"1"=hex:33,08,da,55,f6,12,dc,ab,f4,e9,74,73,21,3e,6a,85,2f,ad,11,35,1e,74,d2,
f6,85,c6,80,d5,b6,ed,0d,87
"2"=hex:56,f3,50,11,98,55,25,42
"3"=hex:9b,ba,53,06,06,18,3b,c7,73,f2,e8,df,f7,aa,bb,bc,4b,af,6a,a8,19,1f,53,
30,db,a1,2e,2b,68,32,8e,1c,e6,c8,7c,4b,52,75,f0,45,11,ca,e1,b5,2f,42,c0,2a,\
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:33,08,da,55,f6,12,dc,ab,f4,e9,74,73,21,3e,6a,85,2f,ad,11,35,1e,74,d2,
f6,2e,2b,e0,1b,c2,9e,49,42,53,a9,a5,ab,d9,82,65,c7,aa,4b,84,16,df,84,04,20,\
"7"=hex:33,08,da,55,f6,12,dc,ab,f4,e9,74,73,21,3e,6a,85,2f,ad,11,35,1e,74,d2,
f6,d6,93,62,58,16,ac,98,9d,fb,96,15,df,14,58,40,fd,da,1c,0b,31,a3,58,f4,6f,\
"8"=hex:9d,9e,b2,b9,a7,a5,f4,ae,4d,29,c2,a3,c0,78,c4,c5,86,15,ba,ba,a8,7c,30,
6e,e7,be,f3,4e,5c,b8,67,18,68,d2,34,71,6e,be,6a,68,12,55,ff,37,2b,86,ac,b7,\
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:4b,72,8f,bc,6c,3f,e4,15
"10"=hex:81,20,8f,ab,28,6a,52,9c
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:50,8c,d3,f9,78,6b,bf,09,df,69,cf,f8,85,c1,6e,b6,cc,ae,b6,92,77,1b,c0,
ad,57,b6,c5,51,5f,59,e7,6d,c2,2b,5e,10,d6,06,32,96,25,ea,e6,e0,51,fb,48,27,\
"13"=hex:fb,49,77,04,3d,57,54,a5,dc,e2,fc,03,c7,af,e4,7a,b8,37,47,c4,41,00,12,
b2
"14"=hex:83,34,31,f7,8e,d5,03,43,c8,8e,e9,f6,fc,e8,bb,e7,f8,34,65,93,0a,d3,2c,
14
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:da,5d,fd,f0,e3,a5,14,f6,e0,41,83,75,52,ad,eb,f0
"22"=hex:81,20,8f,ab,28,6a,52,9c
"15"=hex:77,39,47,58,05,c8,e8,7e,6c,84,42,c8,99,36,30,64,49,32,26,b5,8f,97,95,
e6,dd,9c,b8,cc,44,fd,aa,41,1d,59,e8,f8,7c,2d,cb,35,13,74,2c,dc,95,8d,fa,fd,\
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \169D180DB7FE8847]
"1"=hex:1a,c6,90,39,73,14,70,4f,c7,99,3b,d6,b3,40,09,16,86,2b,9b,9b,f3,96,a9,
e9
"2"=hex:05,83,26,a9,dc,b6,17,45,de,2e,f0,41,a5,95,91,56,fe,07,ca,23,63,6c,c8,
df,a0,cb,29,a7,07,62,23,54
"3"=hex:1a,c6,90,39,73,14,70,4f,c7,99,3b,d6,b3,40,09,16,39,39,6a,6e,1d,99,29,
0e,9a,9e,61,33,16,37,68,38,ee,25,f6,f1,91,9f,21,a9,58,ec,19,f6,96,30,78,09
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \169D180DB7FE8847\963F846157C74A39E2C899654953DA1B]
"1"=hex:0e,99,cd,9c,6f,50,13,a2,82,70,40,54,38,93,8f,c5,05,f3,da,4d,e8,82,d5,
04,c7,c6,1f,bf,24,f4,89,65
"2"=hex:c6,c1,1a,2b,99,40,bf,93
"3"=hex:65,ba,a9,04,71,88,19,61,75,a4,26,e3,36,f0,d0,94,55,9f,d9,12,bf,53,fd,
7f,6c,ca,13,75,a0,46,53,60,ec,33,e9,11,50,8b,5c,07,e4,75,e0,11,0a,04,9f,5a,\
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:0e,99,cd,9c,6f,50,13,a2,82,70,40,54,38,93,8f,c5,05,f3,da,4d,e8,82,d5,
04,26,28,49,41,45,1c,d1,d9,85,cc,4a,70,43,0d,e7,6f,f0,e8,43,70,42,0c,3c,62,\
"7"=hex:1a,c6,90,39,73,14,70,4f,c7,99,3b,d6,b3,40,09,16,5c,6c,8a,b0,95,8d,88,
02,e9,37,15,54,28,a1,4d,91,f4,19,4f,4b,df,bd,95,c2,74,9c,18,d8,b7,e1,e6,9e,\
"8"=hex:63,5a,d7,1b,b1,d4,18,46,9d,8a,b3,da,f7,a8,9d,ab,02,f0,96,ce,68,90,9c,
19,fa,fa,2b,4b,6b,8c,15,01,e3,1a,d1,28,a5,f7,a8,07
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:d0,71,12,cb,08,b7,a7,d6
"10"=hex:81,20,8f,ab,28,6a,52,9c
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:60,9a,c2,79,51,03,6e,4b,e3,31,b6,66,bc,e5,94,6e,a7,87,f5,e1,e1,da,92,
7b,fa,af,67,cd,85,51,3b,48,59,1d,49,96,0f,f6,1d,88,6d,ef,97,fb,26,80,a9,ec,\
"13"=hex:0d,71,eb,e9,b4,2c,de,28,9f,27,f0,40,5f,60,7e,da,11,0d,70,07,d6,9f,d4,
41
"14"=hex:8e,73,45,e3,bc,ff,50,97
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:21,f2,79,b5,1b,bf,7b,1c,94,59,df,19,c9,6e,f5,de
"22"=hex:81,20,8f,ab,28,6a,52,9c
"15"=hex:c1,48,8e,43,72,0e,de,95,03,28,20,e0,b8,46,9d,8c,ba,3e,8d,2b,eb,ee,0f,
df,91,d0,20,4e,bf,a8,45,53,29,38,db,2b,ef,ea,02,88,17,c4,cb,f6,9c,18,dc,0e,\
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \501529F2142DBB50]
"1"=hex:55,71,d5,88,d4,e8,c4,23,86,c5,84,77,3a,01,80,8c
"2"=hex:f5,fd,d2,af,b2,50,3f,e2,89,4b,5a,85,2d,92,a5,eb,e1,d6,58,1d,4d,0e,b6,
ab
"3"=hex:55,71,d5,88,d4,e8,c4,23,cc,0d,cd,35,65,2b,d2,55,b5,8a,e0,a5,a3,ab,e8,
77,08,f0,c2,34,61,83,02,00
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \501529F2142DBB50\3D0835C2F0236EA610F4A663E871DFB7]
"1"=hex:80,21,ee,d1,6b,60,09,6f,4b,f1,56,5e,2d,04,5e,d5,8d,17,94,38,2e,5b,ef,
24
"2"=hex:81,20,8f,ab,28,6a,52,9c
"3"=hex:44,28,bb,8e,d3,80,08,b3,ae,ad,c2,6f,e7,f6,fe,83,ec,3e,16,f8,19,ec,0f,
ea,12,b0,ea,eb,89,3d,95,72,ff,eb,7e,14,21,83,2b,fa,90,ba,af,cb,91,99,65,63,\
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:bf,e5,23,7b,b0,66,d6,fc,bc,64,22,fb,7e,d3,39,3e,a3,00,33,13,c0,21,f4,
51,6c,4e,0c,96,e2,dd,ad,8a,b6,c4,05,e8,5a,bd,9a,e9,d4,1a,3d,68,9d,00,32,20
"7"=hex:f5,fd,d2,af,b2,50,3f,e2,89,4b,5a,85,2d,92,a5,eb,e1,d6,58,1d,4d,0e,b6,
ab
"8"=hex:9d,9e,b2,b9,a7,a5,f4,ae,4d,29,c2,a3,c0,78,c4,c5,65,47,71,48,e9,1d,9d,
ae,29,98,1a,e8,c6,8a,ea,0a,ff,18,6b,ec,1f,9e,d0,2c,a3,52,2c,56,64,9d,46,ea,\
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:70,56,26,33,e3,20,f8,ab
"10"=hex:b3,b5,ff,62,ba,b6,61,46
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:81,20,8f,ab,28,6a,52,9c
"13"=hex:81,20,8f,ab,28,6a,52,9c
"14"=hex:81,20,8f,ab,28,6a,52,9c
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:81,20,8f,ab,28,6a,52,9c
"22"=hex:81,20,8f,ab,28,6a,52,9c
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \501529F2142DBB50\A9E17DC1A54D1D28BB40F338A2C6273E]
"1"=hex:80,21,ee,d1,6b,60,09,6f,f8,87,24,43,64,25,4c,aa,b2,18,c8,df,6b,eb,72,
