Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browsing ridiculously slow, can't run DDS


  • This topic is locked This topic is locked
33 replies to this topic

#1 Interested

Interested

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:25 PM

Posted 22 July 2014 - 01:19 AM

I tried to follow the Prep Guide but was unable to get DDS to run.

 

Original post with details (including actions performed so far) is here:

 

http://www.bleepingcomputer.com/forums/t/541160/browsing-ridiculously-slow-cant-run-dds/

 

I was directed to run RSIT and post the log.txt here in Virus, Trojan, Spyware, and Malware Removal Logs...

 

Logfile of random's system information tool 1.10 (written by random/random)
Run by owner at 2014-07-22 01:53:47
Microsoft Windows XP Professional Service Pack 3
System drive C: has 235 GB (16%) free of 1431 GB
Total RAM: 2047 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:54:10 AM, on 7/22/2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Documents and Settings\owner\Desktop\RSIT.exe
C:\Program Files\trend micro\owner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.com?fr=hp-avast&type=avastbcl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.yhs4.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [MediafourGettingStartedWithMacDrive6] "C:\Program Files\Mediafour\MacDrive\MacDrive.exe" /runonce
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [AtiTrayTools] "C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O17 - HKLM\System\CCS\Services\Tcpip\..\{541E2E06-C756-4A2B-9173-0857FAD67D93}: NameServer = 4.2.2.1,4.2.2.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{A71C4087-B032-4C07-A01C-E26A403A4190}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apache2 - Unknown owner - C:\Program Files\xampp\apache\bin\apache.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Advanced Web Ranking Scheduler (AWRScheduler) - Caphyon - C:\Program Files\Caphyon\Advanced Web Ranking\Scheduler.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SafeNet Monitor Service (IPSECMON) - SafeNet - C:\Program Files\NetScreen\NetScreen-Remote\IPSecMon.exe
O23 - Service: SafeNet IKE Service (IreIKE) - SafeNet - C:\Program Files\NetScreen\NetScreen-Remote\IreIKE.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MySql - Unknown owner - C:/Program Files/xampplite/mysql/bin/mysqld-nt.exe
O23 - Service: PEVSystemStart - Unknown owner - C:\ComboFix\pev.3XE
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - C:\Documents and Settings\owner\Local Settings\Application Data\CrossLoop\tvnserver.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 9370 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe  
C:\WINDOWS\tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe  -task
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe  /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1957994488-839522115-1003Core.job - C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe  /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1957994488-839522115-1003UA.job - C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job - C:\WINDOWS\system32\xp_eos.exe  -c
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job - C:\WINDOWS\system32\xp_eos.exe  

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr

prefs.js - "browser.search.useDBForOrder" -  true
prefs.js - "browser.startup.homepage" -  "https://www.google.com"
prefs.js - "extensions.enabledItems" -  "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10, {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.5, {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.8, {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.6, {e968fc70-8f95-4ab9-9e79-304de2a71ee1}:0.7.3, {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9, LogMeInClient@logmein.com:1.0.0.664, {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}:7.0.01, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.24"
prefs.js - "keyword.URL" -  "http://www.google.com/search?ie=UTF-8&oe=UTF-8&q="

"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1211151.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.21.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


C:\Program Files\Mozilla Firefox\plugins\
cgpcfg.dll
CgpCore.dll
confmgr.dll
ctxmui.dll
icafile.dll
icalogon.dll
logging.dll
np-mswmp.dll
NPAdbESD.dll
npicaN.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
sslsdk_b.dll
TcpPServ.dll

C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\extensions\
LogMeInClient@logmein.com
netvideohunter@netvideohunter.com
video.downloader.plugin@ffpimp.com
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{e968fc70-8f95-4ab9-9e79-304de2a71ee1}

C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\searchplugins\
a9.xml
all-recipes.xml
AltaVista.xml
cddball.xml
DICT.xml
fedex-track.xml
IMDb.xml
mycroft-project.xml
neweggcom.xml
pg.xml
snopes.xml
ups-tracking-united-states.xml
webster.xml
wikipedia.xml
Yahoo_Finance.xml
youtube.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23 72336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-05-19 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-06-05 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll [2013-06-21 1000984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-05-19 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-06-05 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NVMixerTray"=C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe [2004-12-20 131072]
"MediafourGettingStartedWithMacDrive6"=C:\Program Files\Mediafour\MacDrive\MacDrive.exe [2004-08-26 86016]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe []
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-07-03 43816]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2013-05-01 421888]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2014-07-08 152392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-05-30 68856]
"AtiTrayTools"=C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe [2011-10-29 929792]
"Google Update"=C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-11-15 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SkypeUpdate"=2

C:\Documents and Settings\owner\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-06-26 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{A213B520-C6C2-11d0-AF9D-008029E1027E}"=C:\Program Files\Symantec\WinFax\WfxSeh32.Dll [1998-07-27 38400]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\EA GAMES\Battlefield 2\BF2.exe"="C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Disabled:Battlefield 2"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"H:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe"="H:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe:*:Disabled:Rosetta Stone Ltd Services"
"H:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe"="H:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe:*:Disabled:Rosetta Stone Version 3 Application"
"H:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe"="H:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:*:Disabled:Sid Meier's Civilization 4"
"C:\Program Files\UltraVnc\winvnc.exe"="C:\Program Files\UltraVnc\winvnc.exe:*:Enabled:winvnc.exe"
"C:\Program Files\UltraVNC\vncviewer.exe"="C:\Program Files\UltraVNC\vncviewer.exe:*:Enabled:vncviewer.exe"
"J:\Program Files\EA GAMES\The Battle for Middle-earth ™\game.dat"="J:\Program Files\EA GAMES\The Battle for Middle-earth ™\game.dat:*:Enabled:The Battle for Middle-earth ™"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe"="C:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services"
"C:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe"="C:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone Version 3 Application"
"C:\Documents and Settings\owner\Local Settings\Application Data\CrossLoop\vncviewer.exe"="C:\Documents and Settings\owner\Local Settings\Application Data\CrossLoop\vncviewer.exe:*:Enabled:vncviewer.exe"
"C:\Documents and Settings\owner\Local Settings\Application Data\CrossLoop\tvnserver.exe"="C:\Documents and Settings\owner\Local Settings\Application Data\CrossLoop\tvnserver.exe:*:Enabled:tvnserver.exe"
"C:\Program Files\Electronic Arts\The Battle for Middle-earth ™ II\game.dat"="C:\Program Files\Electronic Arts\The Battle for Middle-earth ™ II\game.dat:*:Enabled:The Battle for Middle-earth™ II"
"C:\Program Files\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\game.dat"="C:\Program Files\Electronic Arts\The Lord of the Rings, The Rise of the Witch-king\game.dat:*:Enabled:The Lord of the Rings, The Rise of the Witch-king"
"C:\Program Files\CyberLink\PowerDirector10\PDR10.exe"="C:\Program Files\CyberLink\PowerDirector10\PDR10.exe:*:Enabled:CyberLink PowerDirector"
"C:\WINDOWS\system32\javaw.exe"="C:\WINDOWS\system32\javaw.exe:*:Enabled:Java ™ Runtime Environment"
"C:\Program Files\Java\jre7\bin\java.exe"="C:\Program Files\Java\jre7\bin\java.exe:*:Enabled:Java ™ Runtime Environment"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\Caphyon\Advanced Web Ranking\AdvancedLinkManager.exe"="C:\Program Files\Caphyon\Advanced Web Ranking\AdvancedLinkManager.exe:*:Enabled:Advanced Link Manager"
"C:\Program Files\Caphyon\Advanced Web Ranking\AdvancedWebRanking.exe"="C:\Program Files\Caphyon\Advanced Web Ranking\AdvancedWebRanking.exe:*:Enabled:Advanced Web Ranking"
"C:\Program Files\Caphyon\Advanced Web Ranking\Scheduler.exe"="C:\Program Files\Caphyon\Advanced Web Ranking\Scheduler.exe:*:Enabled:Advanced Web Ranking Scheduler"
"C:\Program Files\EASEUS\Todo Backup\bin\TbService.exe"="C:\Program Files\EASEUS\Todo Backup\bin\TbService.exe:*:Enabled:TbService.exe"
"C:\Program Files\EASEUS\Todo Backup\bin\TBConsoleUI.exe"="C:\Program Files\EASEUS\Todo Backup\bin\TBConsoleUI.exe:*:Enabled:Local TBConsoleUI.exe"
"C:\Program Files\TeamViewer\Version9\TeamViewer.exe"="C:\Program Files\TeamViewer\Version9\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"H:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe"="H:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services"
"H:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe"="H:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone Version 3 Application"
"C:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe"="C:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe:*:Enabled:Rosetta Stone Ltd Services"
"C:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe"="C:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe:*:Enabled:Rosetta Stone Version 3 Application"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=i420vfw.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.WMV3"=wmv9vcm.dll
"vidc.tscc"=tsccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"wave6"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux5"=wdmaud.drv
"wave7"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux6"=wdmaud.drv
"wave8"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux7"=wdmaud.drv
"wave9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux8"=wdmaud.drv
"aux9"=wdmaud.drv

======List of files/folders created in the last 1 month======

2014-07-22 01:53:48 ----D---- C:\Program Files\trend micro
2014-07-22 01:53:47 ----D---- C:\rsit
2014-07-19 23:45:21 ----D---- C:\Program Files\iPod
2014-07-19 23:45:19 ----D---- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-07-17 15:14:56 ----SHD---- C:\RECYCLER
2014-07-16 10:04:55 ----D---- C:\Program Files\CodeStuff
2014-07-16 09:20:38 ----SD---- C:\ComboFix
2014-06-30 08:51:10 ----A---- C:\WINDOWS\zip.exe
2014-06-30 08:51:10 ----A---- C:\WINDOWS\SWXCACLS.exe
2014-06-30 08:51:10 ----A---- C:\WINDOWS\SWSC.exe
2014-06-30 08:51:10 ----A---- C:\WINDOWS\SWREG.exe
2014-06-30 08:51:10 ----A---- C:\WINDOWS\sed.exe
2014-06-30 08:51:10 ----A---- C:\WINDOWS\PEV.exe
2014-06-30 08:51:10 ----A---- C:\WINDOWS\NIRCMD.exe
2014-06-30 08:51:10 ----A---- C:\WINDOWS\MBR.exe
2014-06-30 08:51:10 ----A---- C:\WINDOWS\grep.exe
2014-06-30 08:50:37 ----D---- C:\Qoobox
2014-06-30 08:49:03 ----A---- C:\TDSSKiller.3.0.0.39_30.06.2014_08.49.03_log.txt
2014-06-30 08:33:19 ----A---- C:\lsp.txt
2014-06-27 10:07:43 ----D---- C:\WINDOWS\system32\MpEngineStore
2014-06-27 05:25:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2014-06-27 05:12:49 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2014-06-27 05:12:40 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2014-06-27 05:11:34 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2014-06-27 04:56:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2808679$
2014-06-27 04:46:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2492386$
2014-06-27 04:45:58 ----N---- C:\WINDOWS\system32\spmsg.dll
2014-06-27 04:45:57 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2014-06-27 04:45:25 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2014-06-27 04:43:17 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2014-06-27 04:28:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2014-06-27 04:28:42 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2014-06-27 04:05:04 ----D---- C:\WINDOWS\system32\MRT
2014-06-27 04:04:34 ----D---- C:\WINDOWS\ie7updates
2014-06-27 04:04:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2922229$
2014-06-27 04:02:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2929961$
2014-06-27 04:02:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2930275$
2014-06-27 04:02:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2934207$
2014-06-27 04:02:13 ----RD---- C:\Program Files\Skype
2014-06-27 04:02:13 ----D---- C:\Program Files\Common Files\Skype
2014-06-27 03:49:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2916036$
2014-06-27 03:44:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2909212$
2014-06-27 03:39:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2914368$
2014-06-27 03:39:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2904266$
2014-06-27 03:39:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2898715$
2014-06-27 03:39:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2892075$
2014-06-27 03:39:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2893294$
2014-06-27 03:39:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2900986$
2014-06-27 03:38:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2876331$
2014-06-27 03:38:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2868626$
2014-06-27 03:38:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2862152$
2014-06-27 03:38:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2884256$
2014-06-27 03:38:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2868038$
2014-06-27 03:37:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2862335$
2014-06-27 03:37:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2862330$
2014-06-27 03:37:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2847311$
2014-06-27 03:27:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2864063$
2014-06-27 03:27:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2876217$
2014-06-27 03:26:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2834903-v2_WM10L$
2014-06-27 03:26:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2850869$
2014-06-27 03:19:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2859537$
2014-06-27 03:19:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2845142_WM64$
2014-06-27 03:19:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2834886$
2014-06-27 03:17:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2813345$
2014-06-27 03:17:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2820917$
2014-06-27 03:17:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2807986$
2014-06-27 03:16:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2780091$
2014-06-27 03:16:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2802968$
2014-06-27 03:00:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2757638$
2014-06-27 03:00:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2770660$
2014-06-27 03:00:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2727528$
2014-06-27 02:47:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219-v2$
2014-06-27 02:46:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2723135-v2$
2014-06-27 02:46:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2749655$
2014-06-27 02:46:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2712808$
2014-06-27 02:46:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2698365$
2014-06-27 02:46:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2719985$
2014-06-27 02:46:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2655992$
2014-06-27 02:45:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2691442$
2014-06-27 02:45:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2686509$
2014-06-27 02:43:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2659262$
2014-06-27 02:43:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2676562$
2014-06-27 02:38:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2653956$
2014-06-27 02:35:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2661637$
2014-06-27 02:34:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2014-06-27 02:33:57 ----D---- C:\WINDOWS\ie8updates
2014-06-27 02:33:09 ----HDC---- C:\WINDOWS\ie8
2014-06-27 02:26:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2014-06-27 02:26:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$
2014-06-27 02:26:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$
2014-06-27 02:26:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2014-06-27 02:25:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
2014-06-27 02:25:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$
2014-06-27 02:25:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$
2014-06-27 02:25:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$
2014-06-27 02:25:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$
2014-06-27 02:25:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$
2014-06-27 02:25:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$
2014-06-27 02:24:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2014-06-27 02:22:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2014-06-27 02:22:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2014-06-27 02:22:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$
2014-06-27 02:22:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2014-06-27 02:22:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2510581$
2014-06-27 02:22:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2014-06-27 02:21:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2014-06-27 02:21:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2014-06-27 02:21:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2014-06-27 02:21:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2014-06-27 02:21:22 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2014-06-27 02:21:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2014-06-27 02:20:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2014-06-27 02:20:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2014-06-27 02:20:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2014-06-27 02:20:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2014-06-27 02:20:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2014-06-27 02:20:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2014-06-27 02:20:05 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2014-06-27 02:19:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2014-06-27 02:19:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2014-06-27 02:19:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2014-06-27 02:19:29 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2014-06-27 02:19:13 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2014-06-27 02:19:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2014-06-27 02:19:00 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2014-06-27 02:18:51 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2014-06-27 02:18:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2014-06-27 02:18:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2014-06-27 02:15:54 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2014-06-27 02:15:43 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2014-06-27 02:15:37 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2014-06-27 02:15:29 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2014-06-27 02:15:20 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2014-06-27 02:15:12 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2014-06-27 02:15:04 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2014-06-27 02:14:55 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2014-06-27 02:14:43 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2014-06-27 02:14:31 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2014-06-27 02:14:22 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2014-06-27 02:14:13 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2014-06-27 02:14:05 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2014-06-27 02:13:56 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2014-06-27 02:13:48 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2014-06-27 02:13:38 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2014-06-27 02:13:25 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2014-06-27 02:13:16 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2014-06-27 02:13:07 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2014-06-27 02:12:59 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2014-06-27 02:12:47 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2014-06-27 02:12:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2014-06-27 02:12:32 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2014-06-27 02:12:22 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2014-06-27 02:12:13 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2014-06-27 02:12:04 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2014-06-27 02:11:55 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2014-06-27 02:11:33 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2014-06-27 02:08:13 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2014-06-27 02:05:48 ----N---- C:\WINDOWS\system32\xp_eos.exe
2014-06-27 01:50:24 ----N---- C:\WINDOWS\system32\iacenc.dll
2014-06-27 01:25:24 ----A---- C:\WINDOWS\OEWABLog.txt
2014-06-27 01:23:50 ----D---- C:\WINDOWS\Prefetch
2014-06-27 01:20:06 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2014-06-27 01:19:40 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
2014-06-27 01:19:08 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2014-06-27 01:18:44 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2014-06-27 01:18:18 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2014-06-27 01:17:53 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2014-06-27 01:17:27 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2014-06-27 01:17:01 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2014-06-27 01:16:37 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2014-06-27 01:16:12 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2014-06-27 01:15:48 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2014-06-27 01:15:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2014-06-27 01:14:57 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2014-06-27 01:14:29 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2014-06-27 01:13:59 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2014-06-27 01:13:35 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2014-06-27 01:13:11 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2014-06-27 01:12:43 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2014-06-27 01:12:18 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2014-06-27 01:11:53 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2014-06-27 01:11:28 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2014-06-27 01:11:03 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2014-06-27 01:10:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2014-06-27 01:10:09 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2014-06-27 01:09:44 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2014-06-27 01:09:16 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2014-06-27 01:08:51 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2014-06-27 01:07:59 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2014-06-27 01:04:43 ----N---- C:\WINDOWS\system32\smtpapi.dll
2014-06-27 01:04:43 ----N---- C:\WINDOWS\system32\rwnh.dll
2014-06-27 01:04:43 ----N---- C:\WINDOWS\system32\drivers\irbus.sys
2014-06-27 01:04:43 ----N---- C:\WINDOWS\system32\comsdupd.exe
2014-06-27 01:04:41 ----N---- C:\WINDOWS\system32\dot3ui.dll
2014-06-27 01:04:41 ----N---- C:\WINDOWS\system32\dot3svc.dll
2014-06-27 01:04:41 ----N---- C:\WINDOWS\system32\dot3msm.dll
2014-06-27 01:04:41 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2014-06-27 01:04:41 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2014-06-27 01:04:41 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2014-06-27 01:04:41 ----N---- C:\WINDOWS\system32\dot3api.dll
2014-06-27 01:04:41 ----N---- C:\WINDOWS\system32\dimsroam.dll
2014-06-27 01:04:41 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2014-06-27 01:04:41 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2014-06-27 01:04:41 ----N---- C:\WINDOWS\system32\credssp.dll
2014-06-27 01:04:41 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2014-06-27 01:04:41 ----N---- C:\WINDOWS\system32\azroles.dll
2014-06-27 01:04:41 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2014-06-27 01:04:41 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2014-06-27 01:04:41 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2014-06-27 01:04:40 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2014-06-27 01:04:40 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2014-06-27 01:04:40 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2014-06-27 01:04:40 ----N---- C:\WINDOWS\system32\eapsvc.dll
2014-06-27 01:04:40 ----N---- C:\WINDOWS\system32\eapqec.dll
2014-06-27 01:04:40 ----N---- C:\WINDOWS\system32\eappprxy.dll
2014-06-27 01:04:40 ----N---- C:\WINDOWS\system32\eapphost.dll
2014-06-27 01:04:40 ----N---- C:\WINDOWS\system32\eappgnui.dll
2014-06-27 01:04:40 ----N---- C:\WINDOWS\system32\eappcfg.dll
2014-06-27 01:04:40 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2014-06-27 01:04:40 ----N---- C:\WINDOWS\system32\eapolqec.dll
2014-06-27 01:04:39 ----N---- C:\WINDOWS\system32\onex.dll
2014-06-27 01:04:39 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2014-06-27 01:04:39 ----N---- C:\WINDOWS\system32\napstat.exe
2014-06-27 01:04:39 ----N---- C:\WINDOWS\system32\napmontr.dll
2014-06-27 01:04:39 ----N---- C:\WINDOWS\system32\napipsec.dll
2014-06-27 01:04:39 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2014-06-27 01:04:39 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2014-06-27 01:04:39 ----N---- C:\WINDOWS\system32\mssha.dll
2014-06-27 01:04:39 ----N---- C:\WINDOWS\system32\mmcperf.exe
2014-06-27 01:04:39 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2014-06-27 01:04:39 ----N---- C:\WINDOWS\system32\mmcex.dll
2014-06-27 01:04:39 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2014-06-27 01:04:39 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2014-06-27 01:04:39 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2014-06-27 01:04:39 ----N---- C:\WINDOWS\system32\kmsvc.dll
2014-06-27 01:04:39 ----N---- C:\WINDOWS\system32\kbdpash.dll
2014-06-27 01:04:39 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2014-06-27 01:04:38 ----N---- C:\WINDOWS\system32\tspkg.dll
2014-06-27 01:04:38 ----N---- C:\WINDOWS\system32\slserv.exe
2014-06-27 01:04:38 ----N---- C:\WINDOWS\system32\slrundll.exe
2014-06-27 01:04:38 ----N---- C:\WINDOWS\system32\slgen.dll
2014-06-27 01:04:38 ----N---- C:\WINDOWS\system32\slextspk.dll
2014-06-27 01:04:38 ----N---- C:\WINDOWS\system32\slcoinst.dll
2014-06-27 01:04:38 ----N---- C:\WINDOWS\system32\setupn.exe
2014-06-27 01:04:38 ----N---- C:\WINDOWS\system32\s3gnb.dll
2014-06-27 01:04:38 ----N---- C:\WINDOWS\system32\rasqec.dll
2014-06-27 01:04:38 ----N---- C:\WINDOWS\system32\qutil.dll
2014-06-27 01:04:38 ----N---- C:\WINDOWS\system32\qcliprov.dll
2014-06-27 01:04:38 ----N---- C:\WINDOWS\system32\qagentrt.dll
2014-06-27 01:04:38 ----N---- C:\WINDOWS\system32\qagent.dll
2014-06-27 01:04:37 ----N---- C:\WINDOWS\system32\wlanapi.dll
2014-06-27 01:04:37 ----N---- C:\WINDOWS\slrundll.exe
2014-06-27 01:04:36 ----D---- C:\WINDOWS\system32\scripting
2014-06-27 01:04:35 ----D---- C:\WINDOWS\system32\en
2014-06-27 01:04:35 ----D---- C:\WINDOWS\system32\bits
2014-06-27 01:04:35 ----D---- C:\WINDOWS\l2schemas
2014-06-27 01:02:45 ----D---- C:\WINDOWS\ServicePackFiles
2014-06-27 01:01:25 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2014-06-27 01:01:25 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2014-06-27 01:01:25 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2014-06-27 01:01:25 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2014-06-27 01:01:25 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2014-06-27 01:01:25 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2014-06-27 01:01:25 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2014-06-27 01:01:25 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2014-06-27 01:01:25 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2014-06-27 01:01:25 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2014-06-27 01:01:25 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2014-06-27 01:01:25 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2014-06-27 01:01:25 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2014-06-27 01:01:25 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2014-06-27 01:01:25 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2014-06-27 01:01:25 ----D---- C:\WINDOWS\network diagnostic
2014-06-27 01:01:24 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2014-06-27 01:01:24 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2014-06-27 01:01:24 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2014-06-27 01:01:24 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2014-06-27 01:01:24 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2014-06-27 01:01:24 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2014-06-27 01:01:24 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2014-06-27 01:01:24 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2014-06-27 01:01:24 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2014-06-27 01:01:24 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2014-06-27 01:01:24 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2014-06-27 01:01:24 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2014-06-27 01:01:24 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2014-06-27 01:01:24 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2014-06-27 01:01:24 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2014-06-27 01:01:24 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2014-06-27 01:01:24 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2014-06-27 01:01:24 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2014-06-27 01:01:24 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2014-06-27 01:01:24 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2014-06-27 01:01:24 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2014-06-27 01:01:24 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2014-06-27 01:01:24 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2014-06-27 01:01:23 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2014-06-27 01:01:23 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2014-06-27 01:01:23 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2014-06-27 01:01:23 ----N---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2014-06-27 01:01:23 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys
2014-06-27 01:01:23 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2014-06-27 01:01:23 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2014-06-27 01:01:23 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2014-06-27 01:01:23 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2014-06-27 01:01:23 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2014-06-27 01:01:22 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2014-06-27 01:01:22 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2014-06-27 01:01:22 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2014-06-27 01:01:22 ----N---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2014-06-27 01:01:22 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2014-06-27 01:01:22 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2014-06-27 01:01:22 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2014-06-27 01:01:22 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2014-06-27 01:01:22 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2014-06-27 01:01:22 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2014-06-27 01:01:22 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2014-06-27 01:01:22 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2014-06-27 01:01:21 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2014-06-27 01:01:21 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2014-06-27 01:01:21 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2014-06-27 01:01:21 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2014-06-27 01:01:21 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2014-06-27 01:01:21 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2014-06-27 01:01:21 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys
2014-06-27 01:01:21 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2014-06-27 01:01:21 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2014-06-27 01:01:21 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2014-06-27 01:01:21 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2014-06-27 01:01:21 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2014-06-27 01:01:21 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2014-06-27 01:01:21 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2014-06-27 01:01:21 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2014-06-27 01:01:21 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2014-06-27 01:01:21 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2014-06-27 01:01:21 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2014-06-27 01:01:20 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2014-06-27 01:01:20 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2014-06-27 01:01:20 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2014-06-27 00:59:55 ----A---- C:\WINDOWS\003430_.tmp
2014-06-27 00:58:19 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2014-06-27 00:23:18 ----D---- C:\Documents and Settings\owner\Application Data\MailFrontier
2014-06-27 00:21:25 ----ASH---- C:\WINDOWS\system32\drivers\fidbox.dat
2014-06-27 00:16:45 ----D---- C:\Documents and Settings\All Users\Application Data\MailFrontier
2014-06-27 00:16:38 ----A---- C:\WINDOWS\zllsputility.exe
2014-06-27 00:16:38 ----A---- C:\WINDOWS\system32\SpOrder.dll
2014-06-27 00:16:32 ----A---- C:\WINDOWS\system32\drivers\klif.sys
2014-06-27 00:16:25 ----A---- C:\WINDOWS\system32\zpeng24.dll