a3,0a,b2,c0,1f,52,da,0b,fb
"2"=hex:81,20,8f,ab,28,6a,52,9c
"3"=hex:15,52,1f,5a,07,3e,ca,84,87,d2,c1,9d,ef,a9,f9,9a,56,20,65,bc,f9,a4,b0,
ff,40,c2,d1,e5,58,f4,48,6b,b5,58,b3,88,70,17,d1,84,46,36,cf,1d,ec,59,66,2a,\
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:bf,e5,23,7b,b0,66,d6,fc,bc,64,22,fb,7e,d3,39,3e,a3,00,33,13,c0,21,f4,
51,6c,4e,0c,96,e2,dd,ad,8a,b6,c4,05,e8,5a,bd,9a,e9,d4,1a,3d,68,9d,00,32,20
"7"=hex:80,21,ee,d1,6b,60,09,6f,f8,87,24,43,64,25,4c,aa,b2,18,c8,df,6b,eb,72,
a3,0a,b2,c0,1f,52,da,0b,fb
"8"=hex:9d,9e,b2,b9,a7,a5,f4,ae,4d,29,c2,a3,c0,78,c4,c5,65,47,71,48,e9,1d,9d,
ae,8d,a8,42,08,32,10,f7,67,cf,df,52,86,31,35,e0,07,c7,f4,11,f0,ed,74,e2,7b,\
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:70,56,26,33,e3,20,f8,ab
"10"=hex:f8,fe,42,b7,de,5f,ba,f0
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:81,20,8f,ab,28,6a,52,9c
"13"=hex:81,20,8f,ab,28,6a,52,9c
"14"=hex:81,20,8f,ab,28,6a,52,9c
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:81,20,8f,ab,28,6a,52,9c
"22"=hex:81,20,8f,ab,28,6a,52,9c
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \EC1A69D1C0948222]
"1"=hex:b0,cd,e0,26,42,20,9e,7c,08,f1,c1,23,e7,41,66,ec,c9,e0,20,43,a1,23,f2,
e3
"2"=hex:d7,7a,ea,31,a0,f7,22,dd,b6,43,6f,32,07,8b,4a,0a,e2,6f,a8,1b,53,71,0d,
78,d5,ad,68,1b,c8,4a,9b,03
"3"=hex:b0,cd,e0,26,42,20,9e,7c,08,f1,c1,23,e7,41,66,ec,aa,6b,6f,c8,5d,d1,dd,
70,c8,0c,a2,71,14,a4,b5,05,7d,2c,84,8d,ff,2b,de,6d,f8,f2,70,94,19,43,ce,bd,\
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \EC1A69D1C0948222\48236A7EED3B8895E98434D6DCE253AC]
"1"=hex:08,26,de,b9,bd,1e,cc,2a,55,96,fd,b8,7e,1b,23,82,71,bb,5a,5f,e0,12,25,
42,0c,3f,30,d4,d3,b8,cd,35,d5,a9,6f,e0,2c,05,4e,14
"2"=hex:58,92,5a,34,3f,c6,a5,c5
"3"=hex:f3,46,9e,0e,6f,75,6f,c7,5d,76,18,da,f1,ae,69,37,ad,00,3c,2e,30,5f,26,
e7,91,dc,be,83,fe,91,14,bd,0f,54,a9,7c,5a,5d,90,22,d4,6e,2d,18,0b,6e,c3,96,\
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:bf,e5,23,7b,b0,66,d6,fc,bc,64,22,fb,7e,d3,39,3e,a3,00,33,13,c0,21,f4,
51,6c,4e,0c,96,e2,dd,ad,8a,b6,c4,05,e8,5a,bd,9a,e9,d4,1a,3d,68,9d,00,32,20
"7"=hex:08,26,de,b9,bd,1e,cc,2a,55,96,fd,b8,7e,1b,23,82,71,bb,5a,5f,e0,12,25,
42,0c,3f,30,d4,d3,b8,cd,35,61,5a,c0,6c,22,7e,83,13,6e,44,91,28,69,cc,01,dd
"8"=hex:9d,9e,b2,b9,a7,a5,f4,ae,4d,29,c2,a3,c0,78,c4,c5,73,7e,45,c6,9f,9e,10,
63,a0,2f,06,c2,a3,e9,62,70,d1,3e,e6,57,b7,98,40,c9,e4,cc,88,e6,39,d6,95,f5,\
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:70,56,26,33,e3,20,f8,ab
"10"=hex:f7,45,7f,7c,04,74,c1,e7
"11"=hex:7d,ba,74,77,fe,09,92,36
"12"=hex:81,20,8f,ab,28,6a,52,9c
"13"=hex:81,20,8f,ab,28,6a,52,9c
"14"=hex:81,20,8f,ab,28,6a,52,9c
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:81,20,8f,ab,28,6a,52,9c
"22"=hex:81,20,8f,ab,28,6a,52,9c
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \EC1A69D1C0948222\B144CCE307E78EB6EE53CA2196E4D0A2]
"1"=hex:97,5e,49,d3,7c,a0,18,18,10,c9,e3,e3,c1,ae,57,ed,60,42,a5,db,24,eb,e2,
b0,36,d7,56,53,fe,9f,3d,f9
"2"=hex:8c,23,2d,03,75,bd,a0,cd
"3"=hex:cd,13,1e,f2,c1,95,d6,c2,37,5a,d1,80,2b,a7,10,70,fc,e5,97,17,bd,f1,d4,
c8,da,36,c9,d4,f7,4a,b8,71,65,55,7d,5f,c7,5a,b3,6d,f5,4d,32,34,83,62,3e,8e,\
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:97,5e,49,d3,7c,a0,18,18,10,c9,e3,e3,c1,ae,57,ed,60,42,a5,db,24,eb,e2,
b0,8f,11,0c,96,c4,fa,d8,91,c5,12,83,4f,46,bb,09,8e,16,ef,8f,6e,a2,64,c0,3f,\
"7"=hex:6b,96,68,24,0f,2f,9e,94,e8,ce,54,f3,3b,80,63,3a,1b,c3,e7,ed,44,3a,1d,
97,9f,f9,03,77,68,81,1b,0c,34,a2,88,30,12,be,09,a0
"8"=hex:9d,9e,b2,b9,a7,a5,f4,ae,4d,29,c2,a3,c0,78,c4,c5,73,7e,45,c6,9f,9e,10,
63,a0,2f,06,c2,a3,e9,62,70,90,4c,ec,d6,92,e1,28,ba,e5,5d,0d,25,ef,fb,b7,21,\
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:4b,72,8f,bc,6c,3f,e4,15
"10"=hex:81,20,8f,ab,28,6a,52,9c
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:91,89,88,30,b1,cb,3d,b6,e9,cc,7b,de,01,c9,a2,0a,ba,d0,3a,df,c1,c5,ae,
87,93,39,f6,f9,63,74,6d,e9,bc,2c,1a,24,4e,88,e5,13,0d,2d,d0,70,9d,0b,96,26,\
"13"=hex:83,8b,e4,92,92,37,f1,03,dd,14,a7,1d,3c,55,b8,e1,d6,e1,51,7e,02,39,c8,
6a
"14"=hex:56,9f,0c,87,43,ea,8d,f7,6c,01,ea,a3,05,cf,93,b7
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:88,54,d1,07,92,ab,2d,17,61,7e,38,8b,5e,2a,de,d3
"22"=hex:81,20,8f,ab,28,6a,52,9c
"15"=hex:3e,6f,ee,a7,8f,0d,4a,e0,9f,77,2c,7b,85,c4,c2,e7,78,51,4d,81,72,6f,1b,
e9,40,d6,b7,6c,37,b9,3f,b7,47,6e,3b,59,c2,11,40,e7,74,aa,a4,bc,dd,23,38,10,\
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \EC1A69D1C0948222\F347AA9A592B216D597E028785020CD4]
"1"=hex:97,5e,49,d3,7c,a0,18,18,10,c9,e3,e3,c1,ae,57,ed,60,42,a5,db,24,eb,e2,
b0,0d,ef,4b,fc,af,c2,2e,ad
"2"=hex:04,29,6a,69,56,d3,ea,41,db,c1,1a,08,f4,34,4d,ff
"3"=hex:51,02,06,cd,8c,8f,cf,b5,3e,57,62,a3,b1,e2,30,39,17,e2,d2,62,4a,1c,02,
0d,28,0e,ff,1d,c5,87,cf,05,41,40,0b,6e,20,64,23,0a,1f,46,8f,a0,57,10,bb,a9,\
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:97,5e,49,d3,7c,a0,18,18,10,c9,e3,e3,c1,ae,57,ed,60,42,a5,db,24,eb,e2,
b0,46,88,2f,82,3b,10,0c,a3,06,e2,b9,2d,01,08,b4,c2,45,19,67,50,8b,89,d1,c8,\
"7"=hex:6b,96,68,24,0f,2f,9e,94,e8,ce,54,f3,3b,80,63,3a,1b,c3,e7,ed,44,3a,1d,
97,49,3e,e5,49,ef,df,ad,a2
"8"=hex:9d,9e,b2,b9,a7,a5,f4,ae,4d,29,c2,a3,c0,78,c4,c5,73,7e,45,c6,9f,9e,10,
63,a0,2f,06,c2,a3,e9,62,70,90,4c,ec,d6,92,e1,28,ba,e5,5d,0d,25,ef,fb,b7,21,\