======List of files/folders modified in the last 1 month======

2014-07-22 01:53:48 ----RD---- C:\Program Files
2014-07-22 01:53:35 ----D---- C:\Program Files\Zoom Player
2014-07-22 00:59:46 ----D---- C:\WINDOWS\Internet Logs
2014-07-22 00:58:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-07-21 20:58:00 ----D---- C:\WINDOWS\temp
2014-07-21 14:34:50 ----A---- C:\moduleName.txt
2014-07-19 23:48:23 ----SHD---- C:\WINDOWS\Installer
2014-07-19 23:47:49 ----SHD---- C:\Config.Msi
2014-07-19 23:46:01 ----D---- C:\WINDOWS\system32
2014-07-19 23:45:55 ----D---- C:\Program Files\iTunes
2014-07-19 23:45:20 ----D---- C:\Program Files\Common Files\Apple
2014-07-19 23:29:43 ----A---- C:\WINDOWS\NeroDigital.ini
2014-07-17 19:29:38 ----D---- C:\WINDOWS
2014-07-17 18:27:15 ----A---- C:\WINDOWS\BlendSettings.ini
2014-07-17 17:33:59 ----D---- C:\Program Files\UltimateZip 2007
2014-07-17 16:22:53 ----D---- C:\WINDOWS\system32\CatRoot2
2014-07-16 11:37:16 ----D---- C:\Documents and Settings\owner\Application Data\FileZilla
2014-07-16 09:22:56 ----A---- C:\WINDOWS\ntbtlog.txt
2014-07-16 09:21:07 ----D---- C:\WINDOWS\system32\drivers
2014-07-16 08:57:37 ----D---- C:\Documents and Settings\owner\Application Data\DAEMON Tools
2014-07-13 07:05:21 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-07-09 15:43:46 ----D---- C:\Documents and Settings\All Users\Application Data\Rosetta Stone
2014-07-09 00:10:38 ----D---- C:\Documents and Settings\owner\Application Data\vlc
2014-07-08 08:52:01 ----D---- C:\Documents and Settings\owner\Application Data\TeamViewer
2014-07-07 13:01:33 ----D---- C:\Documents and Settings\owner\Application Data\Canon
2014-06-30 08:50:15 ----D---- C:\WINDOWS\ERDNT
2014-06-29 22:46:02 ----HD---- C:\WINDOWS\inf
2014-06-29 19:49:45 ----D---- C:\Documents and Settings\owner\Application Data\foobar2000
2014-06-29 19:49:28 ----D---- C:\Documents and Settings\owner\Application Data\Audacity
2014-06-27 09:42:21 ----RASH---- C:\boot.ini
2014-06-27 05:24:40 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-27 05:24:39 ----RSD---- C:\WINDOWS\assembly
2014-06-27 05:24:37 ----D---- C:\WINDOWS\WinSxS
2014-06-27 05:15:10 ----D---- C:\WINDOWS\Microsoft.NET
2014-06-27 05:13:32 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-06-27 05:13:32 ----D---- C:\WINDOWS\system32\CatRoot
2014-06-27 05:12:59 ----A---- C:\WINDOWS\imsins.BAK
2014-06-27 05:01:20 ----D---- C:\WINDOWS\AppPatch
2014-06-27 04:56:13 ----HD---- C:\WINDOWS\$hf_mig$
2014-06-27 04:45:42 ----A---- C:\WINDOWS\win.ini
2014-06-27 04:45:32 ----D---- C:\Program Files\Windows Media Connect 2
2014-06-27 04:45:31 ----D---- C:\Program Files\Windows Media Player
2014-06-27 04:45:29 ----D---- C:\WINDOWS\Help
2014-06-27 04:43:24 ----D---- C:\WINDOWS\system32\drivers\UMDF
2014-06-27 04:12:34 ----SD---- C:\WINDOWS\Tasks
2014-06-27 04:11:16 ----D---- C:\Program Files\Microsoft Silverlight
2014-06-27 04:11:14 ----D---- C:\WINDOWS\system32\en-US
2014-06-27 04:11:13 ----D---- C:\WINDOWS\Media
2014-06-27 04:11:13 ----D---- C:\Program Files\Internet Explorer
2014-06-27 04:03:58 ----A---- C:\WINDOWS\system.ini
2014-06-27 04:02:13 ----D---- C:\Program Files\Common Files
2014-06-27 04:02:11 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2014-06-27 04:02:07 ----D---- C:\Documents and Settings\owner\Application Data\Skype
2014-06-27 03:19:06 ----D---- C:\WINDOWS\system32\XPSViewer
2014-06-27 02:38:28 ----D---- C:\Program Files\Microsoft Office
2014-06-27 02:38:16 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-06-27 02:28:51 ----D---- C:\WINDOWS\Debug
2014-06-27 02:20:15 ----D---- C:\Program Files\Outlook Express
2014-06-27 02:19:01 ----D---- C:\Program Files\Movie Maker
2014-06-27 01:32:55 ----D---- C:\WINDOWS\SoftwareDistribution
2014-06-27 01:29:29 ----SD---- C:\WINDOWS\Downloaded Program Files
2014-06-27 01:24:05 ----A---- C:\WINDOWS\setuplog.txt
2014-06-27 01:22:26 ----D---- C:\WINDOWS\system32\Setup
2014-06-27 01:22:25 ----D---- C:\WINDOWS\system32\wbem
2014-06-27 01:22:24 ----RSD---- C:\WINDOWS\Fonts
2014-06-27 01:21:18 ----D---- C:\WINDOWS\security
2014-06-27 01:09:31 ----D---- C:\Program Files\Messenger
2014-06-27 01:04:43 ----D---- C:\WINDOWS\system32\inetsrv
2014-06-27 01:04:42 ----D---- C:\WINDOWS\ime
2014-06-27 01:04:37 ----D---- C:\WINDOWS\system32\usmt
2014-06-27 01:04:35 ----D---- C:\WINDOWS\PeerNet
2014-06-27 01:04:35 ----D---- C:\Program Files\MSN
2014-06-27 01:02:37 ----D---- C:\WINDOWS\system32\Restore
2014-06-27 01:02:37 ----D---- C:\WINDOWS\system32\npp
2014-06-27 01:02:37 ----D---- C:\WINDOWS\mui
2014-06-27 01:02:36 ----D---- C:\WINDOWS\msagent
2014-06-27 01:02:35 ----D---- C:\WINDOWS\srchasst
2014-06-27 01:02:33 ----D---- C:\Program Files\NetMeeting
2014-06-27 01:02:32 ----D---- C:\WINDOWS\system32\Com
2014-06-27 01:02:31 ----D---- C:\Program Files\Windows NT
2014-06-27 01:02:30 ----D---- C:\Program Files\Common Files\System
2014-06-27 01:02:18 ----D---- C:\WINDOWS\system32\oobe
2014-06-27 01:02:17 ----D---- C:\WINDOWS\system
2014-06-27 00:59:50 ----D---- C:\WINDOWS\system32\ReinstallBackups
2014-06-27 00:58:04 ----D---- C:\WINDOWS\ehome
2014-06-27 00:21:17 ----D---- C:\WINDOWS\system32\ZoneLabs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 EUBAKUP;EUBAKUP; C:\WINDOWS\system32\drivers\eubakup.sys [2013-05-10 51400]
R0 EUBKMON;EUBKMON; C:\WINDOWS\system32\drivers\EUBKMON.sys [2013-05-10 40776]
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 MDPMGRNT;MDPMGRNT; C:\WINDOWS\system32\drivers\MDPMGRNT.sys [2006-04-30 16640]
R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2004-04-27 21760]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2005-07-26 98176]
R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 pssnap;Paramount Software Snapshot Filter; C:\WINDOWS\system32\DRIVERS\pssnap.sys [2012-10-31 16064]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-11-20 43872]
R0 sbp2port;SBP-2 Transport/Protocol Bus Driver; C:\WINDOWS\system32\DRIVERS\sbp2port.sys [2008-04-14 43904]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2004-10-07 46080]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2004-09-14 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2004-10-06 19840]
R0 si3112r;Silicon Image SiI 3112 SATARaid Controller; C:\WINDOWS\system32\drivers\si3112r.sys [2007-08-28 116264]
R0 SiFilter;SATALink driver accelerator; C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys [2007-08-28 19240]
R0 SiWinAcc;SiWinAcc; C:\WINDOWS\system32\drivers\SiWinAcc.sys [2007-08-28 19240]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2013-03-23 169088]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R0 srescan;srescan; C:\WINDOWS\system32\ZoneLabs\srescan.sys [2008-02-27 51176]
R0 timounter;Acronis True Image Backup Archive Explorer; C:\WINDOWS\system32\DRIVERS\timntr.sys [2006-11-11 395744]
R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 37760]
R1 atitray;atitray; \??\C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys []
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2010-12-16 31088]
R1 EUDSKACS;EUDSKACS; \??\C:\WINDOWS\system32\drivers\eudskacs.sys []
R1 EUFDDISK;EUFDDISK; \??\C:\WINDOWS\system32\drivers\EuFdDisk.sys []
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2007-07-19 127768]
R1 MDFSYSNT;MDFSYSNT; C:\WINDOWS\system32\drivers\MDFSYSNT.sys [2006-05-06 212352]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2006-05-20 30588]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 atalk;Miramar AppleTalk Protocol; C:\WINDOWS\system32\DRIVERS\atalk.sys [2002-11-19 187970]
R2 Crypto;Crypto; C:\WINDOWS\system32\drivers\Crypto.sys [2003-07-16 467002]
R2 IPSECDRV;SafeNet IPSec Plugin; \??\C:\WINDOWS\system32\Drivers\IPSECDRV.sys []
R2 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-06-25 35088]
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2006-11-11 39264]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-06-26 2303488]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2002-09-13 138916]
R3 DniVap;SafeNet WAN Miniport (VA); C:\WINDOWS\system32\DRIVERS\vap.sys [2001-12-14 36188]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2005-05-03 27392]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2012-08-21 26840]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nvax;Service for NVIDIA® nForce™ Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2005-05-05 53376]
R3 nvnforce;Service for NVIDIA® nForce™ Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2005-05-05 414464]
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2013-07-16 60160]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-08 32384]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2011-05-26 298016]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-14 48128]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-14 38912]
S3 catchme;catchme; \??\C:\DOCUME~1\owner\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys []
S3 EL90Xbc;3Com 3C90X-BC Family PCI EtherLink Adapter; C:\WINDOWS\system32\DRIVERS\el90Xbc5.SYS [2002-08-13 74338]
S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\system32\epmntdrv.sys []
S3 EUBAKUP0;EUBAKUP0; \??\C:\WINDOWS\system32\drivers\EUBAKUP0.sys []
S3 EUBKMON0;EUBKMON0; \??\C:\WINDOWS\system32\drivers\EUBKMON0.sys []
S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\system32\EuGdiDrv.sys []
S3 go4X1394;go4X1394; C:\WINDOWS\System32\Drivers\go4X1394.sys [2007-10-05 123488]
S3 go4XWDM;go4XWDM; C:\WINDOWS\System32\Drivers\go4XWDM.sys [2005-11-29 28672]
S3 motmodem;Motorola USB CDC ACM Driver; C:\WINDOWS\system32\DRIVERS\motmodem.sys [2007-02-27 21504]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-14 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nm;Network Monitor Driver; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 NVENET;NVIDIA nForce Networking Legacy Driver; C:\WINDOWS\system32\DRIVERS\NVENET.sys [2005-02-03 95302]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888]
S3 SliceDisk5;SliceDisk5; \??\C:\DOCUME~1\owner\LOCALS~1\Temp\FindAndMount\slicedisk.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-02 14976]
S3 usbsermpt;Motorola USB Modem Driver for MPT; C:\WINDOWS\system32\DRIVERS\usbsermpt.sys [2006-08-26 22768]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys []
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 EUDISK;EASEUS Disk Enumerator; \??\C:\WINDOWS\system32\drivers\eudisk.sys []
S4 EUFS;EUFS; C:\WINDOWS\system32\drivers\eufs.sys [2011-04-22 20744]
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-01-16 715248]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-06-12 43336]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-06-26 483328]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-07-09 75304]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-07-08 553288]
S2 Apache2;Apache2; C:\Program Files\xampp\apache\bin\apache.exe -k runservice []
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2007-06-29 520192]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-28 135664]
S2 PEVSystemStart;PEVSystemStart; C:\ComboFix\pev.3XE [2011-06-26 256000]
S2 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2006-10-16 230944]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-07-06 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-13 262320]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 AWRScheduler;Advanced Web Ranking Scheduler; C:\Program Files\Caphyon\Advanced Web Ranking\Scheduler.exe [2012-09-06 124592]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-06-02 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-28 135664]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-22 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 IPSECMON;SafeNet Monitor Service; C:\Program Files\NetScreen\NetScreen-Remote\IPSecMon.exe [2003-08-20 28726]
S3 IreIKE;SafeNet IKE Service; C:\Program Files\NetScreen\NetScreen-Remote\IreIKE.exe [2003-08-20 299058]
S3 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-05-19 181664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-12 119408]
S3 MySql;MySql; C:/Program Files/xampplite/mysql/bin/mysqld-nt.exe []
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2010-06-25 117264]
S3 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-04-25 5024576]
S3 tvnserver;TightVNC Server; C:\Documents and Settings\owner\Local Settings\Application Data\CrossLoop\tvnserver.exe [2010-07-21 814080]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 ATMsg;AppleTalk Messenger; C:\Program Files\Miramar\PC MACLAN\ATMsg.exe [2002-11-19 290816]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S4 CrossLoopService;CrossLoop Service; C:\Documents and Settings\owner\Local Settings\Application Data\CrossLoop\CrossLoopService.exe [2012-01-06 569072]
S4 Diskeeper;Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2006-06-07 942080]
S4 Miramar AppleTalk File Server;Miramar AppleTalk File Server; C:\Program Files\Miramar\PC MACLAN\ATSERVER.EXE [2002-11-19 585796]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 ReflectService.exe;Macrium Reflect Image Mounting Service; C:\Program Files\Macrium\Reflect\ReflectService.exe [2012-10-31 224960]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S4 wfxsvc;WinFax PRO; C:\WINDOWS\system32\WFXSVC.EXE [2000-02-14 129536]

-----------------EOF-----------------
 


Edited by Interested, 22 July 2014 - 01:25 AM.


BC AdBot (Login to Remove)

 


m

#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,549 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:25 PM

Posted 27 July 2014 - 01:20 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/541851 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Interested

Interested
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:25 PM

Posted 29 July 2014 - 11:51 AM

Per instructions above:

 

1. Description is posted above

2. Can't run DDS (per above).  Installed OS is Windows XP SP3 32 bit with all mainstream patches applied.

3. I do have my Windows XP CD (it came with SP2, though, and I patched to SP3)

4. Thank you for any assistance you may be able to provide.



#4 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:01:25 PM

Posted 29 July 2014 - 04:32 PM

Hello Interested, and  :welcome: to the Virus/Trojan/Spyware/Malware Removal forum.

I am oneof4, and I am here to help you!

  • I ask that you refrain from running tools other than those I suggest to you while I am cleaning up your computer. The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
  • Please perform all steps in the order received and do not proceed if you need clarification.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please do not re-run any programs I suggest. If you encounter problems please stop and tell me about it. When your computer is clean I will alert you of such. I will also provide you with detailed suggestions for prevention.
  • At the top right-center of the topic you will see a button called Follow this topic. If you click on this, another page will open. Please choose Instantly for notification and then clicking on Follow this topic you will be advised when we respond to your topic and facilitate the cleaning of your machine.
  • If after 5 days you have not replied to this topic, I will assume it has been abandoned, and I will close it.
  • I would also like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. :heart: Please be courteous and appreciative for the assistance provided!
  • Again I would like to remind you to make no further changes to your computer unless I direct you to do so. Your computer fix will be based on the current condition of your computer! Any changes might delay my ability to help you.

 

==========
 
Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note
: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Best Regards,
oneof4.


#5 Interested

Interested
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:25 PM

Posted 29 July 2014 - 11:56 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-07-2014
Ran by owner (administrator) on NAME on 29-07-2014 23:47:09
Running from C:\Documents and Settings\owner\Desktop
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Zone Labs, LLC) C:\WINDOWS\system32\ZoneLabs\vsmon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe
(Zone Labs, LLC) C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Ray Adams) C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\.DEFAULT\...\RunOnce: [RunNarrator] => Narrator.exe
HKU\S-1-5-21-790525478-1957994488-839522115-1003\...\Run: [AtiTrayTools] => C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe [929792 2011-10-29] (Ray Adams)
HKU\S-1-5-21-790525478-1957994488-839522115-1003\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2007-05-30] (Google Inc.)
HKU\S-1-5-21-790525478-1957994488-839522115-1003\...\MountPoints2: {0f729898-16a6-11e3-be3d-000ea623b841} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
HKU\S-1-5-21-790525478-1957994488-839522115-1003\...\MountPoints2: {61027223-c7e4-11e2-bd9f-000ea623b841} - J:\WDSetup.exe
HKU\S-1-5-21-790525478-1957994488-839522115-1003\...\MountPoints2: {72c2e618-c403-11dc-b80e-0026540c95e1} - I:\Autorun.exe
HKU\S-1-5-21-790525478-1957994488-839522115-1003\...\MountPoints2: {c812a9d6-9a6a-11df-b591-000ea623b841} - K:\LaunchU3.exe
HKU\S-1-5-21-790525478-1957994488-839522115-1003\...\MountPoints2: {f3a6f9a7-e7b9-11e0-b64c-000ea623b841} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
Lsa: [Authentication Packages] msv1_0 relog_ap
Startup: C:\Documents and Settings\owner\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.yhs4.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.com?fr=hp-avast&type=avastbcl
SearchScopes: HKLM - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL =
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204
DPF: {33564D57-0000-0010-8000-00AA00389B71} http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1403846963296
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: WinFax PRO IShellExecuteHook - {A213B520-C6C2-11d0-AF9D-008029E1027E} - C:\Program Files\Symantec\WinFax\WFXSEH32.DLL [38400 1998-07-27] (Symantec Corporation)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{541E2E06-C756-4A2B-9173-0857FAD67D93}: [NameServer]4.2.2.1,4.2.2.2
Tcpip\..\Interfaces\{A71C4087-B032-4C07-A01C-E26A403A4190}: [NameServer]8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr
FF SearchEngineOrder.1: Google
FF Homepage: https://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&q=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\cgpcfg.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\CgpCore.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\confmgr.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ctxmui.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\icafile.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\icalogon.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\logging.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPAdbESD.dll (Adobe Systems Incorporated)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npicaN.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\sslsdk_b.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\TcpPServ.dll ()
FF SearchPlugin: C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\searchplugins\a9.xml
FF SearchPlugin: C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\searchplugins\all-recipes.xml
FF SearchPlugin: C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\searchplugins\AltaVista.xml
FF SearchPlugin: C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\searchplugins\cddball.xml
FF SearchPlugin: C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\searchplugins\DICT.xml
FF SearchPlugin: C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\searchplugins\fedex-track.xml
FF SearchPlugin: C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\searchplugins\IMDb.xml
FF SearchPlugin: C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\searchplugins\mycroft-project.xml
FF SearchPlugin: C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\searchplugins\neweggcom.xml
FF SearchPlugin: C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\searchplugins\pg.xml
FF SearchPlugin: C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\searchplugins\snopes.xml
FF SearchPlugin: C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\searchplugins\ups-tracking-united-states.xml
FF SearchPlugin: C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\searchplugins\webster.xml
FF SearchPlugin: C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\searchplugins\Yahoo_Finance.xml
FF SearchPlugin: C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\searchplugins\youtube.xml
FF Extension: LogMeIn, Inc. Remote Access Plugin - C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\Extensions\LogMeInClient@logmein.com [2013-06-20]
FF Extension: NetVideoHunter - C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\Extensions\netvideohunter@netvideohunter.com [2014-06-14]
FF Extension: Download Youtube Videos + - C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\Extensions\video.downloader.plugin@ffpimp.com [2012-03-21]
FF Extension: DownloadHelper - C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-04-05]
FF Extension: User Agent Switcher - C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1} [2011-01-11]
FF Extension: Classic Theme Restorer - C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-04-29]
FF Extension: CleanHide - C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\Extensions\cleanhide@waxb.blog.com.cn.xpi [2012-12-09]
FF Extension: Social Fixer - C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\Extensions\socialfixer@mattkruse.com.xpi [2013-09-16]
FF Extension: Image Zoom - C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi [2013-04-16]
FF Extension: Download YouTube Videos as MP4 - C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2013-07-22]
FF Extension: Web Developer - C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2012-08-16]
FF Extension: Adblock Plus - C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-30]
FF Extension: DownThemAll! - C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2012-01-01]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-06-27]

Chrome:
=======
CHR HomePage: https://google.com/
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Documents and Settings\owner\Local Settings\Application Data\Google\Chrome\Application\34.0.1847.137\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\owner\Local Settings\Application Data\Google\Chrome\Application\34.0.1847.137\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\owner\Local Settings\Application Data\Google\Chrome\Application\34.0.1847.137\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Adobe ESD Manager Plugin) - C:\Program Files\Mozilla Firefox\plugins\NPAdbESD.dll (Adobe Systems Incorporated)
CHR Plugin: (Java Deployment Toolkit 7.0.10.8) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 7 U1) - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll No File
CHR Extension: (Entanglement Web App) - C:\Documents and Settings\owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2011-03-24]
CHR Extension: (Angry Birds) - C:\Documents and Settings\owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2011-11-14]
CHR Extension: (Adblock Plus) - C:\Documents and Settings\owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-05]
CHR Extension: (Poppit!) - C:\Documents and Settings\owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2011-03-24]
CHR Extension: (Google Wallet) - C:\Documents and Settings\owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (LogMeIn) - C:\Documents and Settings\owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\omkjapkpkiciphacnalicgmmcelfolon [2014-01-07]
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\owner\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [230944 2006-10-16] (Acronis)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2006-07-06] (Adobe Systems) [File not signed]
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [520192 2007-06-29] () [File not signed]
S4 ATMsg; C:\Program Files\Miramar\PC MACLAN\ATMsg.exe [290816 2002-11-19] (Miramar Systems Inc.) [File not signed]
S3 AWRScheduler; C:\Program Files\Caphyon\Advanced Web Ranking\Scheduler.exe [124592 2012-09-06] (Caphyon)
S4 CrossLoopService; C:\Documents and Settings\owner\Local Settings\Application Data\CrossLoop\CrossLoopService.exe [569072 2012-01-06] (CrossLoop)
S4 Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [942080 2006-06-07] (Diskeeper Corporation) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 IPSECMON; C:\Program Files\NetScreen\NetScreen-Remote\IPSecMon.exe [28726 2003-08-20] (SafeNet) [File not signed]
S3 IreIKE; C:\Program Files\NetScreen\NetScreen-Remote\IreIKE.exe [299058 2003-08-20] (SafeNet) [File not signed]
S3 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [181664 2013-05-19] (Oracle Corporation)
S4 Miramar AppleTalk File Server; C:\Program Files\Miramar\PC MACLAN\ATSERVER.EXE [585796 2002-11-19] (Miramar Systems Inc.) [File not signed]
S3 MySql; C:/Program Files/xampplite/mysql/bin/mysqld-nt.exe [5730304 2007-07-06] () [File not signed]
S2 PEVSystemStart; C:\ComboFix\SWREG.3XE [518144 2000-08-30] (SteelWerX) [File not signed]
S4 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [224960 2012-10-31] ()
S4 tvnserver; C:\Documents and Settings\owner\Local Settings\Application Data\CrossLoop\tvnserver.exe [814080 2010-07-21] (GlavSoft LLC.) [File not signed]
R2 vsmon; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [75304 2008-07-09] (Zone Labs, LLC)
S4 wfxsvc; C:\WINDOWS\system32\WFXSVC.EXE [129536 2000-02-14] (Symantec Corporation) [File not signed]
S2 Apache2; "C:\Program Files\xampp\apache\bin\apache.exe" -k runservice [X]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-14] (Microsoft Corporation)
R2 atalk; C:\WINDOWS\System32\DRIVERS\atalk.sys [187970 2002-11-19] (Miramar Systems Inc.) [File not signed]
R1 atitray; C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys [20512 2011-08-15] () [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R2 Crypto; C:\WINDOWS\system32\Drivers\Crypto.sys [467002 2003-07-16] (SafeNet) [File not signed]
R3 DNE; C:\WINDOWS\System32\DRIVERS\dne2000.sys [138916 2002-09-13] (Deterministic Networks, Inc.)
R3 DniVap; C:\WINDOWS\System32\DRIVERS\vap.sys [36188 2001-12-14] (Deterministic Networks Inc.)
S3 EL90Xbc; C:\WINDOWS\System32\DRIVERS\el90Xbc5.SYS [74338 2002-08-13] (3Com Corporation)
R3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [27392 2005-05-03] (SlySoft, Inc.) [File not signed]
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [31088 2010-12-16] (Elaborate Bytes AG)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [13192 2010-07-15] () [File not signed]
R0 EUBAKUP; C:\WINDOWS\System32\drivers\eubakup.sys [51400 2013-05-10] (CHENGDU YIWO Tech Development Co., Ltd)
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [40776 2013-05-10] ()
S4 EUDISK; C:\WINDOWS\system32\drivers\eudisk.sys [187528 2011-04-22] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R1 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [14920 2013-05-10] (CHENGDU YIWO Tech Development Co., Ltd)
R1 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [185672 2013-05-10] (CHENGDU YIWO Tech Development Co., Ltd)
S4 EUFS; C:\WINDOWS\system32\drivers\eufs.sys [20744 2011-04-22] (CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [8456 2010-07-15] () [File not signed]
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 go4X1394; C:\WINDOWS\System32\Drivers\go4X1394.sys [123488 2007-10-05] (BridgeCo AG)
S3 go4XWDM; C:\WINDOWS\System32\Drivers\go4XWDM.sys [28672 2005-11-29] (BridgeCo AG) [File not signed]
R2 IPSECDRV; C:\WINDOWS\system32\Drivers\IPSECDRV.sys [118840 2003-08-20] (SafeNet) [File not signed]
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [127768 2007-07-19] (Kaspersky Lab)
R1 MDFSYSNT; C:\WINDOWS\system32\Drivers\MDFSYSNT.sys [212352 2006-05-06] (Mediafour Corporation) [File not signed]
R0 MDPMGRNT; C:\WINDOWS\system32\Drivers\MDPMGRNT.sys [16640 2006-04-30] (Mediafour Corporation) [File not signed]
R3 ms_mpu401; C:\WINDOWS\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
S3 nm; C:\WINDOWS\System32\DRIVERS\NMnt.sys [40320 2008-04-14] (Microsoft Corporation)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [35088 2010-06-25] (CACE Technologies, Inc.)
R0 nvatabus; C:\WINDOWS\System32\DRIVERS\nvatabus.sys [98176 2005-07-26] (NVIDIA Corporation) [File not signed]
R3 nvax; C:\WINDOWS\System32\drivers\nvax.sys [53376 2005-05-05] (NVIDIA Corporation) [File not signed]
S3 NVENET; C:\WINDOWS\System32\DRIVERS\NVENET.sys [95302 2005-02-03] (NVIDIA Corporation) [File not signed]
R3 nvnforce; C:\WINDOWS\System32\drivers\nvapu.sys [414464 2005-05-05] (NVIDIA Corporation) [File not signed]
R0 nv_agp; C:\WINDOWS\System32\DRIVERS\nv_agp.sys [21760 2004-04-27] (NVIDIA Corporation) [File not signed]
R0 pssnap; C:\WINDOWS\System32\DRIVERS\pssnap.sys [16064 2012-10-31] (Macrium Software)
R1 SCDEmu; C:\WINDOWS\system32\Drivers\SCDEmu.sys [30588 2006-05-20] (PowerISO Computing, Inc.) [File not signed]
R0 sfdrv01; C:\WINDOWS\System32\drivers\sfdrv01.sys [46080 2004-10-07] (Protection Technology) [File not signed]
R0 sfhlp02; C:\WINDOWS\System32\drivers\sfhlp02.sys [6656 2004-09-14] (Protection Technology) [File not signed]
R0 sfsync02; C:\WINDOWS\System32\drivers\sfsync02.sys [19840 2004-10-06] (Protection Technology) [File not signed]
R0 si3112r; C:\WINDOWS\System32\drivers\si3112r.sys [116264 2007-08-28] (Silicon Image, Inc)
R0 SiFilter; C:\WINDOWS\System32\DRIVERS\SiWinAcc.sys [19240 2007-08-28] (Silicon Image, Inc)
R0 SiWinAcc; C:\WINDOWS\System32\drivers\SiWinAcc.sys [19240 2007-08-28] (Silicon Image, Inc)
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [5248 2006-09-24] (Windows ® 2000 DDK provider) [File not signed]
S4 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [715248 2008-01-16] (Duplex Secure Ltd.)
R0 srescan; C:\WINDOWS\System32\ZoneLabs\srescan.sys [51176 2008-02-27] (Zone Labs, LLC)
R2 tifsfilter; C:\WINDOWS\System32\DRIVERS\tifsfilt.sys [39264 2006-11-11] (Acronis)
S3 usbsermpt; C:\WINDOWS\System32\DRIVERS\usbsermpt.sys [22768 2006-08-26] (Microsoft Corporation) [File not signed]
R1 vsdatant; C:\WINDOWS\System32\vsdatant.sys [394952 2008-07-09] (Zone Labs, LLC)
R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [298016 2011-05-26] (Marvell)
S3 catchme; \??\C:\DOCUME~1\owner\LOCALS~1\Temp\catchme.sys [X]
S3 dtscsi; \SystemRoot\System32\Drivers\dtscsi.sys [X]
S3 EUBAKUP0; \??\C:\WINDOWS\system32\drivers\EUBAKUP0.sys [X]
S3 EUBKMON0; \??\C:\WINDOWS\system32\drivers\EUBKMON0.sys [X]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S3 SliceDisk5; \??\C:\DOCUME~1\owner\LOCALS~1\Temp\FindAndMount\slicedisk.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2008-05-02] () [File not signed]
S3 WDC_SAM; system32\DRIVERS\wdcsam.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-29 23:47 - 2014-07-29 23:47 - 00029551 _____ () C:\Documents and Settings\owner\Desktop\FRST.txt
2014-07-29 23:46 - 2014-07-29 23:47 - 00000000 ____D () C:\FRST
2014-07-29 23:44 - 2014-07-29 23:44 - 01084416 _____ (Farbar) C:\Documents and Settings\owner\Desktop\FRST.exe
2014-07-22 23:54 - 2014-07-22 23:54 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-22 23:42 - 2014-07-22 23:42 - 03065856 _____ () C:\Documents and Settings\owner\Desktop\Samsung_SSD_840_Series_DXT09B0Q_Win_Mac.iso
2014-07-22 01:53 - 2014-07-22 01:54 - 00000000 ____D () C:\rsit
2014-07-22 01:53 - 2014-07-22 01:54 - 00000000 ____D () C:\Program Files\trend micro
2014-07-22 01:53 - 2014-07-22 01:53 - 01107968 _____ () C:\Documents and Settings\owner\Desktop\RSIT.exe
2014-07-19 23:46 - 2014-07-19 23:46 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
2014-07-19 23:45 - 2014-07-19 23:45 - 00000000 ____D () C:\Program Files\iPod
2014-07-19 23:45 - 2014-07-19 23:45 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-07-19 23:13 - 2014-07-19 23:13 - 00198354 _____ () C:\Documents and Settings\owner\Desktop\OTL.Txt
2014-07-19 23:13 - 2014-07-19 23:13 - 00068412 _____ () C:\Documents and Settings\owner\Desktop\Extras.Txt
2014-07-19 22:43 - 2014-07-19 22:44 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\owner\Desktop\OTL.exe
2014-07-16 11:11 - 2014-07-16 11:11 - 00013590 _____ () C:\Documents and Settings\owner\Desktop\uc_epn.module
2014-07-16 10:04 - 2014-07-16 10:04 - 00001724 _____ () C:\Documents and Settings\owner\Desktop\CodeStuff Starter.lnk
2014-07-16 10:04 - 2014-07-16 10:04 - 00000000 ____D () C:\Program Files\CodeStuff
2014-07-16 10:04 - 2014-07-16 10:04 - 00000000 ____D () C:\Documents and Settings\owner\Start Menu\Programs\CodeStuff Starter
2014-07-16 10:01 - 2014-07-16 10:01 - 00511782 _____ () C:\Documents and Settings\owner\Desktop\Autoruns.zip
2014-07-16 10:01 - 2014-07-16 10:01 - 00000000 ____D () C:\Documents and Settings\owner\Desktop\Autoruns
2014-07-16 10:00 - 2014-07-16 10:00 - 00680340 _____ () C:\Documents and Settings\owner\Desktop\StarterSetup.zip
2014-07-16 09:20 - 2014-07-16 09:23 - 00000000 ___SD () C:\ComboFix
2014-07-16 08:58 - 2014-07-16 08:59 - 00000630 _____ () C:\Documents and Settings\owner\Desktop\defogger_disable.log
2014-07-16 08:58 - 2014-07-16 08:59 - 00000020 _____ () C:\Documents and Settings\owner\defogger_reenable
2014-07-16 08:58 - 2014-07-16 08:58 - 05221615 ____R (Swearware) C:\Documents and Settings\owner\Desktop\ComboFix.exe
2014-07-16 08:58 - 2014-07-16 08:58 - 00050477 _____ () C:\Documents and Settings\owner\Desktop\Defogger.exe
2014-07-15 15:43 - 2010-04-07 20:49 - 00002295 _____ () C:\Documents and Settings\owner\Desktop\Google Chrome.lnk
2014-07-04 09:37 - 2014-07-04 09:39 - 00000748 _____ () C:\Documents and Settings\owner\Desktop\putty.log
2014-06-30 19:34 - 2014-05-18 10:40 - 148897792 _____ () C:\Documents and Settings\owner\Desktop\clonezilla-live-2.2.3-10-amd64.iso
2014-06-30 08:51 - 2011-06-26 02:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2014-06-30 08:51 - 2010-11-07 13:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2014-06-30 08:51 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2014-06-30 08:51 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2014-06-30 08:51 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2014-06-30 08:51 - 2000-08-30 20:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2014-06-30 08:51 - 2000-08-30 20:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2014-06-30 08:51 - 2000-08-30 20:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2014-06-30 08:51 - 2000-08-30 20:00 - 00068096 _____ () C:\WINDOWS\zip.exe
2014-06-30 08:50 - 2014-06-30 08:51 - 00000000 ____D () C:\Qoobox
2014-06-30 08:35 - 2014-06-30 08:35 - 00688992 ____R (Swearware) C:\Documents and Settings\owner\Desktop\dds.com
2014-06-30 08:33 - 2014-06-30 08:33 - 00019489 _____ () C:\lsp.txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-29 23:47 - 2014-07-29 23:47 - 00029551 _____ () C:\Documents and Settings\owner\Desktop\FRST.txt
2014-07-29 23:47 - 2014-07-29 23:46 - 00000000 ____D () C:\FRST
2014-07-29 23:47 - 2014-06-27 00:21 - 10784800 ___SH () C:\WINDOWS\system32\Drivers\fidbox.dat
2014-07-29 23:47 - 2010-04-07 22:48 - 00000000 ____D () C:\Documents and Settings\owner\Local Settings\temp
2014-07-29 23:46 - 2006-02-11 05:25 - 00000000 ____D () C:\Program Files\Zoom Player
2014-07-29 23:44 - 2014-07-29 23:44 - 01084416 _____ (Farbar) C:\Documents and Settings\owner\Desktop\FRST.exe
2014-07-29 23:41 - 2012-03-29 23:03 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-29 23:41 - 2009-06-30 22:25 - 00000974 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1957994488-839522115-1003UA.job
2014-07-29 22:58 - 2010-02-28 13:26 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-29 20:58 - 2010-02-28 13:26 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-29 19:48 - 2007-07-25 19:17 - 00060384 _____ () C:\moduleName.txt
2014-07-29 14:41 - 2006-02-10 13:45 - 00032222 _____ () C:\WINDOWS\SchedLgU.Txt
2014-07-29 12:44 - 2006-02-10 13:41 - 01186302 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-29 12:43 - 2014-06-27 04:12 - 00000220 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-07-29 12:43 - 2006-06-01 14:22 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-07-29 12:43 - 2006-06-01 14:22 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-07-29 12:43 - 2006-02-11 02:03 - 00355091 ____H () C:\WINDOWS\system32\vsconfig.xml
2014-07-29 12:43 - 2004-08-04 08:00 - 00012598 _____ () C:\WINDOWS\system32\wpa.dbl
2014-07-29 12:42 - 2012-05-04 06:47 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-07-29 12:42 - 2006-02-10 13:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-29 12:42 - 2006-02-10 08:34 - 00484344 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-29 12:41 - 2014-06-27 00:21 - 00127016 ___SH () C:\WINDOWS\system32\Drivers\fidbox.idx
2014-07-29 12:41 - 2006-02-10 13:46 - 00000178 ___SH () C:\Documents and Settings\owner\ntuser.ini
2014-07-29 08:41 - 2009-06-30 22:25 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1957994488-839522115-1003Core.job
2014-07-28 17:54 - 2007-11-09 01:27 - 00000000 ____D () C:\Program Files\UltimateZip 2007
2014-07-28 13:00 - 2012-08-07 23:56 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2014-07-27 16:07 - 2006-04-11 19:04 - 00000049 _____ () C:\WINDOWS\NeroDigital.ini
2014-07-25 10:16 - 2006-02-11 03:02 - 00139224 _____ () C:\Documents and Settings\owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-07-24 10:12 - 2006-06-09 12:11 - 00000000 ____D () C:\Documents and Settings\owner\Application Data\Canon
2014-07-22 23:54 - 2014-07-22 23:54 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-22 23:42 - 2014-07-22 23:42 - 03065856 _____ () C:\Documents and Settings\owner\Desktop\Samsung_SSD_840_Series_DXT09B0Q_Win_Mac.iso
2014-07-22 23:03 - 2006-02-10 08:33 - 00000327 __RSH () C:\boot.ini
2014-07-22 23:03 - 2004-08-04 08:00 - 00000947 _____ () C:\WINDOWS\win.ini
2014-07-22 23:03 - 2004-08-04 08:00 - 00000227 _____ () C:\WINDOWS\system.ini
2014-07-22 09:05 - 2006-03-13 19:32 - 00001820 ____H () C:\Documents and Settings\owner\My Documents\Default.rdp
2014-07-22 01:54 - 2014-07-22 01:53 - 00000000 ____D () C:\rsit
2014-07-22 01:54 - 2014-07-22 01:53 - 00000000 ____D () C:\Program Files\trend micro
2014-07-22 01:53 - 2014-07-22 01:53 - 01107968 _____ () C:\Documents and Settings\owner\Desktop\RSIT.exe
2014-07-19 23:46 - 2014-07-19 23:46 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
2014-07-19 23:45 - 2014-07-19 23:45 - 00000000 ____D () C:\Program Files\iPod
2014-07-19 23:45 - 2014-07-19 23:45 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-07-19 23:45 - 2012-09-19 09:04 - 00000000 ____D () C:\Program Files\iTunes
2014-07-19 23:45 - 2012-08-07 23:56 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-07-19 23:40 - 2011-04-27 02:22 - 00051838 _____ () C:\WINDOWS\setupapi.log
2014-07-19 23:13 - 2014-07-19 23:13 - 00198354 _____ () C:\Documents and Settings\owner\Desktop\OTL.Txt
2014-07-19 23:13 - 2014-07-19 23:13 - 00068412 _____ () C:\Documents and Settings\owner\Desktop\Extras.Txt
2014-07-19 22:44 - 2014-07-19 22:43 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\owner\Desktop\OTL.exe
2014-07-18 17:29 - 2007-04-11 10:37 - 00013166 _____ () C:\WINDOWS\scummvm.ini
2014-07-18 15:25 - 2007-04-11 10:37 - 00000000 ____D () C:\Program Files\ScummVM
2014-07-17 18:27 - 2006-08-08 15:37 - 00000023 _____ () C:\WINDOWS\BlendSettings.ini
2014-07-16 11:37 - 2012-07-03 00:06 - 00000000 ____D () C:\Documents and Settings\owner\Application Data\FileZilla
2014-07-16 11:11 - 2014-07-16 11:11 - 00013590 _____ () C:\Documents and Settings\owner\Desktop\uc_epn.module
2014-07-16 10:04 - 2014-07-16 10:04 - 00001724 _____ () C:\Documents and Settings\owner\Desktop\CodeStuff Starter.lnk
2014-07-16 10:04 - 2014-07-16 10:04 - 00000000 ____D () C:\Program Files\CodeStuff
2014-07-16 10:04 - 2014-07-16 10:04 - 00000000 ____D () C:\Documents and Settings\owner\Start Menu\Programs\CodeStuff Starter
2014-07-16 10:01 - 2014-07-16 10:01 - 00511782 _____ () C:\Documents and Settings\owner\Desktop\Autoruns.zip
2014-07-16 10:01 - 2014-07-16 10:01 - 00000000 ____D () C:\Documents and Settings\owner\Desktop\Autoruns
2014-07-16 10:00 - 2014-07-16 10:00 - 00680340 _____ () C:\Documents and Settings\owner\Desktop\StarterSetup.zip
2014-07-16 09:23 - 2014-07-16 09:20 - 00000000 ___SD () C:\ComboFix
2014-07-16 09:01 - 2006-02-11 02:03 - 00004212 ____H () C:\WINDOWS\system32\zllictbl.dat
2014-07-16 08:59 - 2014-07-16 08:58 - 00000630 _____ () C:\Documents and Settings\owner\Desktop\defogger_disable.log
2014-07-16 08:59 - 2014-07-16 08:58 - 00000020 _____ () C:\Documents and Settings\owner\defogger_reenable
2014-07-16 08:58 - 2014-07-16 08:58 - 05221615 ____R (Swearware) C:\Documents and Settings\owner\Desktop\ComboFix.exe
2014-07-16 08:58 - 2014-07-16 08:58 - 00050477 _____ () C:\Documents and Settings\owner\Desktop\Defogger.exe
2014-07-16 08:58 - 2006-02-10 13:46 - 00000000 ____D () C:\Documents and Settings\owner
2014-07-16 08:57 - 2008-01-16 03:20 - 00000000 ____D () C:\Documents and Settings\owner\Application Data\DAEMON Tools
2014-07-15 01:31 - 2014-03-24 12:08 - 00000000 ____D () C:\Documents and Settings\owner\My Documents\sale
2014-07-15 01:29 - 2014-06-14 22:54 - 00000000 ____D () C:\Documents and Settings\owner\Desktop\JPG
2014-07-14 13:06 - 2006-04-20 22:13 - 00000600 _____ () C:\Documents and Settings\owner\PUTTY.RND
2014-07-13 09:52 - 2011-07-03 21:17 - 00000981 _____ () C:\WINDOWS\setupact.log
2014-07-13 07:05 - 2012-03-29 23:03 - 00699056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-07-13 07:05 - 2011-11-17 23:45 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-07-09 15:43 - 2009-06-03 10:58 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Rosetta Stone
2014-07-09 00:10 - 2007-02-28 11:43 - 00000000 ____D () C:\Documents and Settings\owner\Application Data\vlc
2014-07-08 15:00 - 2014-06-27 04:12 - 00000214 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-07-08 08:52 - 2009-10-07 00:14 - 00000000 ____D () C:\Documents and Settings\owner\Application Data\TeamViewer
2014-07-04 09:39 - 2014-07-04 09:37 - 00000748 _____ () C:\Documents and Settings\owner\Desktop\putty.log
2014-06-30 08:51 - 2014-06-30 08:50 - 00000000 ____D () C:\Qoobox
2014-06-30 08:51 - 2014-06-27 10:07 - 00000000 ____D () C:\WINDOWS\system32\MpEngineStore
2014-06-30 08:50 - 2012-05-18 22:51 - 00000000 ____D () C:\WINDOWS\ERDNT
2014-06-30 08:35 - 2014-06-30 08:35 - 00688992 ____R (Swearware) C:\Documents and Settings\owner\Desktop\dds.com
2014-06-30 08:33 - 2014-06-30 08:33 - 00019489 _____ () C:\lsp.txt
2014-06-29 19:49 - 2008-04-19 00:26 - 00000000 ____D () C:\Documents and Settings\owner\Application Data\Audacity
2014-06-29 19:49 - 2007-07-20 01:59 - 00000000 ____D () C:\Documents and Settings\owner\Application Data\foobar2000