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:4b,72,8f,bc,6c,3f,e4,15
"10"=hex:81,20,8f,ab,28,6a,52,9c
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:e1,ee,42,f0,13,41,57,26,db,ca,61,3a,36,49,40,2b,89,89,e8,76,52,78,5f,
8f,a2,f4,9a,d9,9b,62,b4,a3,1d,62,53,16,80,b0,41,41,10,5a,f0,5c,d8,a5,5b,ff,\
"13"=hex:e5,2d,3b,ff,04,3f,c1,d9,2b,0a,70,54,9c,1e,3b,b0,a2,d6,1b,40,15,eb,17,
6f
"14"=hex:bd,67,9b,ef,47,fb,15,8c,ba,a8,71,3f,47,d1,f1,06
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:df,02,23,63,15,d3,e5,98,53,86,6b,9c,cc,13,bd,22
"22"=hex:81,20,8f,ab,28,6a,52,9c
"15"=hex:55,4f,61,50,04,4f,20,96,c8,b0,e2,3c,47,d8,42,5c,b2,53,dd,db,61,6a,20,
d9,75,f7,8b,8f,5f,98,f5,79,90,9c,18,b6,2a,7c,21,fb,86,1c,1e,8a,fe,5c,95,90,\
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \F3F0046F119EFA4F]
"1"=hex:97,5e,49,d3,7c,a0,18,18,10,c9,e3,e3,c1,ae,57,ed,c2,97,86,6a,a5,82,f8,
d5,42,54,3b,7e,24,3e,19,f8
"2"=hex:f1,df,16,de,80,08,0e,2a,d1,38,b5,6f,94,ca,dc,d2,b3,e8,d2,40,6c,6f,61,
5e,d2,5e,7f,21,14,b5,b2,29
"3"=hex:97,5e,49,d3,7c,a0,18,18,10,c9,e3,e3,c1,ae,57,ed,c2,97,86,6a,a5,82,f8,
d5,f2,55,76,c8,bc,53,92,25,3f,d1,b6,bc,00,35,73,43,96,90,79,f6,5b,97,35,47,\
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \F3F0046F119EFA4F\3323E31CCF524E1933A08EFC0405BBBB]
"1"=hex:97,5e,49,d3,7c,a0,18,18,10,c9,e3,e3,c1,ae,57,ed,60,42,a5,db,24,eb,e2,
b0,ce,d6,da,a0,ab,80,e1,24
"2"=hex:70,52,20,b5,8f,72,73,3d
"3"=hex:28,2a,e0,e5,72,a9,2b,58,e4,48,0e,6a,f4,e2,f3,9d,5c,69,b9,e7,64,b8,54,
01,c4,2d,b1,e1,f2,77,d3,ba,95,e1,e3,73,0d,67,6f,7c,3c,1d,93,dd,85,10,b0,57,\
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:97,5e,49,d3,7c,a0,18,18,10,c9,e3,e3,c1,ae,57,ed,60,42,a5,db,24,eb,e2,
b0,6a,83,7f,d6,71,af,86,e0,98,8d,dd,2e,7a,95,cd,1a,9e,2d,5f,ec,63,7f,c9,e5,\
"7"=hex:97,5e,49,d3,7c,a0,18,18,10,c9,e3,e3,c1,ae,57,ed,60,42,a5,db,24,eb,e2,
b0,29,7c,70,46,35,dc,d7,79
"8"=hex:9d,9e,b2,b9,a7,a5,f4,ae,4d,29,c2,a3,c0,78,c4,c5,6b,8d,dd,0b,84,72,f6,
f2,3d,a6,3c,a0,07,7d,db,f3,88,a8,6c,3f,5c,60,94,94,89,77,0c,65,96,1c,ff,8e,\
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:4b,72,8f,bc,6c,3f,e4,15
"10"=hex:81,20,8f,ab,28,6a,52,9c
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:2a,eb,67,0c,61,99,7f,1f,a6,9f,19,7c,9d,31,3d,d1,a5,2c,b5,c6,b7,69,1a,
fe,3d,17,a5,8d,97,2c,02,7d,5f,23,c7,d1,2f,15,16,47,f4,20,18,cb,65,1a,b9,b5,\
"13"=hex:d4,47,3e,67,d8,6a,4c,76,8e,23,0b,d1,e9,02,ee,dd,96,a7,83,e5,78,e9,9e,
15
"14"=hex:4e,63,05,ff,92,a2,5b,c8
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:8a,18,1e,ef,ac,9c,61,b4,bb,89,f7,a5,f6,e1,52,4a
"22"=hex:81,20,8f,ab,28,6a,52,9c
"15"=hex:83,50,34,82,e7,96,30,94,5a,cc,de,f6,f2,97,d6,42,40,61,2f,fb,aa,08,cc,
74,53,7d,0b,5e,03,8f,2e,8b,3f,ee,91,fd,fd,f9,b4,c0,43,40,5b,ed,8a,14,13,2b,\
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \F3F0046F119EFA4F\37539B6D352ECF5C006214859EC1AF0C]
"1"=hex:97,5e,49,d3,7c,a0,18,18,10,c9,e3,e3,c1,ae,57,ed,60,42,a5,db,24,eb,e2,
b0,c8,c9,f6,99,f8,a7,b9,da
"2"=hex:76,4e,1c,cc,2e,81,b8,f3
"3"=hex:a1,09,1e,12,50,80,60,e5,92,b1,0f,af,58,5d,2f,c8,97,95,fe,6a,ee,6c,13,
bc,86,18,67,fe,dd,de,51,5e,f8,79,49,1f,e7,ae,26,ad,2c,dd,df,97,17,8a,f7,af,\
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:97,5e,49,d3,7c,a0,18,18,10,c9,e3,e3,c1,ae,57,ed,60,42,a5,db,24,eb,e2,
b0,13,d6,a9,04,9e,fe,4b,b3,10,e4,eb,ef,c4,3c,01,7c,da,ad,aa,35,c5,9e,af,7d,\
"7"=hex:97,5e,49,d3,7c,a0,18,18,10,c9,e3,e3,c1,ae,57,ed,60,42,a5,db,24,eb,e2,
b0,f5,de,1e,04,6d,6b,1c,69
"8"=hex:9d,9e,b2,b9,a7,a5,f4,ae,4d,29,c2,a3,c0,78,c4,c5,6b,8d,dd,0b,84,72,f6,
f2,3d,a6,3c,a0,07,7d,db,f3,88,a8,6c,3f,5c,60,94,94,89,77,0c,65,96,1c,ff,8e,\
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:4b,72,8f,bc,6c,3f,e4,15
"10"=hex:81,20,8f,ab,28,6a,52,9c
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:f8,98,7d,64,5e,94,1d,22,86,01,43,62,a0,4b,71,09,7d,b9,e7,a6,f9,be,43,
eb,52,05,f3,3c,c0,f2,2e,17,97,16,a8,12,f9,9c,c9,9d,bb,b5,5c,0e,3f,f5,d8,b0,\
"13"=hex:75,eb,c5,f2,3e,73,97,0b,5c,45,e0,8e,ff,71,b6,40,c8,cf,eb,e6,6c,13,95,
1c
"14"=hex:6c,3a,76,3b,92,16,dd,60
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:43,14,83,2e,a5,9e,00,fd,fa,00,7e,16,c5,47,90,6d
"22"=hex:81,20,8f,ab,28,6a,52,9c
"15"=hex:c9,f4,c5,a8,93,8e,ef,4c,9e,e5,08,dc,f0,d7,2e,75,9f,59,94,03,16,57,eb,
32,e2,0c,fc,92,34,2b,c0,d3,4d,d2,b7,f7,83,15,ab,21,58,19,d8,56,50,6f,00,75,\
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \F3F0046F119EFA4F\58BBB2CAA762B86BF8228F8849EB5144]
"1"=hex:97,5e,49,d3,7c,a0,18,18,10,c9,e3,e3,c1,ae,57,ed,60,42,a5,db,24,eb,e2,
b0,53,74,ea,24,5b,d9,02,83
"2"=hex:84,00,a2,e9,a5,84,bc,35
"3"=hex:ff,f1,35,c6,9b,b4,ed,c8,9e,ce,fa,3c,01,39,54,f7,bd,c0,24,f9,a8,7a,c2,
81,6d,b1,82,e2,01,d2,a5,d0,18,d9,64,21,db,93,6c,7d,dc,11,a6,21,fd,85,0b,46,\
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:97,5e,49,d3,7c,a0,18,18,10,c9,e3,e3,c1,ae,57,ed,60,42,a5,db,24,eb,e2,
b0,0b,6a,8c,ca,2a,b0,fe,b3,4b,64,48,ea,1f,44,5e,dc,e9,a1,c1,1e,2b,ba,8b,4e,\
"7"=hex:97,5e,49,d3,7c,a0,18,18,10,c9,e3,e3,c1,ae,57,ed,60,42,a5,db,24,eb,e2,
b0,53,74,ea,24,5b,d9,02,83
"8"=hex:9d,9e,b2,b9,a7,a5,f4,ae,4d,29,c2,a3,c0,78,c4,c5,6b,8d,dd,0b,84,72,f6,
f2,3d,a6,3c,a0,07,7d,db,f3,88,a8,6c,3f,5c,60,94,94,89,77,0c,65,96,1c,ff,8e,\
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:4b,72,8f,bc,6c,3f,e4,15
"10"=hex:81,20,8f,ab,28,6a,52,9c
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:59,4e,e0,e5,4c,0f,da,b5,ab,78,b8,7f,52,84,82,ac,2a,ea,d9,bd,00,95,a7,
55,fe,31,34,8a,10,a5,9f,ac,a4,84,23,35,1a,6f,87,cd,a2,4d,d1,0c,fa,94,89,5f,\
"13"=hex:78,cd,32,7c,51,95,6e,2e,9a,a0,0a,e6,29,1a,6f,a9,98,0e,15,7f,e8,44,9e,
d5
"14"=hex:84,23,eb,9e,98,3e,c4,f1
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:fe,a2,6e,90,c9,bf,4b,ff,1a,c1,a3,89,51,7c,29,22
"22"=hex:81,20,8f,ab,28,6a,52,9c
"15"=hex:e8,11,ea,1d,e3,02,83,b9,92,a5,1c,47,33,cf,92,82,1b,40,07,ea,6d,2a,7c,
58,63,ac,80,f5,54,55,32,66,54,0d,ab,fd,01,03,f9,f7,f6,50,2a,21,c8,be,08,03,\
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \F3F0046F119EFA4F\A28FC91DA48F2E633FEBC5F75796F7EE]
"1"=hex:97,5e,49,d3,7c,a0,18,18,10,c9,e3,e3,c1,ae,57,ed,60,42,a5,db,24,eb,e2,
b0,50,94,16,01,b2,17,1a,42
"2"=hex:af,de,e1,d4,71,84,6f,cd
"3"=hex:b0,f4,f0,97,eb,42,d7,51,d0,df,81,32,c5,41,f5,a7,c7,0e,f0,31,e0,8e,a0,
2f,72,ac,c2,28,86,4d,99,db,49,3a,a1,0d,b5,4c,9c,42,93,64,c3,0e,75,19,9d,c8,\
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:97,5e,49,d3,7c,a0,18,18,10,c9,e3,e3,c1,ae,57,ed,60,42,a5,db,24,eb,e2,
b0,c2,7a,22,37,ea,ed,a9,12,3e,e1,c8,dc,28,3e,46,e1,6b,10,d1,0d,d2,c1,3b,7d,\
"7"=hex:97,5e,49,d3,7c,a0,18,18,10,c9,e3,e3,c1,ae,57,ed,60,42,a5,db,24,eb,e2,
b0,fc,f4,86,ed,7d,07,89,29,2f,7f,fa,55,aa,50,20,7e,7c,e5,f7,a8,05,d7,35,13,\
"8"=hex:9d,9e,b2,b9,a7,a5,f4,ae,4d,29,c2,a3,c0,78,c4,c5,6b,8d,dd,0b,84,72,f6,
f2,3d,a6,3c,a0,07,7d,db,f3,88,a8,6c,3f,5c,60,94,94,89,77,0c,65,96,1c,ff,8e,\
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:4b,72,8f,bc,6c,3f,e4,15
"10"=hex:81,20,8f,ab,28,6a,52,9c
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:ee,6a,4b,3b,1b,f0,b2,77,5c,95,70,20,16,9b,2e,25,95,83,d8,4c,2f,2e,eb,
3b,14,49,bd,fd,0c,81,e8,31,1c,8c,d7,bf,b0,a1,95,38,05,3d,45,13,05,94,f3,66,\
"13"=hex:40,fb,1a,33,f2,96,5b,a4,3e,b5,fa,94,02,36,4c,a8,72,4e,a5,82,41,07,88,
8c
"14"=hex:3b,71,c6,44,4a,52,dd,47
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:19,22,c6,02,d8,fa,6f,e8,ab,37,3a,2f,c8,22,3b,10
"22"=hex:81,20,8f,ab,28,6a,52,9c
"15"=hex:05,50,c4,66,1f,e8,44,0a,66,5e,26,e3,fa,7a,d5,53,a4,bf,08,ce,88,4a,88,
73,8b,f7,cf,cd,24,8e,15,d4,c5,24,1f,98,1d,a2,76,9c,34,ff,d7,66,67,9e,57,7f,\
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \F3F0046F119EFA4F\D580A8CFDA60E9362F91B6F863D46379]
"1"=hex:97,5e,49,d3,7c,a0,18,18,10,c9,e3,e3,c1,ae,57,ed,60,42,a5,db,24,eb,e2,
b0,50,94,16,01,b2,17,1a,42
"2"=hex:11,b7,bf,c5,fa,e2,5a,47
"3"=hex:2e,36,27,e4,d8,38,9b,80,4f,31,78,f5,72,40,20,62,89,be,83,47,c3,77,a5,
9e,0d,0c,67,3a,8b,bc,db,c6,6e,4c,5c,05,7d,90,c7,ab,46,27,46,43,f8,99,83,b5,\
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:97,5e,49,d3,7c,a0,18,18,10,c9,e3,e3,c1,ae,57,ed,60,42,a5,db,24,eb,e2,
b0,30,ee,8f,52,62,66,50,ce,77,e9,c4,12,3a,ea,b5,46,6c,fa,23,06,2c,2a,16,61,\
"7"=hex:97,5e,49,d3,7c,a0,18,18,10,c9,e3,e3,c1,ae,57,ed,60,42,a5,db,24,eb,e2,
b0,04,de,29,1c,d1,59,b3,b5,1c,3a,e8,07,ed,d8,08,6e,a7,52,c4,be,fd,58,1e,61,\
"8"=hex:9d,9e,b2,b9,a7,a5,f4,ae,4d,29,c2,a3,c0,78,c4,c5,6b,8d,dd,0b,84,72,f6,
f2,3d,a6,3c,a0,07,7d,db,f3,88,a8,6c,3f,5c,60,94,94,89,77,0c,65,96,1c,ff,8e,\
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:4b,72,8f,bc,6c,3f,e4,15
"10"=hex:81,20,8f,ab,28,6a,52,9c
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:48,19,9a,99,da,f1,28,8d,53,1c,85,90,2c,30,fc,f9,2b,83,60,56,c3,e5,7f,
a2,45,60,ea,b9,de,80,9f,3b,87,e8,ef,81,c9,86,ae,e8,be,46,9a,b5,81,ae,fa,dd,\
"13"=hex:85,a1,28,8b,6b,65,9e,d2,ec,a4,02,ef,d1,dd,8c,7e,8c,4b,66,19,13,ca,24,
51
"14"=hex:6b,51,bd,2b,8f,5b,c4,81
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:88,54,d1,07,92,ab,2d,17,61,7e,38,8b,5e,2a,de,d3
"22"=hex:81,20,8f,ab,28,6a,52,9c
"15"=hex:9d,1a,94,95,a7,68,bc,2d,b0,15,64,a0,bf,55,14,83,b4,c7,f6,51,1d,40,2b,
d8,7c,10,57,2f,e4,c1,9b,17,dd,bf,48,7e,b2,39,49,62,33,78,2b,1d,ee,e2,39,a4,\
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \F93383AA3238BCCB]
"1"=hex:47,af,e3,b9,38,4b,f6,e6,cb,8b,59,0c,3a,af,c5,a2,d6,9f,52,ce,23,dc,1a,
c2
"2"=hex:d1,c8,c3,5e,08,10,b9,8f,1e,fd,a6,7c,f5,6d,b0,f3,a6,71,8f,f8,ab,bd,bd,
76,64,10,04,f0,92,77,f9,20
"3"=hex:47,af,e3,b9,38,4b,f6,e6,cb,8b,59,0c,3a,af,c5,a2,ac,98,11,9b,be,95,83,
07,ae,ba,7e,d8,e6,d6,56,50,c4,dc,bb,7b,18,78,a4,de,04,5c,25,4e,9f,d7,39,6d
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \F93383AA3238BCCB\777E22CD0C02FEA5F4417E902C623700]
"1"=hex:27,43,26,b3,e6,bd,3b,ee,e1,dc,ed,32,12,24,84,b4,4f,6f,ee,a0,59,e3,64,
0c,94,7a,02,a8,9d,91,a5,02
"2"=hex:14,ce,87,8d,79,74,ee,b2
"3"=hex:d5,a5,45,1c,e5,d9,4f,bd,cd,37,4c,ad,51,1c,53,96,15,48,cf,0e,13,45,9e,
32,d4,b8,1f,b3,32,e8,b2,c9,6c,bd,d8,2f,03,f7,b6,7d,c0,06,5a,e7,1d,9c,bd,f8,\
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:27,43,26,b3,e6,bd,3b,ee,e1,dc,ed,32,12,24,84,b4,4f,6f,ee,a0,59,e3,64,
0c,e1,54,5d,f5,3a,45,43,76,48,95,14,b0,cb,23,73,3b,56,55,c7,a6,33,89,c7,fb,\
"7"=hex:3b,e8,2f,01,6c,32,33,d8,e1,d7,f3,f6,0e,0a,fa,46,62,39,09,43,d3,da,73,
d4,4e,db,d0,f9,b1,fb,0a,f1,d3,99,57,af,7d,98,93,fd,a5,1e,64,b6,5b,35,28,e1,\
"8"=hex:91,0f,83,0a,63,91,b3,62,40,85,d7,93,82,13,02,ca,17,43,a7,83,bb,79,79,
de
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:4b,72,8f,bc,6c,3f,e4,15
"10"=hex:81,20,8f,ab,28,6a,52,9c