Some content of TEMP:
====================
C:\Documents and Settings\owner\Local Settings\temp\catchme.dll
C:\Documents and Settings\owner\Local Settings\temp\SIntf16.dll
C:\Documents and Settings\owner\Local Settings\temp\SIntf32.dll
C:\Documents and Settings\owner\Local Settings\temp\SIntfNT.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:25-07-2014
Ran by owner at 2014-07-29 23:49:06
Running from C:\Documents and Settings\owner\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ZoneAlarm Security Suite Antivirus (Disabled - Up to date) {5D467B10-818C-4CAB-9FF7-6893B5B8F3CF}
FW: ZoneAlarm Security Suite Firewall (Disabled) {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.12 beta (HKLM\...\7-Zip) (Version:  - )
Acronis Disk Director Suite (HKLM\...\{2300EE96-0A41-4FAB-BD03-989EC44577A0}) (Version: 10.0.2117 - Acronis)
Acronis True Image Home (HKLM\...\{419CF344-3D94-4DAD-99C8-EA7B00E5EA8B}) (Version: 10.0.4871 - Acronis)
Address Book Recovery 1.2 (HKLM\...\Address Book Recovery_is1) (Version:  - Recovery ToolBox)
Adobe Bridge 1.0 (Version: 001.000.000 - Adobe Systems) Hidden
Adobe Common File Installer (Version: 1.00.0000 - Adobe System Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (Version: 001.000.000 - Adobe Systems) Hidden
Adobe Photoshop CS2 (HKLM\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop CS2 (Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Reader XI (11.0.07) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
Adobe Stock Photos 1.0 (Version: 001.000.000 - Adobe Systems) Hidden
Advanced Web Ranking (HKLM\...\{B21C97E3-059E-4294-A8AF-8AB08FC0B5F8}) (Version: 9.2 - Caphyon)
AFPL Ghostscript 8.53 (HKLM\...\AFPL Ghostscript 8.53) (Version:  - )
AFPL Ghostscript Fonts (HKLM\...\AFPL Ghostscript Fonts) (Version:  - )
Apple Application Support (HKLM\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asteroids (remove only) (HKLM\...\Asteroids) (Version:  - )
ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1016 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.391-070626a1-049709C-ATI - )
Audacity 2.0.3 (HKLM\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Avidemux 2.4 (HKLM\...\Avidemux 2.4) (Version: 2.4.0.3322 - )
AviSynth 2.5 (HKLM\...\AviSynth) (Version:  - )
Battlefield 2 patch v1.41 CLIENT x86 repacked build 0056 (HKLM\...\Battlefield 2 patch v1.41 CLIENT x86 repacked_is1) (Version: 0.0.5.6 - Hirschgoulasch)
Battlefield 2™ (HKLM\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version:  - )
Begin Converter (HKLM\...\Begin Converter) (Version: 1.0 - Begin Converter)
Blender (HKLM\...\Blender) (Version: 2.63-release - Blender Foundation)
Blue's Treasure Hunt (HKLM\...\Blue's Treasure Hunt) (Version:  - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Byki (Version: 4.0 - Transparent Language, Inc.) Hidden
Byki Express (HKLM\...\Byki Express) (Version:  - Transparent Language, Inc.)
Canon CanoScan Toolbox 4.9 (HKLM\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version:  - )
CastRipper 2.9.6.000 2007.06.09 (HKLM\...\CastRipper_is1) (Version:  - Mini-stream Software, Inc.)
Catalyst Control Center Core Implementation (Version: 2007.0629.2229.38354 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2007.0613.1506.25058 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2007.0629.2229.38354 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2007.0613.1506.25058 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2007.0629.2229.38354 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2007.0613.1506.25058 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2007.0629.2229.38354 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2007.0613.1506.25058 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2007.0629.2229.38354 - ATI) Hidden
CCC (HKLM\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.007.0629.2228 - )
CCC Help English (Version: 2007.0613.1505.25058 - ATI) Hidden
CCC Help English (Version: 2007.0629.2228.38354 - ATI) Hidden
ccc-core-preinstall (Version: 2007.0613.1506.25058 - ATI) Hidden
ccc-core-preinstall (Version: 2007.0629.2229.38354 - ATI) Hidden
ccc-core-static (Version: 2007.0629.2229.38354 - ATI) Hidden
ccc-utility (Version: 2007.0613.1506.25058 - ATI) Hidden
ccc-utility (Version: 2007.0629.2229.38354 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.02 - Piriform)
CCS64 V3.1 (HKLM\...\CCS64 V3.1) (Version:  - )
Citrix Presentation Server Client (HKLM\...\{42ACCB45-3363-47E0-94E9-F0074CC8BC56}) (Version: 10.150.58643 - Citrix Systems, Inc.)
CloneCD (HKLM\...\CloneCD) (Version:  - SlySoft)
CodeStuff Starter (HKLM\...\CodeStuff Starter) (Version: 5.6.2.9 - CodeStuff)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CrossLoop 2.82 (HKLM\...\CrossLoop_is1) (Version: 2.82 - CrossLoop, Inc.)
CuteFTP 7 Professional (HKLM\...\{1CCBCF78-EF12-4137-B3CA-99F30A2E7D21}) (Version: 7.10.0000 - GlobalSCAPE)
CyberLink PowerDirector 10 (HKLM\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.1424c - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.1424c - CyberLink Corp.) Hidden
Cygnus Hex Editor FREE EDITION 1.00 (HKLM\...\Cygnus Hex Editor FREE EDITION) (Version: 1.00 - SoftCircuits)
DH Driver Cleaner.NET (HKLM\...\DriverCleanerDotNET) (Version: 3.2.0.0 - Ruud Ketelaars)
Diablo II (HKLM\...\Diablo II) (Version:  - )
Diskeeper Professional Premier Edition (HKLM\...\{B6C1C65F-EE1C-4E45-8112-422693F22FD4}) (Version: 10.0.608 - Diskeeper Corporation)
DScaler 5 Mpeg Decoders (HKLM\...\DScaler 5 Mpeg Decoders_is1) (Version:  - )
DVD Flick (HKLM\...\DVD Flick_is1) (Version: 1.3.0.4 - )
EASEUS Partition Master 7.1.1 Home Edition (HKLM\...\EASEUS Partition Master Home Edition_is1) (Version:  - EASEUS)
EaseUS Todo Backup Free 6.0 (HKLM\...\EaseUS Todo Backup Free 6.0_is1) (Version: 6.0 - CHENGDU YIWO Tech Development Co., Ltd)
FFmpeg v0.6.2 for Audacity (HKLM\...\FFmpeg for Audacity_is1) (Version:  - )
FileZilla Client 3.7.3 (HKLM\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
foobar2000 v0.9.4.3 (HKLM\...\foobar2000) (Version: 0.9.4.3 - Peter Pawlowski)
Foxit PDF Editor (HKLM\...\Foxit PDF Editor) (Version: 2.2.1.1102 - Foxit Corporation)
GameSpy Arcade (HKLM\...\GameSpy Arcade) (Version:  - )
GlassFish Server Open Source Edition 3.1.1 (HKLM\...\nbi-glassfish-mod-3.1.1.12.0) (Version:  - )
GO46 (HKLM\...\{09B7610F-567A-4929-889D-EB04313CEF3C}) (Version: 1.00.0000 - )
Google Chrome (HKCU\...\Google Chrome) (Version: 34.0.1847.137 - Google Inc.)
Google Earth (HKLM\...\{6F545E5E-4595-11E2-93B6-B8AC6F97B88E}) (Version: 7.0.2.8415 - Google)
Google Gears (Version: 0.4.24.0 - Google) Hidden
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
GSview 4.7 (HKLM\...\GSview 4.7) (Version:  - )
GTA San Andreas (HKLM\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
GTA San Andreas Admin Console Release 1.8.2 (HKLM\...\GTA San Andreas Admin Console Release 1.8.2) (Version: Release 1.8.2 - open source)
Half-Life (HKLM\...\Half-Life) (Version:  - )
Half-Life Uplink (HKLM\...\Half-Life Uplink) (Version:  - )
Half-Life: Opposing Force (HKLM\...\Half-Life: Opposing Force) (Version:  - )
HandBrake 0.9.8 (HKLM\...\HandBrake) (Version: 0.9.8 - )
HighMAT Extension to Microsoft Windows XP CD Writing Wizard (HKLM\...\{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}) (Version: 1.1.1905.1 - Microsoft Corporation)
Hot Wheels™ Velocity X (HKLM\...\InstallShield_{274EAD3A-6036-46AB-BE36-70690BD6E445}) (Version: 1.00.0000 - THQ)
Hot Wheels™ Velocity X (Version: 1.00.0000 - THQ) Hidden
Hot Wheels® Stunt Track Driver 2 - GET'N DIRTY™ (HKLM\...\Hot Wheels 2 - Get'n Dirty) (Version:  - )
HP USB Disk Storage Format Tool (HKLM\...\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}) (Version:  - )
iExplorer 3.2.3.3 (HKLM\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version:  - Macroplant LLC)
ImageRescue3 (HKLM\...\{6EA6D4E3-134D-4A11-AF2A-7986F61BB2F6}) (Version: 03.00.0013 - Lexar Media)
iPhone Configuration Utility (HKLM\...\{FA54AFB1-5745-4389-B8C1-9F7509672ED1}) (Version: 2.1.0.163 - Apple Inc.)
iTunes (HKLM\...\{0A37EE62-9A58-420D-90CC-4E52153112EE}) (Version: 11.3.0.54 - Apple Inc.)
IZArc 4.0 beta 1 (HKLM\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.0 Build 1760 - Ivan Zahariev)
Java 7 Update 21 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Java Auto Updater (Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
K-Lite Codec Pack 10.1.3 Full (HKLM\...\KLiteCodecPack_is1) (Version: 10.1.3 - )
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
LEGO Racers 2 (HKLM\...\{3DD2E9EA-0544-4162-B8BE-E21E994E9F3B}) (Version:  - )
LibreOffice 4.0 Help Pack (English) (HKLM\...\{FDF9A4DA-AE9A-4240-BDEC-5CF6E22E57CB}) (Version: 4.0.0.3 - The Document Foundation)
LibreOffice 4.0.0.3 (HKLM\...\{8EA569F1-97AF-4C3E-A0CB-4846C2D35A81}) (Version: 4.0.0.3 - The Document Foundation)
LiveUpdate 2.6 (Symantec Corporation) (HKLM\...\LiveUpdate) (Version: 2.6.14.0 - Symantec Corporation)
Lost Secrets Bermuda Triangle (HKLM\...\Lost Secrets Bermuda Triangle) (Version: 1.0 - Game Mill Entertainment)
LucasArts' Curse of Monkey Island (HKLM\...\LucasArts' Curse of Monkey Island) (Version:  - )
MacDrive 6 (HKLM\...\{D3E31FC9-3F0C-4AAE-8C2E-BF8DD05BDCC1}) (Version: 6.1.2 - Mediafour Corporation)
Macrium Reflect Free Edition (HKLM\...\{16C3E3BF-AB9C-403F-9384-4EC08A8DC227}) (Version: 5.1.5299 - Paramount Software (UK) Ltd.)
Mactracker 5.0.4 (HKLM\...\Mactracker) (Version: 5.0.4 - Ian Page)
Magic ISO Maker v5.3 (build 0221) (HKLM\...\Magic ISO Maker v5.3 (build 0221)) (Version:  - )
MakeMKV v1.7.7 (HKLM\...\MakeMKV) (Version: v1.7.7 - GuinpinSoft inc)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Managed DirectX (0900) (Version: 4.09.00.0900 - Microsoft) Hidden
Marvell Miniport Driver (HKLM\...\{C950420B-4182-49EA-850A-A6A2ABF06C6B}) (Version: 6.28 - Marvell Semiconductor Inc.)
Marvell Miniport Driver (HKLM\...\Marvell Miniport Driver) (Version: 11.43.1.3 - Marvell)
Mavis Beacon Teaches Typing Deluxe 20 (HKLM\...\{23B591D7-1C20-44FB-97C2-6953AE67DE18}) (Version: 20.00.0000 - Broderbund)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Internationalized Domain Names Mitigation APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 (Version:  - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 (Version:  - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Office 2000 SR-1 Disc 2 (HKLM\...\{00040409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.9327 - Microsoft Corporation)
Microsoft Office 2000 SR-1 Premium (HKLM\...\{00000409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.9327 - Microsoft Corporation)
Microsoft Office Converter Pack (HKLM\...\{6EECB283-E65F-40EF-86D3-D51BF02A8D43}) (Version: 11.0.0.0 - Microsoft Corporation - Office Resource Kit Group)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.7 (HKLM\...\Wudf01007) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft WinUsb 1.0 (HKLM\...\winusb0100) (Version:  - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM\...\{172423F9-522A-483A-AD65-03600CE4CA4F}) (Version: 9.7.0621 - Microsoft Corporation)
mIRC (HKLM\...\mIRC) (Version:  - )
MKVtoolnix 2.0.2-1 (HKLM\...\MKVtoolnix) (Version: 2.0.2-1 - Moritz Bunkus)
MobileMe Control Panel (HKLM\...\{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}) (Version: 3.1.8.0 - Apple Inc.)
Morrowind (HKLM\...\{C325F588-D6B1-4A7F-B6A2-914C75DDA348}) (Version:  - )
Morrowind Enchanted Editor (HKLM\...\ST6UNST #3) (Version:  - )
Motorola Driver Installation (HKLM\...\{3324A5DC-C7F6-430A-ACC8-F251CD8F4FC7}) (Version: 2.7.2 - Motorola Inc.)
Motorola Phone Tools (HKLM\...\{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}) (Version: 4.0.4b 12-01-2005 - Avanquest Software)
Mozilla Firefox 31.0 (x86 en-US) (HKLM\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSXML 4.0 SP2 (KB925672) (HKLM\...\{A9CF9052-F4A0-475D-A00F-A8388C62DD63}) (Version: 4.20.9839.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6 Service Pack 2 (KB954459) (HKLM\...\{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}) (Version: 6.20.1099.0 - Microsoft Corporation)
MySQL Connector/ODBC 3.51 (HKLM\...\{0CB3C535-1171-4A20-B549-E2CB5DEB9723}) (Version: 3.51.12 - MySQL AB)
Nero 6 Ultra Edition (HKLM\...\Nero - Burning Rom!UninstallKey) (Version:  - )
NetBeans IDE 7.0.1 (HKLM\...\nbi-nb-base-7.0.1.0.0) (Version: 7.0.1 - NetBeans.org)
NetScreen-Remote (HKLM\...\{2F931B84-0CEE-11D1-AA7D-0080AD1AC47A}) (Version:  - )
nForce Unified Driver Architecture Package (HKLM\...\{0D57D531-D81A-430B-914A-0D752EF6863F}_is1) (Version: v1.0 - Planet NVIDIA)
NHRA Quarter Mile Showdown (HKLM\...\{4E290F75-BCE0-4020-846E-73A5CDA7FE38}) (Version: 1.00.1001 - ValuSoft)
Notepad++ (HKLM\...\Notepad++) (Version:  - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
NvMixer (HKLM\...\{D7A6C517-11F2-419F-B5BB-27772B939698}) (Version:  - )
Oblivion (HKLM\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion mod manager 0.8.18 (HKLM\...\Oblivion mod manager_is1) (Version:  - Timeslip)
PatternMaker 7 (HKLM\...\PatternMaker 7_is1) (Version: 7 - PatternMaker Software)
Pattern-Making Calculator ver 1.0 (HKLM\...\Pattern-Making Calculator_is1) (Version:  - )
PC Fix Speed 1.2.0.42 (HKLM\...\{F7B34B38-02A6-44D5-B8CC-06EB3B8ACFC9}_is1) (Version: 1.2.0.42 - Crawler, LLC)
PC MACLAN (HKLM\...\{262D707F-6978-476D-8EFE-6A72AF32236C}) (Version: 9.0 - Miramar Systems, Inc.)
PC Tech Hotline (HKLM\...\{A0B0DA25-DD15-4739-92A3-62D3424F043A}_is1) (Version: 3.0.0.4 - Crawler, LLC)
PCStitch Pro (HKLM\...\{05B3273E-4926-4663-8274-F8989431063C}) (Version: 8.03.08 - M&R Technologies, Inc.)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PowerISO (HKLM\...\PowerISO) (Version:  - )
PrimoPDF -- brought to you by Nitro PDF Software (HKLM\...\PrimoPDF) (Version: 4.1.0.11 - Nitro PDF Software)
Python 2.6 PIL-1.1.6 (HKLM\...\PIL-py2.6) (Version:  - )
Python 2.6 reportlab-2.3 (HKLM\...\reportlab-py2.6) (Version:  - )
Python 2.6 UniConvertor-1.1.4 (HKLM\...\UniConvertor-py2.6) (Version:  - )
Python 2.6.4 (HKLM\...\{e7394a0f-3f80-45b1-87fc-abcd51893246}) (Version: 2.6.4150 - Python Software Foundation)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Ray Adams ATI Tray Tools (HKLM\...\rayatitray) (Version:  - )
RealMedia (remove only) (HKLM\...\RealMedia) (Version:  - )
Recuva (HKLM\...\Recuva) (Version: 1.40 - Piriform)
Riffplayer 0.4.3 (HKLM\...\Riffplayer) (Version: 0.4.3 - RVM)
RiffTrax DVD Player (HKLM\...\RiffTrax DVD Player) (Version:  - RiffTrax)
RiffTrax DVD Player (Version: 1.0.9.9 - RiffTrax) Hidden
R-Mail for Outlook 1.5 (HKLM\...\R-Mail for Outlook_is1) (Version:  - R-tools technology Inc.)
RollerCoaster Tycoon (HKLM\...\{3EE9EB18-62AD-4F68-AD11-2DF358CBDCA2}) (Version: 1.00.000 - )
RollerCoaster Tycoon 2 (HKLM\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version:  - )
RollerCoaster Tycoon 2: Time Twister (HKLM\...\{BA1E1AFD-D1F2-4C52-88C3-186FC5E61604}) (Version: 1.00.000 - )
Rosetta Stone Version 3 (HKLM\...\{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}) (Version: 3.3.5.2 - Rosetta Stone Ltd.)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
ScummVM 1.5.0 (HKLM\...\ScummVM_is1) (Version:  - The ScummVM Team)
SeaMonkey 2.26.1 (x86 en-US) (HKLM\...\SeaMonkey 2.26.1 (x86 en-US)) (Version: 2.26.1 - Mozilla)
Second Sight (HKLM\...\{8421F058-CB2D-4BCE-B487-4A559DE70173}) (Version: 1.00 - Codemasters)
Sharecrow (remove only) (HKLM\...\Sharecrow) (Version:  - )
Sid Meier's Civilization 4 (HKLM\...\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}) (Version: 1.61 - Firaxis Games)
Sid Meier's Civilization 4 (Version: 1.61 - Firaxis Games) Hidden
Sierra Utilities (HKLM\...\Sierra Utilities) (Version:  - )
Skateboard Park Tycoon 2004 (HKLM\...\Activision_SP3UninstallKey) (Version:  - )
Skins (Version: 2007.0613.1506.25058 - ATI) Hidden
Skins (Version: 2007.0629.2229.38354 - ATI) Hidden
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SMPlayer 0.6.8 (HKLM\...\SMPlayer) (Version: 0.6.8 - RVM)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
StuffIt 11 (HKLM\...\{9D2B054C-D335-4870-ADFB-BC645CCC3C76}) (Version: 11.2.0 - SmithMicro)
Stunt Track Driver (HKLM\...\Stunt Track Driver) (Version:  - )
SUPER © Version 2007.bld.23 (July 4, 2007) (HKLM\...\SUPER ©) (Version: Version 2007.bld.23 (July 4, 2007) - eRightSoft)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Symantec WinFax PRO 10.0 (HKLM\...\WinFax) (Version:  - )
SyncCell 3.1 (HKLM\...\SyncCell) (Version: 3.1 - BIDCOM Technologies)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
TES Construction Set (HKLM\...\{DB3C800B-081B-4146-B4E3-EFB5B77AA913}) (Version:  - )
The Battle for Middle-earth ™ II (HKLM\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version:  - )
The Scriptures (HKLM\...\The Scriptures_is1) (Version:  - Institute for Scripture Research)
TransMac version 7.5 (HKLM\...\TransMac_is1) (Version: 7.5 - Acute Systems)
Tweak UI (HKLM\...\Tweak UI 2.10) (Version:  - )
UltimateZip 2007 (HKLM\...\UltimateZip 2007_is1) (Version: 3.2 - SWE von Schleusen)
UltraISO Premium V8.2 (HKLM\...\UltraISO_is1) (Version:  - )
UltraVNC 1.0.9.1 (HKLM\...\Ultravnc2_is1) (Version: 1.0.9.1 - 1.0.9.1)
Unlocker 1.8.7 (HKLM\...\Unlocker) (Version: 1.8.7 - Cedrick Collomb)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2632503) (HKLM\...\KB2632503-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2492386) (HKLM\...\KB2492386) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2808679) (HKLM\...\KB2808679) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VoiceOver Kit (HKLM\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
VUPlayer (HKLM\...\VUPlayer) (Version:  - )
Warcraft III (HKLM\...\Warcraft III) (Version:  - Blizzard Entertainment)
WD Align - Powered by Acronis (HKLM\...\{E9BA9A68-2BB7-4F67-A4C7-8CED6F0F964C}) (Version: 2.0.111 - Acronis)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Winamp (remove only) (HKLM\...\Winamp) (Version:  - )
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage v1.3.0254.0 (Version: 1.3.0254.0 - Microsoft) Hidden
Windows Genuine Advantage Validation Tool (HKLM\...\WGA) (Version:  - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Installer Clean Up (HKLM\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Internet Explorer 7 (Version: 20070813.185237 - Microsoft Corporation) Hidden
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Connect (Version:  - Microsoft Corporation) Hidden
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Format SDK Hotfix - KB891122 (Version:  - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
Winmail Opener 1.4 (HKLM\...\Winmail Opener) (Version: 1.4 - Eolsoft)
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Wireshark 1.4.0 (HKLM\...\Wireshark) (Version: 1.4.0 - The Wireshark developer community, http://www.wireshark.org)
World Championship Checkers (Gold Plus) (HKLM\...\{6AEDEDA7-411A-4BDD-80F5-BA653D8ED143}) (Version: 1.0 - Gil Dodgen)
Wrye Mash (HKLM\...\Wrye Mash) (Version:  - Wrye)
Xfire (remove only) (HKLM\...\Xfire) (Version:  - )
XnView 1.97 (HKLM\...\XnView_is1) (Version: 1.97 - Gougelet Pierre-e)
XviD MPEG4 Video Codec (remove only) (HKLM\...\XviD MPEG4 Video Codec) (Version:  - )
ZoneAlarm Security Suite (HKLM\...\ZoneAlarm Security Suite) (Version: 7.0.483.000 - Check Point, Inc)
Zoo Tycoon 2 - Ultimate Collection (HKLM\...\InstallShield_{9CC4840D-EF1C-406F-AF08-3C19EB1335B9}) (Version: 1.00.0000 - Microsoft Game Studios)
Zoo Tycoon 2 - Ultimate Collection (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Zoom Player (remove only) (HKLM\...\ZoomPlayer) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{02172B7A-11D6-42b6-9550-41B281804714}\localserver32 -> C:\Program Files\GlobalSCAPE\CuteFTP 7 Professional\ftpte.exe (GlobalSCAPE Texas, LP.)
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\1.3.21.135\psuser.dll N (the data entry has 6 more characters).
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\1.3.21.99\psuser.dll No (the data entry has 5 more characters).
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{15732B9A-DAF9-4509-8DA1-1D968A80A5B0}\InprocServer32 -> C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\1.3.21.93\psuser.dll No (the data entry has 5 more characters).
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\1.2.183.39\goopdate.dll (the data entry has 8 more characters).
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{31AC3F11-E5EA-4A85-8A3D-8E095A39C27B}\InprocServer32 -> C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\1.2.131.27\goopdate.dll (the data entry has 8 more characters).
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\1.3.21.79\psuser.dll No (the data entry has 5 more characters).
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\1.3.23.9\psuser.dll No  (the data entry has 4 more characters).
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Documents and Settings\owner\Local Settings\Application Data\Google\Chrome\Application\34.0.1847.137\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\1.3.21.123\psuser.dll N (the data entry has 6 more characters).
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\1.3.21.153\psuser.dll N (the data entry has 6 more characters).
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\1.3.21.149\psuser.dll N (the data entry has 6 more characters).
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\1.3.22.3\psuser.dll No  (the data entry has 4 more characters).
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\1.3.21.165\psuser.dll N (the data entry has 6 more characters).
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\1.3.21.115\psuser.dll N (the data entry has 6 more characters).
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBC}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}\InprocServer32 -> C:\Program Files\Java\jre7\bin\jp2iexp.dll ()
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\1.3.22.5\psuser.dll No  (the data entry has 4 more characters).
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\1.3.21.111\psuser.dll N (the data entry has 6 more characters).
CustomCLSID: HKU\S-1-5-21-790525478-1957994488-839522115-1003_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\1.3.24.7\psuser.dll No  (the data entry has 4 more characters).