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:fe,91,d3,26,17,7c,98,8a,7e,13,df,ab,9e,6d,2f,a9,9d,f7,72,69,f2,ee,41,
fc,be,3b,0e,74,66,c7,c0,a7,27,cf,d1,06,ff,86,5e,c0,25,da,00,82,53,13,da,e7,\
"13"=hex:1a,51,64,70,e2,d7,2f,c4,49,be,ec,82,30,22,b4,fb,a2,9b,f9,0d,18,aa,84,
25
"14"=hex:40,3f,ef,87,7f,09,f3,e3
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:cb,45,dd,ff,30,a6,46,de,d7,23,ae,c1,96,76,c3,5b
"22"=hex:81,20,8f,ab,28,6a,52,9c
"15"=hex:d6,5e,6f,ca,83,80,94,04,ad,65,41,d0,c2,08,d9,e1,60,8a,75,82,05,38,74,
09,40,79,27,55,4e,25,a7,b8,48,28,e0,0b,1c,dd,b9,ab,06,6f,fc,7d,81,c2,9a,43,\
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \F93383AA3238BCCB\86F50A4E3D8BE88AF84CD03B1C57A42C]
"1"=hex:0e,99,cd,9c,6f,50,13,a2,82,70,40,54,38,93,8f,c5,05,f3,da,4d,e8,82,d5,
04,c7,c6,1f,bf,24,f4,89,65
"2"=hex:c6,c1,1a,2b,99,40,bf,93
"3"=hex:81,20,8f,ab,28,6a,52,9c
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:bf,e5,23,7b,b0,66,d6,fc,bc,64,22,fb,7e,d3,39,3e,a3,00,33,13,c0,21,f4,
51,6c,4e,0c,96,e2,dd,ad,8a,b6,c4,05,e8,5a,bd,9a,e9,d4,1a,3d,68,9d,00,32,20
"7"=hex:3b,e8,2f,01,6c,32,33,d8,e1,d7,f3,f6,0e,0a,fa,46,62,39,09,43,d3,da,73,
d4,4e,db,d0,f9,b1,fb,0a,f1,d3,99,57,af,7d,98,93,fd,a5,1e,64,b6,5b,35,28,e1,\
"8"=hex:63,5a,d7,1b,b1,d4,18,46,0a,a7,b3,1c,99,c8,a4,fc,8e,d5,91,06,69,a2,b1,
d4,43,1a,b5,55,45,f6,c7,e7,86,ad,47,d1,f0,33,03,e9
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:70,56,26,33,e3,20,f8,ab
"10"=hex:81,20,8f,ab,28,6a,52,9c
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:81,20,8f,ab,28,6a,52,9c
"13"=hex:81,20,8f,ab,28,6a,52,9c
"14"=hex:81,20,8f,ab,28,6a,52,9c
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:81,20,8f,ab,28,6a,52,9c
"22"=hex:81,20,8f,ab,28,6a,52,9c
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \F93383AA3238BCCB\8E836BAE956872594C846A224AED5815]
"1"=hex:27,43,26,b3,e6,bd,3b,ee,e1,dc,ed,32,12,24,84,b4,4f,6f,ee,a0,59,e3,64,
0c,fa,4d,d7,21,7b,08,a0,3e
"2"=hex:03,13,8a,80,bd,85,45,8e
"3"=hex:81,20,8f,ab,28,6a,52,9c
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:bf,e5,23,7b,b0,66,d6,fc,bc,64,22,fb,7e,d3,39,3e,a3,00,33,13,c0,21,f4,
51,6c,4e,0c,96,e2,dd,ad,8a,b6,c4,05,e8,5a,bd,9a,e9,d4,1a,3d,68,9d,00,32,20
"7"=hex:3b,e8,2f,01,6c,32,33,d8,e1,d7,f3,f6,0e,0a,fa,46,62,39,09,43,d3,da,73,
d4,4e,db,d0,f9,b1,fb,0a,f1,d3,99,57,af,7d,98,93,fd,a5,1e,64,b6,5b,35,28,e1,\
"8"=hex:9d,9e,b2,b9,a7,a5,f4,ae,4d,29,c2,a3,c0,78,c4,c5,0f,19,83,33,28,15,3d,
b5,30,1a,62,26,83,59,a1,96,4a,f1,16,68,e4,33,69,9c
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:70,56,26,33,e3,20,f8,ab
"10"=hex:81,20,8f,ab,28,6a,52,9c
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:81,20,8f,ab,28,6a,52,9c
"13"=hex:81,20,8f,ab,28,6a,52,9c
"14"=hex:81,20,8f,ab,28,6a,52,9c
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:81,20,8f,ab,28,6a,52,9c
"22"=hex:81,20,8f,ab,28,6a,52,9c
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \F93383AA3238BCCB\B07E347364287A4AA0F58972B4F736DB]
"1"=hex:67,c1,45,0b,0e,cc,05,8b,7d,72,6c,7c,94,20,ad,48,f7,a0,a9,3e,34,fc,8c,
d7,8c,36,b1,29,5d,f8,e5,08
"2"=hex:14,ce,87,8d,79,74,ee,b2
"3"=hex:72,a6,23,51,28,79,17,3e,15,bd,73,96,6c,de,c1,df,51,33,3f,b0,63,33,02,
a6,80,b8,64,a5,1c,af,bb,e6,ee,3c,0c,c6,13,3f,b5,3d,fb,c3,01,f1,41,78,50,3e,\
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:67,c1,45,0b,0e,cc,05,8b,7d,72,6c,7c,94,20,ad,48,f7,a0,a9,3e,34,fc,8c,
d7,5b,cd,9c,a9,8e,c7,41,bf,aa,b9,b8,e5,43,ad,04,2e,e9,a9,65,85,1e,c8,6b,29,\
"7"=hex:3b,e8,2f,01,6c,32,33,d8,e1,d7,f3,f6,0e,0a,fa,46,62,39,09,43,d3,da,73,
d4,4e,db,d0,f9,b1,fb,0a,f1,d3,99,57,af,7d,98,93,fd,a5,1e,64,b6,5b,35,28,e1,\
"8"=hex:9d,9e,b2,b9,a7,a5,f4,ae,4d,29,c2,a3,c0,78,c4,c5,f9,32,b1,bb,f6,d2,b0,
56,73,5b,8e,67,b5,c3,9e,fa,5f,4d,17,b5,28,dd,6c,22,62,21,1d,d8,7f,77,ee,3c,\
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:4b,72,8f,bc,6c,3f,e4,15
"10"=hex:81,20,8f,ab,28,6a,52,9c
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:6c,51,83,5c,1e,38,df,a4,22,64,a0,39,b7,bc,90,0c,e8,db,d3,f0,3b,33,cf,
50,21,10,5c,17,43,c2,d7,19,a8,6a,b3,f7,b7,38,9d,e4,9c,1a,88,99,10,7d,09,ee,\
"13"=hex:66,95,78,37,34,fb,b0,29,69,a4,ec,a7,b1,02,46,6c,98,58,43,7d,15,11,ba,
f3
"14"=hex:f1,f6,da,a8,ee,a5,49,3c
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:0a,c6,63,c8,e2,ca,0a,fe,24,d6,d9,7e,99,d4,2b,ff
"22"=hex:81,20,8f,ab,28,6a,52,9c
"15"=hex:62,ac,17,d0,5f,45,bb,95,9c,17,52,92,99,3f,14,16,80,99,0f,a1,5e,74,99,
8d,ec,af,7f,ab,dd,de,fb,53,aa,02,4f,84,6a,dc,bb,54,e0,3e,08,f3,c8,c5,83,21,\
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \F93383AA3238BCCB\C86C7C0BEFF8CAE2B445F63B38B4A204]
"1"=hex:27,43,26,b3,e6,bd,3b,ee,e1,dc,ed,32,12,24,84,b4,4f,6f,ee,a0,59,e3,64,
0c,09,0e,69,20,36,0b,13,fc
"2"=hex:14,ce,87,8d,79,74,ee,b2
"3"=hex:d0,c0,cd,75,4b,f0,7d,b1,2b,8e,94,30,4b,07,3a,75,10,c0,41,a4,f3,44,e8,
0b,3d,67,1a,6a,16,ff,05,1d,4a,32,6a,26,72,77,ae,12,e1,9c,88,88,35,43,f8,b6,\
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:27,43,26,b3,e6,bd,3b,ee,e1,dc,ed,32,12,24,84,b4,4f,6f,ee,a0,59,e3,64,
0c,4e,d8,65,60,0f,85,52,4c,c2,dd,a7,0a,78,46,18,f9,f0,33,8d,c0,67,b4,73,81,\
"7"=hex:3b,e8,2f,01,6c,32,33,d8,e1,d7,f3,f6,0e,0a,fa,46,62,39,09,43,d3,da,73,
d4,4e,db,d0,f9,b1,fb,0a,f1,d3,99,57,af,7d,98,93,fd,a5,1e,64,b6,5b,35,28,e1,\