==================== Restore Points  =========================

02-05-2014 17:26:59 System Checkpoint
05-05-2014 00:07:09 System Checkpoint
07-05-2014 14:00:25 System Checkpoint
08-05-2014 19:58:10 System Checkpoint
09-05-2014 23:55:50 System Checkpoint
11-05-2014 00:19:21 System Checkpoint
12-05-2014 18:41:37 System Checkpoint
14-05-2014 02:09:14 System Checkpoint
16-05-2014 01:29:26 System Checkpoint
17-05-2014 22:48:52 System Checkpoint
19-05-2014 20:23:20 System Checkpoint
23-05-2014 17:00:43 System Checkpoint
25-05-2014 15:46:37 System Checkpoint
27-05-2014 18:13:02 System Checkpoint
29-05-2014 01:29:41 System Checkpoint
30-05-2014 15:53:45 System Checkpoint
01-06-2014 22:11:43 System Checkpoint
03-06-2014 01:52:35 System Checkpoint
06-06-2014 01:12:11 System Checkpoint
08-06-2014 00:19:02 System Checkpoint
09-06-2014 23:05:39 System Checkpoint
11-06-2014 02:36:13 System Checkpoint
12-06-2014 20:01:57 System Checkpoint
14-06-2014 17:05:31 System Checkpoint
15-06-2014 17:10:44 System Checkpoint
16-06-2014 17:54:58 System Checkpoint
19-06-2014 18:02:33 System Checkpoint
22-06-2014 17:09:44 System Checkpoint
24-06-2014 02:00:08 System Checkpoint
25-06-2014 05:29:07 System Checkpoint
26-06-2014 17:16:37 System Checkpoint
27-06-2014 05:00:14 Installed Windows XP Service Pack 3.
27-06-2014 05:08:20 Installed Windows XP KB923561.
27-06-2014 05:09:05 Installed Windows XP KB938464.
27-06-2014 05:09:30 Installed Windows XP KB946648.
27-06-2014 05:09:58 Installed Windows XP KB950762.
27-06-2014 05:10:24 Installed Windows XP KB950974.
27-06-2014 05:10:51 Installed Windows XP KB951066.
27-06-2014 05:11:18 Installed Windows XP KB951376-v2.
27-06-2014 05:11:42 Installed Windows XP KB951698.
27-06-2014 05:12:07 Installed Windows XP KB952004.
27-06-2014 05:12:32 Installed Windows XP KB952287.
27-06-2014 05:12:57 Installed Windows XP KB952954.
27-06-2014 05:13:24 Installed Windows XP KB954211.
27-06-2014 05:13:48 Installed Windows XP KB954600.
27-06-2014 05:14:12 Installed Windows XP KB955069.
27-06-2014 05:14:44 Installed Windows XP KB956572.
27-06-2014 05:15:12 Installed Windows XP KB956802.
27-06-2014 05:15:37 Installed Windows XP KB956841.
27-06-2014 05:16:02 Installed Windows XP KB957095.
27-06-2014 05:16:27 Installed Windows XP KB957097.
27-06-2014 05:16:50 Installed Windows XP KB958644.
27-06-2014 05:17:16 Installed Windows XP KB958687.
27-06-2014 05:17:42 Installed Windows XP KB958690.
27-06-2014 05:18:07 Installed Windows XP KB959426.
27-06-2014 05:18:32 Installed Windows XP KB960225.
27-06-2014 05:18:57 Installed Windows XP KB960803.
27-06-2014 05:19:21 Installed Windows XP KB961118.
27-06-2014 05:19:53 Installed Windows XP KB961373.
27-06-2014 05:20:20 Installed Windows XP KB967715.
27-06-2014 06:08:04 Software Distribution Service 3.0
27-06-2014 08:23:09 Software Distribution Service 3.0
27-06-2014 08:28:30 Software Distribution Service 3.0
27-06-2014 08:40:14 Software Distribution Service 3.0
27-06-2014 09:09:16 Software Distribution Service 3.0
30-06-2014 12:51:26 ComboFix created restore point
01-07-2014 15:18:59 System Checkpoint
07-07-2014 16:53:05 System Checkpoint
11-07-2014 00:18:50 System Checkpoint
12-07-2014 18:47:20 System Checkpoint
16-07-2014 13:08:01 ComboFix created restore point
18-07-2014 17:07:29 System Checkpoint
20-07-2014 03:41:30 Installed iTunes
29-07-2014 17:29:10 System Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2004-08-04 08:00 - 2012-07-10 21:35 - 00000663 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1    www.fileden.com


==================== Scheduled Tasks (whitelisted) =============


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1957994488-839522115-1003Core.job => C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1957994488-839522115-1003UA.job => C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe

==================== Loaded Modules (whitelisted) =============

2009-07-16 16:49 - 2009-04-23 22:55 - 00176235 _____ () C:\WINDOWS\system32\Primomonnt.dll
2006-02-21 18:44 - 2000-02-14 18:36 - 00012800 _____ () C:\WINDOWS\System32\spool\PRTPROCS\W32X86\wfxpnt40.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-27 00:16 - 2008-07-09 09:06 - 00026096 _____ () C:\WINDOWS\system32\zonelabs\lib\pyd\signedDll.pyd
2014-06-27 00:16 - 2008-07-09 09:06 - 00026096 _____ () C:\WINDOWS\system32\zonelabs\lib\pyd\pyvsinit.pyd
2014-06-27 00:16 - 2008-07-09 09:06 - 00144880 _____ () C:\WINDOWS\system32\zonelabs\lib\pyd\pyexpat.pyd
2014-06-27 00:16 - 2008-07-09 09:06 - 00046576 _____ () C:\WINDOWS\system32\zonelabs\lib\pyd\_socket.pyd
2006-06-11 00:51 - 2006-05-31 17:51 - 00796584 _____ () C:\WINDOWS\system32\LIBEAY32_0.9.6l.dll
2011-10-29 17:12 - 2011-10-29 17:12 - 00187392 _____ () C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
2007-03-02 11:44 - 2007-03-02 11:44 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
2007-11-09 01:27 - 2005-04-10 07:06 - 00563200 _____ () C:\Program Files\UltimateZip 2007\uzshldr.dll
2009-06-09 00:14 - 2009-04-27 12:55 - 00678400 _____ () C:\Program Files\IZArc\IZArcCM.dll
2014-06-27 00:16 - 2008-07-09 09:06 - 00194032 _____ () C:\WINDOWS\system32\ZoneLabs\lib\pyd\zpui.pyd
2014-06-27 00:16 - 2008-07-09 09:06 - 00144880 _____ () C:\WINDOWS\system32\ZoneLabs\lib\pyd\pyexpat.pyd
2007-03-07 08:26 - 2007-03-07 08:26 - 00077824 _____ () C:\Program Files\Ray Adams\ATI Tray Tools\support.dll
2007-03-07 08:25 - 2007-03-07 08:25 - 00024576 _____ () C:\Program Files\Ray Adams\ATI Tray Tools\kbdhook.dll
2005-11-28 17:08 - 2005-11-28 17:08 - 00028672 _____ () C:\Program Files\Ray Adams\ATI Tray Tools\plugins\cpuload.dll
2005-11-29 13:38 - 2005-11-29 13:38 - 00023552 _____ () C:\Program Files\Ray Adams\ATI Tray Tools\plugins\hddtemp.dll
2008-04-09 12:08 - 2008-04-09 12:08 - 00016896 _____ () C:\Program Files\Ray Adams\ATI Tray Tools\plugins\mg_amdcore.dll
2007-09-14 11:35 - 2007-09-14 11:35 - 00020480 _____ () C:\Program Files\Ray Adams\ATI Tray Tools\plugins\mg_cpuload.dll
2006-12-26 13:53 - 2006-12-26 13:53 - 00019456 _____ () C:\Program Files\Ray Adams\ATI Tray Tools\plugins\mg_hdddtemp.dll
2008-04-11 12:33 - 2008-04-11 12:33 - 00020480 _____ () C:\Program Files\Ray Adams\ATI Tray Tools\plugins\mg_intelcpu.dll
2007-01-03 16:09 - 2007-01-03 16:09 - 00017408 _____ () C:\Program Files\Ray Adams\ATI Tray Tools\plugins\mg_xvlt.dll
2006-12-25 05:02 - 2006-12-25 05:02 - 00024576 _____ () C:\Program Files\Ray Adams\ATI Tray Tools\plugins\mongraphsexample.dll
2005-11-29 13:34 - 2005-11-29 13:34 - 00028672 _____ () C:\Program Files\Ray Adams\ATI Tray Tools\plugins\pciset.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\iLife '09 Install DVD.dmg:AFP_Resource
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Google Update => "C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==================== Faulty Device Manager Devices =============

Name: NVIDIA nForce Networking Controller
Description: NVIDIA nForce Networking Controller
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Nvidia
Service: NVENET
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/25/2014 04:27:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application udiemxl.exe, version 0.0.0.0, faulting module udiemxl.exe, version 0.0.0.0, fault address 0x00012f6a.
Processing media-specific event for [udiemxl.exe!ws!]

Error: (07/25/2014 10:41:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application udiemxl.exe, version 0.0.0.0, faulting module udiemxl.exe, version 0.0.0.0, fault address 0x00012f6a.
Processing media-specific event for [udiemxl.exe!ws!]

Error: (07/25/2014 10:29:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application oblivion.exe, version 0.1.0.228, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [oblivion.exe!ws!]

Error: (07/24/2014 09:10:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application wolfsp.exe, version 0.0.0.0, faulting module atioglxx.dll, version 6.14.10.6645, fault address 0x000ed6ba.
Processing media-specific event for [wolfsp.exe!ws!]

Error: (07/24/2014 03:09:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application civilization4.exe, version 1.6.1.1841, faulting module unknown, version 0.0.0.0, fault address 0x282de50f.
Processing media-specific event for [civilization4.exe!ws!]

Error: (07/23/2014 04:18:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application civilization4.exe, version 1.6.1.1841, faulting module civilization4.exe, version 1.6.1.1841, fault address 0x002a6444.
Processing media-specific event for [civilization4.exe!ws!]

Error: (07/23/2014 04:15:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application wolfsp.exe, version 0.0.0.0, faulting module wolfsp.exe, version 0.0.0.0, fault address 0x00039c58.
Processing media-specific event for [wolfsp.exe!ws!]

Error: (07/20/2014 10:47:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application wolfsp.exe, version 0.0.0.0, faulting module qagamex86.dll, version 0.0.0.0, fault address 0x0001fa29.
Processing media-specific event for [wolfsp.exe!ws!]

Error: (07/18/2014 00:47:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application bmt.exe, version 0.0.0.0, faulting module bmt.exe, version 0.0.0.0, fault address 0x000b3b93.
Processing media-specific event for [bmt.exe!ws!]

Error: (07/18/2014 00:47:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application bmt.exe, version 0.0.0.0, faulting module bmt.exe, version 0.0.0.0, fault address 0x000b3b93.
Processing media-specific event for [bmt.exe!ws!]


System errors:
=============
Error: (07/29/2014 00:43:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Apache2 service failed to start due to the following error:
%%3

Error: (07/29/2014 00:43:10 PM) (Source: 0) (EventID: 12294) (User: )
Description:

Error: (07/29/2014 00:43:10 PM) (Source: 0) (EventID: 12294) (User: )
Description:

Error: (07/28/2014 02:02:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Apple Mobile Device service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (07/28/2014 02:02:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The iPod Service service terminated unexpectedly.  It has done this 2 time(s).

Error: (07/25/2014 04:15:56 PM) (Source: 0) (EventID: 12294) (User: )
Description:

Error: (07/25/2014 04:15:56 PM) (Source: 0) (EventID: 12294) (User: )
Description:

Error: (07/25/2014 04:15:54 PM) (Source: 0) (EventID: 12294) (User: )
Description:

Error: (07/25/2014 04:15:54 PM) (Source: 0) (EventID: 12294) (User: )
Description:

Error: (07/25/2014 04:15:54 PM) (Source: 0) (EventID: 12294) (User: )
Description:


Microsoft Office Sessions:
=========================
Error: (07/25/2014 04:27:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: udiemxl.exe0.0.0.0udiemxl.exe0.0.0.000012f6a

Error: (07/25/2014 10:41:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: udiemxl.exe0.0.0.0udiemxl.exe0.0.0.000012f6a

Error: (07/25/2014 10:29:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: oblivion.exe0.1.0.228unknown0.0.0.000000000

Error: (07/24/2014 09:10:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: wolfsp.exe0.0.0.0atioglxx.dll6.14.10.6645000ed6ba

Error: (07/24/2014 03:09:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: civilization4.exe1.6.1.1841unknown0.0.0.0282de50f

Error: (07/23/2014 04:18:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: civilization4.exe1.6.1.1841civilization4.exe1.6.1.1841002a6444

Error: (07/23/2014 04:15:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: wolfsp.exe0.0.0.0wolfsp.exe0.0.0.000039c58

Error: (07/20/2014 10:47:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: wolfsp.exe0.0.0.0qagamex86.dll0.0.0.00001fa29

Error: (07/18/2014 00:47:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: bmt.exe0.0.0.0bmt.exe0.0.0.0000b3b93

Error: (07/18/2014 00:47:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: bmt.exe0.0.0.0bmt.exe0.0.0.0000b3b93


==================== Memory info ===========================

Percentage of memory in use: 26%
Total physical RAM: 2047.48 MB
Available physical RAM: 1513.56 MB
Total Pagefile: 4966.41 MB
Available Pagefile: 4644.55 MB
Total Virtual: 2047.88 MB
Available Virtual: 1922.09 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1397.27 GB) (Free:228.22 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: () (Fixed) (Total:1397.26 GB) (Free:34.74 GB) NTFS
Drive e: (CIV4DVD) (CDROM) (Total:1.34 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 1397 GB) (Disk ID: 1B502001)
Partition 1: (Active) - (Size=-698721377792) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1397 GB) (Disk ID: 0E7A809D)
Partition 1: (Not Active) - (Size=-698723990528) - (Type=07 NTFS)

==================== End Of Log ============================



#6 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:01:25 PM

Posted 31 July 2014 - 08:20 PM

Hello, :)

 

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system


Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Also, update me on how your system is performing after running the fix.

Attached Files


Best Regards,
oneof4.


#7 Interested

Interested
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:25 PM

Posted 31 July 2014 - 09:59 PM

Ran the FRST with fixlist.  Completed.  Log posted below.  Still slow.  As an example, google.com took about 35 seconds to load.  It doesn't always take that long. Might be 10 seconds sometimes, maybe 20.  Compared next to laptop I have with me, which was able to load sites, including google, almost instantly.  Thanks again for your help.  I look forward to any other suggestions you may be able to share with me.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:31-07-2014 02
Ran by owner at 2014-07-31 22:44:07 Run:1
Running from C:\Documents and Settings\owner\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL =
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll No File
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\owner\Local Settings\Application Data\Google\Chrome\Application\34.0.1847.137\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.10.8) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 7 U1) - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Google Update) - C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll No File
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll No File
C:\Documents and Settings\owner\Local Settings\temp\catchme.dll
C:\Documents and Settings\owner\Local Settings\temp\SIntf16.dll
C:\Documents and Settings\owner\Local Settings\temp\SIntf32.dll
C:\Documents and Settings\owner\Local Settings\temp\SIntfNT.dll
AlternateDataStreams: C:\iLife '09 Install DVD.dmg:AFP_Resource
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86
AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

*****************

"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}" => Key deleted successfully.
"HKCR\CLSID\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}" => Key deleted successfully.
"HKCR\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}" => Key deleted successfully.
C:\Documents and Settings\owner\Local Settings\Application Data\Google\Chrome\Application\34.0.1847.137\gcswf32.dll not found.
C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll not found.
C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll not found.
C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll not found.
C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll not found.
C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll not found.
C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll not found.
C:\Documents and Settings\owner\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll not found.
C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll not found.
C:\WINDOWS\system32\Adobe\Director\np32dsw.dll not found.
C:\Documents and Settings\owner\Local Settings\temp\catchme.dll => Moved successfully.
C:\Documents and Settings\owner\Local Settings\temp\SIntf16.dll => Moved successfully.
C:\Documents and Settings\owner\Local Settings\temp\SIntf32.dll => Moved successfully.
C:\Documents and Settings\owner\Local Settings\temp\SIntfNT.dll => Moved successfully.
C:\iLife '09 Install DVD.dmg => ":AFP_Resource" ADS removed successfully.
C:\Documents and Settings\All Users\Application Data\TEMP => ":5C321E34" ADS removed successfully.
C:\Documents and Settings\All Users\Application Data\TEMP => ":888AFB86" ADS removed successfully.
C:\Documents and Settings\All Users\Application Data\TEMP => ":D1B5B4F1" ADS removed successfully.

==== End of Fixlog ====



#8 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:01:25 PM

Posted 01 August 2014 - 08:17 PM

Hey Interested, :)

 

Please perform the following:

 

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

 

=========

 

 

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

==========

 

 

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

Best Regards,
oneof4.


#9 Interested

Interested
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:25 PM

Posted 01 August 2014 - 11:58 PM

Tested after these 3 scans, no change.  In AdwCleaner, I clicked Clean by accident.  Sorry... Posting both R and S logs

 

# AdwCleaner v3.302 - Report created 02/08/2014 at 00:11:21
# Updated 30/07/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : owner - NAME
# Running from : C:\Documents and Settings\owner\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Found : C:\Documents and Settings\owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi
Folder Found : C:\Documents and Settings\owner\My Documents\Updater

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v31.0 (x86 en-US)

[ File : C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\prefs.js ]


-\\ Google Chrome v

[ File : C:\Documents and Settings\owner\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Found [Extension] : mcbkbpnkkkipelfledbfocopglifcfmi

*************************

AdwCleaner[R0].txt - [3398 octets] - [05/06/2014 05:16:18]
AdwCleaner[R1].txt - [1364 octets] - [02/08/2014 00:11:21]
AdwCleaner[S0].txt - [3450 octets] - [05/06/2014 05:18:52]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1484 octets] ##########
 

 

# AdwCleaner v3.302 - Report created 02/08/2014 at 00:13:18
# Updated 30/07/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : owner - NAME
# Running from : C:\Documents and Settings\owner\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Deleted : C:\Documents and Settings\owner\My Documents\Updater
[!] Folder Deleted : C:\Documents and Settings\owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v31.0 (x86 en-US)

[ File : C:\Documents and Settings\owner\Application Data\Mozilla\Firefox\Profiles\default.fsr\prefs.js ]


-\\ Google Chrome v

[ File : C:\Documents and Settings\owner\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : mcbkbpnkkkipelfledbfocopglifcfmi

*************************

AdwCleaner[R0].txt - [3398 octets] - [05/06/2014 05:16:18]
AdwCleaner[R1].txt - [1564 octets] - [02/08/2014 00:11:21]
AdwCleaner[S0].txt - [3450 octets] - [05/06/2014 05:18:52]
AdwCleaner[S1].txt - [1499 octets] - [02/08/2014 00:13:18]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1559 octets] ##########
 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x86
Ran by owner on Sat 08/02/2014 at  0:24:01.73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Documents and Settings\owner\Application Data\mozilla\firefox\profiles\default.fsr\prefs.js

user_pref("google.toolbar.trseenlist", "G+K6gA8M/fFWF43PiS2cvA==,Gep5lDISO3Eky2CFuukCFw==,nqDZBHJfOH2g6OJD4/fNHg==,UkR/QjS4O1THPyFOCevhPQ==,nIdP8vl3ogVXcoJWmehd4Q==,Iu558Q+n1a
user_pref("socialfixer.1649350229/typeahead_new", "for (;;);{\"__ar\":1,\"payload\":{\"entries\":[{\"uid\":1649350229,\"photo\":\"hxxps:\\/\\/fbcdn-profile-a.akamaihd.net\\/hp
Emptied folder: C:\Documents and Settings\owner\Application Data\mozilla\firefox\profiles\default.fsr\minidumps [12 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 08/02/2014 at  0:38:41.45
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