"8"=hex:63,5a,d7,1b,b1,d4,18,46,0a,a7,b3,1c,99,c8,a4,fc,74,c5,0f,93,7b,fa,0d,
db,01,43,61,6c,d4,da,12,39,dc,7e,f2,88,fe,a9,93,f9
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:4b,72,8f,bc,6c,3f,e4,15
"10"=hex:81,20,8f,ab,28,6a,52,9c
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:c8,9b,8e,f1,32,1f,06,dc,e1,f4,94,ff,bd,a8,40,1d,b3,62,df,8d,34,56,f6,
96,8f,a9,3e,85,73,13,27,aa,61,5a,3d,c2,4a,b6,de,cd,70,86,43,28,c0,67,b8,19,\
"13"=hex:81,27,7b,e9,31,8a,3d,b4,b0,78,37,11,de,8b,3c,5b,71,36,05,02,b5,a9,d4,
e2
"14"=hex:ae,c5,54,3a,d1,6d,7d,5c
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:d6,5f,27,84,e9,6b,bf,f0,4f,12,70,f2,b5,37,48,b3
"22"=hex:81,20,8f,ab,28,6a,52,9c
"15"=hex:61,b6,5f,24,7a,d6,b1,cd,34,31,35,49,2b,df,6e,e2,f0,4e,b3,cd,eb,06,98,
86,8f,6b,d3,50,f4,6e,fe,58,6b,ed,35,f8,ff,a2,8e,11,4d,67,d1,da,59,ac,01,73,\
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \F93383AA3238BCCB\CAE36273CE2083AC10451E2C33E7B63B]
"1"=hex:7e,63,ed,e4,ff,c6,da,b0,3c,b3,ff,e0,03,2b,bc,b2,7f,b3,d1,39,03,20,a9,
47,94,35,3b,94,b4,9c,b2,85
"2"=hex:82,9d,b7,04,75,a2,e0,2a
"3"=hex:63,3b,4e,e4,c2,0c,fe,0e,89,57,5d,85,dd,e3,79,b6,c4,62,0e,e1,35,da,d4,
f9,34,0b,5d,fe,a7,f4,2a,39,cd,4d,33,f1,c1,e6,74,7c,8f,35,2a,fa,e9,99,f2,12,\
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:7e,63,ed,e4,ff,c6,da,b0,3c,b3,ff,e0,03,2b,bc,b2,7f,b3,d1,39,03,20,a9,
47,f1,92,06,65,96,dc,6f,e5,35,a3,48,e9,ad,a9,09,86,11,e5,84,b3,49,30,20,0e,\
"7"=hex:3b,e8,2f,01,6c,32,33,d8,e1,d7,f3,f6,0e,0a,fa,46,62,39,09,43,d3,da,73,
d4,4e,db,d0,f9,b1,fb,0a,f1,d3,99,57,af,7d,98,93,fd,a5,1e,64,b6,5b,35,28,e1,\
"8"=hex:63,5a,d7,1b,b1,d4,18,46,0a,a7,b3,1c,99,c8,a4,fc,cd,df,f6,b8,74,18,fa,
dd,30,dc,88,59,2a,92,45,f1,bd,1f,b7,30,80,7d,13,f4
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:4b,72,8f,bc,6c,3f,e4,15
"10"=hex:81,20,8f,ab,28,6a,52,9c
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:f2,3a,27,68,08,d0,e3,af,f3,45,89,ff,40,9f,6b,18,b5,93,9d,bd,9f,a6,05,
09,77,ac,33,77,81,47,17,c7,6d,b9,d3,18,41,2f,36,98,73,7e,ab,eb,51,b0,2e,52,\
"13"=hex:fc,4a,43,81,17,a1,43,48,7a,9b,4a,10,d7,2c,d4,07,85,34,04,b3,7b,a9,8f,
6c
"14"=hex:65,7c,b7,01,2e,2f,77,f5
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:c3,04,a8,ed,43,a2,0e,e4,d0,f4,7f,36,c1,ae,d0,93
"22"=hex:81,20,8f,ab,28,6a,52,9c
"15"=hex:bc,bf,7a,e4,eb,59,43,76,c5,4b,d3,c4,5a,c1,d8,64,a3,01,d6,6a,ff,68,79,
1c,53,57,f5,87,d2,27,f0,9a,4b,60,99,64,47,c6,b3,43,fc,d5,e3,b6,20,c9,fd,cc,\
.
[HKEY_LOCAL_MACHINE\software\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \F93383AA3238BCCB\DBF31101A5C3B93315CBBEA90ED13257]
"1"=hex:05,63,4e,ca,af,1d,39,e0,e8,3b,06,bc,35,26,5b,04,02,70,fd,49,72,ea,3f,
0d,c1,ed,7b,62,a7,87,bb,89
"2"=hex:c6,d7,96,b5,5f,fa,3f,77
"3"=hex:10,47,cc,8b,29,5f,b4,0e,20,f4,4b,fc,90,59,06,ef,81,cd,d3,90,48,c0,a1,
29,a8,17,6e,3c,fe,92,ce,1e,ba,97,0e,e2,31,90,51,1c,60,98,cc,49,98,9b,09,2c,\
"4"=hex:2f,ad,a2,e7,8a,bf,05,5e
"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,
1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\
"6"=hex:05,63,4e,ca,af,1d,39,e0,e8,3b,06,bc,35,26,5b,04,02,70,fd,49,72,ea,3f,
0d,38,a0,6c,90,31,db,5a,af,1a,99,07,f1,ef,d1,93,a4,80,fd,34,8b,e9,c5,e1,a0,\
"7"=hex:3b,e8,2f,01,6c,32,33,d8,e1,d7,f3,f6,0e,0a,fa,46,62,39,09,43,d3,da,73,
d4,4e,db,d0,f9,b1,fb,0a,f1,d3,99,57,af,7d,98,93,fd,a5,1e,64,b6,5b,35,28,e1,\
"8"=hex:63,5a,d7,1b,b1,d4,18,46,0a,a7,b3,1c,99,c8,a4,fc,86,f4,fe,cb,ec,d3,4e,
4c,1b,ae,32,7d,1e,63,9b,e8,91,4b,74,fd,63,b1,f5,71
"9"=hex:81,20,8f,ab,28,6a,52,9c
"18"=hex:4b,72,8f,bc,6c,3f,e4,15
"10"=hex:81,20,8f,ab,28,6a,52,9c
"11"=hex:81,20,8f,ab,28,6a,52,9c
"12"=hex:7a,f5,ac,f6,1b,d7,d3,3a,b7,5e,48,d3,d1,be,42,52,8c,33,b4,2a,72,10,1b,
e8,73,42,e2,22,0a,99,2d,45,6d,17,0c,68,42,f1,b3,af,2d,74,2c,bc,4c,04,60,4f,\
"13"=hex:d4,5a,ad,4b,5b,93,38,96,99,cd,83,be,b1,67,e2,b9,44,e8,39,94,ae,b8,74,
95
"14"=hex:79,6a,b1,0b,fb,82,9f,17
"24"=hex:81,20,8f,ab,28,6a,52,9c
"26"=hex:81,20,8f,ab,28,6a,52,9c
"27"=hex:81,20,8f,ab,28,6a,52,9c
"19"=hex:0a,54,4a,de,ea,cc,28,8f,32,ae,e1,dd,7e,83,fe,1d
"22"=hex:81,20,8f,ab,28,6a,52,9c
"15"=hex:66,c9,6e,b0,4e,9b,c3,17,28,55,12,6e,8f,3b,cb,db,cc,05,07,da,bb,8c,57,
11,a2,21,82,0f,e8,e0,f1,5e,58,aa,1a,a2,51,c2,5c,7d,8e,aa,85,b3,b6,44,2b,e5,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(3696)
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\program files\Roxio\Drag-to-Disc\Shellex.dll
c:\windows\system32\DLAAPI_W.DLL
c:\windows\system32\CDRTC.DLL
c:\program files\Roxio\Drag-to-Disc\ShellRes.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
c:\program files\Flip Video\FlipShare\FlipShareService.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\windows\runservice.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
c:\program files\Fighters\FighterSuiteService.exe
c:\program files\TeamViewer\Version7\TeamViewer_Service.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\TeamViewer\Version7\TeamViewer_Desktop.exe
c:\program files\teamviewer\version7\TeamViewer.exe
c:\program files\TeamViewer\Version7\tv_w32.exe
c:\windows\sttray.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Intel\IntelDH\CCU\CCU_Engine.exe
c:\program files\Intel\IntelDH\CCU\AlertService.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe
c:\program files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
.