00:40:07.0406 0x0b2c  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
00:40:11.0843 0x0b2c  ============================================================
00:40:11.0843 0x0b2c  Current date / time: 2014/08/02 00:40:11.0843
00:40:11.0843 0x0b2c  SystemInfo:
00:40:11.0843 0x0b2c  
00:40:11.0843 0x0b2c  OS Version: 5.1.2600 ServicePack: 3.0
00:40:11.0843 0x0b2c  Product type: Workstation
00:40:11.0843 0x0b2c  ComputerName: NAME
00:40:11.0843 0x0b2c  UserName: owner
00:40:11.0843 0x0b2c  Windows directory: C:\WINDOWS
00:40:11.0843 0x0b2c  System windows directory: C:\WINDOWS
00:40:11.0843 0x0b2c  Processor architecture: Intel x86
00:40:11.0843 0x0b2c  Number of processors: 1
00:40:11.0843 0x0b2c  Page size: 0x1000
00:40:11.0843 0x0b2c  Boot type: Normal boot
00:40:11.0843 0x0b2c  ============================================================
00:40:11.0953 0x0b2c  KLMD registered as C:\WINDOWS\system32\drivers\43009060.sys
00:40:12.0062 0x0b2c  System UUID: {C99DE6BB-4568-842A-6972-69A781686342}
00:40:12.0671 0x0b2c  Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 ( 1397.27 Gb ), SectorSize: 0x200, Cylinders: 0x2C5B8D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000058
00:40:12.0671 0x0b2c  Drive \Device\Harddisk1\DR1 - Size: 0x15D50F66000 ( 1397.27 Gb ), SectorSize: 0x200, Cylinders: 0x2C5B8D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000058
00:40:12.0671 0x0b2c  ============================================================
00:40:12.0671 0x0b2c  \Device\Harddisk0\DR0:
00:40:12.0671 0x0b2c  MBR partitions:
00:40:12.0671 0x0b2c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xAEA87AF1
00:40:12.0671 0x0b2c  \Device\Harddisk1\DR1:
00:40:12.0671 0x0b2c  MBR partitions:
00:40:12.0671 0x0b2c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xAEA86702
00:40:12.0671 0x0b2c  ============================================================
00:40:12.0718 0x0b2c  C: <-> \Device\Harddisk0\DR0\Partition1
00:40:12.0843 0x0b2c  D: <-> \Device\Harddisk1\DR1\Partition1
00:40:12.0843 0x0b2c  ============================================================
00:40:12.0843 0x0b2c  Initialize success
00:40:12.0843 0x0b2c  ============================================================
00:40:18.0921 0x0cd8  ============================================================
00:40:18.0921 0x0cd8  Scan started
00:40:18.0921 0x0cd8  Mode: Manual; TDLFS;
00:40:18.0921 0x0cd8  ============================================================
00:40:18.0921 0x0cd8  KSN ping started
00:40:21.0437 0x0cd8  KSN ping finished: true
00:40:21.0703 0x0cd8  ================ Scan system memory ========================
00:40:21.0703 0x0cd8  System memory - ok
00:40:21.0703 0x0cd8  ================ Scan services =============================
00:40:21.0968 0x0cd8  [ 914A9709FC3BF419AD2F85547F2A4832, 37757BC684D39073B92ECF5C92E1F2A4482D8A8AE16F168EBB0353A34059CA2E ] 61883           C:\WINDOWS\system32\DRIVERS\61883.sys
00:40:21.0968 0x0cd8  61883 - ok
00:40:22.0093 0x0cd8  Abiosdsk - ok
00:40:22.0125 0x0cd8  abp480n5 - ok
00:40:22.0171 0x0cd8  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
00:40:22.0187 0x0cd8  ACPI - ok
00:40:22.0250 0x0cd8  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
00:40:22.0265 0x0cd8  ACPIEC - ok
00:40:22.0375 0x0cd8  [ 93E118B465160D9D01907EA3350353CA, 622677144211433E69CCF7BAC50CB8DE42F8A90A6527D8F36EE28FD9EC1F87BF ] AcrSch2Svc      C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
00:40:22.0390 0x0cd8  AcrSch2Svc - ok
00:40:22.0453 0x0cd8  [ C1EB9968EC89FBA5F3A264E2E57923AB, DEB0FC346C84FBF1192CC21D177BD1A8D86D552D5056BF95AE86B93C94124049 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
00:40:22.0484 0x0cd8  Adobe LM Service - ok
00:40:22.0562 0x0cd8  [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:40:22.0578 0x0cd8  AdobeFlashPlayerUpdateSvc - ok
00:40:22.0609 0x0cd8  adpu160m - ok
00:40:22.0640 0x0cd8  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
00:40:22.0656 0x0cd8  aec - ok
00:40:22.0703 0x0cd8  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
00:40:22.0718 0x0cd8  AFD - ok
00:40:22.0734 0x0cd8  Aha154x - ok
00:40:22.0765 0x0cd8  aic78u2 - ok
00:40:22.0812 0x0cd8  [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx         C:\WINDOWS\system32\DRIVERS\aic78xx.sys
00:40:22.0812 0x0cd8  aic78xx - ok
00:40:22.0875 0x0cd8  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
00:40:22.0875 0x0cd8  Alerter - ok
00:40:22.0921 0x0cd8  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
00:40:22.0921 0x0cd8  ALG - ok
00:40:22.0937 0x0cd8  AliIde - ok
00:40:22.0984 0x0cd8  [ 8FCE268CDBDD83B23419D1F35F42C7B1, DF1A5097DC5B5C35427460E866E16ED25C3DDD9217065B26C3214A5674BE37DB ] AmdK7           C:\WINDOWS\system32\DRIVERS\amdk7.sys
00:40:22.0984 0x0cd8  AmdK7 - ok
00:40:23.0015 0x0cd8  amsint - ok
00:40:23.0031 0x0cd8  Apache2 - ok
00:40:23.0125 0x0cd8  [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:40:23.0140 0x0cd8  Apple Mobile Device - ok
00:40:23.0203 0x0cd8  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
00:40:23.0234 0x0cd8  AppMgmt - ok
00:40:23.0281 0x0cd8  [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
00:40:23.0281 0x0cd8  Arp1394 - ok
00:40:23.0296 0x0cd8  asc - ok
00:40:23.0328 0x0cd8  asc3350p - ok
00:40:23.0343 0x0cd8  asc3550 - ok
00:40:23.0515 0x0cd8  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
00:40:23.0578 0x0cd8  aspnet_state - ok
00:40:23.0609 0x0cd8  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:40:23.0609 0x0cd8  AsyncMac - ok
00:40:23.0671 0x0cd8  [ 2C93945BBFC9081C9775A0A4FCD97D0C, FC9DEA644A45C3CDC917ED4BF442DA93C40A8B003A06BEF9DF32FDFA7F0FBD59 ] atalk           C:\WINDOWS\system32\DRIVERS\atalk.sys
00:40:23.0687 0x0cd8  atalk - ok
00:40:23.0734 0x0cd8  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
00:40:23.0734 0x0cd8  atapi - ok
00:40:23.0750 0x0cd8  Atdisk - ok
00:40:23.0828 0x0cd8  [ 960C1A7A04B5B029FC1584F8CE708F20, F0FEE22CB20FC0397DF4962A02A10F380DB1819851EDF80C5D1B0E4B5FF21F31 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
00:40:23.0843 0x0cd8  Ati HotKey Poller - ok
00:40:23.0921 0x0cd8  [ CA2033C7C5491B12C628A1CFDB99D75E, 5A5E283D5A2235BE789BA9B63E0D4A42817F5A5A8DE191A0130118606CC4377A ] ATI Smart       C:\WINDOWS\system32\ati2sgag.exe
00:40:23.0953 0x0cd8  ATI Smart - ok
00:40:24.0125 0x0cd8  [ 9A6BFD014090C96A2F3708D98E5A3F40, 6BC2C22B884159FD81E4307E1B14B76C43AD33AB4189DBE835884F47A9C402B8 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
00:40:24.0203 0x0cd8  ati2mtag - ok
00:40:24.0281 0x0cd8  [ 6F6BF0B550156037D6B17BB443DEBE20, 1BDA907912FBA6170D3688097E7D217EE908616D4F2A7087D40BFF68E834231C ] atitray         C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys
00:40:24.0281 0x0cd8  atitray - ok
00:40:24.0312 0x0cd8  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
00:40:24.0312 0x0cd8  Atmarpc - ok
00:40:24.0359 0x0cd8  ATMsg - ok
00:40:24.0406 0x0cd8  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
00:40:24.0406 0x0cd8  AudioSrv - ok
00:40:24.0437 0x0cd8  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
00:40:24.0437 0x0cd8  audstub - ok
00:40:24.0500 0x0cd8  [ F8E6956A614F15A0860474C5E2A7DE6B, A745F2AA8F9F90AC7FC63D4DD1CD93070050405026AE4ECBDB9C8754A23C569C ] Avc             C:\WINDOWS\system32\DRIVERS\avc.sys
00:40:24.0500 0x0cd8  Avc - ok
00:40:24.0562 0x0cd8  [ D42A225C85049FF794818287C612B07D, B8BBAD08360F6DB290CAED561A8554C25ECE025CE5F5E5F4672EF884E12D97B1 ] AWRScheduler    C:\Program Files\Caphyon\Advanced Web Ranking\Scheduler.exe
00:40:24.0578 0x0cd8  AWRScheduler - ok
00:40:24.0640 0x0cd8  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
00:40:24.0640 0x0cd8  Beep - ok
00:40:24.0718 0x0cd8  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
00:40:24.0734 0x0cd8  BITS - ok
00:40:24.0812 0x0cd8  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:40:24.0828 0x0cd8  Bonjour Service - ok
00:40:24.0875 0x0cd8  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
00:40:24.0890 0x0cd8  Browser - ok
00:40:25.0046 0x0cd8  catchme - ok
00:40:25.0093 0x0cd8  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
00:40:25.0093 0x0cd8  cbidf2k - ok
00:40:25.0125 0x0cd8  [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
00:40:25.0140 0x0cd8  CCDECODE - ok
00:40:25.0156 0x0cd8  cd20xrnt - ok
00:40:25.0218 0x0cd8  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
00:40:25.0218 0x0cd8  Cdaudio - ok
00:40:25.0250 0x0cd8  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
00:40:25.0265 0x0cd8  Cdfs - ok
00:40:25.0296 0x0cd8  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
00:40:25.0296 0x0cd8  Cdrom - ok
00:40:25.0312 0x0cd8  Changer - ok
00:40:25.0343 0x0cd8  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
00:40:25.0343 0x0cd8  CiSvc - ok
00:40:25.0359 0x0cd8  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
00:40:25.0359 0x0cd8  ClipSrv - ok
00:40:25.0468 0x0cd8  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:40:25.0609 0x0cd8  clr_optimization_v2.0.50727_32 - ok
00:40:25.0656 0x0cd8  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:40:25.0781 0x0cd8  clr_optimization_v4.0.30319_32 - ok
00:40:25.0796 0x0cd8  CmdIde - ok
00:40:25.0828 0x0cd8  COMSysApp - ok
00:40:25.0890 0x0cd8  Cpqarray - ok
00:40:25.0984 0x0cd8  [ 97558F429F8F09446AE51C1AA88C9B9B, 10F370982E2AEADB5F15487530453B007D1920AC89E66DC15D853C3F0C0357C5 ] CrossLoopService C:\Documents and Settings\owner\Local Settings\Application Data\CrossLoop\CrossLoopService.exe
00:40:26.0015 0x0cd8  CrossLoopService - ok
00:40:26.0093 0x0cd8  [ 7347751B6B9FEF0AC2D20AAD957EEDA1, 17E6AB648ECC41CABDFD5E1E8E53070929DC916A69FE17B07750BDFB3CD81258 ] Crypto          C:\WINDOWS\system32\drivers\Crypto.sys
00:40:26.0109 0x0cd8  Crypto - ok
00:40:26.0140 0x0cd8  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
00:40:26.0140 0x0cd8  CryptSvc - ok
00:40:26.0156 0x0cd8  dac2w2k - ok
00:40:26.0187 0x0cd8  dac960nt - ok
00:40:26.0265 0x0cd8  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
00:40:26.0281 0x0cd8  DcomLaunch - ok
00:40:26.0328 0x0cd8  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
00:40:26.0343 0x0cd8  Dhcp - ok
00:40:26.0375 0x0cd8  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
00:40:26.0375 0x0cd8  Disk - ok
00:40:26.0500 0x0cd8  [ 7496908263A7C08DD8CCA9BADF053EE1, 84F306B1B2DBE36B17895012D77CB8B12F7C0ABE6331B373906FC96E56229AA7 ] Diskeeper       C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
00:40:26.0546 0x0cd8  Diskeeper - ok
00:40:26.0578 0x0cd8  dmadmin - ok
00:40:26.0687 0x0cd8  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
00:40:26.0734 0x0cd8  dmboot - ok
00:40:26.0796 0x0cd8  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
00:40:26.0796 0x0cd8  dmio - ok
00:40:26.0843 0x0cd8  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
00:40:26.0843 0x0cd8  dmload - ok
00:40:26.0890 0x0cd8  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
00:40:26.0890 0x0cd8  dmserver - ok
00:40:26.0906 0x0cd8  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
00:40:26.0906 0x0cd8  DMusic - ok
00:40:26.0968 0x0cd8  [ F3D3E0D3FEFAC57ED1ECADFE746E52F3, 3CBC77E29096EF0B35F3EDF8B6502CDBC8C53C7B3F26988E85EC3C3A1AD5847C ] DNE             C:\WINDOWS\system32\DRIVERS\dne2000.sys
00:40:27.0015 0x0cd8  DNE - ok
00:40:27.0031 0x0cd8  [ 88EA1B2ACDD0536661D67FDD2F030DD2, 56F7697224AE5E42F44B892A86DC626603693FB680D55395FE6425ED429C39C8 ] DniVap          C:\WINDOWS\system32\DRIVERS\vap.sys
00:40:27.0031 0x0cd8  DniVap - ok
00:40:27.0093 0x0cd8  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
00:40:27.0093 0x0cd8  Dnscache - ok
00:40:27.0156 0x0cd8  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
00:40:27.0171 0x0cd8  Dot3svc - ok
00:40:27.0187 0x0cd8  dpti2o - ok
00:40:27.0203 0x0cd8  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
00:40:27.0203 0x0cd8  drmkaud - ok
00:40:27.0250 0x0cd8  dtscsi - ok
00:40:27.0265 0x0cd8  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
00:40:27.0281 0x0cd8  EapHost - ok
00:40:27.0312 0x0cd8  [ B61EAF446ADF55CC0D0D5C5BBD3D1CAE, 53B975774194E93534243960761C6240195EF85D0CABE59E1F66C89D958BFEB7 ] EL90Xbc         C:\WINDOWS\system32\DRIVERS\el90Xbc5.SYS
00:40:27.0343 0x0cd8  EL90Xbc - ok
00:40:27.0406 0x0cd8  [ C61C83501268B0110B5C5DB7E63DEE0C, 83FA95AB267E4625954B5EA5DA00D70DAD445AEADB0D71ECE3B8D33D7AD20CFC ] ElbyCDFL        C:\WINDOWS\system32\Drivers\ElbyCDFL.sys
00:40:27.0406 0x0cd8  ElbyCDFL - ok
00:40:27.0437 0x0cd8  [ D71233D7CCC2E64F8715A20428D5A33B, ECCF5820CFFFC083EA6A5D310E2E09CA61C0DCFEE1E58AD94D2A565CA86A87F3 ] ElbyCDIO        C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
00:40:27.0437 0x0cd8  ElbyCDIO - ok
00:40:27.0484 0x0cd8  [ F07BA56B0235F15EFF8F10DC6389C42E, A7202CCB418D03606A97679BCF166ACA12F8341E8AB97DF044AE00401B8496B4 ] epmntdrv        C:\WINDOWS\system32\epmntdrv.sys
00:40:27.0500 0x0cd8  epmntdrv - ok
00:40:27.0546 0x0cd8  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
00:40:27.0562 0x0cd8  ERSvc - ok
00:40:27.0593 0x0cd8  [ 51352E916ACEB7CEA030D33352E1ACDB, F8625E8A4A383E661C2C848C501864C470DDFA6CA7230C257FA1FD081D71AB1E ] EUBAKUP         C:\WINDOWS\system32\drivers\eubakup.sys
00:40:27.0609 0x0cd8  EUBAKUP - ok
00:40:27.0625 0x0cd8  EUBAKUP0 - ok
00:40:27.0656 0x0cd8  [ 0AE5E1D3E69AF4BB7BE86543940FAA05, 02008A1842E771876E44572F4BFF16E5B9C6EB6B62D1C4FE005891969B23520A ] EUBKMON         C:\WINDOWS\system32\drivers\EUBKMON.sys
00:40:27.0656 0x0cd8  EUBKMON - ok
00:40:27.0687 0x0cd8  EUBKMON0 - ok
00:40:27.0750 0x0cd8  [ 7F6B645F430191FF235E657FC0016551, 25FDA952DF812E85E705DD4EC2CDDF083462716B4CEE4DE3AE37A71B97A63546 ] EUDISK          C:\WINDOWS\system32\drivers\eudisk.sys
00:40:27.0765 0x0cd8  EUDISK - ok
00:40:27.0781 0x0cd8  [ 19B7E82942672805C0F1A9A701C2254E, 8553F4943A585EBDBD0BFBC6D3D2DF8D75FDA5D17575442494F117C38C3CF8D3 ] EUDSKACS        C:\WINDOWS\system32\drivers\eudskacs.sys
00:40:27.0781 0x0cd8  EUDSKACS - ok
00:40:27.0828 0x0cd8  [ C449B2403385CEF7CE37C86331635345, 7FBA2151C1305DD12A5C6B0EDA4269EDDDB9243B573C658C2DB728AD60F69127 ] EUFDDISK        C:\WINDOWS\system32\drivers\EuFdDisk.sys
00:40:27.0828 0x0cd8  EUFDDISK - ok
00:40:27.0859 0x0cd8  [ 57FF011F09BC272A69926E7F35E9BFB1, E66AFF73FC8F1E75EB8E127782DBFEA09924EC4AE1ADEA589F24AA71297B0DB0 ] EUFS            C:\WINDOWS\system32\drivers\eufs.sys
00:40:27.0875 0x0cd8  EUFS - ok
00:40:27.0906 0x0cd8  [ 1F2F4AB15CE03ECC257FEB2F6DC5A013, FB06406AD9CCD946155C4E8CA769E0430589A4E4BBBDA2C90A67C84E0D2F8EE0 ] EuGdiDrv        C:\WINDOWS\system32\EuGdiDrv.sys
00:40:27.0906 0x0cd8  EuGdiDrv - ok
00:40:27.0968 0x0cd8  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
00:40:27.0968 0x0cd8  Eventlog - ok
00:40:28.0015 0x0cd8  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
00:40:28.0031 0x0cd8  EventSystem - ok
00:40:28.0093 0x0cd8  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
00:40:28.0093 0x0cd8  Fastfat - ok
00:40:28.0156 0x0cd8  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
00:40:28.0171 0x0cd8  FastUserSwitchingCompatibility - ok
00:40:28.0187 0x0cd8  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
00:40:28.0187 0x0cd8  Fdc - ok
00:40:28.0218 0x0cd8  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
00:40:28.0234 0x0cd8  Fips - ok
00:40:28.0328 0x0cd8  [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
00:40:28.0375 0x0cd8  FLEXnet Licensing Service - ok
00:40:28.0437 0x0cd8  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
00:40:28.0437 0x0cd8  Flpydisk - ok
00:40:28.0468 0x0cd8  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
00:40:28.0484 0x0cd8  FltMgr - ok
00:40:28.0578 0x0cd8  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
00:40:28.0578 0x0cd8  FontCache3.0.0.0 - ok
00:40:28.0593 0x0cd8  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:40:28.0593 0x0cd8  Fs_Rec - ok
00:40:28.0625 0x0cd8  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
00:40:28.0640 0x0cd8  Ftdisk - ok
00:40:28.0656 0x0cd8  [ 065639773D8B03F33577F6CDAEA21063, F20D0F3256F5F894CCA48755B23679619B5D02A0F64A142FC6CB619FC0952067 ] gameenum        C:\WINDOWS\system32\DRIVERS\gameenum.sys
00:40:28.0656 0x0cd8  gameenum - ok
00:40:28.0687 0x0cd8  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
00:40:28.0687 0x0cd8  GEARAspiWDM - ok
00:40:28.0718 0x0cd8  [ 77EBF3E9386DAA51551AF429052D88D0, 94C3294BB9E14B07448734AE65B37801D3FF15BEC987D182A929A017FEF7B276 ] giveio          C:\WINDOWS\system32\giveio.sys
00:40:28.0718 0x0cd8  giveio - ok
00:40:28.0765 0x0cd8  [ 2A835A696C8A3DDD805EC3CA99849A5B, 6C1B24560F81006C290A3A27C56FBDB1281A71EA4FE1B762A32FF43C6E63CBF8 ] go4X1394        C:\WINDOWS\system32\Drivers\go4X1394.sys
00:40:28.0781 0x0cd8  go4X1394 - ok
00:40:28.0828 0x0cd8  [ A2FFE1E995F9840AC4E44775B00702C8, 70BD64F7D666076F7D21A9328C63E7806F3B108BBB9D77D135F3DEE9AC734EBB ] go4XWDM         C:\WINDOWS\system32\Drivers\go4XWDM.sys
00:40:28.0843 0x0cd8  go4XWDM - ok
00:40:28.0890 0x0cd8  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
00:40:28.0890 0x0cd8  Gpc - ok
00:40:28.0984 0x0cd8  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
00:40:29.0000 0x0cd8  gupdate - ok
00:40:29.0031 0x0cd8  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
00:40:29.0031 0x0cd8  gupdatem - ok
00:40:29.0093 0x0cd8  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
00:40:29.0093 0x0cd8  gusvc - ok
00:40:29.0171 0x0cd8  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:40:29.0187 0x0cd8  helpsvc - ok
00:40:29.0218 0x0cd8  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll
00:40:29.0218 0x0cd8  HidServ - ok
00:40:29.0234 0x0cd8  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
00:40:29.0234 0x0cd8  HidUsb - ok
00:40:29.0312 0x0cd8  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
00:40:29.0312 0x0cd8  hkmsvc - ok
00:40:29.0343 0x0cd8  hpn - ok
00:40:29.0390 0x0cd8  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
00:40:29.0406 0x0cd8  HTTP - ok
00:40:29.0437 0x0cd8  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
00:40:29.0437 0x0cd8  HTTPFilter - ok
00:40:29.0468 0x0cd8  i2omgmt - ok
00:40:29.0484 0x0cd8  i2omp - ok
00:40:29.0531 0x0cd8  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
00:40:29.0531 0x0cd8  i8042prt - ok
00:40:29.0593 0x0cd8  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
00:40:29.0593 0x0cd8  IDriverT - ok
00:40:29.0937 0x0cd8  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:40:29.0984 0x0cd8  idsvc - ok
00:40:30.0046 0x0cd8  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
00:40:30.0062 0x0cd8  Imapi - ok
00:40:30.0109 0x0cd8  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
00:40:30.0125 0x0cd8  ImapiService - ok
00:40:30.0156 0x0cd8  ini910u - ok
00:40:30.0187 0x0cd8  IntelIde - ok
00:40:30.0250 0x0cd8  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
00:40:30.0265 0x0cd8  Ip6Fw - ok
00:40:30.0296 0x0cd8  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:40:30.0296 0x0cd8  IpFilterDriver - ok
00:40:30.0343 0x0cd8  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
00:40:30.0343 0x0cd8  IpInIp - ok
00:40:30.0375 0x0cd8  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
00:40:30.0390 0x0cd8  IpNat - ok
00:40:30.0468 0x0cd8  [ 33813E4F82AEC696762EAD9EDADC9FE3, D0045D6782523B7B6FCFE4A6C864F081B522E409D9E5F031A7B8584910CEE3F5 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
00:40:30.0484 0x0cd8  iPod Service - ok
00:40:30.0515 0x0cd8  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
00:40:30.0515 0x0cd8  IPSec - ok
00:40:30.0546 0x0cd8  [ 393AADEA9C21A01CC965D2FB7B452395, 8A3FF6A3E7E975BEFA0A47C0C3F348BC918395B14EBE297C3CA2C065169B92C6 ] IPSECDRV        C:\WINDOWS\system32\Drivers\IPSECDRV.sys
00:40:30.0562 0x0cd8  IPSECDRV - ok
00:40:30.0609 0x0cd8  [ 4C764600897FD7D3DAD377EAFC634B1C, 9B643EAA8990FD11C3DAE7BF91317BBC0BB48FDD83EA8876944CFC873AC1537A ] IPSECMON        C:\Program Files\NetScreen\NetScreen-Remote\IPSecMon.exe
00:40:30.0609 0x0cd8  IPSECMON - ok
00:40:30.0656 0x0cd8  [ 22D4CCE609E69B905C195FE5CA531441, F8ABE6D886171BD237413AEC9C8736FFD926F7E290E117EA189D33DFA2E4CA39 ] IreIKE          C:\Program Files\NetScreen\NetScreen-Remote\IreIKE.exe
00:40:30.0671 0x0cd8  IreIKE - ok
00:40:30.0703 0x0cd8  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
00:40:30.0703 0x0cd8  IRENUM - ok
00:40:30.0750 0x0cd8  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
00:40:30.0750 0x0cd8  isapnp - ok
00:40:30.0859 0x0cd8  [ 5739F2821D49975CEDE6BF0153D0CF01, DF45BD1A9F6DDB893C99F28C3730C50C61A612C4297A4B00D857533FC0973CD9 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
00:40:30.0875 0x0cd8  JavaQuickStarterService - ok
00:40:30.0906 0x0cd8  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
00:40:30.0921 0x0cd8  Kbdclass - ok
00:40:30.0937 0x0cd8  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
00:40:30.0937 0x0cd8  kbdhid - ok
00:40:30.0968 0x0cd8  [ 2CF7C3DD0102A32A680EF97F3B1C861A, D7F913D219C1BFE78B22D19CF4F52EA59E889370EA66FE9A82DCF4A033810149 ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
00:40:30.0968 0x0cd8  KLIF - ok
00:40:31.0015 0x0cd8  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
00:40:31.0031 0x0cd8  kmixer - ok
00:40:31.0093 0x0cd8  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
00:40:31.0093 0x0cd8  KSecDD - ok
00:40:31.0140 0x0cd8  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
00:40:31.0156 0x0cd8  lanmanserver - ok
00:40:31.0203 0x0cd8  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
00:40:31.0203 0x0cd8  lanmanworkstation - ok
00:40:31.0234 0x0cd8  lbrtfdc - ok
00:40:31.0312 0x0cd8  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
00:40:31.0328 0x0cd8  LmHosts - ok
00:40:31.0375 0x0cd8  [ 460E1B155F1F408D0870BB5EFCBDFD4D, 851F7288D0E3E8AFC768887E4F89AC6DB0948CE8A43E960BF92C0519E6560A14 ] MDFSYSNT        C:\WINDOWS\system32\drivers\MDFSYSNT.sys
00:40:31.0375 0x0cd8  MDFSYSNT - ok
00:40:31.0406 0x0cd8  [ 54D441F64CE6DA15820EF49CD705376F, AB4FD7ADA24F9D8B5564549E7F8929D17BDE06F17D72132D93F77953307D210F ] MDPMGRNT        C:\WINDOWS\system32\drivers\MDPMGRNT.sys
00:40:31.0406 0x0cd8  MDPMGRNT - ok
00:40:31.0468 0x0cd8  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
00:40:31.0468 0x0cd8  Messenger - ok
00:40:31.0625 0x0cd8  [ 61FE8E2CBDAE2B9059D404FBFC268CC2, A290775580FF8AFFC99C9AB4F065704120808AE874B911AE91C5CAA582CAC22F ] Miramar AppleTalk File Server C:\Program Files\Miramar\PC MACLAN\ATSERVER.EXE
00:40:31.0656 0x0cd8  Miramar AppleTalk File Server - ok
00:40:31.0687 0x0cd8  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
00:40:31.0687 0x0cd8  mnmdd - ok
00:40:31.0718 0x0cd8  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
00:40:31.0734 0x0cd8  mnmsrvc - ok
00:40:31.0765 0x0cd8  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
00:40:31.0765 0x0cd8  Modem - ok
00:40:31.0828 0x0cd8  [ 5023875A94B0766D98A62A72BC4CB055, 5451853D0AC3FBC72FB730D0E8D7BF184D7DACD72D30B7DFC2B94D2E335F82A2 ] motmodem        C:\WINDOWS\system32\DRIVERS\motmodem.sys
00:40:31.0843 0x0cd8  motmodem - ok
00:40:31.0859 0x0cd8  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
00:40:31.0859 0x0cd8  Mouclass - ok
00:40:31.0921 0x0cd8  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
00:40:31.0921 0x0cd8  mouhid - ok
00:40:31.0937 0x0cd8  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
00:40:31.0953 0x0cd8  MountMgr - ok
00:40:32.0000 0x0cd8  [ 4E9D8041D352A33332FD6F59A3A78B03, D4E6229B07EF9866993EEE4F6223DC7F1FF1108273FE14A3DC74E65C181DE56A ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:40:32.0015 0x0cd8  MozillaMaintenance - ok
00:40:32.0046 0x0cd8  mraid35x - ok
00:40:32.0109 0x0cd8  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
00:40:32.0125 0x0cd8  MRxDAV - ok
00:40:32.0156 0x0cd8  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:40:32.0187 0x0cd8  MRxSmb - ok
00:40:32.0218 0x0cd8  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
00:40:32.0218 0x0cd8  MSDTC - ok
00:40:32.0281 0x0cd8  [ 1477849772712BAC69C144DCF2C9CE81, A74C2FF6F7EE5564E783C689534A5EC3D626F0277E9707A21E36980908836922 ] MSDV            C:\WINDOWS\system32\DRIVERS\msdv.sys
00:40:32.0281 0x0cd8  MSDV - ok
00:40:32.0312 0x0cd8  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
00:40:32.0312 0x0cd8  Msfs - ok
00:40:32.0343 0x0cd8  MSIServer - ok
00:40:32.0375 0x0cd8  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:40:32.0375 0x0cd8  MSKSSRV - ok
00:40:32.0421 0x0cd8  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:40:32.0421 0x0cd8  MSPCLOCK - ok
00:40:32.0453 0x0cd8  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
00:40:32.0453 0x0cd8  MSPQM - ok
00:40:32.0500 0x0cd8  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
00:40:32.0500 0x0cd8  mssmbios - ok
00:40:32.0531 0x0cd8  [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
00:40:32.0531 0x0cd8  MSTEE - ok
00:40:32.0578 0x0cd8  [ CA3E22598F411199ADC2DFEE76CD0AE0, 73ACE780A198467657CD2AF6019F0FC753B4FC6D26A9D6477C88C5396273F77C ] ms_mpu401       C:\WINDOWS\system32\drivers\msmpu401.sys
00:40:32.0593 0x0cd8  ms_mpu401 - ok
00:40:32.0609 0x0cd8  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
00:40:32.0625 0x0cd8  Mup - ok
00:40:32.0953 0x0cd8  [ 0BB913F9F02677BD4AE96D4967CACFEE, 2AC46B01BF1E238F72701DC42F27666FFE9A3F82A401358DF43013D7B2EDAB35 ] MySql           C:/Program Files/xampplite/mysql/bin/mysqld-nt.exe
00:40:33.0218 0x0cd8  MySql - ok
00:40:33.0312 0x0cd8  [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
00:40:33.0312 0x0cd8  NABTSFEC - ok
00:40:33.0375 0x0cd8  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
00:40:33.0406 0x0cd8  napagent - ok
00:40:33.0421 0x0cd8  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
00:40:33.0437 0x0cd8  NDIS - ok
00:40:33.0468 0x0cd8  [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
00:40:33.0468 0x0cd8  NdisIP - ok
00:40:33.0500 0x0cd8  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:40:33.0500 0x0cd8  NdisTapi - ok
00:40:33.0546 0x0cd8  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:40:33.0546 0x0cd8  Ndisuio - ok
00:40:33.0562 0x0cd8  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:40:33.0578 0x0cd8  NdisWan - ok
00:40:33.0609 0x0cd8  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
00:40:33.0609 0x0cd8  NDProxy - ok
00:40:33.0625 0x0cd8  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
00:40:33.0625 0x0cd8  NetBIOS - ok
00:40:33.0671 0x0cd8  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
00:40:33.0671 0x0cd8  NetBT - ok
00:40:33.0703 0x0cd8  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
00:40:33.0703 0x0cd8  NetDDE - ok
00:40:33.0734 0x0cd8  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
00:40:33.0734 0x0cd8  NetDDEdsdm - ok
00:40:33.0765 0x0cd8  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
00:40:33.0765 0x0cd8  Netlogon - ok
00:40:33.0796 0x0cd8  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
00:40:33.0812 0x0cd8  Netman - ok
00:40:33.0843 0x0cd8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
00:40:33.0906 0x0cd8  NetTcpPortSharing - ok
00:40:33.0937 0x0cd8  [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
00:40:33.0953 0x0cd8  NIC1394 - ok
00:40:33.0984 0x0cd8  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
00:40:34.0000 0x0cd8  Nla - ok
00:40:34.0031 0x0cd8  [ 1E421A6BCF2203CC61B821ADA9DE878B, C658F1D5DCE7525CF929C65C46AB2881C99D89BF8F0F61C1D440C9D9BFB2F89F ] nm              C:\WINDOWS\system32\DRIVERS\NMnt.sys
00:40:34.0031 0x0cd8  nm - ok
00:40:34.0093 0x0cd8  [ B48DC6ABCD3AEFF8618350CCBDC6B09A, 824D8B03E061DDD0D33EF9F03C669B13E7B6E339684009BD44D69178C45E2DE1 ] NPF             C:\WINDOWS\system32\drivers\npf.sys
00:40:34.0109 0x0cd8  NPF - ok
00:40:34.0125 0x0cd8  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
00:40:34.0125 0x0cd8  Npfs - ok
00:40:34.0187 0x0cd8  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
00:40:34.0203 0x0cd8  Ntfs - ok
00:40:34.0234 0x0cd8  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
00:40:34.0234 0x0cd8  NtLmSsp - ok
00:40:34.0312 0x0cd8  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
00:40:34.0343 0x0cd8  NtmsSvc - ok
00:40:34.0359 0x0cd8  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
00:40:34.0359 0x0cd8  Null - ok
00:40:34.0406 0x0cd8  [ 303009434D4B31E0E821C624101F8B84, BC5C67BFF9812FFE93A9ABD5DF8E96174FE056FEDEB2278D10ED38BE8492A424 ] nvatabus        C:\WINDOWS\system32\DRIVERS\nvatabus.sys
00:40:34.0421 0x0cd8  nvatabus - ok
00:40:34.0453 0x0cd8  [ 40AD2D5F4C72A5D25897C2F72740210A, 7A665D78C64D9EB274205E7DD23A55CB0A6FED7ED37EEABAAB4A70EB04EE7525 ] nvax            C:\WINDOWS\system32\drivers\nvax.sys
00:40:34.0453 0x0cd8  nvax - ok
00:40:34.0515 0x0cd8  [ 72A2B0DD882DED658665E6E07BD9F3C6, 3CAF9E2C34578433AE28491A470A690C82BA96B532F41F3BFDDE72D303D46377 ] NVENET          C:\WINDOWS\system32\DRIVERS\NVENET.sys
00:40:34.0531 0x0cd8  NVENET - ok
00:40:34.0578 0x0cd8  [ 6370DB4477084197816EDF726DC2A981, 033093C398789F13F25E588F46045BFBA01DCABAACBE481877B940030A8DC592 ] nvnforce        C:\WINDOWS\system32\drivers\nvapu.sys
00:40:34.0593 0x0cd8  nvnforce - ok
00:40:34.0640 0x0cd8  [ 6052144CD512E470B52EE0F25C215778, D76F7C68A8764B32CE1C9CD7B3F748DDF82790EA388D46A3F56908A250CEF490 ] nv_agp          C:\WINDOWS\system32\DRIVERS\nv_agp.sys
00:40:34.0640 0x0cd8  nv_agp - ok
00:40:34.0671 0x0cd8  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
00:40:34.0687 0x0cd8  NwlnkFlt - ok
00:40:34.0703 0x0cd8  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
00:40:34.0718 0x0cd8  NwlnkFwd - ok
00:40:34.0734 0x0cd8  [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
00:40:34.0734 0x0cd8  ohci1394 - ok
00:40:34.0765 0x0cd8  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
00:40:34.0781 0x0cd8  Parport - ok
00:40:34.0812 0x0cd8  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
00:40:34.0812 0x0cd8  PartMgr - ok
00:40:34.0875 0x0cd8  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
00:40:34.0875 0x0cd8  ParVdm - ok
00:40:34.0906 0x0cd8  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
00:40:34.0906 0x0cd8  PCI - ok
00:40:34.0937 0x0cd8  PCIDump - ok
00:40:34.0968 0x0cd8  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
00:40:34.0968 0x0cd8  PCIIde - ok
00:40:35.0031 0x0cd8  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
00:40:35.0046 0x0cd8  Pcmcia - ok
00:40:35.0062 0x0cd8  PDCOMP - ok
00:40:35.0093 0x0cd8  PDFRAME - ok
00:40:35.0125 0x0cd8  PDRELI - ok
00:40:35.0171 0x0cd8  PDRFRAME - ok
00:40:35.0187 0x0cd8  perc2 - ok
00:40:35.0203 0x0cd8  perc2hib - ok
00:40:35.0343 0x0cd8  [ F042EE4C8D66248D9B86DCF52ABAE416, AE0F5CC54E4B133DF66A54572A7CE52FAFF11F8FD0CAEAB088AAD3699D6EC924 ] PEVSystemStart  C:\ComboFix\pev.3XE
00:40:35.0343 0x0cd8  PEVSystemStart - ok
00:40:35.0375 0x0cd8  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
00:40:35.0390 0x0cd8  PlugPlay - ok
00:40:35.0406 0x0cd8  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
00:40:35.0406 0x0cd8  PolicyAgent - ok
00:40:35.0437 0x0cd8  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
00:40:35.0437 0x0cd8  PptpMiniport - ok
00:40:35.0468 0x0cd8  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
00:40:35.0468 0x0cd8  ProtectedStorage - ok
00:40:35.0500 0x0cd8  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
00:40:35.0500 0x0cd8  PSched - ok
00:40:35.0546 0x0cd8  [ B03A548AC0BB542860F8DADB643BC81E, 26864AC0BA7BC29A572D826B5CE88DADC2A57F1E9179FD5DAC74E6D0D8F6ACB9 ] pssnap          C:\WINDOWS\system32\DRIVERS\pssnap.sys
00:40:35.0546 0x0cd8  pssnap - ok
00:40:35.0578 0x0cd8  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
00:40:35.0578 0x0cd8  Ptilink - ok
00:40:35.0609 0x0cd8  [ 49452BFCEC22F36A7A9B9C2181BC3042, C01A2005E9897B142FF9BC6155770F70C19725C425E48D14239195E81E2E42D0 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
00:40:35.0625 0x0cd8  PxHelp20 - ok
00:40:35.0640 0x0cd8  ql1080 - ok
00:40:35.0671 0x0cd8  Ql10wnt - ok
00:40:35.0687 0x0cd8  ql12160 - ok
00:40:35.0718 0x0cd8  ql1240 - ok
00:40:35.0750 0x0cd8  ql1280 - ok
00:40:35.0781 0x0cd8  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:40:35.0781 0x0cd8  RasAcd - ok
00:40:35.0843 0x0cd8  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
00:40:35.0843 0x0cd8  RasAuto - ok
00:40:35.0875 0x0cd8  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:40:35.0890 0x0cd8  Rasl2tp - ok
00:40:35.0921 0x0cd8  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
00:40:35.0937 0x0cd8  RasMan - ok
00:40:35.0953 0x0cd8  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:40:35.0953 0x0cd8  RasPppoe - ok
00:40:35.0968 0x0cd8  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
00:40:35.0968 0x0cd8  Raspti - ok
00:40:36.0000 0x0cd8  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:40:36.0015 0x0cd8  Rdbss - ok
00:40:36.0031 0x0cd8  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
00:40:36.0031 0x0cd8  RDPCDD - ok
00:40:36.0093 0x0cd8  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
00:40:36.0109 0x0cd8  rdpdr - ok
00:40:36.0171 0x0cd8  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
00:40:36.0203 0x0cd8  RDPWD - ok
00:40:36.0250 0x0cd8  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
00:40:36.0265 0x0cd8  RDSessMgr - ok
00:40:36.0281 0x0cd8  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
00:40:36.0296 0x0cd8  redbook - ok
00:40:36.0359 0x0cd8  [ E0B511AE149A2AF2934557C3C45F3F01, 3EB55A3D726AC1A439B4AB7C672424F5EB8EBFDAE38615239C7034CC2834CCCA ] ReflectService.exe C:\Program Files\Macrium\Reflect\ReflectService.exe
00:40:36.0359 0x0cd8  ReflectService.exe - ok
00:40:36.0421 0x0cd8  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
00:40:36.0421 0x0cd8  RemoteAccess - ok
00:40:36.0468 0x0cd8  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
00:40:36.0468 0x0cd8  RemoteRegistry - ok
00:40:36.0515 0x0cd8  [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7, CDF10D3D8ADA7ADB1CC1567BFA986557C6D69F4099B70FDFABD4C3D09E3CA778 ] ROOTMODEM       C:\WINDOWS\system32\Drivers\RootMdm.sys
00:40:36.0515 0x0cd8  ROOTMODEM - ok
00:40:36.0546 0x0cd8  [ B60F58F175DE20A6739194E85B035178, 6E66D6041AF0B69896E4556F9FF3A3AA70CF4B09FFBE68E14E60313C5E3FFDDB ] rpcapd          C:\Program Files\WinPcap\rpcapd.exe
00:40:36.0562 0x0cd8  rpcapd - ok
00:40:36.0593 0x0cd8  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
00:40:36.0593 0x0cd8  RpcLocator - ok
00:40:36.0656 0x0cd8  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\System32\rpcss.dll
00:40:36.0671 0x0cd8  RpcSs - ok
00:40:36.0703 0x0cd8  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
00:40:36.0703 0x0cd8  RSVP - ok
00:40:36.0734 0x0cd8  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
00:40:36.0734 0x0cd8  SamSs - ok
00:40:36.0750 0x0cd8  [ B244960E5A1DB8E9D5D17086DE37C1E4, E0E2984DEA1BD4C321C0491C431CD3C05673A67DCD385843559A06FE2146C876 ] sbp2port        C:\WINDOWS\system32\DRIVERS\sbp2port.sys
00:40:36.0765 0x0cd8  sbp2port - ok
00:40:36.0781 0x0cd8  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
00:40:36.0781 0x0cd8  SCardSvr - ok
00:40:36.0843 0x0cd8  [ 91F8ECFE09AE8AD46A3EF012D32B14BC, 6480AA8016FE1D21B544B78268DAF1193C3BEBB82CD4E67CA0463A022726E6CF ] SCDEmu          C:\WINDOWS\system32\drivers\SCDEmu.sys
00:40:36.0843 0x0cd8  SCDEmu - ok
00:40:36.0890 0x0cd8  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
00:40:36.0906 0x0cd8  Schedule - ok
00:40:36.0968 0x0cd8  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
00:40:36.0968 0x0cd8  Secdrv - ok
00:40:37.0000 0x0cd8  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
00:40:37.0000 0x0cd8  seclogon - ok
00:40:37.0031 0x0cd8  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
00:40:37.0031 0x0cd8  SENS - ok
00:40:37.0078 0x0cd8  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
00:40:37.0078 0x0cd8  serenum - ok
00:40:37.0109 0x0cd8  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
00:40:37.0109 0x0cd8  Serial - ok
00:40:37.0234 0x0cd8  [ 79007F94F23218DBC563504958AC62BC, 632C897A97100881FD6B418C6C1FCC03B806D08974000892E20E4EEFE3B18CFE ] sfdrv01         C:\WINDOWS\system32\drivers\sfdrv01.sys
00:40:37.0250 0x0cd8  sfdrv01 - ok
00:40:37.0281 0x0cd8  [ 097E8721F106DDE9217532323FCD17BE, F26B4A7AC595A8C3C7A579541F2FFD5F4EAE425BC9C14DFF67524628D3E36464 ] sfhlp02         C:\WINDOWS\system32\drivers\sfhlp02.sys
00:40:37.0281 0x0cd8  sfhlp02 - ok
00:40:37.0296 0x0cd8  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
00:40:37.0296 0x0cd8  Sfloppy - ok
00:40:37.0312 0x0cd8  [ 0D197DE41729BDC065484A123A9E3FB6, 9BEB9DFBDA8B468F458E20007E890515B119926842CB85B42731F248531F4472 ] sfsync02        C:\WINDOWS\system32\drivers\sfsync02.sys
00:40:37.0312 0x0cd8  sfsync02 - ok
00:40:37.0375 0x0cd8  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
00:40:37.0390 0x0cd8  SharedAccess - ok
00:40:37.0421 0x0cd8  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
00:40:37.0437 0x0cd8  ShellHWDetection - ok
00:40:37.0484 0x0cd8  [ 3DA2F680BFC8E92A535CEA5A5D80AC37, 16C075F5310ED8C6CF593E90B73D90A77F2AF14193681A9D95A1009309677FB1 ] si3112r         C:\WINDOWS\system32\drivers\si3112r.sys
00:40:37.0484 0x0cd8  si3112r - ok
00:40:37.0500 0x0cd8  [ D893AA1D1EE007B7AB1B16E1099E9F17, 201114142785B0FA31A7DE87AC2F1F927569577432BF596D56FD200BB84A6692 ] SiFilter        C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys
00:40:37.0500 0x0cd8  SiFilter - ok
00:40:37.0531 0x0cd8  Simbad - ok
00:40:37.0546 0x0cd8  [ D893AA1D1EE007B7AB1B16E1099E9F17, 201114142785B0FA31A7DE87AC2F1F927569577432BF596D56FD200BB84A6692 ] SiWinAcc        C:\WINDOWS\system32\drivers\SiWinAcc.sys
00:40:37.0546 0x0cd8  SiWinAcc - ok
00:40:37.0640 0x0cd8  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
00:40:37.0656 0x0cd8  SkypeUpdate - ok
00:40:37.0718 0x0cd8  SliceDisk5 - ok
00:40:37.0750 0x0cd8  [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
00:40:37.0750 0x0cd8  SLIP - ok
00:40:37.0828 0x0cd8  [ 98B44C15B4EED76AA8DCCB64A4CA11AF, 5E42725C849FD0BBA6BAFD008F7DB9093505C5EF7584BBBD6240B3777FEC4D93 ] snapman         C:\WINDOWS\system32\DRIVERS\snapman.sys
00:40:37.0843 0x0cd8  snapman - ok
00:40:37.0859 0x0cd8  Sparrow - ok
00:40:37.0906 0x0cd8  [ 5D6401DB90EC81B71F8E2C5C8F0FEF23, 609B4A336E72A6A43E01C44BD7902B46978F6933953F80D4927EEE84EA5D1277 ] speedfan        C:\WINDOWS\system32\speedfan.sys
00:40:37.0906 0x0cd8  speedfan - ok
00:40:37.0937 0x0cd8  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
00:40:37.0937 0x0cd8  splitter - ok
00:40:37.0968 0x0cd8  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
00:40:37.0984 0x0cd8  Spooler - ok
00:40:38.0062 0x0cd8  [ 0C1DAD75274CB6E31F053CE3E08BF9C3, F77186DD0DF8AFF1607A21C59F8D2E7E8F71C2EDD2AD2D3F2F810980B8BE46FC ] sptd            C:\WINDOWS\System32\Drivers\sptd.sys
00:40:38.0109 0x0cd8  sptd - ok
00:40:38.0125 0x0cd8  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
00:40:38.0140 0x0cd8  sr - ok
00:40:38.0218 0x0cd8  [ BDA0ECC7CBA1D3B9FD7FF2881BF9B463, DE17370B86AF439C100ED2ED88EEB6552BCEC3C726882FD3DE764FD7CEBBCDA2 ] srescan         C:\WINDOWS\system32\ZoneLabs\srescan.sys
00:40:38.0218 0x0cd8  srescan - ok
00:40:38.0250 0x0cd8  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
00:40:38.0265 0x0cd8  srservice - ok
00:40:38.0296 0x0cd8  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
00:40:38.0312 0x0cd8  Srv - ok
00:40:38.0359 0x0cd8  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
00:40:38.0375 0x0cd8  SSDPSRV - ok
00:40:38.0406 0x0cd8  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
00:40:38.0421 0x0cd8  stisvc - ok
00:40:38.0468 0x0cd8  [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
00:40:38.0468 0x0cd8  streamip - ok
00:40:38.0500 0x0cd8  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
00:40:38.0500 0x0cd8  swenum - ok
00:40:38.0515 0x0cd8  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
00:40:38.0515 0x0cd8  swmidi - ok
00:40:38.0546 0x0cd8  SwPrv - ok
00:40:38.0593 0x0cd8  symc810 - ok
00:40:38.0625 0x0cd8  symc8xx - ok
00:40:38.0656 0x0cd8  sym_hi - ok
00:40:38.0671 0x0cd8  sym_u3 - ok
00:40:38.0718 0x0cd8  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
00:40:38.0734 0x0cd8  sysaudio - ok
00:40:38.0750 0x0cd8  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
00:40:38.0765 0x0cd8  SysmonLog - ok
00:40:38.0843 0x0cd8  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
00:40:38.0859 0x0cd8  TapiSrv - ok
00:40:38.0890 0x0cd8  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
00:40:38.0906 0x0cd8  Tcpip - ok
00:40:38.0953 0x0cd8  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
00:40:38.0953 0x0cd8  TDPIPE - ok
00:40:38.0984 0x0cd8  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
00:40:38.0984 0x0cd8  TDTCP - ok
00:40:39.0343 0x0cd8  [ 97F6FFB8A305A77D25C6C0E07B71D252, 97C5FC73A250FC2016E29148A6A37E54BD74AE983D99AAF4890C059719C93EC2 ] TeamViewer9     C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
00:40:39.0578 0x0cd8  TeamViewer9 - ok
00:40:39.0656 0x0cd8  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
00:40:39.0656 0x0cd8  TermDD - ok
00:40:39.0687 0x0cd8  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
00:40:39.0718 0x0cd8  TermService - ok
00:40:39.0734 0x0cd8  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
00:40:39.0750 0x0cd8  Themes - ok
00:40:39.0765 0x0cd8  [ D352FFF2A623B916C08CEACBFC8B5C32, 66AB253DF94471686E7F36BCBDBAE780E26A755D93D74BF5459EC0FF6A63C72E ] tifsfilter      C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
00:40:39.0765 0x0cd8  tifsfilter - ok
00:40:39.0812 0x0cd8  [ 64694B2A5C772E1C61FEAC300ED90CA6, BA7A65109432DB93B49AF823439FB4015F25B735BA85C029502578847FEDDA19 ] timounter       C:\WINDOWS\system32\DRIVERS\timntr.sys
00:40:39.0859 0x0cd8  timounter - ok
00:40:39.0906 0x0cd8  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
00:40:39.0906 0x0cd8  TlntSvr - ok
00:40:39.0921 0x0cd8  TosIde - ok
00:40:39.0953 0x0cd8  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
00:40:39.0968 0x0cd8  TrkWks - ok
00:40:40.0140 0x0cd8  [ 7694DCA064D0B7E0D1A6972BB9C71B39, BD5CB54534A27BD6B681234B257692E5D833D04BF3EAA52F6CE022A2B5D3CEED ] tvnserver       C:\Documents and Settings\owner\Local Settings\Application Data\CrossLoop\tvnserver.exe
00:40:40.0203 0x0cd8  tvnserver - ok
00:40:40.0218 0x0cd8  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
00:40:40.0234 0x0cd8  Udfs - ok
00:40:40.0250 0x0cd8  ultra - ok
00:40:40.0343 0x0cd8  [ 4847639D852763EE39415C929470F672, 75CF9471BA3EA54E5BE66CD7612DA134B3370D7C3FBA8B2682093C03A0AD87B5 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
00:40:40.0343 0x0cd8  UnlockerDriver5 - ok
00:40:40.0406 0x0cd8  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
00:40:40.0421 0x0cd8  Update - ok
00:40:40.0484 0x0cd8  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
00:40:40.0500 0x0cd8  upnphost - ok
00:40:40.0515 0x0cd8  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
00:40:40.0531 0x0cd8  UPS - ok
00:40:40.0562 0x0cd8  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
00:40:40.0578 0x0cd8  USBAAPL - ok
00:40:40.0640 0x0cd8  [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
00:40:40.0656 0x0cd8  usbaudio - ok
00:40:40.0687 0x0cd8  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
00:40:40.0687 0x0cd8  usbccgp - ok
00:40:40.0718 0x0cd8  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
00:40:40.0718 0x0cd8  usbehci - ok
00:40:40.0750 0x0cd8  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
00:40:40.0750 0x0cd8  usbhub - ok
00:40:40.0796 0x0cd8  [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
00:40:40.0796 0x0cd8  usbohci - ok
00:40:40.0812 0x0cd8  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
00:40:40.0828 0x0cd8  usbscan - ok
00:40:40.0875 0x0cd8  [ CAAD3467FBFAE8A380F67E9C7150A85E, ADB7C89A5DE6430836E52EF06249EE805729A720ED2D0F968DDFA8F83C55A5EA ] usbsermpt       C:\WINDOWS\system32\DRIVERS\usbsermpt.sys
00:40:40.0875 0x0cd8  usbsermpt - ok
00:40:40.0906 0x0cd8  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
00:40:40.0921 0x0cd8  USBSTOR - ok
00:40:40.0937 0x0cd8  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
00:40:40.0937 0x0cd8  VgaSave - ok
00:40:40.0968 0x0cd8  ViaIde - ok
00:40:40.0984 0x0cd8  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
00:40:41.0000 0x0cd8  VolSnap - ok
00:40:41.0046 0x0cd8  [ 279761AD6562C0D4309CB1BBB260233F, C75202BE4D02841E07EB567B04AF8589A47B12C9DE4D245544BAEAA5532A9A5B ] vsdatant        C:\WINDOWS\system32\vsdatant.sys
00:40:41.0062 0x0cd8  vsdatant - ok
00:40:41.0093 0x0cd8  vsmon - ok
00:40:41.0203 0x0cd8  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
00:40:41.0218 0x0cd8  VSS - ok
00:40:41.0281 0x0cd8  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] w32time         C:\WINDOWS\system32\w32time.dll
00:40:41.0281 0x0cd8  w32time - ok
00:40:41.0328 0x0cd8  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:40:41.0328 0x0cd8  Wanarp - ok
00:40:41.0343 0x0cd8  WDC_SAM - ok
00:40:41.0421 0x0cd8  [ BBCFEAB7E871CDDAC2D397EE7FA91FDC, 06FC132E0E256B9A4E4DDD05D3AF4D75E40C750ECCF94A76251B104C65CFFCDF ] Wdf01000        C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
00:40:41.0453 0x0cd8  Wdf01000 - ok
00:40:41.0484 0x0cd8  WDICA - ok
00:40:41.0515 0x0cd8  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
00:40:41.0531 0x0cd8  wdmaud - ok
00:40:41.0578 0x0cd8  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
00:40:41.0578 0x0cd8  WebClient - ok
00:40:41.0609 0x0cd8  [ EFACCE8DEB789DE9A0EC8655CA3075DA, DA40ABD781712026CCC2EEBE415C61280A07A537B79AC3644CEC23794B3A988B ] wfxsvc          C:\WINDOWS\system32\WFXSVC.EXE
00:40:41.0625 0x0cd8  wfxsvc - ok
00:40:41.0718 0x0cd8  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
00:40:41.0734 0x0cd8  winmgmt - ok
00:40:41.0828 0x0cd8  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
00:40:41.0828 0x0cd8  WmdmPmSN - ok
00:40:41.0890 0x0cd8  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll
00:40:41.0921 0x0cd8  Wmi - ok
00:40:41.0968 0x0cd8  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
00:40:41.0968 0x0cd8  WmiApSrv - ok
00:40:42.0093 0x0cd8  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
00:40:42.0171 0x0cd8  WMPNetworkSvc - ok
00:40:42.0312 0x0cd8  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:40:42.0437 0x0cd8  WPFFontCache_v0400 - ok
00:40:42.0468 0x0cd8  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
00:40:42.0468 0x0cd8  WS2IFSL - ok
00:40:42.0515 0x0cd8  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
00:40:42.0531 0x0cd8  wscsvc - ok
00:40:42.0546 0x0cd8  [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
00:40:42.0562 0x0cd8  WSTCODEC - ok
00:40:42.0593 0x0cd8  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
00:40:42.0593 0x0cd8  wuauserv - ok
00:40:42.0656 0x0cd8  [ 6FF66513D372D479EF1810223C8D20CE, 65BABE162C8A457E37E26A0D1B81AF763E009493D81DC5554B6852FEF0B9D767 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
00:40:42.0671 0x0cd8  WudfPf - ok
00:40:42.0687 0x0cd8  [ AC13CB789D93412106B0FB6C7EB2BCB6, 8F5B0BD0CBBAB182A400F8994D4727BC0C978D749B6429A2D41B412AE97428B6 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
00:40:42.0703 0x0cd8  WudfRd - ok
00:40:42.0765 0x0cd8  [ 575A4190D989F64732119E4114045A4F, 373C344B106AFDB1E6125A21DFE28CA6CFC77FA87FE904656A4F209DB2ED69C7 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
00:40:42.0765 0x0cd8  WudfSvc - ok
00:40:42.0828 0x0cd8  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
00:40:42.0859 0x0cd8  WZCSVC - ok
00:40:42.0906 0x0cd8  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
00:40:42.0906 0x0cd8  xmlprov - ok
00:40:42.0968 0x0cd8  [ BA8554D0A121816DB0A917F5D5D9EA5E, 0549F95E92E44CF391BF7144D1A267A1BEAD1474B88201350DCBF880F7D5E627 ] yukonwxp        C:\WINDOWS\system32\DRIVERS\yk51x86.sys
00:40:42.0984 0x0cd8  yukonwxp - ok
00:40:43.0062 0x0cd8  ================ Scan global ===============================
00:40:43.0109 0x0cd8  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
00:40:43.0140 0x0cd8  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
00:40:43.0187 0x0cd8  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
00:40:43.0234 0x0cd8  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
00:40:43.0234 0x0cd8  [ Global ] - ok
00:40:43.0234 0x0cd8  ================ Scan MBR ==================================
00:40:43.0265 0x0cd8  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
00:40:43.0453 0x0cd8  \Device\Harddisk0\DR0 - ok
00:40:43.0468 0x0cd8  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
00:40:43.0515 0x0cd8  \Device\Harddisk1\DR1 - ok
00:40:43.0515 0x0cd8  ================ Scan VBR ==================================
00:40:43.0531 0x0cd8  [ CDB9A836836D50D37BB359EA88980FEA ] \Device\Harddisk0\DR0\Partition1
00:40:43.0593 0x0cd8  \Device\Harddisk0\DR0\Partition1 - ok
00:40:43.0593 0x0cd8  [ 0E24E44B4FC8959C2554613AABE01A24 ] \Device\Harddisk1\DR1\Partition1
00:40:43.0656 0x0cd8  \Device\Harddisk1\DR1\Partition1 - ok
00:40:43.0671 0x0cd8  ================ Scan generic autorun ======================
00:40:43.0718 0x0cd8  [ 37FFF683AEE7F09F5F7087138192BF02, 7110BB5C9DA519628B8E834D20469509FF1926F764C1235C4F66EBF1058A2673 ] C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
00:40:43.0734 0x0cd8  NVMixerTray - ok
00:40:43.0828 0x0cd8  [ 10CA4B6C49F72DAC0D66004C316AB62B, E1A2BA8277B3E229A0284D6381AF7CF6BEF63B9C0B80AB1FC7BDB0C388465A5C ] C:\Program Files\Mediafour\MacDrive\MacDrive.exe
00:40:43.0828 0x0cd8  MediafourGettingStartedWithMacDrive6 - ok
00:40:43.0890 0x0cd8  AppleSyncNotifier - ok
00:40:43.0937 0x0cd8  [ F0CE006E1D14F45959985A05F8E81204, D9FE67DB4CEDB3B09A48C305DDE983A15695EE41C68CE222880D002C0D5D7688 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
00:40:43.0953 0x0cd8  APSDaemon - ok
00:40:44.0031 0x0cd8  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
00:40:44.0062 0x0cd8  Adobe ARM - ok
00:40:44.0187 0x0cd8  [ 8800130156B0642B15ECB75E7CC7E6F1, 4BC8CA6F79EC271FE28C48FCC61B4CF0E02D3615558DBD7C0B1A5E69CCF3E3FC ] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
00:40:44.0203 0x0cd8  ZoneAlarm Client - ok
00:40:44.0265 0x0cd8  [ 603668084332DDB58D8C5AACE30B04FC, B6FA6BBE18D433F41F96640726444B7CB9D669BAE87A545E1408391B9469EDB9 ] C:\Program Files\iTunes\iTunesHelper.exe
00:40:44.0265 0x0cd8  iTunesHelper - ok
00:40:44.0359 0x0cd8  [ C1170D2A6150EA4844D7128BBC4EE682, 25B1457B9B0A9895881C3903EA6F7411557F69771B485E3AD48389587CEEE8E6 ] C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe
00:40:44.0390 0x0cd8  AtiTrayTools - ok
00:40:44.0437 0x0cd8  [ E616A6A6E91B0A86F2F6217CDE835FFE, 411671C4B2BB4DB3F02A21C199A5479F31394165704736A549B53245B94577F7 ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
00:40:44.0437 0x0cd8  swg - ok
00:40:44.0437 0x0cd8  Waiting for KSN requests completion. In queue: 258
00:40:45.0437 0x0cd8  Waiting for KSN requests completion. In queue: 258
00:40:46.0437 0x0cd8  Waiting for KSN requests completion. In queue: 258
00:40:47.0500 0x0cd8  AV detected via SS1: ZoneAlarm Security Suite Antivirus, 7.0.483.000, disabled, outofdate
00:40:47.0500 0x0cd8  FW detected via SS1: ZoneAlarm Security Suite Firewall, 7.0.483.000, enabled
00:40:50.0046 0x0cd8  ============================================================
00:40:50.0046 0x0cd8  Scan finished
00:40:50.0046 0x0cd8  ============================================================
00:40:50.0078 0x0b64  Detected object count: 0
00:40:50.0078 0x0b64  Actual detected object count: 0
 



#10 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:01:25 PM

Posted 02 August 2014 - 04:24 PM

Hmm, nothing so far...

 

I notice from the earlier FRST scan that you appear to have ComboFix installed.  Have you run it recently?  If so, please post the Combofix.txt that should be found at C:\Qoobox


Best Regards,
oneof4.


#11 Interested

Interested
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:25 PM

Posted 02 August 2014 - 05:11 PM

I was never able to successfully run DDS or Combofix.  There is a C:\Qoobox folder, but no Combofix.txt.  It stops before the first stage.



#12 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:01:25 PM

Posted 02 August 2014 - 11:03 PM

Okay, if you still have a ComboFix icon (cat head) on your Desktop...right-click and delete it, then proceed with the following:

 

  • Please download ComboFix from one of these locations:

BleepingComputer
ForoSpyware

  • Save Combofix.exe to your Desktop <-- Important!!!
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts. It is important you do not mouseclick while the program is running or it may stall.

 

==========

 

 

If Combofix fails to run properly using the above instructions please attempt the following:

  • Right click on the Combofix icon on your desktop and select Delete
  • Download a new copy but rename it to freshcopy.exe first, then save it to your desktop
  • Now download RKill.exe (or RKill renamed as iExplore.exe if the first one doesn't work properly) and save it to your desktop
  • Restart your computer in Safe Mode
  • Right click on RKill (or iExplore) and select Run as Administrator. If you are using Windows XP simply double click the icon
  • A black DOS screen should flash and disappear. If not, try to launch the program with the second file. If neither works please stop and let me know
  • When RKill is finished running you will be presented with a text file and a copy will be saved on your desktop. Copy and paste the contents of this report in your reply
  • Do not reboot your computer
  • Double click the freshcopy.exe icon (renamed Combofix file)
  • When finished, it will produce a log. Please copy and paste the C:\Combofix.txt log information in your next reply
  • If you disabled your antivirus please enable it again. If you uninstalled it please wait for instructions to reinstall it

===================================================


Best Regards,
oneof4.


#13 Interested

Interested
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:25 PM

Posted 03 August 2014 - 09:46 PM

Ended up running rkill in Safe Mode, then running Combofix renamed to freshcopy.exe (without rebooting after rkill).  No mouseclicks.  Stopped running after it told me that the scan times could easily double for heavily infected machines.  Cursor continued flashing, left it at that point for almost an hour.  Pasting the rkill log below.  Note:  the firewall note below is probably due to ZoneAlarm being installed and the internal firewall being disabled.  I have tried to run DDS in the past with ZoneAlarm disabled and/or removed, and had the same problem.  Also, I have personally disabled the Security Center and Windows Auto Updates.  I do these manually.  I wanted to let you know, so you aren't led to believe that they were disabled by some malicious software.  I don't know anything about the COM+ event system.

 

Rkill 2.6.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/03/2014 09:23:03 PM in x86 mode. (Safe Mode)
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Firewall Disabled

   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000

 * Reparse Point/Junctions Found (Most likely legitimate)!

     * C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a => C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492 [Dir]
     * C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35 => C:\WINDOWS\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5 [Dir]

Checking Windows Service Integrity:

 * COM+ Event System (EventSystem) is not Running.
   Startup Type set to: Manual

 * Security Center (wscsvc) is not Running.
   Startup Type set to: Automatic

 * Automatic Updates (wuauserv) is not Running.
   Startup Type set to: Automatic

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost
  127.0.0.1    www.fileden.com

  2 out of 4 HOSTS entries shown.
  Please review HOSTS file for further entries.

Program finished at: 08/03/2014 09:26:30 PM
Execution time: 0 hours(s), 3 minute(s), and 27 seconds(s)
 



#14 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:01:25 PM

Posted 05 August 2014 - 08:02 PM

Download RogueKiller from one of the following links and save it to your desktop:

  • Link 1
  • Link 2
    • Close all programs and disconnect any USB or external drives before running the tool.
    • Double-click RogueKiller.exe to run the tool (Vista or 7 users: Right-click and select Run As Administrator).
    • Once the Prescan has finished, click Scan.
    • Once the Status box shows "Scan Finished", click the "Report" button to show the log, and then close the program. <--Don't fix anything!
    • Copy and paste the report that opens into your next reply.
      • The log can also be found in the following location: C:\ProgramData\RogueKiller\Logs\RKreport_SCN_mmddyyyy_hhmmss.log
      • >>For XP users, you must first show hidden files/folders, then the log location is here: C:\Documents and Settings\All Users\Application data\RogueKiller\Logs\RKreport_SCN_mmddyyyy_hhmmss.log

==========

 

 

Please download aswMBR ( 4.5MB ) to your desktop.

  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

Best Regards,
oneof4.


#15 Interested

Interested
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:02:25 PM

Posted 05 August 2014 - 10:30 PM

Ran RogueKiller, now running aswMBR... will post that log when complete.  RogueKiller says owner has restricted rights, but owner is admin on this machine, and this is XP.  Don't know if that is normal.

 

RogueKiller V9.2.4.0 [Jul 11 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : owner [Restricted rights]
Mode : Scan -- Date : 08/05/2014  23:21:23

¤¤¤ Bad processes : 26 ¤¤¤
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]
[Proc.Hidden]  -- [x] -> KILLED [TermThr]

¤¤¤ Registry Entries : 14 ¤¤¤
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\catchme -> FOUND
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\CrossLoopService -> FOUND
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SliceDisk5 -> FOUND
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\tvnserver -> FOUND
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\catchme -> FOUND
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\CrossLoopService -> FOUND
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\SliceDisk5 -> FOUND
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\tvnserver -> FOUND
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{541E2E06-C756-4A2B-9173-0857FAD67D93} | NameServer : 4.2.2.1,205.231.144.10  -> FOUND
[PUM.Policies] HKEY_USERS\S-1-5-21-790525478-1957994488-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Policies\System | disableregistrytools : 0  -> FOUND
[PUM.Policies] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0  -> FOUND
[PUM.SecurityCenter] HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center | AntiVirusDisableNotify : 1  -> FOUND
[PUM.SecurityCenter] HKEY_LOCAL_MACHINE\Software\Microsoft\Security Center | UpdatesDisableNotify : 1  -> FOUND
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ HOSTS File : 2 ¤¤¤
[C:\WINDOWS\System32\drivers\etc\hosts] 127.0.0.1       localhost
[C:\WINDOWS\System32\drivers\etc\hosts] 127.0.0.1    www.fileden.com

¤¤¤ Antirootkit : 0 (Driver: NOT LOADED [0x5]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users