**************************************************************************
.
Completion time: 2012-10-16 11:07:02 - machine was rebooted
ComboFix-quarantined-files.txt 2012-10-16 18:07
.
Pre-Run: 122,656,436,224 bytes free
Post-Run: 122,770,837,504 bytes free
.
- - End Of File - - 910F0D090F2C4ECE4A3E7C03FA53BDE8



Here is the log for the Security Check:



Results of screen317's Security Check version 0.99.51
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
SUPERAntiSpyware
Malwarebytes Anti-Malware version 1.65.0.1400
CCleaner
Java™ SE Runtime Environment 6
Java version out of Date!
Adobe Flash Player 11.4.402.287
Adobe Reader X (10.1.4)
Mozilla Firefox (16.0.1)
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0 %
````````````````````End of Log``````````````````````


Here is the log for the AdwCleaner:



# AdwCleaner v2.004 - Logfile created 10/16/2012 at 12:06:19
# Updated 06/10/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Mike - MIKE-PC
# Boot Mode : Normal
# Running from : C:\Users\Mike\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
File Found : C:\Program Files\Mozilla Firefox\plugins\npdnu.xpt
File Found : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
File Found : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.xpt
File Found : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\xcku28mm.default\extensions\pricepeep@getpricepeep.com.xpi
Folder Found : C:\Program Files\Common Files\Software Update Utility
Folder Found : C:\Program Files\OApps

***** [Registry] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Found : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Found : HKLM\SOFTWARE\Classes\dnUpdate
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\licjnkifamhpbaefhdpacpmihicfbomb
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.1 (en-US)

Profile name : default
File : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\xcku28mm.default\prefs.js

Found : user_pref("FirstSearch.aol_toolbar.search.hasDoneFirst", 6);
Found : user_pref("aol_toolbar.buttons.layout", "aol_mail_5496;facebook_40839;mapquest_40872;twitter_40883;w[...]
Found : user_pref("aol_toolbar.default.homepage.check", false);
Found : user_pref("aol_toolbar.default.search.check", false);
Found : user_pref("aol_toolbar.firsttime.showwindow", false);
Found : user_pref("aol_toolbar.guid", "{1D29795D-B99E-8CC1-66EC-EAB9C27D5458}");
Found : user_pref("aol_toolbar.install.distroid", "aol");
Found : user_pref("aol_toolbar.install.lastTbVersion", "5.74.1.8614");
Found : user_pref("aol_toolbar.install.lid", "hyplognew00000010");
Found : user_pref("aol_toolbar.install.mtmhp", "hyplogusaolp00000023");
Found : user_pref("aol_toolbar.install.ncid", "");
Found : user_pref("aol_toolbar.metrics.activestampdate", "16");
Found : user_pref("aol_toolbar.metrics.activestampmonth", "9");
Found : user_pref("aol_toolbar.metrics.activestampyear", "2012");
Found : user_pref("aol_toolbar.metrics.originalDate", "10");
Found : user_pref("aol_toolbar.metrics.originalHours", "23");
Found : user_pref("aol_toolbar.metrics.originalMinutes", "30");
Found : user_pref("aol_toolbar.metrics.originalMonth", "10");
Found : user_pref("aol_toolbar.metrics.originalSeconds", "32");
Found : user_pref("aol_toolbar.metrics.originalYear", "2012");
Found : user_pref("aol_toolbar.relatednews.enabled", false);
Found : user_pref("aol_toolbar.remote.publish.xml", "1350350903609");
Found : user_pref("aol_toolbar.rtw.active", false);
Found : user_pref("aol_toolbar.search.button", true);
Found : user_pref("aol_toolbar.search.cid", "10-10-2012");
Found : user_pref("aol_toolbar.search.focusnewtab", true);
Found : user_pref("aol_toolbar.search.instd", "20121010232930615");
Found : user_pref("aol_toolbar.search.newtab", true);
Found : user_pref("aol_toolbar.search.oid", "10-10-2012");
Found : user_pref("aol_toolbar.search.placement", "right");
Found : user_pref("aol_toolbar.search.populateoncomplete", false);
Found : user_pref("aol_toolbar.search.savehistory", false);
Found : user_pref("aol_toolbar.search.searchtype", "web");
Found : user_pref("aol_toolbar.search.source", "tb50-ff-adknowledgeaol");
Found : user_pref("aol_toolbar.skin.custom", false);
Found : user_pref("aol_toolbar.surf.date", "26");
Found : user_pref("aol_toolbar.surf.lastDate", "16");
Found : user_pref("aol_toolbar.surf.lastMonth", "9");
Found : user_pref("aol_toolbar.surf.lastYear", "2012");
Found : user_pref("aol_toolbar.surf.month", "275");
Found : user_pref("aol_toolbar.surf.prevMonth", "0");
Found : user_pref("aol_toolbar.surf.total", "281");
Found : user_pref("aol_toolbar.surf.week", "127");
Found : user_pref("aol_toolbar.surf.year", "275");
Found : user_pref("aol_toolbar.ticker.active", false);
Found : user_pref("aol_toolbar.upgrade.showwindow", false);
Found : user_pref("aol_toolbar.weather.degc", "14");
Found : user_pref("aol_toolbar.weather.degf", "58");
Found : user_pref("aol_toolbar.weather.image", "chrome://aoltoolbar/skin/weather/34.png");
Found : user_pref("aol_toolbar.weather.locationid", "USNY0996");
Found : user_pref("aol_toolbar.weather.metric", true);
Found : user_pref("aol_toolbar.weather.tooltip", "New York , NY : Mostly Sunny");
Found : user_pref("aol_toolbar.weather.update", "1350412517418");

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.34] : icon_url = "hxxp://www.babylon.com/favicon.ico",
Found [l.37] : keyword = "babylon.com",
Found [l.40] : search_url = "hxxp://search.babylon.com/?q={searchTerms}&tt=220512_53ctrl&babsrc=SP_crm",

*************************

AdwCleaner[S1].txt - [9200 octets] - [09/10/2012 07:55:38]
AdwCleaner[R1].txt - [6085 octets] - [16/10/2012 12:06:19]

########## EOF - C:\AdwCleaner[R1].txt - [6145 octets] ##########

#7 nasdaq

nasdaq

  • Malware Response Team
  • 38,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:26 PM

Posted 17 October 2012 - 08:20 AM

Remove the AdWare, PUP (Potentially Unwanted Program) installed on your computer.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Everything that was found will be deleted.
  • Follow the prompts to reboot the computer. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[Sn].txt (n is a number)..
===

Secure your system by updating 3rd party programs.

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.

Check your present version and update as recommended.
https://www.java.com/en/download/installed.jsp

If present remove the old version(s) of Java using the Add/Remove Programs applet.


Java™ SE Runtime Environment 6


===

Let me know what problem persists.

#8 Aceshigh24

Aceshigh24
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:26 PM

Posted 17 October 2012 - 10:25 AM

Here is the log for the AdwCleaner Deletion:


# AdwCleaner v2.004 - Logfile created 10/17/2012 at 07:56:21
# Updated 06/10/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Mike - MIKE-PC
# Boot Mode : Normal
# Running from : C:\Users\Mike\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.xpt
File Deleted : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\xcku28mm.default\extensions\pricepeep@getpricepeep.com.xpi
Folder Deleted : C:\Program Files\Common Files\Software Update Utility
Folder Deleted : C:\Program Files\OApps

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\licjnkifamhpbaefhdpacpmihicfbomb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.1 (en-US)

Profile name : default
File : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\xcku28mm.default\prefs.js

Deleted : user_pref("FirstSearch.aol_toolbar.search.hasDoneFirst", 6);
Deleted : user_pref("aol_toolbar.buttons.layout", "aol_mail_5496;facebook_40839;mapquest_40872;twitter_40883;w[...]
Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Deleted : user_pref("aol_toolbar.default.search.check", false);
Deleted : user_pref("aol_toolbar.firsttime.showwindow", false);
Deleted : user_pref("aol_toolbar.guid", "{1D29795D-B99E-8CC1-66EC-EAB9C27D5458}");
Deleted : user_pref("aol_toolbar.install.distroid", "aol");
Deleted : user_pref("aol_toolbar.install.lastTbVersion", "5.74.1.8614");
Deleted : user_pref("aol_toolbar.install.lid", "hyplognew00000010");
Deleted : user_pref("aol_toolbar.install.mtmhp", "hyplogusaolp00000023");
Deleted : user_pref("aol_toolbar.install.ncid", "");
Deleted : user_pref("aol_toolbar.metrics.activestampdate", "17");
Deleted : user_pref("aol_toolbar.metrics.activestampmonth", "9");
Deleted : user_pref("aol_toolbar.metrics.activestampyear", "2012");
Deleted : user_pref("aol_toolbar.metrics.originalDate", "10");
Deleted : user_pref("aol_toolbar.metrics.originalHours", "23");
Deleted : user_pref("aol_toolbar.metrics.originalMinutes", "30");
Deleted : user_pref("aol_toolbar.metrics.originalMonth", "10");
Deleted : user_pref("aol_toolbar.metrics.originalSeconds", "32");
Deleted : user_pref("aol_toolbar.metrics.originalYear", "2012");
Deleted : user_pref("aol_toolbar.relatednews.enabled", false);
Deleted : user_pref("aol_toolbar.remote.publish.xml", "1350485418274");
Deleted : user_pref("aol_toolbar.rtw.active", false);
Deleted : user_pref("aol_toolbar.search.button", true);
Deleted : user_pref("aol_toolbar.search.cid", "10-10-2012");
Deleted : user_pref("aol_toolbar.search.focusnewtab", true);
Deleted : user_pref("aol_toolbar.search.instd", "20121010232930615");
Deleted : user_pref("aol_toolbar.search.newtab", true);
Deleted : user_pref("aol_toolbar.search.oid", "10-10-2012");
Deleted : user_pref("aol_toolbar.search.placement", "right");
Deleted : user_pref("aol_toolbar.search.populateoncomplete", false);
Deleted : user_pref("aol_toolbar.search.savehistory", false);
Deleted : user_pref("aol_toolbar.search.searchtype", "web");
Deleted : user_pref("aol_toolbar.search.source", "tb50-ff-adknowledgeaol");
Deleted : user_pref("aol_toolbar.skin.custom", false);
Deleted : user_pref("aol_toolbar.surf.date", "9");
Deleted : user_pref("aol_toolbar.surf.lastDate", "17");
Deleted : user_pref("aol_toolbar.surf.lastMonth", "9");
Deleted : user_pref("aol_toolbar.surf.lastYear", "2012");
Deleted : user_pref("aol_toolbar.surf.month", "283");
Deleted : user_pref("aol_toolbar.surf.prevMonth", "0");
Deleted : user_pref("aol_toolbar.surf.total", "290");
Deleted : user_pref("aol_toolbar.surf.week", "135");
Deleted : user_pref("aol_toolbar.surf.year", "283");
Deleted : user_pref("aol_toolbar.ticker.active", false);
Deleted : user_pref("aol_toolbar.upgrade.showwindow", false);
Deleted : user_pref("aol_toolbar.weather.degc", "10");
Deleted : user_pref("aol_toolbar.weather.degf", "50");
Deleted : user_pref("aol_toolbar.weather.image", "chrome://aoltoolbar/skin/weather/34.png");
Deleted : user_pref("aol_toolbar.weather.locationid", "USNY0996");
Deleted : user_pref("aol_toolbar.weather.metric", true);
Deleted : user_pref("aol_toolbar.weather.tooltip", "New York , NY : Mostly Sunny");
Deleted : user_pref("aol_toolbar.weather.update", "1350485524174");

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.34] : icon_url = "hxxp://www.babylon.com/favicon.ico",
Deleted [l.37] : keyword = "babylon.com",
Deleted [l.40] : search_url = "hxxp://search.babylon.com/?q={searchTerms}&tt=220512_53ctrl&babsrc=SP_crm",

*************************

AdwCleaner[S1].txt - [9200 octets] - [09/10/2012 07:55:38]
AdwCleaner[R1].txt - [6214 octets] - [16/10/2012 12:06:19]
AdwCleaner[S2].txt - [6300 octets] - [17/10/2012 07:56:21]

########## EOF - C:\AdwCleaner[S2].txt - [6360 octets] ##########



OK so i tried to open up the "Uninstall Programs" again and it still wont open. Even If i hold down Ctrl and press "Uninstall a Program" a window flashes on the screen but nothing opens up. It's almost to the point that i would have to re-install Windows to fix this issue.

#9 nasdaq

nasdaq

  • Malware Response Team
  • 38,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:26 PM

Posted 18 October 2012 - 07:25 AM

Lets find out if you have some restrictions on this applet.


Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2


If your operating system is 64 bit download this tool:
SystemLook_x64.exe
  • Double-click SystemLook.exe to run it.
  • Copy and paste the content of the following bold text into the main textfield:


    :reg
    HKEY_CURRENT_USER/SOFTWARE/Microsoft/Windows/CurrentVersion/Policies/Uninstall

  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

#10 Aceshigh24

Aceshigh24
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:26 PM

Posted 23 October 2012 - 12:42 AM

Here is the system look results:


SystemLook 30.07.11 by jpshortstuff
Log created at 22:41 on 22/10/2012 by Mike
Administrator - Elevation successful

========== reg ==========

[HKEY_CURRENT_USER]
(No values found)

[HKEY_CURRENT_USER\AppEvents]

[HKEY_CURRENT_USER\Console]

[HKEY_CURRENT_USER\Control Panel]

[HKEY_CURRENT_USER\Environment]

[HKEY_CURRENT_USER\EUDC]

[HKEY_CURRENT_USER\Identities]

[HKEY_CURRENT_USER\Keyboard Layout]

[HKEY_CURRENT_USER\Network]

[HKEY_CURRENT_USER\Printers]

[HKEY_CURRENT_USER\Software]

[HKEY_CURRENT_USER\System]

[HKEY_CURRENT_USER\Toolbb1]

[HKEY_CURRENT_USER\SessionInformation]

[HKEY_CURRENT_USER\Volatile Environment]


-= EOF =-

#11 nasdaq

nasdaq

  • Malware Response Team
  • 38,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:26 PM

Posted 23 October 2012 - 01:23 PM

Please run the SystemTool again and search for this.

:reg
HKEY_CURRENT_USER/SOFTWARE/Microsoft/Windows/CurrentVersion/Policies


#12 Aceshigh24

Aceshigh24
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:26 PM

Posted 24 October 2012 - 01:29 AM

Please run the SystemTool again and search for this.

:reg
HKEY_CURRENT_USER/SOFTWARE/Microsoft/Windows/CurrentVersion/Policies



Ok so i think I'm confused on what you are asking me to do. When i open up System Look it just has a blank box and I thought i was suppose to past :reg
HKEY_CURRENT_USER/SOFTWARE/Microsoft/Windows/CurrentVersion/Policies??

If not please help me understand on what you need me to do.

Also when you say System Tool are you referring to System Look?

#13 nasdaq

nasdaq

  • Malware Response Team
  • 38,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:26 PM

Posted 24 October 2012 - 08:30 AM

Sorry my bad. Yes SystemLook. As you did before.
Except copy the following the the search box.

:reg
HKEY_CURRENT_USER/SOFTWARE/Microsoft/Windows/CurrentVersion/Policies


#14 nasdaq

nasdaq

  • Malware Response Team
  • 38,756 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:10:26 PM

Posted 30 October 2012 - 10:09 AM

Are you still with me?

#15 Aceshigh24

Aceshigh24
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:06:26 PM

Posted 31 October 2012 - 12:32 AM

Yeah sorry about that i have been away on a family matter issue


OK so here is what is happening when i put in :reg
HKEY_CURRENT_USER/SOFTWARE/Microsoft/Windows/CurrentVersion/Policies


SystemLook 30.07.11 by jpshortstuff
Log created at 22:30 on 30/10/2012 by Mike
Administrator - Elevation successful

========== reg ==========

[HKEY_CURRENT_USER]
(No values found)

[HKEY_CURRENT_USER\AppEvents]

[HKEY_CURRENT_USER\Console]

[HKEY_CURRENT_USER\Control Panel]

[HKEY_CURRENT_USER\Environment]

[HKEY_CURRENT_USER\EUDC]

[HKEY_CURRENT_USER\Identities]

[HKEY_CURRENT_USER\Keyboard Layout]

[HKEY_CURRENT_USER\Network]

[HKEY_CURRENT_USER\Printers]

[HKEY_CURRENT_USER\Software]

[HKEY_CURRENT_USER\System]

[HKEY_CURRENT_USER\Toolbb1]

[HKEY_CURRENT_USER\SessionInformation]

[HKEY_CURRENT_USER\Volatile Environment]


-= EOF =-


It's pretty much the same as what i put in the previous post so i don't know if I'm doing it correctly but then again all i should be doing is copying and pasting into system look right??

So what am i doing wrong?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users